diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py
index 719ce4d6a..89816847d 100644
--- a/data/hooks/diagnosis/12-dnsrecords.py
+++ b/data/hooks/diagnosis/12-dnsrecords.py
@@ -29,8 +29,9 @@ class DNSRecordsDiagnoser(Diagnoser):
for domain in all_domains:
self.logger_debug("Diagnosing DNS conf for %s" % domain)
is_subdomain = domain.split(".", 1)[1] in all_domains
+ is_localdomain = domain.endswith(".local")
for report in self.check_domain(
- domain, domain == main_domain, is_subdomain=is_subdomain
+ domain, domain == main_domain, is_subdomain=is_subdomain, is_localdomain=is_localdomain
):
yield report
@@ -48,7 +49,7 @@ class DNSRecordsDiagnoser(Diagnoser):
for report in self.check_expiration_date(domains_from_registrar):
yield report
- def check_domain(self, domain, is_main_domain, is_subdomain):
+ def check_domain(self, domain, is_main_domain, is_subdomain, is_localdomain):
expected_configuration = _build_dns_conf(
domain, include_empty_AAAA_if_no_ipv6=True
@@ -59,6 +60,24 @@ class DNSRecordsDiagnoser(Diagnoser):
if is_subdomain:
categories = ["basic"]
+ if is_localdomain:
+ categories = []
+ if is_subdomain:
+ yield dict(
+ meta={"domain": domain, "category": "basic"},
+ results={},
+ status="WARNING",
+ summary="diagnosis_domain_subdomain_localdomain",
+ )
+ else:
+ yield dict(
+ meta={"domain": domain, "category": "basic"},
+ results={},
+ status="INFO",
+ summary="diagnosis_domain_localdomain",
+ )
+
+
for category in categories:
records = expected_configuration[category]
diff --git a/data/hooks/diagnosis/21-web.py b/data/hooks/diagnosis/21-web.py
index 81c4d6e48..04c36661e 100644
--- a/data/hooks/diagnosis/21-web.py
+++ b/data/hooks/diagnosis/21-web.py
@@ -34,6 +34,12 @@ class WebDiagnoser(Diagnoser):
summary="diagnosis_http_nginx_conf_not_up_to_date",
details=["diagnosis_http_nginx_conf_not_up_to_date_details"],
)
+ elif domain.endswith('.local'):
+ yield dict(
+ meta={"domain": domain},
+ status="INFO",
+ summary="diagnosis_http_localdomain",
+ )
else:
domains_to_check.append(domain)
diff --git a/data/templates/yunohost/services.yml b/data/templates/yunohost/services.yml
index b961d274e..447829684 100644
--- a/data/templates/yunohost/services.yml
+++ b/data/templates/yunohost/services.yml
@@ -54,6 +54,7 @@ yunohost-firewall:
category: security
yunomdns:
needs_exposed_ports: [5353]
+ category: mdns
glances: null
nsswitch: null
ssl: null
diff --git a/locales/en.json b/locales/en.json
index 70a0e9309..3734b7cf3 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -190,6 +190,8 @@
"diagnosis_domain_expiration_warning": "Some domains will expire soon!",
"diagnosis_domain_expiration_error": "Some domains will expire VERY SOON!",
"diagnosis_domain_expires_in": "{domain} expires in {days} days.",
+ "diagnosis_domain_localdomain": "Domain {domain}, with a .local TLD, is not expected to have DNS records as it can be discovered through mDNS.",
+ "diagnosis_domain_subdomain_localdomain": "Domain {domain} is a subdomain of a .local domain. Zeroconf/mDNS discovery only works with first-level domains.",
"diagnosis_services_running": "Service {service} is running!",
"diagnosis_services_conf_broken": "Configuration is broken for service {service}!",
"diagnosis_services_bad_status": "Service {service} is {status} :(",
@@ -259,6 +261,7 @@
"diagnosis_http_hairpinning_issue_details": "This is probably because of your ISP box / router. As a result, people from outside your local network will be able to access your server as expected, but not people from inside the local network (like you, probably?) when using the domain name or global IP. You may be able to improve the situation by having a look at https://yunohost.org/dns_local_network",
"diagnosis_http_could_not_diagnose": "Could not diagnose if domains are reachable from outside in IPv{ipversion}.",
"diagnosis_http_could_not_diagnose_details": "Error: {error}",
+ "diagnosis_http_localdomain": "Domain {domain}, with a .local TLD, is not expected to be reached from outside the local network.",
"diagnosis_http_ok": "Domain {domain} is reachable through HTTP from outside the local network.",
"diagnosis_http_timeout": "Timed-out while trying to contact your server from outside. It appears to be unreachable.
1. The most common cause for this issue is that port 80 (and 443) are not correctly forwarded to your server.
2. You should also make sure that the service nginx is running
3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.",
"diagnosis_http_connection_error": "Connection error: could not connect to the requested domain, it's very likely unreachable.",
@@ -321,7 +324,6 @@
"global_settings_cant_write_settings": "Could not save settings file, reason: {reason:s}",
"global_settings_key_doesnt_exists": "The key '{settings_key:s}' does not exist in the global settings, you can see all the available keys by running 'yunohost settings list'",
"global_settings_reset_success": "Previous settings now backed up to {path:s}",
- "global_settings_setting_mdns_interfaces": "Space-separated list of interfaces for mDNS broadcast. Leave empty to disable mDNS.",
"global_settings_setting_pop3_enabled": "Enable the POP3 protocol for the mail server",
"global_settings_setting_security_nginx_compatibility": "Compatibility vs. security tradeoff for the web server NGINX. Affects the ciphers (and other security-related aspects)",
"global_settings_setting_security_password_admin_strength": "Admin password strength",