Dns

I recently implemented a solution to automate my Bind9 zone file updates in my private infrastructure using GitHub Actions with free runners, all secured through a Tailscale overlay network. This setup has significantly improved my workflow and provided me with both flexibility and security. In this post, I’ll share my approach and compare it with cloud DNS solutions like AWS Route53 and Google Cloud DNS.

The Setup: GitHub Actions + Tailscale + Bind9

What I’ve built

My solution uses GitHub Actions to automatically deploy DNS zone changes to my private Bind9 server whenever I push updates to my repository. Here’s how it works:

In today’s digital landscape, securing your web applications with HTTPS is not just a recommendation but a necessity. In this blog post, I’ll share how I setup automated SSL certificate issuance for my domains, including wildcard certificates, using Traefik, Let’s Encrypt, and Cloudflare.

The Setup

My goal was to automate the management of SSL certificates for various subdomains and wildcard domains like:

• co.example.com
• io.example.com
• *.co.example.com
• *.io.example.com

By combining Traefik (a modern HTTP reverse proxy), Let’s Encrypt (for free SSL certificates), and Cloudflare (for DNS management), I created a fully automated SSL certificate renewal system for my homelab setup.