Reverse proxy and Reverse DNS for YunoHost installation

Hello all!

I would like to use the Redirect app to set up Yunohost’s main reverse proxy to itself, based on @tituspijean’s tip in this other thread.

I would be grateful for any tips about where my setup and attempts (see below) might be going wrong.

My YunoHost server

Hardware: Old computer - Mac Mini circa 2014
YunoHost version: 11.1.19 (running on VM via VirtualBox)
I have access to my server :

• Through SSH
• through the webadmin
• direct access via keyboard / screen

Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

What you are trying to achieve
Use the Redirect app to direct Yunohost’s main reverse proxy to itself, based on @tituspijean’s tip.

The context
This is my attempt to resolve my last remaining Yunohost install error. After this is resolved, I hope I can install apps without reverse proxy errors and send and receive email ok.

What I tried
Here are the config/setup combinations I have tried so far when installing the Redirect app.

Attempt 1:
Install uri: main YH domain (nqo.link)
Install folder: /redirect
Redirect destination path: http://127.0.0.1
Redirect type: private_proxy

image2387×1017 164 KB

Attempt 2:
Install uri: main YH domain (nqo.link)
Install folder: /redirect
Redirect destination path: http://127.0.0.1
Redirect type: public_proxy

image2387×1022 145 KB

Attempt 3:
Install uri: YH subdomain (proxy.nqo.link)
Install folder: /
Redirect destination path: internal network Yunohost ip (exposed host on modem/router/frtizbox)
Redirect type: public_proxy

image2387×1038 155 KB

Attempt 4:
Install uri: YH subdomain (proxy.nqo.link)
Install folder: /
Redirect destination path: external ip (exposed host on modem/router/fritzbox)
Redirect type: public_proxy

image2387×1026 136 KB

Many other attempts
I have tried a lot of different combinations of the above setting without success.

Returned error message.
There are no error logs, as the Redirect app installs correctly each time.

However, when I run Diagnostics, the error about reverse proxy remains unchanged throughout these experiments. Each time I get:

image2387×1246 296 KB

This suggests to me that I may need to:

• use different configuration settings in the Redirect app for reverse proxy to Yunohost, OR
• add a port at the end of the redirect url
• edit my nginx.conf file to finish configuring the reverse proxy

As discussed in this other thread, due to accessibility reasons, I cannot follow the instructions in the error message. That is why I’m trying reverse proxy via the Redirect app.

My questions are:

• are there any glaring errors you can see in any of these attempts?
• if I need to add a port to the url redirect, which port is best?
• would I be better manually setting up the reverse proxy in nginx, and if so, what are the exact details I would need to edit or add?
• has anyone else successfully used the Redirect app to set up Yunohost’s reverse proxy to itself? And if yes, would you please share the config steps and setting you used to be successful?
• is my effort direction incorrect?
  Ie please tell me if I need to focus on something different to the above to get this working.

I am familiar with setting up nginx servers manually, and have manually edited my Yunohost nginx server settings in the past (they are currently restored to before this edit, as I removed an app and had no more need for the edits). But my knowledge of nginx is basic and I would like specific instructions to ensure I don’t break anything.

Thank you for reading this epic call for aid! I hope you can help, and that any resolution can support others in setting up Yunohost.

Reverse DNS is not configured for IPv6 […]

Have you mixed up or misread “reverse proxy” with “reverse DNS”? These are totally completely different things.

• Reverse Proxy makes your webserver fetch and re-serve webpages from another webserver, either local (apps providing their own webserver on a specific port, for example), or external (another server is on a network accessible by your Internet-facing server, and you want it to serve as conduit for it).

• Reverse DNS is literally a reversed DNS record. DNS records are held by the domain registrars and basically say “This domain points to that IP address”. Reverse DNS are held by the Internet Service Provider that manages the IP address, and basically say “This IP address is used by that domain”.

As stated in your screenshot, this is mostly important for emails, as a safety layer to mitigate impersonation of servers. A nefarious person might try to send emails that appear to be coming from domain X, with their server on IP address B. But if domain X DNS record points to address A, and the Reverse DNS for address A points to domain X, we can infer something is not right.

(from the other thread). Reverse proxy is not your solution here. Read your Diagnosis report again, and follow its suggestion. There should be a setting in your router or in your ISP management account to set the Reverse DNS. I understand calling them is not an option here, but they should have a proper documentation on Reverse DNS. If not, I am sure they have a support email address or a chat support?

