Table des matières

Installation de Yunohost sur Debian Buster

Yunonhost n'est pas prêt pour Debian Buster. Le support pour Debian Buster devrait arriver avec la version 4.

Installation

Le script d'installation par défaut n'est pas encore compatible Buster :

root@ns334945:/home/debian# curl https://install.yunohost.org | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 22359  100 22359    0     0   160k      0 --:--:-- --:--:-- --:--:--  161k
[FAIL] YunoHost is only available for the version 9 (Stretch) of Debian, you are using '10.3'.
[INFO] Installation logs are available in /var/log/yunohost-installation_20200406_180639.log

On doit passer par le script de la branche buster-unstable :

# curl https://raw.githubusercontent.com/YunoHost/install_script/buster-unstable/install_yunohost | bash
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 21962  100 21962    0     0  66957      0 --:--:-- --:--:-- --:--:-- 66753
[INFO] Running upgrade_system
[INFO] Running install_script_dependencies
[INFO] Running create_custom_config
[INFO] Running confirm_installation
[INFO] Running manage_sshd_config
[INFO] Running fix_locales
Generating locales (this might take a while)...
  en_US.UTF-8... done
Generation complete.
[INFO] Running setup_package_source
[INFO] Running apt_update
[INFO] Running register_debconf
[INFO] Running workarounds_because_sysadmin_sucks
[INFO] Workaround for avahi : creating avahi user with uid 535
[INFO] Running install_yunohost_packages
[INFO] Running restart_services
[INFO] Installation logs are available in /var/log/yunohost-installation_20200407_064413.log
[ OK ] YunoHost installation completed !
===============================================================================
You should now proceed with Yunohost post-installation. This is where you will
be asked for :
  - the main domain of your server ;
  - the administration password.
 
You can perform this step :
  - from the command line, by running 'yunohost tools postinstall' as root
  - or from your web browser, by accessing : 
    - https://XX.YY.WW.ZZ/ (global IP, if you're on a VPS)
 
If this is your first time with YunoHost, it is strongly recommended to take
time to read the administator documentation and in particular the sections
'Finalizing your setup' and 'Getting to know YunoHost'. It is available at
the following URL : https://yunohost.org/admindoc
===============================================================================

On dirait que tout s'est bien passé jusqu'ici.

Post-installation

Prérequis : Un nom de domaine qui pointe vers le serveur.

On peut le faire depuis la page web ( https://XX.YY.WW.ZZ/yunohost/admin/#/postinstall ) :

Ou depuis la ligne de commande :

