Moving from vps to kimsufi dedicated server with proxmox

Moving yunohost is not a problem. My main problem is the best way for having multiple VMs, with one ipv4 and one ipv6 address.

What I am planning to have :

  • one vm for my personal yunohost
  • one vm for a testing yunohost
  • one debian vm for software development
  • /home/yunohost.multimedia on host probably shared with other VMs (on host)

Having one ip restricts to one email server only. Ovh allows additional IPs but it seems that they are not compatible with kimsufi.

What I have done :

  • installed proxmox on host
  • nginx proxy manager in a container
  • a vm for yunohost tests
  • other debian VMs
  • forwarding all the traffic to NPM container
  • forwarding some ports to the yunohost vm (it’s for package testing, not intended to be my main yunohost server)
  • proxying domains to corresponding VMs using npm
  • one folder is shared with other machines using NFS

I am getting some errors in the diagnosis :

  • It looks like another machine (maybe your internet router) answered instead of your server. yes, that’s npm, but how can I make it transparent?
  • email ports but that’s expected
  • let’s encrypt certificates are managed by npm and not yunohost

That’s a lot of questions :sweat_smile:
@wbk, I know you will have a lot of answers and suggestions :wink:

1 Like

Congratulations with your dedi!

I read your post and contemplated how I’d do things myself, until I came to the end,

That made me laugh, we may know each other only via the forum, but you got me there :smiley:

I may have to read up on NPM and try it out, it gets mentioned more and more often. My solution so far has been: throw more money (in limited amounts, or actually, IPs or VPSs) at the problem. With the risk of letting you down: I have no suggestion for your question!

Only one IPv6/128? That’s almost criminal…

IPv6 is supposed to be handed out in at least /64. I found a (very old) discussion on whether Kimsufi actually hands out /64 or not (they should to prevent trouble: if any IP out of the gazillion addresses in a random /64 behaves badly, that whole /64 gets punished by blocklists)

If indeed you can use the whole IPv6/64, regular access without a reverse proxy is a lot easier. I run some Yunohosts with IPv6 only, but with Github still in the second half of the 20th century and lacking internet connectivity outside of IPv4, installing apps gets frustrating at times.

The diagnosis supports ‘deviant’ setups with the ‘ignore’ button (“If you can figure out how to set this up in that way, you probably know how to monitor it yourself as well…” ), but it would be nice if we could extend the diagnosis with custom checks for such occasions.