Jan Wildeboer 😷
It's Friday, time for the weekly `dnf update` and `reboot` run on my 9 servers. Here we go.
And done. All servers came back as expected. I also updated the three forgejo-runner instances to 12.7.3. Weekend can start :)
Last week I wanted to move my local DNS server and Certificate Authority to another machine. It didn't happen as I was called to help someone with moving a washing machine, which included a nice trip to the Lake of Constance. So. Let's try to get this done this weekend.
OK. The DNS server has been moved, it works perfectly. Now just to wait a day until all those forgotten little gizmos in my home network did their DHCP refresh and got the new DNS server. The Certificate Authority move needs more work than expected, so I'll postpone that for the moment.
Ah, the little things. I tested certificate renewals and it failed for wildcard certificates. Those need DNS updates to work [1]. Which seemed to fail. Turns out I needed to reboot the machine with the CA (Certificate Authority) container as that container was still using the old DNS server. Fixed. All wildcard certificates in my homelab renewed :)
[1] https://codeberg.org/jwildeboer/gists/src/branch/main/2026/2026-01-16-dns01-certbot-stepca-bind.md
gists/2026/2026-01-16-dns01-certbot-stepca-bind.md at main
gists - A collection of short notes on specific little things that are good enough to share but not yet valuable enough for a blog entry. Mostly geeky stuff. Free to copy/paste, no restrictions from my side. Artisanal, hand typed content. No AI.
quaffletsencrypt + dns01 challenge + local DNS is a wonderous workflow for #selfhosting 😄
👁@jwildeboer @homelab Its a DNS weekend for homelabbers I guess.. was setting up Nginx and accidently set my home PC IP as the DNS server IP instead of adding a DNS server and learned that docker containers do not liked to be crashed like that.
Cees-Jan Kiewiet 
@jwildeboer @homelab FWIW if you put two DNS servers in the list you provide the through DHCP; Not all gizmos will use both of them
BjoernAusGE@jwildeboer arg reminds me that i want to setup a server with adguard home and stepca in my homelab so i get internal domains and TLS for that @homelab
Roelof@jwildeboer On a similiar note I kept delaying to migrate my websites from a rpi (it was running raspbian oldoldstable) to an lxc container on a miniPC. I started last year with that miniPC because your blog about your homelab inspired me. My tar backup was enough (only thing I forgot was the backup script itself). Most work was changing the IPv6 DNS records for my domains and adjusting the nginx.conf for all of them.