Install YunoHost

Select the hardware on which you want install YunoHost :

This setup is mainly meant for local testing by advanced users. Due to limitations on WSL's side (changing IP address, notably), selfhosting from it can be tricky and will not be described here.


  • Windows 10 and above
  • Administration rights
  • Windows Subsystem for Linux, installed from the Optional Features menu of Windows
  • Recommended: Windows Terminal (Preview) app, installed from the Microsoft Store. Much better than the standard Terminal, as it offers shortcuts to the WSL distros.
  • A computer or a smartphone to read this guide and access your server.
  • Introduction

    WSL is a nice feature of Windows 10, making Linux pseudo-distributions available through command line. Let's say pseudo, because even though they are not really like virtual machines, they rely on virtualization capacities that make their integration with Windows almost seamless. Docker for Windows can now rely on WSL instead of Hyper-V, for example.

    Bear in mind, this setup itself is not a container of any kind. If something breaks, there is no rollback capability. You may need to delete the Debian distro altogether and restore it whole.

    Install Debian 11

    Let's install YunoHost into its own distro, not altering the default one. In a PowerShell terminal:

    # Let's go in your home directory and prepare the working directories
    cd ~
    mkdir -p WSL\YunoHost
    # Download the Debian appx package and unzip it
    curl.exe -L -o
    Expand-Archive .\ -DestinationPath .\debian
    # Import the Debian base into a new distro
    wsl --import YunoHost ~\WSL\YunoHost ~\debian\install.tar.gz --version 2
    # Cleanup
    rmdir .\debian -R

    You can now access it: run wsl.exe -d YunoHost

    It is under Debian 9 Stretch, so let's upgrade it:

    # In WSL
    sudo sed -i 's/stretch/bullseye/g' /etc/apt/sources.list`
    sudo apt update
    sudo apt upgrade
    sudo apt dist-upgrade

    Prevent WSL from tweaking configuration files

    Edit /etc/wsl.conf and put the following code in it:

    generateHosts = false
    generateResolvConf = false

    Force the use of iptables-legacy

    Somehow the YunoHost post-installation does not like nf_tables, the new software replacing iptables. We can still explicitely use the good ol' iptables though:

    # In WSL
    sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
    sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

    Install Systemd

    Debian on WSL does not have systemd, a service configuration software. This is a key element for YunoHost, and for any decent Debian distro (seriously MS, what the heck). Let's install it:

    1. Install dotNET runtime:

      # In WSL
      wget -O packages-microsoft-prod.deb
      sudo dpkg -i packages-microsoft-prod.deb
      sudo apt update
      sudo apt install -y apt-transport-https
      sudo apt update
      sudo apt install -y dotnet-sdk-3.1
    2. Install Genie:

      # In WSL
      # Add their repository
      echo "deb [trusted=yes] /" > /etc/apt/sources.list.d/wsl-translinux.list
      # Install Genie
      sudo apt update
      sudo apt install -y systemd-genie

    Install YunoHost

    # In WSL
    # Let's switch to the root user, if you were not already
    sudo su
    # Initialize the Genie bottle to have systemd running
    genie -s
    # Your hostname should have been appended with "-wsl"
    # Install YunoHost
    curl | bash -s -- -a

    Access the command line

    Always call genie -s while starting your distro.

    wsl -d YunoHost -e genie -s

    Backup and restore the distro

    Make your first distro backup

    As said before, there is no rollback capability. So let's export your fresh distro. In PowerShell:

    cd ~
    wsl --export YunoHost .\WSL\YunoHost.tar.gz

    In case of crash, delete and restore the whole distro

    cd ~
    wsl --unregister YunoHost
    wsl --import YunoHost .\WSL\YunoHost .\WSL\YunoHost.tar.gz --version 2

    Proceed with the initial configuration

    If you are in the process of restoring a server using a YunoHost backup, you should skip this step and instead restore the backup instead of the postinstall step.

    During the first visit, you will very likely encounter a security warning related to the certificate used by the server. For now, your server uses a self-signed certificate. For now, you should add a security exception to accept the current certificate. (Though, PLEASE, do not take the habit of blindly accepting this kind of security alert!)

    You should then land on this page :

    Initial configuration page

    Preview of the Web initial configuration page
    Main domain

    This will be the domain used by your server's users to access the authentication portal. You can later add other domains, and change which one is the main domain if needed.

    You will have to choose a fake domain, since it will not be accessible from outside. For example, ynh.wsl. The tricky part is advertising this domain to your host.

    Alter your C:\Windows\System32\drivers\etc\hosts file. You should have a line starting by ::1, update it or add it if needed to get:

    ::1    ynh.wsl localhost

    If you want to create subdomains, do not forget to add them in the hosts file too:

    ::1    ynh.wsl subdomain.ynh.wsl localhost
    Administration password

    This password will be used to access to your server's administration interface. You will also use it to connect via SSH or SFTP . In general terms, this is your system's key, choose it carefully!

    Create a first user

    Once the postinstall is done, you should be able to actually log in the web admin interface using the administration password.

    So far, your server now has an admin user - but admin is not a "regular" user and can't be used to log on the user portal.

    Let's therefore add a first "regular" user.

    The first user you create is a bit special : it will receive emails sent to root@yourdomain.tld and admin@yourdomain.tld. These emails may be used to send technical informations or alerts.

    Go in Users > Click on "+ New User" button

    User creation

    Preview of the user creation UI

    Run the initial diagnosis

    Reminder: YunoHost in WSL will likely not be reachable from outside, and real domains and certificates won't be able to be assigned to it.

    The diagnosis system is meant to provide an easy way to validate that all critical aspects of your server are properly configured - and guide you in how to fix issues. The diagnosis will run twice a day and send an alert if issues are detected.

    N.B. : don't run away ! The first time you run the diagnosis, it is quite expected to see a bunch of yellow/red alerts because you typically need to configure DNS records (if not using a domain), add a swapfile if not enough ram .

    If an alert is not relevant (for example because you don't intend on using a specific feature), it is perfectly fine to flag the issue as 'ignored' by going in the webadmin > Diagnosis, and clicking the ignore button for this specifc issue.

    To run a diagnosis, go on Web Admin in the Diagnosis section. Click Run initial diagnosis and you should get a screen like this :

    Preview of the diagnostic panel

    Get a Let's Encrypt certificate

    Once you configured DNS records and port forwarding (if needed), you should be able to install a Let's Encrypt certificate. This will get rid of the spooky security warning from earlier for new visitors.

    For more detailed instructions, or to lean more about SSL/TLS certificates, see the corresponding page here.

    Go in Domains > Click on your domain > SSL Certificate

    Preview of the diagnostic panel


    You now have a pretty well configured server. If you're new to YunoHost, we recommend to have a look at the guided tour. You should also be able to install your favourite applications. Don't forget to plan backups !

    Нашли ошибки? Думаете, что можете улучшить документацию? Simply click the Edit link at the top of the page, and then the icon on Github to suggest changes.