Hi @tituspijean

Oh. I tried the Redirect app and reverse proxy because you suggested it on the other thread, in response to my reverse DNS woes.

I understand what reverse DNS is, and what reverse proxies are.

Given all the new tech strategies I have been learning, I was open to the possibility that what you suggested may work.

My working assumption was that there may be a gap in my technical knowledge that included a way to configure a reverse proxy to do something that mimicked reverse DNS to the satisfaction of the yunohost configuration. There are so many holes in my server side knowledge that this was not unreasonable.

It’s frustrating to experience this red herring, but I appreciate the clarification.

I was specifically answering to your inquiry about reverse proxy. You did not mention reverse DNS.

I took the liberty of renaming the thread to cover both topics.

Keep us appraised on your exchanges with your ISP. It is totally possible they cannot or will not allow you to edit your reverse DNS on IPv6, unfortunately. We have currently have the same issue with all the mainstream ISP in France (naming and shaming Orange, Free, SFR, BouyguesTelecom ).

Aaah, mystery solved!

My bad,

And thank you for the information on reverse DNS with providers in your context. It helps me manage my expectations of my own internet provider.

Will let you know how it goes!

Hey again,

Some follow up documentation for other fellow learners.
I knew I’d seen alternative ways to set up reverse DNS somewhere, and just found a link I had been referring to.

If there are more experienced folk reading, would you clarify or point in a better direction if you know of other options? Or reasons to not use any of the below strategies.

Ways to set up reverse DNS - or equivalent - for yunohost

1. With your internet service provider

As in the instructions in the error message in Yunohost web admin (see screenshot above).

Depends on

• Being able to communicate with your ISP
• ISP being willing and able to set up the PTR record
  (I found an accessible way to be in touch with my ISP! But… My ISP’s reverse DNS tool doesn’t recognise my domain as valid, despite it being so. So I guess ISP helpfulness should not be assumed )

2. Via dynamic DNS service

See instructions here:
https://help.dyn.com/setting-up-reverse-dns/

Depends on

• Being able to communicate with your ISP
• ISP allowing delegation of reverse DNS zone

3. Via a VPN you set up on Yunohost

VPNs assign their own IP address, so they remove the need to communicate with the internet service provider (ISP). The mechanism that resolves DNS in VPN settings is not called “reverse DNS” when it is in a VPN, but my understanding is that it does the same thing, security-wise. So hopefully it will either remove the Yunohost diagnosis error, or allow us to confidently ignore it.

Depends on

• Being able to navigate VPN interface or configure it via command line
• Making instructions for other server set ups work on Yunohost

From what I can tell, Wireguard is a solid option for VPN on Yunohost. I’ve installed Wireguard successfully, but haven’t been able to set it up to work in this way yet.

Here is a handy guide I am planning on following (for the Wireguard parts only) in case anyone else wants to try:

4. Via VPN set up elsewhere on your local network

Set up a VPN somewhere on your home network that protects everything on the home network, including yunohost. This would feed its own IP settings to the yunohost install.

This seems like a ‘cleaner’ VPN-handling-DNS-drama option to me, meaning theoretically and semantically easier. It seems easier because it’s more clearly separate to yunohost. The down side would be inconvenience if/when moving a yunohost install somewhere else. I understand from the official docs that ease of moving yunohost servers is a big reason folks use VPNs on Yunohost, so a separate VPN would disadvantage people who need this.

Depends on

• Having extra hardware to run the VPN on
• Being able to navigate and configure the VPN via UI or command line
• Making the VPN play nice with to your router and yunohost

5. Via router settings

My fritzbox doesn’t do this, but I seem to remember reading that other routers can. Maybe @tituspijean has referred to it being possible with other hardware?

May you share said link?

These help you automatically set DNS records, as in domain records pointing to changing IP addresses. This does not apply to reverse DNS, as in IP address pointing to a domain.

Nice try. I should have been more extensive in my explanations. Internal IP addresses assigned by VPN server don’t matter. What matters is the public IP address as seen by the email servers receiving your emails. If you go through a VPN server, then it means its public IP address needs to have its reverse DNS set to your domain.

• If you use a public VPN service, you cannot set the reverse DNS.
• However, if you happen to rent your own server, like a small VPS, with the sole purpose of relaying your emails from your local server, then we are getting somewhere. See the following tutorial to setup an SMTP relay.

