Hi @smu44, hi everyone, can you kindly help with installation of self-hosted /e/ cloud on local machine? All relevant information included in the file here. If you need anything else, kindly let me know. Thank you. Libor
Hi @liborb !
Could you please try to delete all of /mnt, and restart the whole process with
bash bootstrap-generic.sh https://gitlab.e.foundation/e/infra/ecloud-selfhosting master
instead of
bash bootstrap-generic.sh https://gitlab.e.foundation/e/infra/ecloud-selfhosting
(line #28 of your log file)
Before restarting bootstrap : I don’t think you’re gone as far as firing up Docker containers (this step is in postinstall script which never launched because of DNS errors).
To ensure could you please issue docker system df -v and post back ?
I think you can ignore the Python warnings, at least for now.
If you have Python 3 (check with python --version) it could explain these messages (Ubuntu server 18.04 provides Python 2).
If Python was installed automatically for salt-minion (so you don’t use it elsewhere), you can uninstall Python 3 and manually install Python 2 before launching /e/ Cloud setup scripts.
What’s not clear for me is your actual (not /e/ Cloud) email setup : is it home-hosted or from an Internet provider ?
Be aware that :
- the different components, especially the mail server, are quite nested; I don’t know if it’s possible to have a running /e/ Cloud without the eelomailserver Docker container
- the setup has been tested with Ubuntu Server; as Ubuntu is a Debian fork it is quite likely to run out-of-the-box, but we may also have to change some little things
- Assuming you have a non-floating public IP address, you have to setup a proper public DNS configuration with this address and provide it to setup script; you may want to register a DNS domain for example at https://www.ovh.cz/domeny/; email records could be an Internet provider or home-hosted, as long as DNS records are properly set. You’ll also have to setup proper ports opening/redirects (NAT) in your Internet modem for /e/ nexcloud
- Hetzner CX21 server with backups costs me 5.88€/month (excluding VAT) with full /e/ Cloud hosting and much more; maybe it could be an easier solution as I think that you could “extend” the /e/ Cloud Nextcloud instance storage with a home-hosted Nextcloud
One step at the time 
For now please run the bootstrap with “master”, and we’ll go from there
If it fails again I can easily fire up a Debian testing VM 
And please feel free to post any question, I’ll try to answer them as best as I can !
Just re-read the scripts and docs about the DNS stuff.
Relaunching bootstrap with “master” will ensure a proper binaries setup, however I think we will still fail at DNS part, sorry 
/e/ Cloud was designed as a single “entry point” for both web and email.
What you want to do is not impossible, but we’ll have to play with some settings.
What is mandatory for email is a good public DNS domain, as well as a valid PTR record (PTR is “reverse DNS”, ask for an IP address, got a name as answer).
Thanks @smu44,
when executing “bash bootstrap-generic.sh https://gitlab.e.foundation/e/infra/ecloud-selfhosting master” i got directly to dns settings without a problem.
The logs of “df -v” is:
Souborový systém 1K bloků Užito Volné Uži% Připojeno do
udev 3993476 0 3993476 0% /dev
tmpfs 805192 2916 802276 1% /run
/dev/mapper/rootfs 111969596 66156188 40082644 63% /
tmpfs 5120 4 5116 1% /run/lock
tmpfs 1610380 188980 1421400 12% /dev/shm
/dev/sda2 499656 86988 375972 19% /boot
/dev/sda1 258095 258 257837 1% /boot/efi
cgroup 12 0 12 0% /sys/fs/cgroup
tmpfs 805188 4 805184 1% /run/user/118
tmpfs 805188 28 805160 1% /run/user/1000
So i did not get to docker container installation.
“python --version” gives Python 2.7.16
I have Python 3 installed as well, that needs to be called by python3.
I do have a static IP WAN address, i do have a free domain to use if needed to. I just want to install the whole cloud in local host on my desktop computer, so i use it just on local network. I do not want any of the data to go on internet. Technically there is no problem in setting up the domain, its dns records, forwarding in router, etc. I just want all that to stay local.
