My YunoHost server
Hardware: Raspberry Pi 3 B+ at home
YunoHost version: 11.1.20 (stable)
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no
Description of my issue
Hi, I’m a newbie and I’m having problems setting up my YunoHost on my Raspberry Pi 3. I’ve installed YunoHost and can access it locally (through SSH and browser) and it seems to work remotely with my chosen domain name (via nohost.me) but I don’t have a certificate yet.
I got some error messages in the diagnostic tool regarding my ports (all ports are unreachable from outside in IPv6), web (host appears unreachable via HTTP from outside the local network in IPv6, although it works in IPv4) and email (“The SMTP mail server is unreachable from outside on IPv6. It won’t be able to receive emails” and some other messages).
I’ve done the port forwarding on my router (Fritz!Box) for both IPv4 and IPv6, so in theory it should be fine (at least IPv4 is fine). The ports are open with the public IP (I think IPv4) and domain name via this website (Open Port Check Tool - Test Port Forwarding on Your Router). However, this website (http://www.whatismyipv6.com) says I don’t have an IPv6 address, but my router says I do (and IPv6 is enabled).
I tested the ports here (IPv6 Open Port Checker Tools - Port.Tools - Verify Port Forwarding, Open/Close Public Port on Your Router Using IpV6) and it can find my IPv6 address, but the port check failed with “Resource temporarily unavailable”.
Additional Informations: UPnP is activated, I’m not using any VPN and I’ve a German ISP.
Does anyone know what the problem is?
=================================
Base system (basesystem)
=================================
[INFO] Server hardware architecture is bare-metal arm64
- Server model is Raspberry Pi 3 Model B Plus Rev 1.3
[INFO] Server is running Linux kernel 5.15.76-v8+
[INFO] Server is running Debian 11.7
[INFO] Server is running YunoHost 11.1.20 (stable)
- yunohost version: 11.1.20 (stable)
- yunohost-admin version: 11.1.9.4 (stable)
- moulinette version: 11.1.4 (stable)
- ssowat version: 11.1.4 (stable)
=================================
Internet connectivity (ip)
=================================
[SUCCESS] Domain name resolution is working!
[SUCCESS] The server is connected to the Internet through IPv4!
- Global IP: xx.xx.xx.xx
- Local IP: 192.168.178.90
[SUCCESS] The server is connected to the Internet through IPv6!
- Global IP: xx:xx:xx:xx:xx:xx
- Local IP: fe80::2d49:9c3d:f492:58dc
=================================
DNS records (dnsrecords)
=================================
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category basic)
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category mail)
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category xmpp)
[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category extra)
=================================
Ports exposure (ports)
=================================
[ERROR] Port 22 is not reachable from the outside in IPv6.
- Exposing this port is needed for admin features (service ssh)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 25 is not reachable from the outside in IPv6.
- Exposing this port is needed for email features (service postfix)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 80 is not reachable from the outside in IPv6.
- Exposing this port is needed for web features (service nginx)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 443 is not reachable from the outside in IPv6.
- Exposing this port is needed for web features (service nginx)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 587 is not reachable from the outside in IPv6.
- Exposing this port is needed for email features (service postfix)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 993 is not reachable from the outside in IPv6.
- Exposing this port is needed for email features (service dovecot)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 5222 is not reachable from the outside in IPv6.
- Exposing this port is needed for xmpp features (service metronome)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
[ERROR] Port 5269 is not reachable from the outside in IPv6.
- Exposing this port is needed for xmpp features (service metronome)
- To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config
=================================
Web (web)
=================================
[ERROR] Domain maindomain.tld appears unreachable through HTTP from outside the local network in IPv6, though it works in IPv4.
- Connection error: could not connect to the requested domain, it's very likely unreachable.
=================================
Email (mail)
=================================
[SUCCESS] The SMTP mail server is able to send emails (outgoing port 25 is not blocked).
[ERROR] The SMTP mail server is unreachable from the outside on IPv6. It won't be able to receive emails.
- Could not open a connection on port 25 to your server in IPv6. It appears to be unreachable.
1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
2. You should also make sure that service postfix is running.
3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.
[ERROR] Reverse DNS is not correctly configured for IPv4. Some emails may fail to get delivered or be flagged as spam.
- Current reverse DNS: dynamic-093-129-153-008.93.129.pool.telefonica.de
Expected value: maindomain.tld
- You should first try to configure reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting providers may require you to send them a support ticket for this).
- Some providers won't let you configure your reverse DNS (or their feature might be broken...). If you are experiencing issues because of this, consider the following solutions:
- Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
- A privacy-friendly alternative is to use a VPN *with a dedicated public IP* to bypass this kind of limits. See https://yunohost.org/#/vpn_advantage
- Or it's possible to switch to a different provider
[ERROR] Reverse DNS is not correctly configured for IPv6. Some emails may fail to get delivered or be flagged as spam.
- Current reverse DNS: dynamic-2a02-3100-50d2-7d00-65d4-0739-d14b-cc0c.310.pool.telefonica.de
Expected value: maindomain.tld
- You should first try to configure reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting providers may require you to send them a support ticket for this).
- Some providers won't let you configure your reverse DNS (or their feature might be broken...). If your reverse DNS is correctly configured for IPv4, you can try disabling the use of IPv6 when sending emails by running 'yunohost settings set email.smtp.smtp_allow_ipv6 -v off'. Note: this last solution means that you won't be able to send or receive emails from the few IPv6-only servers out there.
[ERROR] Your IP or domain xx.xx.xx.xx is blacklisted on Spamhaus ZEN
- The blacklist reason is: "https://www.spamhaus.org/query/ip/xx.xx.xx.xx"
- After identifying why you are listed and fixing it, feel free to ask for your IP or domain to be removed on https://www.spamhaus.org/zen/
[ERROR] Your IP or domain xx.xx.xx.xx is blacklisted on SpamRATS! all
- The blacklist reason is: "SPAMRATS IP Addresses See: http://www.spamrats.com/bl?xx.xx.xx.xx"
- After identifying why you are listed and fixing it, feel free to ask for your IP or domain to be removed on http://www.spamrats.com/
[SUCCESS] 0 pending emails in the mail queues
=================================
Services status check (services)
=================================
[SUCCESS] Service dnsmasq is running!
[SUCCESS] Service dovecot is running!
[SUCCESS] Service fail2ban is running!
[SUCCESS] Service metronome is running!
[SUCCESS] Service mysql is running!
[SUCCESS] Service nginx is running!
[SUCCESS] Service php7.4-fpm is running!
[SUCCESS] Service postfix is running!
[SUCCESS] Service redis-server is running!
[SUCCESS] Service rspamd is running!
[SUCCESS] Service slapd is running!
[SUCCESS] Service ssh is running!
[SUCCESS] Service yunohost-api is running!
[SUCCESS] Service yunohost-firewall is running!
[SUCCESS] Service yunomdns is running!
=================================
System resources (systemresources)
=================================
[SUCCESS] The system still has 536 MiB (59%) RAM available out of 910 MiB.
[INFO] The system has only 100 MiB swap. You should consider having at least 512 MiB to avoid situations where the system runs out of memory.
- Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device.
[SUCCESS] Storage / (on device /dev/root) still has 449 GiB (99.5%) space left (out of 451 GiB)!
[SUCCESS] Storage /boot (on device /dev/mmcblk0p1) still has 223 MiB (88%) space left (out of 255 MiB)!
=================================
System configurations (regenconf)
=================================
[SUCCESS] All configuration files are in line with the recommended configuration!
=================================
Applications (apps)
=================================
[SUCCESS] All installed apps respect basic packaging practices
