Private DNS

Name resolution for your internal services

Siovos includes a private DNS server (dnsmasq) that resolves your service names when you're connected to VPN.

How It Works#

When you deploy, Siovos creates DNS entries for each enabled service:

  • rancher.internal → Rancher
  • registry.internal → Harbor
  • ca.internal → Step CA
  • mailpit.internal → Mailpit
  • analytics.internal → Umami

The suffix (.internal by default) is configurable during deployment.

View Configuration#

  1. Go to My Infrastructures
  2. Click on your infrastructure
  3. Open the DNS tab

You'll see two sections:

  • System entries — Automatically created for services
  • Custom entries — Added by you

Add Custom Entries#

To point a domain to a specific IP:

  1. In the DNS tab, click Add entry
  2. Enter the hostname (e.g., myapp)
  3. Enter the target IP address
  4. Click Save

The entry is immediately available on all devices connected to VPN.

Usage Examples#

HostnameIPUsage
api10.8.0.1Internal API
staging10.8.0.5Staging environment
db-replica10.8.0.10Secondary database

Wildcard DNS for Apps#

Siovos automatically configures a wildcard DNS for your applications:

*.apps.internal → Kubernetes ingress IP

How It Works#

When you deploy an application via GitHub Actions or kubectl, you can assign it a subdomain under apps.internal:

# In your Kubernetes Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: myapp
spec:
  rules:
  - host: myapp.apps.internal
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: myapp
            port:
              number: 80

The application will be accessible at https://myapp.apps.internal without additional DNS configuration.

Delete an Entry#

For custom entries only:

  1. Find the entry in the list
  2. Click the delete icon
  3. Confirm

System entries cannot be deleted.

Restore Entries#

If you accidentally deleted a custom entry:

  1. Click Deleted entries
  2. Find the entry to restore
  3. Click Restore

Configure DNS Suffix#

During deployment, you can change the default suffix (.internal):

  • .local — Caution, may conflict with mDNS/Bonjour
  • .home — Good choice for personal use
  • .corp — For enterprise use
  • Your own domain — E.g., .mycompany.lan

The suffix cannot be changed after deployment. Choose it carefully from the start.

Common Issues#

"Host not found" — Make sure you're connected to VPN. Private DNS only works through the WireGuard tunnel.

DNS changes not applied — Clear your system's DNS cache:

  • macOS: sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder
  • Windows: ipconfig /flushdns
  • Linux: sudo systemd-resolve --flush-caches

Conflict with local DNS — If you're using .local as suffix, disable mDNS or choose a different suffix.

Was this page helpful?

Private DNS | Siovos