Broad steps, untested, I might be forgetting something:

1. Rent a VPS with a well-known provider. On the top of my head I only can refer to French suppliers, OVH and Scaleway. Scaleway have recently bumped up their prices, but they have a limited amount of very inexpensive servers perfect for that usage called Stardust servers (like, less than 1€/month). OVH have datacenters in Australia, which I guess is better, but email don’t really need low-latency to be sent.
2. Set it up with YunoHost, because, eh, you might not need to install apps on it, but the email stack is automagically set up.
3. Now you need to tweak your DKIM and SPF records on your DNS to match not your local YunoHost, but the VPS’. You will also need to, finally(!), set the reverse DNS of the VPS IP address to your domain name.
4. ( help needed) You will need to tweak the email configuration to allow sending emails from another domain… or… add the same domain as your local server? I really dunno.
5. Follow the tutorial:

• SMTP relay host : SMTP server url = your VPS domain name
• SMTP relay port : Port use with the distant serve = 587 by default
• SMTP relay user : Login or identification mail server = ( help needed) A user set on the VPS? I am not sure.
• SMTP relay password : Your SMTP relay password = ( help needed) same.

Per the explanations above, this is not a solution. Your VPN-server-on-the-local network will have your ISP-provided IP address, whose reverse DNS cannot be tweaked.

This is only applicable for some ISP-provided routers that have part of your client administration panel included in their interface (so that you can directly ask your ISP to change the reverse DNS from you router’s user interface). Changing routers will not help.

Aaaaaah, @tituspijean, thank you thank you!

May you share said link?

The link I referred to about Dynamic DNS is listed under item 2. Here it is again:
https://help.dyn.com/setting-up-reverse-dns/
Specifically, this:

Setting Up Reverse DNS
Before getting started with setting up reverse DNS within your Dyn account, contact your IP provider and confirm that they allow delegation of your reverse DNS zone. If they do not allow delegation, typically they can host your pointer record (PTR) for you and no reverse DNS configurations are required within your Dyn account. If they do allow delegation, confirm the exact syntax of the reverse DNS hostname with them as some providers use slashes and some use dashes. Additionally, if you are delegating a reverse DNS zone, confirm that this zone matches exactly what you configure in your Dyn account as this is necessary in order for delegation to work properly.

Once your reverse zones are created, your PTR records are created, and these changes are published, you can then proceed with having your IP provider update your reverse DNS zone delegation. Please note that no delegation changes are required with your registrar with a reverse DNS
zone.

Overall, reverse DNS is making so much more sense with your added explanations. I really appreciate you taking the time to elaborate on each attempt, and I really like the small email server workaround. If my ISP can’t set up the PTR record - their latest communication suggests they can only setup PTR records for .net and .com domains ) - I may go this route.

I’ve read other yunohost users refer to renting an email server for this purpose, and what you have written here helps me see how and why they are doing that.

Out of curiosity… what are folks reasons for going to the trouble of renting the server, rather than doing something like using Cloudflare.com email relay?

My reason would be data sovereignty best practice, but the temptation of the lazy option is high, since I am already using Cloudflare for setting DNS records.

5. Via router settings

This is only applicable for some ISP-provided routers that have part of your client administration panel included in their interface (so that you can directly ask your ISP to change the reverse DNS from you router’s user interface).

Ah ok. This makes sense. Thank you again for the clarification.

This thread is making some nice meat for addition to the install/tutorial docs . I’ll compile some draft text sometime and put it up on a thread in docs to seek feedback.

Hi all, especially @tituspijean

UPDATE ON REVERSE DNS ATTEMPTS FROM ISP

My ISP - Tangerine Telecom - still can’t set a reverse DNS record for my yunohost domain.

ISP attempt 1

Set reverse DNS to:

• 139.218.234.185 = nqo.link (< the public facing sticky IP assigned to my internet connection)

Result 1

Domain shows as not a valid domain (despite me using it fine, it showing up in browsers, being able to install a Let’s Encrypt certificate etc)

My edits

Based on this advice about getting a VM behind a Frtizbox set up correctly with a dynamic DNS service (separate issue of trying to get IPv6 working), I did the following:

• In yunohost admin I edited the etc/network/interfaces file to include lines

car enp0s3
allow-hotplug enp0s3
iface enp0s3 inet dhcp
address 192.168.188.30 (@IP yunohost)
gateway 192.168.188.1 (@IPv4 router)
dns-nameservers 192.168.188.1 (@IPv4 fritzbox)
iface enp0s3 inet6 dhcp
dns-nameservers fd00:0:0:0:b2f2:8th:fe0d:a7fc (@IPv6 fritzbox)

ISP attempt 2

Set reverse DNS to:

• 139.218.234.185 = nqo.link (< the public facing sticky IP assigned to my internet connection)

Result 2

Reverse DNS setup failed. But some progress! They can see the domain is valid via reverse dns lookup now.
But! They still can’t successfully set up the Reverse DNS for my domain.