# yunohost tools postinstall
Main domain: azerty.xyz
You are now about to define a new administration password. The password should be at least 8 characters long—though it is good practice to use a longer password (i.e. a passphrase) and/or to use a variation of characters (uppercase, lowercase, digits and special characters).
New administration password: 
Confirm new administration password: 
Info: Installing YunoHost…
Info: The configuration file '/etc/nsswitch.conf' is now managed by YunoHost (category nsswitch).
Success! Configuration updated for 'nsswitch'
Info: The configuration file '/etc/nslcd.conf' is now managed by YunoHost (category nslcd).
Success! Configuration updated for 'nslcd'
Success! LDAP initialized
Success! Configuration updated for 'ssl'
Success! Local certification authority created.
Success! Self-signed certificate now installed for the domain 'artanux.be'
Success! Domain created
Success! The main domain has been changed
Info: Your root password have been replaced by your admin password.
Success! The administration password was changed
Success! Firewall reloaded
Success! App catalog system initialized!
Info: Updating application catalog…
Success! The application catalog has been updated!
Synchronizing state of yunohost-firewall.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable yunohost-firewall
Created symlink /etc/systemd/system/multi-user.target.wants/yunohost-firewall.service → /lib/systemd/system/yunohost-firewall.service.
Success! The service 'yunohost-firewall' will now be automatically started during system boots.
Success! Service 'yunohost-firewall' started
Info: The configuration file '/etc/metronome/metronome.cfg.lua' is now managed by YunoHost (category metronome).
Success! Configuration updated for 'metronome'
Success! Configuration updated for 'nginx'
Info: The configuration file '/etc/postfix/master.cf' is now managed by YunoHost (category postfix).
Info: The configuration file '/etc/postfix/main.cf' is now managed by YunoHost (category postfix).
Info: The configuration file '/etc/default/postsrsd' is now managed by YunoHost (category postfix).
Success! Configuration updated for 'postfix'
Success! Configuration updated for 'yunohost'
Success! Configuration updated for 'rspamd'
Info: The configuration file '/etc/default/dnsmasq' is now managed by YunoHost (category dnsmasq).
Info: The configuration file '/etc/dnsmasq.conf' is now managed by YunoHost (category dnsmasq).
Success! Configuration updated for 'dnsmasq'
Info: The configuration file '/etc/fail2ban/jail.conf' is now managed by YunoHost (category fail2ban).
Success! Configuration updated for 'fail2ban'
Info: The configuration file '/etc/mysql/my.cnf' is now managed by YunoHost (category mysql).
Success! Configuration updated for 'mysql'
Info: The configuration file '/etc/avahi/avahi-daemon.conf' is now managed by YunoHost (category avahi-daemon).
Success! Configuration updated for 'avahi-daemon'
Info: The configuration file '/etc/dovecot/dovecot.conf' is now managed by YunoHost (category dovecot).
Success! Configuration updated for 'dovecot'
Success! Configuration updated for 'slapd'
Info: The configuration file '/etc/ssh/sshd_config' is now managed by YunoHost (category ssh).
Success! Configuration updated for 'ssh'
Success! YunoHost is now configured
Warning: The post-install completed! To finalize your setup, please consider:
    - adding a first user through the 'Users' section of the webadmin (or 'yunohost user create <username>' in command-line);
    - diagnose potential issues through the 'Diagnosis' section of the webadmin (or 'yunohost diagnosis run' in command-line);
    - reading the 'Finalizing your setup' and 'Getting to know Yunohost' parts in the admin documentation: https://yunohost.org/admindoc.

Finaliser l'installation

On ne peut pas y accéder depuis le nom de domaine (certificat auto-signé, Firefox est pas content…) mais je peux toujours y accéder depuis l'IP ( https://XX.YY.WW.ZZ/yunohost/admin/#/ ) :

Créer un utilisateur

On peut passer par l'interface web ou créer un compte depuis le terminal :

# yunohost user create monUser

Faire un diagnostic

# yunohost diagnosis run
Error: Diagnosis failed for category 'basesystem': Command 'systemd-detect-virt' returned non-zero exit status 1
Warning: Found 1 item(s) that could be improved for Internet connectivity.
Error: Found 2 significant issue(s) related to DNS records!
Success! Everything looks good for Ports exposure!
Success! Everything looks good for Web!
Success! Everything looks good for Email!
Success! Everything looks good for Services status check!
Success! Everything looks good for System resources!
Success! Everything looks good for System configurations!
Success! Everything looks good for Security checks!
Info: You can run 'yunohost diagnosis show --issues' to display the issues found.

Voir le détail des problèmes trouvés :

# yunohost diagnosis show --issues
Warning: No diagnosis cache yet for category 'basesystem'
reports: 
  0: 
    description: Internet connectivity
    id: ip
    items: 
      status: WARNING
      summary: The server does not have working IPv6.
  1: 
    description: DNS records
    id: dnsrecords
    items: 
      0: 
        details: The DNS record with type A and name * does not match the recommended configuration. 
        (...)

Pas d'IPv6, je survivrai.

Le problème de configuration DNS est normal, je n'ai pas encore mis à jour la zone DNS.

DNS

Documentation: https://yunohost.org/#/dns_config

On peut voir la configuration DNS recommandée sur l'interface web ou dans le terminal.

# yunohost domain dns-conf azerty.xyz

Certificat Let's Encrypt

Je me suis connecté sur l'interface web pour créer un certificat pour mon domaine principal.

Installer une application

Nextcloud

J'ai essayé d'installer nextcloud (que j'aimerais beaucoup migrer sur Yunohost pour me simplifier la vie…) mais ça coince. (https://paste.yunohost.org/raw/ucihoguriw)