Domains & DNS
v1.x
·
Updated 3 weeks ago
Domains & DNS
Basic Principle
GateControl acts as a reverse proxy: requests to a domain (e.g. app.example.com) are forwarded by Caddy to a backend — typically a service behind the WireGuard tunnel.
For this to work, DNS records must point to the public IP of the server running GateControl.
Creating DNS Records
For each domain or subdomain you want to use as a route in GateControl, you need a DNS record:
A Record (IPv4):
app.example.com A 203.0.113.50
nas.example.com A 203.0.113.50Wildcard (optional):
*.example.com A 203.0.113.50A wildcard record (*.example.com) covers all subdomains — you can then create as many routes as you like without setting up a new DNS record each time.
AAAA Record (IPv6, optional):
app.example.com AAAA 2001:db8::1Where to Configure DNS?
| Provider | Management |
|---|---|
| Cloudflare | Dashboard → DNS → Add Record |
| Hetzner | DNS Console → Zone → Add Record |
| IONOS / 1&1 | Domain Center → DNS Settings |
| Namecheap | Domain List → Manage → Advanced DNS |
| AWS Route 53 | Hosted Zone → Create Record |
| Custom DNS Server | Zone file or admin UI |
Important Notes
- Propagation: DNS changes take 1–60 minutes to become visible worldwide
- TTL: Set the TTL to 300 (5 minutes) for faster changes
- Proxy: If you use Cloudflare, set the proxy status to DNS only (gray cloud), not Proxied (orange cloud). Caddy needs direct access for Let's Encrypt
- GateControl DNS Check: When creating a route, GateControl automatically checks whether the domain points to the correct IP
Multiple Domains
You can use as many domains and subdomains as you like:
app.example.com → 10.8.0.2:8080
nas.example.com → 10.8.0.3:5000
git.other-domain.com → 10.8.0.4:3000Each domain needs its own DNS record pointing to the GateControl server IP.