My YunoHost server

Hardware: Raspberry Pi 4B at home
YunoHost version: 11.2.9.1
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

EN

Description of my issue

Hello, and thank you for taking your time for this piece of art.

I have a bug which is recurrent but not always actif. I think it could be linked to my computer IP ban or something.

Some times,

after tweaking : installing new app on new sub-domain or simply after using peertube / nextcloud for a while on my computer (macbook m1)

I get,

an issue on my brower (mozilla V 80+ or chromium last update or safari last update also) : SSL_ERROR_RX_RECORD_TOO_LONG
I’m almost sure that this issue is due to the fail2ban or relatif to my IP. Because I still get acces with my phone and my sister also get acces on her computer far far away ! ^^’

I have the diagnosis showing fail2ban after lot of auth fail. I think this is due to my computer turning often in sleeping mode which ssh open on the terminal.

Any Idea to solve this issue ?

an other little question meanwhile :

https://peertube.florentcurk.com/ is my peertube server.
I’d like to change of domain and registar also, I could keep my yunohost as is ? I understand that my fediverse tag will be an other one and will loose the link to notification or other.

FR

Description du problème

Salut et merci de prendre votre temps pour faire vivre cette perle !

j’ai un problème récurrent mais pas toujours “actif”. Je pense que c’est lié à mon adresse IP qui est ban ou truc du genre !

Quelques fois,

Après avoir fait des réglages : installer une nouvelle app sur un nouveau sous-domaine ou just utiliser peertube longtemps sur mon ordi (macbook m1)

Je me retrouve,

avec un problème d’authentification SSL sur mon ordi (que ça soit firefox à jour, safari à jours ou chromium à jour) : SSL_ERROR_RX_RECORD_TOO_LONG
Je suis quasi sûr que ça vient d’un problème de fail2ban, du moins relatif à mon IP. Car j’y ai accès avec mon téléphone et ma soeur avec son ordi.

J’ai d’ailleurs dans le diag fail2ban qui me dit qu’il y a un grand nombre d’echec d’authentification. Je pense que c’est due à mon ordi qui se met en veille, car j’ai ce problème depuis le début, après 2h d’utilisation de yunohost.

une idée pour résoudre ce problème ?

une autre petite question en passant :

https://peertube.florentcurk.com/ est mon serveur avec peertube.
J’aimerais changer de nom de domaine et de registar dans le futur. Pourrais-je garder mon yunohost tel quel ? Je comprend que mon id fediverse sera mort et donc les notif avec.

Merci beaucouppp !
Thanks a looot !

Hi CptCurk,

I have not experienced the error myself, but a search gives some results indicating that an unencrypted answer was given on a HTTPS-URL:

• SSL_ERROR_RX_RECORD_TOO_LONG nginx - Help - Let's Encrypt Community Support
• SSL_ERROR_RX_RECORD_TOO_LONG Using Nginx reverse proxy and certbot - Server Fault

In both cases the cause is in a manually created nginx-configuration. On the other hand: Why this would happen on your Yunohost, and only sometimes: no idea.

There was another suggestion five years ago, to disable TLS 1.3, but that should not be necessary (or advisable) nowadays.

I don’t think it is related to fail2ban-bans. In the context of sleeping mode: maybe the session to eg. Nextcloud is closed, with the site still open?

You can keep your Yunohost as-is, but once you lose the domain, the currently configured apps will not receive any visitors anymore. Once you register a new domain, say florent.video, and configure it on your Yunohost, you can move applications from the old domain to the new one.

Keep in mind that not all apps support reconfiguration of the domain: in that case you need to install a new instance (possibly after removing the original instance). I lost my Peertube installation, I can’t remember whether Peertube offered the option.

As an aside: you can keep the domain and move the domain to another registrar in case you’re happy with the domain but don’t like the registrar.

Thanks for sharing, nice films!

Haha thank you a lot !

I have done quite a lot of research myself, and tried everything for firefox and chromium to get the TLS 1.3 stuff working. But anything seem to work. And as it’s only on my main computer and not my phone neither other computer from the house, it looks like it’s really related to some IP… But I really don’t know !

May be I just have to wait for my VPN. It’s coming soon !

But if someone has a idea of what it could be, that would be really great !

From what I understand, peertube is not able to move domain. So I’ll wait !

Thanks for your answer !

Okay…
I got my VPN working, and then I realized something.
I got a second VPN for my computer that’s always online : windscribeVPN.

Basicly I guess that’s what’s make my url not working. I don’t know why, nor if it’s true, but it look that could be the issue.

Nooooooo

The fact that your traffic passes through VPN should not make a difference to SSL traffic, as long as nothing funny happens during the ride through the tunnel.

Anyway, now that you realized this, you can tune your troubleshooting to it. I guess windscribe support split tunneling, so you could visit your own sites without VPN.

Okay, windscribe did have split tunelling. I enable it and then it was kinda working.

In the same time, I received my VPN. And I have an other trouble… I’ll open a new ticket !

Thanks a lot for this help, I considere this one close !

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.