Cloudron Forum

@AartJansen for new apps, AAAA is automatically added. For existing apps, go to Domains -> Sync DNS.

@AartJansen Ah ok, looks like a limitation of the domain host. You can also just create entries for each (sub)domain you use. If you have an app at foo.domain.com, create an AAAA record for that subdomain. Repeat for every app. You should also switch to "manual" instead of "wildcard" DNS provider for this. It will remind you to setup A/AAAA records manually when you install an app.

@girish said in IPv6 in automated DNS propagation: After enabling, click the sync DNS button to make it add the AAAA records for existing apps. This is what I missed. Thank you so much! Everything works fine now

@MisterJD see https://forum.cloudron.io/post/40906 and https://www.simplified.guide/ssh/auto-block-failed-attempts

Thanks for the reply @MooCloud_Matt! Proxmox is set to bridge and works with ipv4 without any problem. But the problem is probably elsewhere, I tried opening the ipv6 test page on my laptop and it said my provider doesn't support ipv6, which is bullshit. I actually have two public ipv6s assigned from it. So I would need to somehow run the installation with only ipv4, is it possible to do that? [image: Sn-mek-obrazovky-z-2023-01-09-16-07-51.png]

You can try ping6 ipv6.api.cloudron.io and see if that works. Without it, IPv6 won't work.

@krumel thanks!

Also, please check if your router supports hairpinning https://en.wikipedia.org/wiki/Network_address_translation#NAT_loopback . This is what loops back a request to a public IP back into your private network.

@nebulon hey there, thanks for your reply, cloudron works now for me. maybe it was a dns propagation issue

@girish So I disabled the port forward rule in my router and it resolved the issue. Thank you!

@alexdimarco said in Does cloudron block bogon networks?: One of the wifi networks (I do not have control over) uses bogon IP space for addressing. When connected to this network I cannot access any Cloudron servers. Do they block bogon? If so, how can I white list a network - in specific 100.64.0.0/10? Cloudron blocks nothing by default.

We detect the IP using curl https://api.cloudron.io/api/v1/helper/public_ip . Can you check what this returns and why this doesn't return your public IP? You can also use something like https://whatismyipaddress.com/ which should return the same value.

@hendrikvl It's not a problem to have local network specific configuration in unbound. See https://docs.cloudron.io/networking/#private-dns . As for the motivation, we use unbound because the mail server needs to do DNSBL queries. Most of the DNSBL servers like Zen SpamHaus will not respond if the queries originate from Google/Cloudflare DNS. This forces us to run our own DNS server. The other motivation was also to log DNS lookups by apps to identify any malicious use but we never got around to this (this was initially designed for a setup where we expected all app packages to be done by 3rd party). Finally, the unbound server should not be used much at all because most of the apps should not be querying anything external.

As of now, Im not having this issue anymore. I really dont know what would have caused this. Im thinking of setting up an opnsense firewall, not sure if it would help though

@nebulon I find the solution taking infos from this forum . In fact, I opened port 53 TCP and UDP and Cloudron can resolve domain names. Configuration now is: [image: 1617633691304-firewall-template-resized.png] All seems to working fine... I marked this thread as "Solved"

@nebulon Fantastic, thank you!

@odie Still stuck on this. The culprit is definitely that the usb network card fails to receive its configuration on boot. I cannot get netmanager to configure and initialize it at all. Only the two manual commands seem to work: sudo ip addr add 192.168.9.101/24 dev enxc4411eb4c476 sudo ip link set dev enxc4411eb4c476 up I have tried various thing with network manager, and I've tried adding a config file to systemd-networkd under /etc/systemd/network/ - the only thing I achieved, was to have every network freeze when I inserted the usb ethernet adapter (only to unfreeze as soon as I disconnected it). Tried keeping it disconnected for longer, just to see, but connections were frozen until I unplugged the usb network card. So I had to remove these config files. Can anyone offer suggestions? I don't know where to even look for assistance on this now... Thanks!

Tha @d19dotca said in Why does cloudron block ports?: @cumpal Cloudron expects to be the only one running on the server, so for security reasons it locks it down unless needed by Cloudron or any of the apps on it. If you need to modify it, I think you can just update the firewall rules manually in Ubuntu, though I've not done that part myself as no need for it yet. but hopefully that at least explains why it's locked down. You may want to review the Cloudron docs on security features too. @girish said in Why does cloudron block ports?: In addition to what @d19dotca said, you can whitelist extra ports using https://docs.cloudron.io/networking/#whitelist-ports . Please use this at your own risk, we don't recommend installing other software alongside cloudron . Thanks for these replies! I got them working.

There is an allow list file, but you have to access it from ssh. It should be in the docs.

Thank you all for your answers! Yes i was curious if cloudron did something special with the networking. I will contact the network administrators and try to fix the issue with them.