roof/pic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: change domain from dev to lan to avoid browser HSTS preload blocking HTTP

Browse Source 
The .dev TLD has been HSTS preloaded in Chrome/Firefox/Safari/Edge since 2019.
Browsers silently redirect http://anything.dev to https://anything.dev before
making any network request. Since Caddy has auto_https off, all browser-based
access to .dev domains fails with a connection error even though DNS, routing,
and HTTP all work correctly (curl works; browsers don't).

- cell_config.json: domain "dev" -> "lan"
- Caddyfile: all http://*.dev blocks -> http://*.lan
- Corefile: dev zone -> lan zone (file /data/lan.zone)
- data/dns/lan.zone: new zone file (dev.zone removed live)
- test_wg_domain_access.py: remove hardcoded DOMAIN_IPS / .dev references;
  read domain from /api/config at runtime so tests work with any configured TLD

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Dmitrii Iurco
2026-04-27 01:54:33 -04:00
parent 32272420cb
commit 0c12e3fc97
4 changed files with 129 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/dns/Corefile
+2 -2
View File
@@ -5,8 +5,8 @@
health
}
dev {
file /data/dev.zone
lan {
file /data/lan.zone
log
}