YunoHost/doc
1
0
Fork 0
mirror of https://github.com/YunoHost/doc.git synced 2024-09-03 20:06:26 +02:00
Code Issues Projects Releases Packages Wiki Activity

More small enhancements

Browse source
This commit is contained in:
yunohost-bot 2021-02-07 14:53:24 +01:00
parent f25e141d4a
commit 58fab8f6a0
8 changed files with 32 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pages/01.administrate/04.learn/12.security/security.md
View file

@ -15,16 +15,16 @@ Two things remain important to note:
* The fact that YunoHost is a well-spread software increases the chances of an attack. If a flaw is discovered, it could potentially affect all the YunoHost instances at once. Keep your system **up-to-date** to remain safe. * The fact that YunoHost is a well-spread software increases the chances of an attack. If a flaw is discovered, it could potentially affect all the YunoHost instances at once. Keep your system **up-to-date** to remain safe.
*If you need advice, do not hesitate to [ask us](/help).* !!!! If you need advice, do not hesitate to [ask us](/help).
*To discuss security flaws, contact the [YunoHost security team](/security_team).* !! [fa=shield /] To discuss security flaws, contact the [YunoHost security team](/security_team).
--- ---
## Improve security ## Improve security
If your YunoHost server is used in a critical production environment, or if you want to improve its safety, you may want to follow those good practices. If your YunoHost server is used in a critical production environment, or if you want to improve its safety, you may want to follow those good practices.
**Attention:** *Following those instructions requires advanced knowledge of system administration.* ! **Attention:** Following those instructions requires advanced knowledge of system administration.
### SSH authentication via key ### SSH authentication via key
By default, the SSH authentication uses the administration password. Deactivating this kind of authentication and replacing it by a key mechanism is advised. By default, the SSH authentication uses the administration password. Deactivating this kind of authentication and replacing it by a key mechanism is advised.

2
pages/01.administrate/04.learn/13.permissions/groups_and_permissions.md
View file

@ -176,7 +176,7 @@ $ yunohost user permission update mail --remove all_users --add bob
Note that some permissions may be "protected", meaning that you won't be able to add/remove the visitor group to this permission. Generally, this is because it would make no sense (or is a security risk) to do so. Note that some permissions may be "protected", meaning that you won't be able to add/remove the visitor group to this permission. Generally, this is because it would make no sense (or is a security risk) to do so.
The webadmin will issue a warning if you set a permission that is superseeded by a wider permission. The webadmin will issue a warning if you set a permission that is superseded by a wider permission.
![](image://groups_alerte-permission.png) ![](image://groups_alerte-permission.png)

5
pages/01.administrate/05.specific_use_cases/01.domains/01.dns_nohost_me/dns_nohost_me.md
View file

@ -16,7 +16,7 @@ The following (sub)domains are proposed:
To use this service, you simply have to choose such a domain during the post-installation. It will then be automatically configured by YunoHost! To use this service, you simply have to choose such a domain during the post-installation. It will then be automatically configured by YunoHost!
N.B.: As a fairness measure, each instance may only have **one such domain** setup at any given time. !!! As a fairness measure, each instance may only have **one such domain** setup at any given time.
### Subdomains ### Subdomains
@ -56,8 +56,7 @@ If you reinstall your server and want to use a domain already used previously, y
If you wish to use a different automatic domain, you first have to remove your present domain registration. This is done in 3 steps: If you wish to use a different automatic domain, you first have to remove your present domain registration. This is done in 3 steps:
1. Remove the domain from your instance (via webadmin or the `yunohost domain remove` CLI). 1. Remove the domain from your instance (via webadmin or the `yunohost domain remove` in the CLI).
**/!\ Caution: this will remove any app installed on this domain, along with its data.**
2. Ask for registration removal [in the dedicated forum thread](https://forum.yunohost.org/t/nohost-domain-recovery/442). 2. Ask for registration removal [in the dedicated forum thread](https://forum.yunohost.org/t/nohost-domain-recovery/442).
3. Remove automatic domain configuration files on your server, via CLI only: `sudo rm /etc/cron.d/yunohost-dyndns && sudo rm -r /etc/yunohost/dyndns` 3. Remove automatic domain configuration files on your server, via CLI only: `sudo rm /etc/cron.d/yunohost-dyndns && sudo rm -r /etc/yunohost/dyndns`

14
pages/01.administrate/05.specific_use_cases/01.domains/02.dns_dynamic_ip/dns_dynamicip.md
View file