So my question would be is there a way to proceed with the installation without setting up an email account? Or setting that up on localhost 127.0.0.1 which does not go any further to the internet? Thank you! It is for this reason i do not sync my device over /e/ account, which would most probably work easily. I am sort of security guy and putting my contacts, calendars and tasks in cloud i consider a risk regardless of the provider.
Fine ! Your setup looks good, we can go ahead with DNS part 
That’s a very good point !
But setting DNS to 127.0.0.1 will lead to a complete closed system, limited to your server 
I assume you want to connect your phone to your server, using your local network ?
So we have to “open” your server to your private network.
We’ll have to setup a home private DNS ecosystem. It is not that hard
Before anything else, we’ll have to know how it works at your home :
- how are the IP address distributed
- which DNS address and domain are provided by DHCP, or manually setup
- if DNS devices records are dynamically set up by DHCP
I assume these services are provided by ISP set-top box ?
In this case, can you access the settings, for example :
- turn on/off the DHCP
- modify the DHCP-provided parameters, such as DNS server IP address and domain
- modify the DNS domain, zone records
- Dynamic DNS setup (DNS records set up by DHCP server)
?
We could use several solutions, I’ll try to provide you with the best one according to your home setup.
The idea beneath is to setup a whole /e/ Cloud including DNS.
Yes, it would also include an /e/ email server for ease of setup, but you won’t have to use it Access to your Internet email provider could be achieved by DNS forwarders.
@smu44 I do have access to my router and can set many things, including DNS servers, though i prefer to keep the default. I can change them on my computer if needed. IP addresses are distributed through DHCP. The ip range is 192.168.1.1 to 192.168.1.254, subnet mask is 255.255.255.0. Btw creating the closed system limited to my computer/server is exatly what i want. What else do you need to know to proceed?
Hi @liborb,
Just to be sure, you really want a closed system, without any chance to exchange data with your phone through your home network ?
This is not usual, as you know /e/ Cloud is designed to serve data through (Internet) network
So please allow me some time to setup a test server.
1 Like
Hi @smu44,
a system closed to the outer world. Of course i need to be able to exchange data with my phone on local (trustworthy) network. I apologize for not mentioning that clear before. So system should be full functional on local network (except for sending emails, i do not need that), but should be closed to the rest of the world.
Btw. beside other things i am in charge of one mail server and that is one of the reasons why i do not want to have selfhosted email. Seting up dmark, dkim and ptr is the easiest part. Adjusting the whole system when the server gets unjustly on different blacklists or google make changes, that influence the whole mail ecosystem - that is a lot of work.
After we make the cloud working, i plan to do it once more myself on a different machine, write down the steps and offer it as a guide to e.foundation, as thank you to the community and /e/ team. For the rest of day i am offline, so i come back in the evening or tomorrow. I appreciate your help very much.
Hi @liborb,
Very sorry for the lag
I could go ahead with testing, will post some technicals soon.
The only mandatory setup to do at your ISP box will be to reduce DHCP range.
The server absolutely needs a static IP address.
For my testing server :
- network is 192.168.13/24 (DHCP for 128-254)
- gateway and DNS relay is .2
- I choosed “test.org” as local DNS domain
- I installed latest MX Linux, as it appears that’s the distro you’re using
- server DNS short name is “mx”; I’ll better choose another one : please be aware that this name has nothing to do with MX-type DNS record !
First part : setting up a private DNS.
1/ static IP address
THIS IS MANDATORY. If your router is set up to distribute DHCP on the whole IP network (let’s say, 192.168.0/24), you’ll have first to reduce this range (ie, assuming your router is .1, DHCP for 128-254).
Then, assign your server a static IP address, as well as default gateway, DNS server & domain.
