=================================
Base system (basesystem)
=================================

[INFO] Server hardware architecture is kvm amd64
  - Server model is OpenStack Foundation OpenStack Nova

[INFO] Server is running Linux kernel 5.10.0-25-cloud-amd64

[INFO] Server is running Debian 11.7

[INFO] Server is running YunoHost 11.2.4 (stable)
  - yunohost version: 11.2.4 (stable)
  - yunohost-admin version: 11.2.2 (stable)
  - moulinette version: 11.2 (stable)
  - ssowat version: 11.2 (stable)

[WARNING] It looks like apt (the package manager) is configured to use the backports repository. Unless you really know what you are doing, we strongly discourage installing packages from backports, because it's likely to create unstabilities or conflicts on your system.

[WARNING] There's been a suspiciously high number of authentication failures recently. You may want to make sure that fail2ban is running and is correctly configured, or use a custom port for SSH as explained in https://yunohost.org/security.



=================================
Internet connectivity (ip)
=================================

[WARNING] DNS resolution seems to be working, but it looks like you're using a custom /etc/resolv.conf.
  - The file /etc/resolv.conf should be a symlink to /etc/resolvconf/run/resolv.conf itself pointing to 127.0.0.1 (dnsmasq). If you want to manually configure DNS resolvers, please edit /etc/resolv.dnsmasq.conf.

[SUCCESS] The server is connected to the Internet through IPv4!
  - Global IP: xx.xx.xx.xx
  - Local IP: xx.xx.xx.xx



=================================
DNS records (dnsrecords)
=================================

[SUCCESS] DNS records are correctly configured for domain domain2.tld (category basic)

[SUCCESS] DNS records are correctly configured for domain domain2.tld (category mail)

[SUCCESS] DNS records are correctly configured for domain domain2.tld (category xmpp)

[SUCCESS] DNS records are correctly configured for domain domain2.tld (category extra)

[SUCCESS] Your domains are registered and not going to expire anytime soon.
  - domain2.tld expires in 363 days.



=================================
Ports exposure (ports)
=================================

[SUCCESS] Port 22 is reachable from the outside.
  - Exposing this port is needed for admin features (service ssh)

[SUCCESS] Port 25 is reachable from the outside.
  - Exposing this port is needed for email features (service postfix)

[SUCCESS] Port 53 is reachable from the outside.
  - Exposing this port is needed for [?] features (service pihole-FTL)

[ERROR] Port 67 is not reachable from the outside.
  - Exposing this port is needed for [?] features (service pihole-FTL)
  - To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config

[SUCCESS] Port 80 is reachable from the outside.
  - Exposing this port is needed for web features (service nginx)

[SUCCESS] Port 443 is reachable from the outside.
  - Exposing this port is needed for web features (service nginx)

[SUCCESS] Port 587 is reachable from the outside.
  - Exposing this port is needed for email features (service postfix)

[SUCCESS] Port 993 is reachable from the outside.
  - Exposing this port is needed for email features (service dovecot)

[SUCCESS] Port 5222 is reachable from the outside.
  - Exposing this port is needed for xmpp features (service metronome)

[SUCCESS] Port 5269 is reachable from the outside.
  - Exposing this port is needed for xmpp features (service metronome)

[ERROR] Port 8095 is not reachable from the outside.
  - Exposing this port is needed for [?] features (service wg-quick@wg0)
  - To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config



=================================
Web (web)
=================================

[SUCCESS] Domain domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain maindomain.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain drive.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain learn.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain notes.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain office.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain photos.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain pihole.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain project.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain radio.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain talk.domain2.tld is reachable through HTTP from outside the local network.

[SUCCESS] Domain vpn.domain2.tld is reachable through HTTP from outside the local network.



=================================
Email (mail)
=================================

[SUCCESS] The SMTP mail server is able to send emails (outgoing port 25 is not blocked).

[SUCCESS] The SMTP mail server is reachable from the outside and therefore is able to receive emails!

[ERROR] Reverse DNS is not correctly configured for IPv4. Some emails may fail to get delivered or be flagged as spam.
  - Current reverse DNS: vps-d5717f68.vps.ovh.net
    Expected value: maindomain.tld
  - You should first try to configure reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting providers may require you to send them a support ticket for this).
  - Some providers won't let you configure your reverse DNS (or their feature might be broken...). If you are experiencing issues because of this, consider the following solutions:
     - Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    - A privacy-friendly alternative is to use a VPN *with a dedicated public IP* to bypass this kind of limits. See https://yunohost.org/#/vpn_advantage
    - Or it's possible to switch to a different provider

[SUCCESS] The IPs and domains used by this server do not appear to be blacklisted

[SUCCESS] 0 pending emails in the mail queues



=================================
Services status check (services)
=================================

[ERROR] Service dnsmasq is dead :(
  - You can try to restart the service, and if it doesn't work, have a look at the service logs in the webadmin (from the command line, you can do this with 'yunohost service restart dnsmasq' and 'yunohost service log dnsmasq').

[SUCCESS] Service dovecot is running!

[SUCCESS] Service fail2ban is running!

[SUCCESS] Service mattermost is running!

[SUCCESS] Service metronome is running!

[SUCCESS] Service mysql is running!

[SUCCESS] Service nginx is running!

[SUCCESS] Service php7.4-fpm is running!

[SUCCESS] Service php8.1-fpm is running!

[SUCCESS] Service php8.2-fpm is running!

[ERROR] Service pihole-FTL is exited :(
  - You can try to restart the service, and if it doesn't work, have a look at the service logs in the webadmin (from the command line, you can do this with 'yunohost service restart pihole-FTL' and 'yunohost service log pihole-FTL').

[SUCCESS] Service postfix is running!

[SUCCESS] Service postgresql is running!

[SUCCESS] Service redis-server is running!

[SUCCESS] Service rspamd is running!

[SUCCESS] Service slapd is running!

[SUCCESS] Service ssh is running!

[SUCCESS] Service wg-quick@wg0 is running!

[SUCCESS] Service wireguard_ui is running!

[SUCCESS] Service yunohost-api is running!

[SUCCESS] Service yunohost-firewall is running!

[SUCCESS] Service yunomdns is running!



=================================
System resources (systemresources)
=================================

[SUCCESS] The system still has 989 MiB (51%) RAM available out of 1.9 GiB.

[INFO] The system has no swap at all. You should consider adding at least 512 MiB of swap to avoid situations where the system runs out of memory.
  - Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device.

[SUCCESS] Storage / (on device /dev/sda1) still has 14 GiB (75%) space left (out of 19 GiB)!

[SUCCESS] Storage /boot/efi (on device /dev/sda15) still has 113 MiB (91.4%) space left (out of 124 MiB)!



=================================
System configurations (regenconf)
=================================

[WARNING] Configuration file /etc/dnsmasq.d/01-pihole.conf appears to have been manually modified.
  - This is probably OK if you know what you're doing! YunoHost will stop updating this file automatically... But beware that YunoHost upgrades could contain important recommended changes. If you want to, you can inspect the differences with 'yunohost tools regen-conf dnsmasq --dry-run --with-diff' and force the reset to the recommended configuration with 'yunohost tools regen-conf dnsmasq --force'



=================================
Applications (apps)
=================================

[SUCCESS] All installed apps respect basic packaging practices