The point of purchasing a registered domain name and connecting it to a public DNS server is to make it findable from any Internet location. If you only ever want to use the domain name internally, you don’t need to have a public domain name and you can make up your own internal domain name that is served by your local DNS. To avoid future conflicts with public domains, I’d probably use a TLD that doesn’t exist (e.g. not .com or the like).

Sheepism.

Correct; You don’t need a domain name.

A lot of people self host for themselves, family, friends, clients. It’s easier to say “hey, login to x service at homelab.com”

If you do everything within the network, I guess you don’t really need a domain

Yes, because how will you acces wireguard? Whats your endpoint?

I mean its all fine if you have a static IP which never changes but that usually is not the case anymore. So you need a domainname to update. Also vpn.youlab.tld is esier to remember than 131.234.142.83

SSL is the main reason, this way your traffic is encrypted from snoopers on your land, and you don’t get the warning messages about it not being secure.

You can use a sub domain from desec for free to do this.

One reason is that a lot of mobile browsers won’t resolve local-only domains or even IP addresses unless you explicitly put https:// in front of it, every time. Instead they treat them as a search and you end up searching for your local domain in a search engine. It’s a pain in the ass and having a public, registered domain gets them to properly resolve even when your local services live on a non-public subdomain.