Simon WillisonJun 30, 2023
Figured out how to get anything.lan (including foo.bar.lan etc) to resolve to 127.0.0.1 on my Mac laptop, using dnsmasq installed from Homebrew https://til.simonwillison.net/macos/wildcard-dns-dnsmasq
Local wildcard DNS on macOS with dnsmasq

I wanted to get wildcard DNS running on my Mac laptop, for development purposes. I wanted http://anything.mysite.lan/ to point to my localhost IP address.

Show threadSimon WillisonJun 30, 2023
... and it turns out that's not necessary at all, because `foo.bar.localhost` resolves to `127.0.0.1` on macOS (and Linux) out of the box!
Show threadGlyphJun 30, 2023
@simon pro tip: don't use `.lan`, use `.lan.<your-domain>` so you can provision HTTPS certificates for it.
Show threadSimon Willison
@glyph whoa... so I could buy myself a wildcard certificate for a domain, and then use subdomains of that on my own local machine!?
Jun 30, 2023 at 11:31pmWeb
Show threadGlyphJul 1, 2023
@simon I used to maintain a tool for this, but I archived it because with the DNS challenge you can just do it with certbot out of the box
Show threadGlyphJul 1, 2023
@simon no need to have wildcard certs either, if you don't mind writing code like this ;-) https://github.com/twisted/twisted/pull/11861/files
[#9885] add `tls:` server endpoint that supports SNI, PEM parsing, and supporting code that changes OpenSSL connection/context building by glyph · Pull Request #11861 · twisted/twisted

Scope and purpose Fixes #9885 This also makes it possible to do twist web --path whatever --listen=tls:path/to/certbot/config/live if path/to/certbot/config/live is a directory containing .pem file...

GitHub
Show threadGlyphJul 1, 2023
@simon but yes I've been developing against real, public certs on my local machine since 2015