Example on my testing server (output of “nmcli” command) :
eth0: connected to Wired connection 1
"Intel 82545EM"
ethernet (e1000), 00:0C:29:3C:6A:7E, hw, mtu 1500
ip4 default
inet4 192.168.13.32/24
route4 192.168.13.0/24
route4 0.0.0.0/0
inet6 fe80::5776:b885:fcfe:d7ba/64
route6 fe80::/64
route6 ff00::/8
lo: unmanaged
"lo"
loopback (unknown), 00:00:00:00:00:00, sw, mtu 65536
DNS configuration:
servers: 192.168.13.2
domains: test.org
interface: eth0
2/ setup local DNS
Install : bind9 bind9utils bind9-doc dnsutils
Then modify some conf in /etc/bind/ to have a local DNS zone.
named.conf.local :
// test.org forward zone
zone "test.org" IN {
type master;
file "/etc/bind/db.test.org";
allow-update { none; };
};
// test.org reverse zone
zone "13.168.192.in-addr.arpa" IN {
type master;
file "/etc/bind/db.13.168.192";
allow-update { none; };
};
// Consider adding the 1918 zones here, if they are not used in your
// organization
include "/etc/bind/zones.rfc1918";
named.conf.options
options {
directory "/var/cache/bind";
listen-on { any; };
listen-on-v6 { none; };
recursion yes;
allow-recursion { localhost; 192.168.13.0/24; };
forwarders {
192.168.13.2;
};
dnssec-enable no;
dnssec-validation no;
};
zones.rfc1918
zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
// zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
db.13.168.192
;
; BIND reverse data file for 192.168.13/24
;
$TTL 604800
@ IN SOA mx.test.org. root.test.org. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS mx.
32 IN PTR mx.test.org.
;
; BIND data file for test.org
;
$TTL 604800
@ IN SOA mx.test.org. root.test.org. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS mx.test.org.
mx.test.org. IN A 192.168.13.32
test.org. IN MX 10 mail.test.org.
mail IN A 192.168.13.32
After starting/restarting bind9 service (“service bind9 restart”), some testing :
root@mx:~# nslookup
> server mx
Default server: mx
Address: 192.168.13.32#53
> ddg.gg
Server: mx
Address: 192.168.13.32#53
Non-authoritative answer:
Name: ddg.gg
Address: 184.72.104.138
> mx.test.org
Server: mx
Address: 192.168.13.32#53
Name: mx.test.org
Address: 192.168.13.32
> set type=MX
> test.org
Server: mx
Address: 192.168.13.32#53
test.org mail exchanger = 10 mail.test.org.
> set type=PTR
> 184.72.104.138
Server: mx
Address: 192.168.13.32#53
Non-authoritative answer:
138.104.72.184.in-addr.arpa name = ec2-184-72-104-138.compute-1.amazonaws.com.
Authoritative answers can be found from:
. nameserver = k.root-servers.net.
. nameserver = j.root-servers.net.
. nameserver = h.root-servers.net.
. nameserver = d.root-servers.net.
. nameserver = m.root-servers.net.
. nameserver = c.root-servers.net.
. nameserver = i.root-servers.net.
. nameserver = g.root-servers.net.
. nameserver = e.root-servers.net.
. nameserver = b.root-servers.net.
. nameserver = l.root-servers.net.
. nameserver = a.root-servers.net.
. nameserver = f.root-servers.net.
> 192.168.13.32
Server: mx
Address: 192.168.13.32#53
32.13.168.192.in-addr.arpa name = mx.test.org.
> exit
Here we have checked :
- forward and reverse queries against relay DNS (external)
- forward and reverse queries against our DNS (“test.org” zone)
- our MX (Mail eXhange) record is OK
Check was made using network IP address of our server, so we also checked it will work for LAN clients
3/ Setup server’s DNS resolver
Of course, to make it work fine our server has to use it’s own DNS server
root@mx:~# nmcli con
NAME UUID TYPE DEVICE
Wired connection 1 2fb88fce-a41a-39ae-8a28-5b45ee188eb8 ethernet eth0
root@mx:~# nmcli con mod "Wired connection 1" ipv4.dns "127.0.0.1"
(if you don’t want to restart networking, you also have to change in /etc/resolv.conf)
Hi @smu44,
thank you for comprehensive list, i’ll try to get to it in a few days. Not so easy as i thought.
I tried to keep it short, please ask if unclear !