ISP attempt 3

Set reverse DNS to:

• 192.168.188.30 = nqo.link (< the internal IP of my yunohost server on my network, behind a fritzbox)

Result 3

Reverse DNS setup failed.

Potentially relevant context

Here is the list of my currently exposed ports on my home network (in case it is relevant to why this attempt by my ISP failed.

Screenshot 2023-07-31 at 12.20.01 pm2056×1276 292 KB

My ISP recommedations

They advised/suggested that:

• My dynamic DNS service is probably not contributing to this error (dynv6.com)
• they have only successfully set up Reverse DNS for .net and .com domain names in the past
• They don’t have any publicly available reverse DNS information for their service
• Perhaps my DNS provider - Cloudflare.com - has some support information regarding reverse dns settings that will help.

My attempt: Reverse DNS at cloudflare.com

I followed the ISP advice by looking here. But it seems I am not eligible to set my reverse DNS with them, as I don’t “own a dedicated IP space” or have access to “add nameservers provided for the zone at your Regional Internet Registry (RIR).”

• Please correct me if I’m wrong about this!

My questions

• Did my editing of the network interfaces file contribute to my ISP seeing my domain name as valid?
• Are there further edits I could make to my etc/network/interfaces file to make my ISP’s Reverse DNS attempt more successful?
• is my ISP just terrible (based on above), and perhaps I should just give up on trying with them?
• Are there any of my ISPs recommendations you would definitely discard or try?
• Based on this thread, would appending a “/32” on the end of either my public IP or yunohost IP be likely to make the Reverse DNS attempt at my ISP work?
• @tituspijean Does Reverse DNS via Dynamic DNS service seems workable/viable, based on the information I shared above from dyn.com?

I am continuing to work on this issue. Any advice or direction or solidarity while I do so would be greatly appreciated.

No, cf. my answer about public IP addresses above: only the entity (here, your ISP) giving you your public IP address can set your reverse DNS record.

No, cf. my answer about public IP addresses above. (Am I annoyed? yes, a tad )

Based on

they have only successfully set up Reverse DNS for .net and .com domain names in the past

I would say yes, they are just terrible. It might be due to the fact that you are using a “novelty” .link top level domain, but still, they should account for it.

I am not aware of Australia’s ISP market, sorry.

The “192.168.1.0/24” is a subnetwork CIDR notation. It’s used by routers for IP assignment. The one I gave for example means “all addresses between 192.168.1.1 and 192.168.1.254”.
That is irrelevant to your matter.

No, cf. my answer about public IP addresses above.
But I am a bit worried now, since you mention using a DynDNS service, but refer to having a “public facing sticky IP assigned to [your] internet connection”. What’s the point of a DynDNS service then?

If your ISP is of no help, then my proposal to use an SMTP relay on a VPS still applies.

Hi @tituspijean , thank you for your patience and continued attention.

Re this, and repeated ‘refer to above’ comments:

We have a misunderstanding. I am NOT asking if my settings allow set up of Reverse DNS.
I am asking if my altered settings could contribute to my set up appearing differently in their diagnostic checks.

The call center person kept saying things like “this domain didn’t show up before in reverse DNS lookup, what did you change?” I suspected:

• they could have just not tried before OR
• perhaps, just perhaps, there was some possibility that something about my edited settings changed what they saw in their checks.

Which reminds me… I did change the yunohost server from an ‘exposed host’ on the system to properly opening all the ports.

It is an irrelevant point now, since my questions were trying to parse how much of this issue - if any - I have contributed to, and how much is that my ISP is just terrible.

The important thing is: I have learned from past posts and you are not wasting your time engaging with me.

Good to know, thank you!

Re this:

I am NOT asking for names of ISP companies here. I am referring to recommendations my ISP gave me to try. See below:

Given that we have established they are awful, I will not follow everything they say. But I asked if anything on this list of suggestions jumped out as useful to someone with more technical knowledge.

Re Dynamic DNS

We agree my ISP is terrible.
I set up dynamic dns because:

• the ISP has no documentation about how sticky their IP is, how often it would change etc
• I don’t trust them
• I have the capacity to set up many technical things now, but will not later (hello, fluctuating capacity because disability ).

