Just installed Yunohost. Can I use the service with a VPN without any port forwarding and without a domain?

My YunoHost server

Hardware: Linux Mint with Virtualbox installed running Yunohost
YunoHost version: 11.1.15 (stable)
I have access to my server : Through the webadmin, though I can use the console in virtualbox as well
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no, maybe? i’m not sure
If yes, please explain: Below

Description of my issue

Hello everyone. I’m new to linux and wanted to try selfhosting. I decided to try hosting yunohost on virtualbox on linux mint as a test first since I already am using linux mint. I understand that this might be causing some problems, but I don’t exactly know what problems they are.

I am using the free domain given by yunohost and also using the same wifi/local internet. Have not tried connecting from another internet yet.

Problem 1: I am trying to use Yunohost without opening any ports on my router. I do not like the idea of opening ports and am not comfortable with it. I prefer using a VPN to connect home instead. However, I am stupid and clueless on how to get this done :sweat_smile: :joy:

Is this possible? I am thinking of using wireguard/openVPN or something to do this. I know Yunohost has apps for wireguard, and I saw two apps: “Wireguard VPN” and “Wireguard VPN Cilent”. I’m not really sure which one I am supposed to use. I was like 90% sure I could just not open ports and use a VPN instead, but I couldn’t really figure out what to do. Even the wording in the documentation suggests that I can do this. “If you are self-hosting at home and without a VPNConfigure port-forwarding | Yunohost Documentation

Problem 2: I also do not want to use a domain. I have already tried messing with my router according to this Local network access to your server | Yunohost Documentation

I’ve first tried changing the /etc/hosts file on my virtualbox. I also tried messing with my router afterwards, but it did not work. When I Installed the app Vaultwarden and linked it to “domainname/vaultwarden”, it still gave me the error saying “unable to connect”.

Problem 3 (The main problem I guess): Because of the two problems I have just listed, nothing is working (any applications I installed does not load, website can’t be reached) :joy: as I have not opened any ports yet. I don’t even have the HTTPS cert. I am guessing this is why “domainname/vaultwarden” wouldn’t work, cause I DON’T EVEN HAVE ANY PORTS OPEN!!! :rofl: BUTTT I thought that changing the /etc/hosts would’ve solved this problem. It didn’t :sob:

I changed /etc/hosts many times using “sudo nano /etc/hosts/” (I did not know what I was doing, but I tried every config I thought of), for example:
127.0.0.1 fakedomainname
127.0.0.1 realdomain (the free domain from setup)
127.0.1.1 fakedomainname
127.0.1.1 realdomain (the free domain from setup)
192.168.1.226 fakedomainname (226 is my local ip for virtualbox, typing in 192.168.1.226 into my address bar redirects me to yunohost)
192.168.1.226 realdomain (the free domain from setup)

So uhm yea that’s about it. TLDR

  1. I don’t want to open ports on my router, I want to use a VPN instead.
  2. I don’t want to use a domain either.
  3. Nothing is working (explained above).

Side note, sorry if this is the wrong topic to post, I wasn’t sure if this is under installation or support.

My current thought process is that I need to open some ports temporarily to set up my applications and VPN. Afterwards, I can close the ports and use the VPN. I also think that maybe the virtualbox environment is causing issues, with ports/firewall/whatever. If not, perhaps “hairpinning” is the problem, and I just didn’t fix it properly.

That’s just my guess, since I am still a beginner in Linux/Yunohost/Networking. Please do let me know what should my next steps be!! Thank you!!! :smiley:

You could also look into Tailscale to connect your computers to your home server. It’s a mesh networking thing built on Wireguard. Takes care of setting up your keys and stuff.

I use Tailscale but I have some public services, so I haven’t setup a 100% no-ports open server.

It is an interesting use case that could be looked at I think. Nextcloud/Pihole/Vaultwarden is a perfect combo to write on such a system.

Also, I’m sure someone might chime in here, but running it on a virtualbox is probably not helping things.

1 Like

I use zerotier and yunohost comes with itself hosted web UI to manage controller api as well…

Hi. I have struggled with the same problem. I host both private and public facing services. I have a small vps at hetzner, which directs all traffic on ports 80 and 443 through a wireguard tunnel to my server at home. I see all original visitor ips at the server. This has been very reliable. Downside is I haven’t found a way yet to automatically update certificates which is a pain. Sure there is a way.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.