Installing and configuring Yunohost on Virtual Station VM on a QNAP NAS connection issue

What type of hardware are you using: Virtual machine
What YunoHost version are you running: 12.0.9.1
How are you able to access your server: The webadmin
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: No special tweaking performed

Describe your issue

Hi everyone!

I have been trying to run my Yunohost on a VM on a QNAP NAS device through Virtual Station.

The installation goes smoothly. I configure the router to open ports for the specific local IP - those are 22, 25, 80, 443, 587 and 993. IPv6 has been disabled.

I get the issue of ports exposure not reachable from the outside. Additionally the noho.st domain is appears unreachable through http from outside the local network.

This is obviously hindering me in making use of any apps like Nextcloud, which I would like to run on it. The DNS records seem all okay, but wasn’t recently. I have tried to restart the machine several times, nothing seem to budge.

Would appreciate some insight from anyone that can help

Share relevant logs or error messages

No link

Can you share the diagnosis? With the green button

=================================
Base system (basesystem)

[INFO] Server hardware architecture is kvm amd64

  • Server model is qemu qemu

[INFO] Server is running Linux kernel 6.1.0-28-amd64

[INFO] Server is running Debian 12.8

[INFO] Server is running YunoHost 12.0.9.1 (stable)

  • yunohost version: 12.0.9.1 (stable)
  • yunohost-admin version: 12.0.4 (stable)
  • yunohost-portal version: 12.0.7 (stable)
  • moulinette version: 12.0.3 (stable)
  • ssowat version: 12.0.3 (stable)

=================================
Internet connectivity (ip)

[SUCCESS] Domain name resolution is working!

[SUCCESS] The server is connected to the Internet through IPv4!

  • Global IP: xx.xx.xx.xx
  • Local IP: 192.168.0.xx

[WARNING] The server does not have working IPv6.

  • IPv6 should usually be automatically configured by the system or your provider if it’s available. Otherwise, you might need to configure a few things manually as explained in the documentation here:yunohost.org/ipv6.

=================================
DNS records (dnsrecords)

[ERROR] Some DNS records are missing or incorrect for domain maindomain.tld (category basic)

  • This domain’s DNS configuration should automatically be managed by YunoHost. If that’s not the case, you can try to force an update using ‘yunohost dyndns update --force’.
  • The following DNS record does not seem to follow the recommended configuration:
    Type: A
    Name: @
    Current value: 45.148.xxx.xxx
    Expected value: xx.xx.xx.xx

[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category mail)

[WARNING] Some DNS records are missing or incorrect for domain maindomain.tld (category extra)

  • This domain’s DNS configuration should automatically be managed by YunoHost. If that’s not the case, you can try to force an update using ‘yunohost dyndns update --force’.
  • The following DNS record does not seem to follow the recommended configuration:
    Type: A
    Name: *
    Current value: 45.148.xxx.xxx
    Expected value: xx.xx.xx.xx

=================================
Ports exposure (ports)

[ERROR] Port 22 is not reachable from the outside.

  • Exposing this port is needed for admin features (service ssh)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in org/isp_box_config

[ERROR] Port 25 is not reachable from the outside.

  • Exposing this port is needed for email features (service postfix)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in org/isp_box_config

[ERROR] Port 80 is not reachable from the outside.

  • Exposing this port is needed for web features (service nginx)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in org/isp_box_config

[ERROR] Port 443 is not reachable from the outside.

  • Exposing this port is needed for web features (service nginx)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in org/isp_box_config

[ERROR] Port 587 is not reachable from the outside.

  • Exposing this port is needed for email features (service postfix)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in org/isp_box_config

[ERROR] Port 993 is not reachable from the outside.

  • Exposing this port is needed for email features (service dovecot)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in org/isp_box_config

=================================
Web (web)

[ERROR] Domain maindomain.tld appears unreachable through HTTP from outside the local network.

