I’ve been de-googling, de-microsofting, and de-Amazoning my life.
One thing I still use for self hosting is AWS Route 53 for Domain Name Services (DNS).
I don’t feel ready to self-host DNS.
Do you all have recommendations for reliable and ethical DNS hosting providers?
Or is self hosting some DNS records less of a big deal than I’m imagining?
Advice on either would be welcome. Thank you!
Desec.io is a solid option - it allows for various types of records like TLSA and SRV. It can also generate scoped API tokens e.g. for “only TXT records of the
_acme-challengesubdomain of example.com” to use in automated cert renewals, so pretty good for granularity. It’s also a nonprofit.I think selfhosting DNS is beneficial when you wanna control your own DNSSEC keys, but you’d need to account for high availability and safety. With that, you could do what’s called a “hidden primary + public secondary” setup to protect your master DNS data from the public prying. You can even use 3rd-party services like ns-global.zone as your secondaries for redundancy and to reduce load on your infra, too. I recommend Technitium and their guidance if you wanna get started