![](/static/253f0d9b/assets/icons/icon-96x96.png)
![](https://beehaw.org/pictrs/image/1be75b15-2f18-429d-acf7-dcea8e512a4b.png)
It isn’t, because their business practices violate the four FOSS essential freedoms:
- The freedom to run the program for any purpose
- The freedom to study and modify the program
- The freedom to redistribute copies of the original or modified program
- The freedom to distribute modified versions of the program
Specifically, freedom 4 is violated, because you are not permitted to distribute a modified version of the program that connects to the Signal servers (even if all your modified version does is to remove Google Play Services or something similar).
Reverse proxies aren’t DNS servers.
The DNS server will be configured to know that your domain, e.g., example.com or *.example.com, is a particular IP, and when someone navigates to that URL it tells them the IP, which they then send a request to.
The reverse proxy runs on that IP; it intercepts and analyzes the request. This can be as simple as transparently forwarding jellyfin.example.com to the specific IP (could even be an internal IP address on the same machine - I use Traefik to expose Docker network IPs that aren’t exposed at the host level) and port, but they can also inspect and rewrite headers and other request properties and they can have different logic depending on the various values.
Your router is likely handling the .local “domain” resolution and that’s what you’ll need to be concerned with when configuring AdGuard.