Found that this text message (‹ The IP of the domain is reserved ›) is from /var/www/peertube/peertube-latest/node_modules/got-ssrf/dist/index.js:
// Another layer of protection against SSRF - ensure we're not hitting internal services.
// Try to match "reserved" IP ranges: https://en.wikipedia.org/wiki/Reserved_IP_addresses
// https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html#case-2-application-can-send-requests-to-any-external-ip-address-or-domain-name
// The function returns 'unicast' or the name of the reserved IP range, should it match any.
// This in effect blocks all private IP Range: https://git.io/JWy3u, https://git.io/JWy3b
// We use ip.process() here to deal with potentially IPv4-mapped IPv6 addresses (which will show up as "ipv4mapped"
// and not the whatever range the actual IPv4 address actually belongs to).
if (ip.process(IP).range() !== 'unicast')
throw new Error('The IP of the domain is reserved!');
As I understood my hosts not passing SSRF check…
How to ‹ whitelist › them? My hosts have ips from different subnets.