Cloudron Forum

@potemkin_ai said in can't install cloudron due to unbound issues: It seems like unbound is only used for SpamHause and during setup. If the setup issue will resorted, only SpamHause issue will remain. It's also used for DNS propagation checks (during app install, change location etc) and also verify validity of DNS records for Let's Encrypt. We cannot rely on caching resolvers because they would cache not found (NXDOMAIN) entries for very long periods of time. The recommendation is to keep all the outbound ports open - https://docs.cloudron.io/security/#outbound-ports .

So it turns out DNSSEC is the problem. Unbeknownst to me, the previous registrar had enabled DNSSEC by default, when I transferred the domain some time ago, the records were not removed when the new registrar updated the nameservers. As they don't have DNSSEC management and my DNS resolver doesn't validate DNSSEC, I didn't notice anything was amiss. Thank you for your help with this!

@joseph ah, there you go. I have indeed updated to 24.04, and presumably it was before this instruction was added. Thank you all for the help, guys, all is well now

never mind, I fixed the issue with the IP. I went into GoDaddy and noticed the IP was different, so I changed it back, restarted unbound service and now my dashboard is loading with my domain. Now to restoring all of the apps with my backups.

Hi @girish, I did that step and did a server reboot as the systemctl restart unbound did not work and when it came back up, all was good again! Thank you!

Ah, thanks! I was already running 8.0.5, but the upgrade to 8.0.6 got stuck. /home/yellowtent/box/setup/start.sh came up with an unbound error. I was able to start box manually and start all apps, but the backup volume did not mount. After installing unbound-anchor, I was able to run /home/yellowtent/box/setup/start.sh without errors, and now the backup is working again.

This was because the upgade to mysql didn't complete. apt --fix-broken install completes the upgrade. I guess ubuntu upgrade was somewhat midway? I think https://docs.cloudron.io/guides/upgrade-ubuntu-20/#post-upgrade (though the server was already in Ubuntu 22). After that the update worked.

@girish Thank you! I restarted ubound and it's all good now. Thank you!

@girish Thanks you for your quick answer. Works great now.

@fisi I think @nebulon responded to your ticket from support. If this is the same support ticket, the reason is that your server has 2 NICs and connected to the internal and external network. This is not a problem but the routes are set up incorrectly in ubuntu. The default route is going via the internal gateway. I think you have to adjust the netplan to fix the routing situation . (I hope I am replying about the correct tickte ! )

Looks like the DNS resolution is failing. Can you explain your environment and check if you can resolve any host from the system via SSH? Is the unbound service working?

Not sure if relevant to your situation, but to bypass specific DNS entries you can also do: local-zone: example.com typetransparent local-data: "my.example.com A 172.18.0.1"

Right, you need to figure why unbound is not starting. The logs are in journalctl -u unbound -fa . Note that if unbound doesn't work, DNS doesnt work properly on the server and makes this quite unstable (as you experienced already).

@DualOSWinWiz do you think "Encrypt DNS" in your router mean DNSSEC ? If that is the case, an idea is to just disable DNSSEC in unbound instead of for your domain . https://docs.cloudron.io/networking/#unbound .

@nebulon said in Cloudron dashboard not loading after reboot after NextCloud "not responding": Most likely you are hitting an unbound issue then. Checkout the unbound section at https://docs.cloudron.io/troubleshooting/ Unbound solved my issues, thank you!

OK, I have fixed the unbound issue with IPv6. It's an upstream bug but I have made a workaround for the moment. Fix will be part of 7.3.5 (released next week).

@bcdodgeme this usually only happens when the server runs out of disk space.

@girish Yes, looks like it

@girish Thank you - now its working again.

@ajtatum Congrats on the success and all the learning!