PIXILAB Wiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
blocks:audioguide:split_horizon_dns [2025-09-17 08:15] – created mattiasblocks:audioguide:split_horizon_dns [2025-09-17 08:28] (current) – [DNS Split-Horizon Setup for BYOD and loaner digital guides on mobile devices] mattias
Line 1: Line 1:
-=====DNS Split-Horizon Setup for BYOD and loaner digital guides on mobile devices=====+=====DNS Split-Horizon Setup for digital guides with BYOD or loaner mobile devices=====
  
  Visitors using Bring Your Own Device (BYOD) loaner devices to access a local audio guide or digital guide over wifi.  Visitors using Bring Your Own Device (BYOD) loaner devices to access a local audio guide or digital guide over wifi.
Line 6: Line 6:
  
  
-1. Why This Setup Helps+====Why This Setup Helps====
  
 When visitors open your audioguide URL: When visitors open your audioguide URL:
  
-If they are on the local WiFi, they should automatically reach the local audioguide server.+  * If they are on the local WiFi, they should automatically reach the local audioguide server
 +  * If they are offsite, they should see a helpful fallback page explaining how to connect or providing external resources. 
 +  * This improves the BYOD experience by reducing errors, unnecessary redirects, and user confusion.
  
-If they are offsite, they should see a helpful fallback page explaining how to connect or providing external resources.+====Internet-Facing Requirements====
  
-This improves the BYOD experience by reducing errors, unnecessary redirects, and user confusion. +===To handle requests from outside your LAN==
- +
-2. Internet-Facing Requirements +
- +
-To handle requests from outside your LAN:+
  
 Domain Name: Register a public domain, e.g., myaudioguide.net. Domain Name: Register a public domain, e.g., myaudioguide.net.
  
-DNS Configuration: Point the myaudiogude.net to a publicly accessible web server. (Typically a small droplet on e.g. digital ocean) Point int.myaudioguide.net to th elocal servers local ip e.g. 10.2.0.10.+DNS Configuration: Point the myaudiogude.net to a publicly accessible web server (your droplet ip). (Typically a small droplet on e.g. digital ocean) Point int.myaudioguide.net to th elocal servers local ip e.g. 10.2.0.10.
  
 HTTPS Certificate: Ensure the certificate is valid for the public domain. HTTPS Certificate: Ensure the certificate is valid for the public domain.
Line 28: Line 26:
 Fallback Webpage: This page will attempt to probe the local server: Fallback Webpage: This page will attempt to probe the local server:
  
-If the probe succeeds, the visitor is redirected to the internal server. +  * If the probe succeeds, the visitor is redirected to the internal server. 
- +  If not, the visitor remains on the fallback page.
-If not, the visitor remains on the fallback page.+
  
 Note: Ensure the fallback page is served over HTTPS to avoid browser mixed-content warnings. Note: Ensure the fallback page is served over HTTPS to avoid browser mixed-content warnings.
  
-3. Local LAN Requirements+====Local LAN Requirements====
  
 To make the audioguide work seamlessly on local WiFi: To make the audioguide work seamlessly on local WiFi:
  
-DNS Configuration: Configure your local DNS so that both myaudioguide.net and int.myaudioguide.net resolve to the local audioguide server’s IP.+DNS Configuration: Configure your local DNS so that both myaudioguide.net and int.myaudioguide.net resolve to the local audioguide server’s IP e.g. 10.2.0.10.
  
 HTTPS Certificate: Use a certificate valid for both internal and public domain names (wildcard or SAN certificate). HTTPS Certificate: Use a certificate valid for both internal and public domain names (wildcard or SAN certificate).
Line 44: Line 41:
 Reverse Proxy: Nginx is recommended to handle internal routing and serve certificates. Reverse Proxy: Nginx is recommended to handle internal routing and serve certificates.
  
-Tip: Using Certbot with DNS challenges can simplify automatic certificate renewal for mixed public/private setups.+Tip: Using [[blocks:server:nginx:dns01_challenge|Certbot with DNS-01]] challenges can simplify automatic certificate renewal for mixed public/private setups
 + 
 +====Internet fallback page==== 
 + 
 +On the internet it is recommended to host a webpage that will give the visitor useful information in case the visitor never joined the local wifi. This page can contain instructions in how to join and other useful information
  
-Example code for a fallback webpage:+A minimal fallback webpage containing some javascript that probes the local server for a resource, if the resource is found the visitor is redirected to the local server automatically. This also helps in the case the mobile device finds the dns over its internet connection while connected to local wifi.   
 +Example code:
 <code> <code>
 <!DOCTYPE html> <!DOCTYPE html>