I did buy domain, for example mydomain.com.
I did configure unbound service which is running on opnsense router to override all hosts for mydomain.com to give IP of my home server. So when I am in local network (at home) and asking for *.mydomain.com I get local IP of server.
My home server is running SWAG (nginx reverse proxy) and using mydomain.com. Swag is using dns validation method to get letsencrypt certificate. All services are accessible over some_subdomain.mydomain.com When I want to access my home-assistant I used hoas.mydomain.com
I did configure DNS records at my registrant and A record and all hosts are pointing to webhosting where I also hosting another domain. Basically I have created simple web page for mydomain.com. So when I am out of local network (not at home) then browsing *.mydomain.com I get that simple page.
my laptop or my phone are using local services provided by home server over mydomain.com That is working well in local network. But when I leave home my laptop and phone are trying to resolve mydomain.com and getting that webhosting IP so they are trying to continue in communication and can leak some data. Or for example home-assistant app start to notify me that it cannot connect Or davx is reporting wrong certificate.
What do you think?
How do you do that?
I forgot to mentioned. I dont want to have those services accessible from internet. They will be accessible only from local network.