YunoHost with a private TLD in a private network

Sanook · August 21, 2025, 7:27pm

What type of hardware are you using: Virtual machine
What YunoHost version are you running: 12.1.14
How are you able to access your server: The webadmin
SSH
Direct access via physical keyboard/screen
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: using the private nameserver in /etc/resolv.conf

Describe your issue

YunoHost 12.1 is running on 192.168.0.12 = yuno12.it.lan.

When adding a subdomain I get:

yunohost domain add webmin.yuno12.it.lan

WARNING Could not identify correctly the dns zone for domain yuno12.it.lan, returning it.lan

The more subdomains there are, the more often the warning appears and the longer the command takes.

Question: What exactly should I do to get rid of these warnings (private LAN, private TLD .lan)?

Thank you!

Share relevant logs or error messages

WARNING Could not identify correctly the dns zone for domain yuno12.it.lan, returning it.lan

tituspijean · August 22, 2025, 4:48am

.lan is not a private TLD according to the standards, hence the warnings. Official private TLD are .local (but reserved for mDNS), .test, .home.arpa, and .internal.

I personally use this last one for a VPN with Headscale.

If you still want to use .lan, you will have to hack into YunoHost’s code every time YunoHost is upgraded. The list of special TLD is in /usr/lib/python3/dist-packages/yunohost/utils/dns.py on line 29, add yours in there.

Sanook · August 22, 2025, 1:15pm

Thank you, that worked for me. The line looks like this now:

SPECIAL_USE_TLDS = ["lan", "home.arpa", "internal", "local", "localhost", "onion", "test"]

What is different at the “SPECIAL_USE_TLDS”? Is this line mandatory for private TLDs?

I found out that just a SOA record for “it.lan” also let the WARNING disappear:

root@yuno12:~# dig NS lan +short
dns.it.lan.
root@yuno12:~# dig NS it.lan +short
dns.it.lan.
root@yuno12:~# dig SOA lan +short
dns.it.lan. admin.it.lan. 2508221339 21600 3600 3542400 3600
root@yuno12:~# dig SOA it.lan +short
dns.it.lan. admin.it.lan. 2508221356 21600 3600 3542400 3600

RFC 6762: Multicast DNS mentions:

.intranet .internal .private .corp .home .lan

OniriCorpe · August 25, 2025, 6:29am

.lan isn’t a Special-Use Domain Names according to the IANA:

You can use it if you want but its usage is not standardized and can lead to issues like the one you’re experiencing with YunoHost

Sanook · August 25, 2025, 12:14pm

I have already figured that out. However, if the main domain has an official FQDN that is accessible from outside, there should be no issues.

What a private domain should and should not be is open to debate:

But I would appreciate it if a private TLD could be configured, because otherwise I have to patch dns.py after every update.

system · September 24, 2025, 12:14pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.