TAMI - wiki

User Tools

Site Tools

Trace:

Sidebar

tamiwiki:internal:procedures:todo

This is an old revision of the document!

TODO

all the things we need to get done currently

Old wiki link https://wiki.telavivmakers.org/index.php/Todo

  1. We need to address the Diagnosis results of Yunohost

https://paste.yunohost.org/raw/xaholesagi

The full output:

Base system (basesystem)

[INFO] Server hardware architecture is kvm amd64

  1. Server model is QEMU Standard PC (i440FX + PIIX, 1996)

[INFO] Server is running Linux kernel 5.10.0-21-amd64

[INFO] Server is running Debian 11.6

[INFO] Server is running YunoHost 11.1.12.2 (stable)

  1. yunohost version: 11.1.12.2 (stable)
  2. yunohost-admin version: 11.1.6 (stable)
  3. moulinette version: 11.1.4 (stable)
  4. ssowat version: 11.1.4 (stable)

Internet connectivity (ip)

[WARNING] DNS resolution seems to be working, but it looks like you're using a custom /etc/resolv.conf.

  1. The file /etc/resolv.conf should be a symlink to /etc/resolvconf/run/resolv.conf itself pointing to 127.0.0.1 (dnsmasq). If you want to manually configure DNS resolvers, please edit /etc/resolv.dnsmasq.conf.

[SUCCESS] The server is connected to the Internet through IPv4!

  1. Global IP: xx.xx.xx.xx
  2. Local IP: 10.81.2.235

DNS records (dnsrecords)

[ERROR] Some DNS records are missing or incorrect for domain domain2.tld (category basic)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. The following DNS record does not seem to follow the recommended configuration:

Type: A 

  Name: @
  Current value: 178.62.253.232
  Expected value: xx.xx.xx.xx

[WARNING] Some DNS records are missing or incorrect for domain domain2.tld (category mail)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. The following DNS record does not seem to follow the recommended configuration:

Type: MX 

  Name: @
  Current value: 50 mail.telavivmakers.org.
  Expected value: 10 domain2.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: TXT
  Name: mail._domainkey
  Value: "v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtmpRptLU5Y4aUIBDwDq9zFo1KOHgYT753+lKaEmGWyWsFT4lekgFOMqbZLDOO/Trd/yNkudIpka36dv8/IidKn5KiH63PMDmIVxHQ8I6rnwp31u0KEUD1fYWyQyzCGIV/2Qb7AbhccE0WnV6KQcG9lTo2nR2+a7hwAH2SIsYQEQIDAQAB"
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: TXT
  Name: _dmarc
  Value: "v=DMARC1; p=none"

[WARNING] Some DNS records are missing or incorrect for domain domain2.tld (category extra)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. According to the recommended DNS configuration, you should add a DNS record with the following info.

Type: A 

  Name: *
  Value: xx.xx.xx.xx
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: CAA
  Name: @
  Value: 0 issue "letsencrypt.org"

[SUCCESS] DNS records are correctly configured for domain domain3.tld (category basic)

[WARNING] Some DNS records are missing or incorrect for domain domain3.tld (category mail)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. According to the recommended DNS configuration, you should add a DNS record with the following info.

Type: MX 

  Name: space
  Value: 10 domain3.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: TXT
  Name: space
  Value: "v=spf1 a mx -all"
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: TXT
  Name: mail._domainkey.space
  Value: "v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD04H6rxcK53yGNQtrooPPAbX8uW4E7JG2VYHcZyfgVMEmazaQgnZfRHGJ2AyX0nNLjkO87SXwszxaj9RrSRr+UdSI1C8H4lTfhSskkEgMHVeljJyvatW3xkcusJXcmnFAv+UBY5m2eK/ZJomB8LJnnyFKzLu5wOd2RbODgeqktxQIDAQAB"
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: TXT
  Name: _dmarc.space
  Value: "v=DMARC1; p=none"

[WARNING] Some DNS records are missing or incorrect for domain domain3.tld (category extra)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. According to the recommended DNS configuration, you should add a DNS record with the following info.

Type: A 

  Name: *.space
  Value: xx.xx.xx.xx
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: CAA
  Name: space
  Value: 0 issue "letsencrypt.org"

[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category basic)

[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category mail)

[WARNING] Some DNS records are missing or incorrect for domain maindomain.tld (category xmpp)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. According to the recommended DNS configuration, you should add a DNS record with the following info.

Type: SRV 

  Name: _xmpp-client._tcp
  Value: 0 5 5222 maindomain.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: SRV
  Name: _xmpp-server._tcp
  Value: 0 5 5269 maindomain.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: CNAME
  Name: muc
  Value: maindomain.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: CNAME
  Name: pubsub
  Value: maindomain.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: CNAME
  Name: vjud
  Value: maindomain.tld.
- According to the recommended DNS configuration, you should add a DNS record with the following info.
  Type: CNAME
  Name: xmpp-upload
  Value: maindomain.tld.

[WARNING] Some DNS records are missing or incorrect for domain maindomain.tld (category extra)

  1. Please check the documentation at https://yunohost.org/dns_config if you need help configuring DNS records.
  2. According to the recommended DNS configuration, you should add a DNS record with the following info.