It seemed easier at the time to set up and troubleshoot dynamic dns setup now, rather than have surprises later - when the IP address changes and that break things at a time when I don’t have capacity to edit technical settings.

It’s a valid point to think about. Perhaps I can risk everything breaking later to have more working now.

To the best of my knowledge, reverse DNS settings are independent from whether or not your server is accessible from the Internet. I do not know why it suddenly appeared in their lookup. (Or I have a fundamental misunderstanding of the rDNS, and then I should STFU. xD)

My bad, sorry, I indeed misread your sentence. Let’s analyse them:

• My dynamic DNS service is probably not contributing to this error (dynv6.com)

Correct.

• they have only successfully set up Reverse DNS for .net and .com domain names in the past

That’s worrying, cf. my previous message.

• They don’t have any publicly available reverse DNS information for their service

Too bad, which confirms that they do not have a self-service for you to configure that alone.

• Perhaps my DNS provider - Cloudflare.com - has some support information regarding reverse dns settings that will help.

To the best of my knowledge, it’s up to the entity providing the public IP address of the SMTP server to set up the reverse DNS. Cloudflare cannot help you here, as you concluded before.

Looking back to your question above, it seems that Cloudflare does not offer email relay, but rather email routing, where (I guess, I have not looked further in the technicals) the MX record of the domain point to their own server. Then you can setup email redirections (i.e. routing) to other email addresses. That would not be compatible with YunoHost.

It totally makes sense.

I think the email relay thing is the best thing for you to completely setup your email stack. I would have a look into Scaleway’s Stardust instances (if they have any in stock… it’s only less than 1€ per month on IPv6 only), or another smallest VPS available on your market. You would only need it for email relaying, so the minimal specs are enough.

There is also the possibility that you can host your emails outside your home. For example, your .link domain provider might offer hosting your emails along with it (I know OVH does it, again only speaking about the only two providers I have experienced). You could then use an app like Cypht on YunoHost or simply Thunderbird on your computer to remotely connect not to your YunoHost email server, but your domain name provider’s.

Update! A little progress

Never! Even when I am wrong, the conversation is still revealing and helpful. I’m sure the same would apply for you.

That’s ok! I appreciate the journey.

This makes sense, thank you for clarifying and being patient t with my learning curve.

Updates on possible options:
I now have a Scaleway account (@tituspijean thanks for the tip!), and am waiting for a Stardust instance to become available.
My domain name provider (Namecheap) does have an email relay service, but comparable price to Scaleway, and much more restricted - only one email address and 1GB max. So this is not a viable option for me.
Proton Mail seems like a popular option for email relay. Paid and platformy though - price includes many things I don’t want or need. So no good for me.
Experiment with Reclaim Hosting. I have a 2GB server space on Reclaim Hosting (US$30/year, https://reclaim.hosting). I’m currently trying to make the email setup instructions above work on this server.

Update: disabling dynamic dns service (dynv6.com) and changing etc/network/interfaces file made my Yunohost inaccessible via SSH and web

Error when I attempt to SSH:

ssh: connect to host nqo.link port 22: Network is unreachable

Error when I attempt to load in web browser from local network:

Safari can’t connect to the server “nqo.link”

I removed all entries in etc/network/interfaces related to the dynamicdns service. It now looks like this:

auto lo
iface lo inet loopback

allow-hotplug eth0
iface eth0 inet static
address 12.168.188.30
gateway 192.168.188.1

I ran diagnostics on the yunohost command line, and everything seems fine except for

• internet connectivity (new issue)
• reverse DNS (known previous issue)

Things I have tried

• Attempt Many configurations of settings in the etc/network/interfaces file - result: no restoration of connectivity
• Attempt searching yunohost forum for other solutions, trial and error using those examples. result: no restoration of connectivity
• Attempt checking my open ports on router - all unchanged, see earlier post with screenshot. result: all ports open to internet
• Attempt DNS lookup check from website. result: nqo.link points to my isp’s external ip address fine, same as before
• Attempt try accessing the server from web client outside network. result: same error about not finding server
• Attempt double check my internet connection is working. result it is.
• Attempt ran yunohost diagnostics in human readable mode. result a lot of helpful looking information, but in VirtualBox I can’t scroll to see the full diagnostic information… only the last screen worth of information is visible to me.

My thinking

All these tests narrow it down to the network interfaces file being the source of internet connectivity failure (which I suspected, but now I am certain).

