Hardware: Old laptop (AMD E-450) YunoHost version: YunoHost 11.0.9.12 (stable) I have access to my server : Through SSH | through the webadmin | direct access via keyboard / screen | … Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no, i dont think so
Description of my issue
Howdy partners,
I know my isp blocks port 80 but 443 is open.
I ran shields up at gibson research and 443 is open.
The yunohost ip is in my routers DMZ.
I have been using freedombox but want to try yunohost.
Running diagnosis I have some issues in the DNS records area. I’m guessing letsencrypt wont work till this is fixed.
(snip of diagnosis from DNS records follows…)
Type: CNAME
Name: muc
Current value: xxxxx.nohost.me.nohost.me.
Expected value: xxxxx.nohost.me.
The following DNS record does not seem to follow the recommended configuration:
Type: CNAME
Name: pubsub
Current value: xxxxx.nohost.me.nohost.me.
Expected value: xxxxx.nohost.me.
The following DNS record does not seem to follow the recommended configuration:
So, I guess an autoconfiguration put the tld in twice.???
I tried to include a full YunoPaste but got complant from forum about new users are allowed 5 links.
You can change the domains that are considered as links, so you might be ablo to post a “real” link.
For Let’s encrypt, I’m really not sure but I think that it will need port 80 for the verification before generating the certificate, there might be a way to run around this, but it is somewhere hidden in the forum
I can confirm that port 80 will be needed by Lets Encrypt, there’s no easy way around this without having to tweak stuff a lot
The issue with XMPP CNAMEs records is not related, this is a small bug in Yunohost that we need to dig in at some point, but will only prevent XMPP from working properly, not other part of the system
J’ai la même erreur de Tld qui se répète dans l’enregistrement DNS et cela a pour moi 3 effets trés génants:
SNAPPY Mail ne me permet pas d’envoyer un mail alors qu’il n’y a aucun problème dans le système mail
Let’s encrypt ne marche pas systématiquement
Sur la commande sudo yunohost dyndns update --force après reboot du système, la réponse a été:
Info: Updated needed, going on…
Error: The peer didn’t know the key we used
Info: The operation ‘Update the IP associated with your YunoHost subdomain ‘fppa64.ynh.fr’’ could not be completed. Please share the full log of this operation using the command ‘yunohost log share 20220830-170319-dyndns_update-fppa64.ynh.fr’ to get help
Le fichier log est: https://paste.yunohost.org/raw/ajomogadaj dont la dernière ligne est:
;ADDITIONAL
2022-08-30 19:03:21,842: ERROR - The peer didn’t know the key we used
That is quite annoying. Reading you have used Freedombox before, I guess you already tried: did you ask your ISP whether they can make case-by-case exceptions to their blocking of port 80?
I think the easiest workaround to get Letsencrypt working is to have a VPN (with public IP and non-blocked ports) pointing to your server. The cheapest way to run that might be a light weight VPS, which in some respects defeats the purpose of running a homeserver :-/
As long as you are the only user of the services on your Yunohost, you could import the self signed certificate to receive fewer SSL/TLS-warnings.
I’m trying to use one of my noip dyndns domains…just testing for now.
Isp forbids running any servers. I think port 80 could open if you get a business account. Im trying to have a server for only the cost of electricity.
I dont understand why, but i can get freedombox to work with letsencrypt. Or I tricked my self into thinking it worked.
Maybe they’re using the DNS challenge of Lets Encrypt (which we do not suppport) or I think they have a thing with onion domains (though you probably werent using those ?)