Type: CAA 

  Name: @
  Value: 0 issue "letsencrypt.org"

[SUCCESS] Your domains are registered and not going to expire anytime soon.

  1. telavivmakers.org expires in 716 days.
  2. maindomain.tld expires in 355 days.

Ports exposure (ports)

[SUCCESS] Port 22 is reachable from the outside.

  1. Exposing this port is needed for admin features (service ssh)

[SUCCESS] Port 25 is reachable from the outside.

  1. Exposing this port is needed for email features (service postfix)

[ERROR] Port 53 is not reachable from the outside.

  1. Exposing this port is needed for [?] features (service adguardhome)
  2. To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config

[SUCCESS] Port 80 is reachable from the outside.

  1. Exposing this port is needed for web features (service nginx)

[SUCCESS] Port 443 is reachable from the outside.

  1. Exposing this port is needed for web features (service nginx)

[SUCCESS] Port 587 is reachable from the outside.

  1. Exposing this port is needed for email features (service postfix)

[SUCCESS] Port 993 is reachable from the outside.

  1. Exposing this port is needed for email features (service dovecot)

[SUCCESS] Port 5222 is reachable from the outside.

  1. Exposing this port is needed for xmpp features (service metronome)

[SUCCESS] Port 5269 is reachable from the outside.

  1. Exposing this port is needed for xmpp features (service metronome)

[ERROR] Port 5349 is not reachable from the outside.

  1. Exposing this port is needed for [?] features (service coturn-synapse)
  2. To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config

[SUCCESS] Port 8448 is reachable from the outside.

  1. Exposing this port is needed for [?] features (service matrix-synapse)

Web (web)

[SUCCESS] Domain domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain domain3.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain docs.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain element.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain git.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain hass.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain matrix.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain nextcloud.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain pad.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain sandbox-pad.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain tor.maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain vault.maindomain.tld is reachable through HTTP from outside the local network.

Email (mail)

[SUCCESS] The SMTP mail server is able to send emails (outgoing port 25 is not blocked).

[SUCCESS] The SMTP mail server is reachable from the outside and therefore is able to receive emails!

[ERROR] Reverse DNS is not correctly configured for IPv4. Some emails may fail to get delivered or be flagged as spam.

  1. Current reverse DNS: domain3.tld

Expected value: maindomain.tld

  1. You should first try to configure reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting providers may require you to send them a support ticket for this).
  2. Some providers won't let you configure your reverse DNS (or their feature might be broken…). If you are experiencing issues because of this, consider the following solutions:
    1. Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    2. A privacy-friendly alternative is to use a VPN *with a dedicated public IP* to bypass this kind of limits. See https://yunohost.org/#/vpn_advantage
    3. Or it's possible to switch to a different provider

[SUCCESS] The IPs and domains used by this server do not appear to be blacklisted

[SUCCESS] 1 pending emails in the mail queues

Services status check (services)

[SUCCESS] Service adguardhome is running!

[ERROR] Service coturn-synapse is failed :(

  1. You can try to restart the service, and if it doesn't work, have a look at the service logs in the webadmin (from the command line, you can do this with 'yunohost service restart coturn-synapse' and 'yunohost service log coturn-synapse').

[SUCCESS] Service cryptpad is running!

[SUCCESS] Service dnsmasq is running!

[SUCCESS] Service dovecot is running!

[SUCCESS] Service fail2ban is running!

[SUCCESS] Service gitea is running!

[SUCCESS] Service homeassistant is running!

[SUCCESS] Service matrix-synapse is running!

[SUCCESS] Service mautrix_telegram is running!

[SUCCESS] Service metronome is running!

[SUCCESS] Service mysql is running!

[SUCCESS] Service nginx is running!

[SUCCESS] Service php7.4-fpm is running!

[SUCCESS] Service php8.1-fpm is running!

[SUCCESS] Service postfix is running!

[SUCCESS] Service postgresql is running!

[SUCCESS] Service redis-server is running!

[SUCCESS] Service rspamd is running!

[SUCCESS] Service slapd is running!

[SUCCESS] Service ssh is running!

[SUCCESS] Service vaultwarden is running!

[SUCCESS] Service yunohost-api is running!

[SUCCESS] Service yunohost-firewall is running!

[SUCCESS] Service yunomdns is running!

System resources (systemresources)

[SUCCESS] The system still has 18 GiB (93%) RAM available out of 20 GiB.

[SUCCESS] The system has 976 MiB of swap!

  1. Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device.

[SUCCESS] Storage / (on device /dev/mapper/system-root) still has 37 GiB (81%) space left (out of 45 GiB)!

[SUCCESS] Storage /boot (on device /dev/sda1) still has 109 MiB (51%) space left (out of 213 MiB)!

System configurations (regenconf)

[SUCCESS] All configuration files are in line with the recommended configuration!

Applications (apps)

[SUCCESS] All installed apps respect basic packaging practices

QR Code for page, do not delete

tamiwiki/internal/procedures/todo.1678052774.txt.gz · Last modified: 2023/03/05 23:46 by 444b

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki