Has anyone played with YunoHost... on Yggdrasil? (or a similar network)

Discuss
1

I’m thinking of experimenting with YunoHost. One interesting thing way of doing this would be using Yggdrasil. Yggdrasil is an overlay IPv6 network, so any two nodes on Yggdrasil can communicate with each other, regardless of their network. This means in theory I can install YunoHost anywhere and have it publically reachable.

There are two obstacles to this:

  • DNS. Yggdrasil does not have any really official DNS servers. I guess I could add entries to the pubiic Internet DNS and use those (this is not an issue for me). I could also use OpenNIC, I guess.

DNS is something I’ll research on Yggdrasil channels. The real problem is:

  • Certificates. I think I’d be able to get valid certificates (I can use a real domain name and make that work), but it might be more interesting to not use encryption (all Yggdrasil traffic is encrypted). (I suspect YunoHost dyndns would be usable too.)

Are there any major showstoppers at using YunoHost without certificates? Kinda my big point of interest is YunoHost support for email.

(My general idea is to test drive YunoHost and be able to use it without getting a public IP address.)

Thanks,

Álex

2 Likes
2

Ah, so I think this boils down to:

  • Is there any way to use an alternate ACME service to obtain certificates? (OpenNIC apparently has their ACME service.)
  • … or to use DNS challenges to obtain certs?
  • … because I assume I could obtain my certificate separately and install it somewhere manually
3

Mental note: IPv6-only YunoHost seems viable.

4

And another mental note: MX records can point to AAAA records, so in theory IPv6 email should work, but here be dragons, apparently.

5

I’ve been testing Yggdrasil. I haven’t tried it on YunoHost yet, but it seems to work fine and it is supported on Windows, Linux, Mac and Android.
For DNS records, both OpenNIC and ALFIS are supported. Both can be published on Popura DNS.
I believe it would be great to integrate Yggdrasil and Popura DNS as YunoHost apps.
This would not only allow people to use free and alternative domains with YunoHost, but also enable those with servers behind CGNAT to access them from outside.