Diagnosis is not listing the correct ports

hook · March 23, 2025, 10:12pm

What type of hardware are you using: Old laptop or computer
What YunoHost version are you running: 12.0.12
How are you able to access your server: The webadmin
SSH
Direct access via physical keyboard/screen
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: no

Describe your issue

When I run Diagnosis, it does not try all the relevant ports.

For example, Diagnosis right now show for me the following ports:

22
25
80
443
587
993
5001
5349

But if I go check the manifest.toml files of the apps that I have installed, there should be several more:

https://github.com/YunoHost-Apps/coturn_ynh/blob/master/manifest.toml:

    [resources.ports]
    turnserver_tls.default = 5349
    turnserver_tls.exposed = "Both"
    turnserver_alt_tls.default = 5350
    turnserver_alt_tls.exposed = "Both"
    cli.default = 5766

https://github.com/YunoHost-Apps/languagetool_ynh/blob/master/manifest.toml:

    [resources.ports]
    main.default = 8081

https://github.com/YunoHost-Apps/scrutiny_ynh/blob/master/manifest.toml:

   [resources.ports]
   main.default = 8080

~~https://github.com/YunoHost-Apps/prosody_ynh/blob/master/manifest.toml:~~

~~[resources.ports] file.default=5000 client.default=5222 server.default=5269 http.default=5280 https.default=5281 component.default=5347 telnet.default=5582~~

https://github.com/YunoHost-Apps/prosody_ynh/blob/a106ce8e4b1a7a43ba96901a03e34d1ae219e92e/manifest.toml

    [resources.ports]
    # 5222 and 5223 are for the two flavor of TLS
    client.default = 5222
    client.exposed = "TCP"
    client.fixed = true
    client2.default = 5223
    client2.exposed = "TCP"
    client2.fixed = true
    server.default = 5269
    server.exposed = "TCP"
    server.fixed = true

    # FIXME : to be rediscussed ? Either they should be fixed, or the value $port_<name> should be used somewhere
    http.default = 5280
    file.default = 5000
    component.default = 5347
    telnet.default = 5582

https://github.com/YunoHost-Apps/ums_ynh/blob/master/manifest.toml:

    [resources.ports]
    main.default = 9001
    rend.default = 5001
    rend.exposed = "TCP"

It would be quite cool (and make it easier to debug) if in the details, each port in Diagnosis listed which apps require it.

As an added bonus weirdness, it claims that port 5349 is not forwarded, while it should be, according to my router (or at least my knowledge of it.)

Share relevant logs or error messages

see above

jarod5001 · March 23, 2025, 10:20pm

The ports in the manifest are internal ports that are proxied using nginx. So you don’t need to use ports to access your apps.
The ports reported in the diagnosis need to be opened to be accessed from the outside.

hook · March 23, 2025, 10:25pm

That in general makes sense, but at the very least, Prosody needs open ports for XMPP to operate.

jarod5001 · March 23, 2025, 10:53pm

Yep, some apps require one or more ports open in the firewall and router to work correctly or to have a function running.

Aleks · March 24, 2025, 12:57am

Prosody ports are not marked as exposed = "TCP" or "Both" in the manifest, because the current master/main branch is pretty much trash, you should look at Testing | Full rework, follow-up of YunoHost 12 by alexAubin · Pull Request #28 · YunoHost-Apps/prosody_ynh · GitHub

hook · March 24, 2025, 3:48pm

Well, I just checked and I seem to be on that version. At least the manifest.toml seems to match with that PR’s version.

I misquoted the manifest.toml in the original post. Fixed now.

Aleks · March 24, 2025, 4:25pm

Ah yes it looks like it’s because the corresponding service is not added in yunohost with --needs-exposed-ports foo,bar here : prosody_ynh/scripts/install at a106ce8e4b1a7a43ba96901a03e34d1ae219e92e · YunoHost-Apps/prosody_ynh · GitHub