  • Timed-out while trying to contact your server from the outside. It appears to be unreachable.
    1. The most common cause for this issue is that port 80 (and 443) are not correctly forwarded to your server.
    2. You should also make sure that the service nginx is running
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

=================================
Email (mail)

[SUCCESS] The SMTP mail server is able to send emails (outgoing port 25 is not blocked).

[ERROR] The SMTP mail server is unreachable from the outside on IPv4. It won’t be able to receive emails.

  • Could not open a connection on port 25 to your server in IPv4. It appears to be unreachable.
    1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
    2. You should also make sure that service postfix is running.
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

[ERROR] Reverse DNS is not correctly configured for IPv4. Some emails may fail to get delivered or be flagged as spam.

  • Current reverse DNS: unn-149-50-xxx-xxx.datapacket.com
    Expected value: maindomain.tld
  • You should first try to configure reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting providers may require you to send them a support ticket for this).
  • Some providers won’t let you configure your reverse DNS (or their feature might be broken…). If you are experiencing issues because of this, consider the following solutions:
    • Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    • A privacy-friendly alternative is to use a VPN with a dedicated public IP to bypass this kind of limits. See Advantages of a VPN for self-hosting | Yunohost Documentation
    • Or it’s possible to switch to a different provider

[SUCCESS] The IPs and domains used by this server do not appear to be blacklisted

[SUCCESS] 0 pending emails in the mail queues

=================================
Services status check (services)

[SUCCESS] Service dnsmasq is running!

[SUCCESS] Service dovecot is running!

[SUCCESS] Service fail2ban is running!

[SUCCESS] Service mysql is running!

[SUCCESS] Service nginx is running!

[SUCCESS] Service opendkim is running!

[SUCCESS] Service php8.3-fpm is running!

[SUCCESS] Service postfix is running!

[SUCCESS] Service redis-server is running!

[SUCCESS] Service slapd is running!

[SUCCESS] Service ssh is running!

[SUCCESS] Service yunohost-api is running!

[SUCCESS] Service yunohost-firewall is running!

[SUCCESS] Service yunohost-portal-api is running!

[SUCCESS] Service yunomdns is running!

=================================
System resources (systemresources)

[SUCCESS] The system still has 3.1 GiB (81%) RAM available out of 3.8 GiB.

[SUCCESS] The system has 980 MiB of swap!

  • Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device.

[SUCCESS] Storage / (on device /dev/mapper/system-root) still has 181 GiB (98.1%) space left (out of 184 GiB)!

[SUCCESS] Storage /boot (on device /dev/vda1) still has 323 MiB (75%) space left (out of 430 MiB)!

=================================
System configurations (regenconf)

[SUCCESS] All configuration files are in line with the recommended configuration!

=================================
Applications (apps)

[SUCCESS] All installed apps respect basic packaging practices

Sorry, I noticed that it didn’t obfuscate private data like IP etc, so I pasted it here and posted.

You could have shared the link generated by the green button.
Anyway, it seems that port forwarding is not set correctly.
You need to forward these ports to the ip address of yunohost and if the host has a firewall, you have to allow these ports to the vm in your host. Then run yunohost dyndns update --force as root
After that recheck the diagnosis, you may have to click on rerun the diagnosis

Thank you for your time, It is much appreciated. So I have done the things you suggested prior to posting, but for good measure I have redone it and rechecked everything again. Yet I am still stuck with the same issue.

Does your VM have a dedicated local IP address, or does it share it with the QNAP NAS? You should setup your VM to get the former case.

It has a separate and dedicated local ip. I have tried multiple remedies, even enabling upnp on both the qnap nas and on the router. Nothing seem to fix it.

Can you recheck the port forwarding? None of the ports seems open. If you have a firewall between your router and the VM, try disabling it and see what happens

That’s the odd thing about it. The firewall is turned off. Everything is open, yet still it doesn’t work. I believe it is something to do with the QNAP NAS configuration, but I have just given up now, because I can’t figure it out and was hoping someone had some experience with the QNAP setup…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.