@ -13,6 +13,13 @@ This tutorial aim to get around dynamic IP issue which is: when the IP public ad
The method proposed here consists of automatizing the fact the box annonces its global IP adress change to the dynamic DNS, so that the DNS zone will automatically be updated. The method proposed here consists of automatizing the fact the box annonces its global IP adress change to the dynamic DNS, so that the DNS zone will automatically be updated.
Here are some examples of registrars, companies where you can buy domain names:
* [OVH](http://ovh.com/)
* [GoDaddy](https://godaddy.com/)
* [Gandi](http://gandi.net/)
* [Namecheap](https://www.namecheap.com/)
* [BookMyName](https://www.bookmyname.com/)
If you own a domain name at **OVH**, you may go to step 4 and follow this [tutorial](/OVH), given that OVH proposes a DynDNS service. If you own a domain name at **OVH**, you may go to step 4 and follow this [tutorial](/OVH), given that OVH proposes a DynDNS service.
#### 1. Create an account to a Dynamic DNS service #### 1. Create an account to a Dynamic DNS service
@ -34,7 +41,12 @@ This step consists in declaring to your [registrar](/registrar) that the DNS ser
For this, fisrt declare in the NS field(s) the IP address provided by the DynDNS service. For this, fisrt declare in the NS field(s) the IP address provided by the DynDNS service.
Then, remove any other item in the [DNS zones](/dns_config) (except the previous NS fields), from the [registrar](/registrar). Then, remove any other item in the [DNS zones](/dns_config) (except the previous NS fields), from the registrar. Here are from examples of registrars:
* [OVH](http://ovh.com/)
* [GoDaddy](https://godaddy.com/)
* [Gandi](http://gandi.net/)
* [Namecheap](https://www.namecheap.com/)
* [BookMyName](https://www.bookmyname.com/)
#### 4. Configure the client #### 4. Configure the client
This client could be your ISP-box, or a package installed on your server, such as `ddclient`. This client could be your ISP-box, or a package installed on your server, such as `ddclient`.

2
pages/01.administrate/05.specific_use_cases/05.external_storage/external_storage.md
View file

@ -62,7 +62,7 @@ Check with `lsblk` that your disk really does contain a single partition.
Before you can use your disk it has to be formatted. Before you can use your disk it has to be formatted.
You should be aware that **formating a drive implies to erasing every data on it !** If your disk is already "clean", you may ignore this step. ! You should be aware that **formating a drive implies to erasing every data on it!** If your disk is already "clean", you may ignore this step.
To format the partition : To format the partition :

2
pages/01.administrate/05.specific_use_cases/09.certificate_custom/certificate_custom.md
View file

@ -7,7 +7,7 @@ routes:
default: '/certificate_custom' default: '/certificate_custom'
--- ---
**Note:** since version 2.5, YunoHost integrates Let's Encrypt certificates automated management. You can easily and freely [install a Let's Encrypt certificate](/certificate). The following document describes the steps for installing a paid certificate from a certification authority (**Gandi**, **RapidSSL**, **StartSSL**, **Cacert**). ! **Note:** since version 2.5, YunoHost integrates Let's Encrypt certificates automated management. You can easily and freely [install a Let's Encrypt certificate](/certificate). The following document describes the steps for installing a paid certificate from a certification authority (**Gandi**, **RapidSSL**, **StartSSL**, **Cacert**).
Some changes have taken place which impact the procedures indicated below: Some changes have taken place which impact the procedures indicated below:

4
pages/01.administrate/05.specific_use_cases/11.moving_app_folder/moving_app_folder.md
View file

@ -9,9 +9,7 @@ routes:
Applications folder are (*usually*) located in `/var/www/$appname` Applications folder are (*usually*) located in `/var/www/$appname`
If an application folder is expected to get bigger because of the amount of data If an application folder is expected to get bigger because of the amount of data it contains, it might be relevant to move it to another storage (like an external hard drive).
it contains, it might be relevant to move it to another storage (like an
external hard drive).
Here's a summary of how to do this the application wordpress. Here, is is assumed that Here's a summary of how to do this the application wordpress. Here, is is assumed that
[you already mounted the external hard-drive](/external_storage). [you already mounted the external hard-drive](/external_storage).

10
pages/01.administrate/05.specific_use_cases/specific_use_cases.md Normal file
View file

@ -0,0 +1,10 @@
---
title: Specific use cases
template: docs
taxonomy:
category: docs
routes:
default: '/specific_use_cases'
---
In the following pages you will find tutorials for specific use cases.