My questions

• Does anyone - @aleks @tituspijean maybe? - see anything majorly wrong with the etc/network/interfaces file?
• Is there a way to reset the etc/network/interfaces file to default settings?
• Is there a way anyone can share to scroll in the command line interface of yunohost?

I know these questions aren’t directly related to yunohost. I’m hoping that, since there are many related questions on the forum, that someone has a solution or answer that ultimately helps yunohost run smoothly, for me and others.

Thanks for reading, as always!

Why did you do that? It has almost nothing nothing to do with what we discussed before.

Should be starting with 192

No really, though you could set it up to use your router’s DHCP server to assign it an IP address. Static is fine too.

I do not understand the question.

Eeek, that was a data entry typo to the forum. It starts with 192 in my interfaces file. If only the solution to my YH server internet connectivity were that simple!

Reasons:

• I found some documentation about etc/network/interfaces settings that may affect my ISPs ability to recognise my IP as valid.
  • dns-search - when domain is added after, it shows the domain in reverse lookups
  • dns-domain - another extra way to associate domain with IP address
• Before testing the above, I was:
  • removing the dyndns dependency so I could safely remove the settings interface settings it needs to work
  • attempting to reduce my interfaces file to basic YH settings
• My ISP have now confirmed my IP is more static than sticky. They only change it after I give consent.
• Attempting to make the setup simpler overall.

My router has assigned the YH server an address! That is the one ending “.30”

I changed the settings from static to DHCP and restarted networking (using sudo systemctl restart networking), but still no change.

The YH virtual machine is a black box of command line information. It is similar to terminal on a computer, except that I can’t scroll back to previously shown commands and information. I can read and use what is currently visible on the YH window provided via VirtualBox. This is fine for me mostly.
But when I run any diagnostics and need to read output for more than one screen, I can’t scroll up to see anything beyond the last screen of output. No mouse movement or keyboard entry I know or have found from searching makes the diagnostic report scroll up to the earlier parts of the diagnostic report.

Ideal outcome for navigating YH would be:

• that I find a way to go to the top of the diagnostic report, then read it from top to bottom, OR
• find a way to export/print the diagnostic report to a pdf on the host machine desktop (my old Mac mini).

Update: Internet connectivity is working
Docs: Using the Chapter 5. Network setup referred to in etc/network/interfaces.
The problem I found a mismatch in my settings as below:
From the docs:

For example, “/etc/hosts” looks like the following.

127.0.0.1 localhost
127.0.1.1 host_name

The host_name matches the hostname defined in the “/etc/hostname”.

My settings, that don’t match what is recommended:
/etc/hostname:

nqo.link

/etc/hosts:

127.0.0.1 localhost
127.0.1.1 yunohost.yunohost.org yunohost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

127.0.0.1 nqo

Steps taken to restore internet connectivity

1. I changed hostname in /etc/hostname to:

yunohost

2. Changed etc/network/interfaces file to:

source /etc/network/interfaces.d/*

#The loopback network interface
auto lo
iface lo inet loopback

#The primary network interface
allow-hotplug enp0s3
iface enp0s3 inet dhcp
address 192.168.188.30
netmask 255.255.255.0
gateway 192.168.188.1
dns-nameservers 192.168.188.1 8.8.8.8

2. Restarted networking with

sudo systemctl restart networking

3. Restarted router/Fritzbox
4. Restarted YH virtual machine

Result I can now access my YH box via SSH and web again.

Next steps

1. Create fully qualified domain name by adding below line to etc/network/interfaces from explanation here:

dns-search nqo.link

2. Figure out how to enter cloudflare’s nameservers (my DNS records are hosted at cloudflare.com) into my settings without breaking connectivity again. The cloudflare nameserver details are:

• audrey.ns.cloudflare.com
  • 162.159.38.66
  • 108.162.194.66
  • 172.64.34.66
• edward.ns.cloudflare.com
  • 162.159.44.210
  • 108.162.195.210
  • 172.64.35.210

Previously I tried adding these to the ‘dns-nameservers’ line of etc/network/interfaces, which broke connectivity. This tells me I haven’t learned enough about the setup yet.

Questions

• Does anyone have tips for how to get remotely-hosted nameservers into yh settings without breaking yunhost?
• Does yunohost need yunohost to be specified in /etc/hosts and /etc/hostnames to work?
• Is it safe/common/ok to change the IP in etc/hosts, as per this recommendation from the chapter 5 docs (see below)?

For a system with a permanent IP address, that permanent IP address should be used here instead of 127.0.1.1.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.