@girish Its a very new project and the developer seems to be very receptive to feedback. I imagine we can have some sort of influence over its direction.

@thetomester13 Reading about the function of the whitelist on their wiki suggests this is for filtering the bridges being displayed, not for access to the service.

So it's not a network security context as I initially thought.

6.3.5 will be rolled out slowly.

[6.3.5]

Fix permission issues with sshfs filemanager: reset selection if directory has changed branding: fix error highlight with empty cloudron name better text instead of "Cloudron in the wild" Make sso login hint translatable Give unread notifications a small left border Fix issue where clicking update indicator opened app in new tab Ensure notifications are only fetched and shown for at least admins setupaccount: Show input field errors below input field Set focus automatically for new alias or redirect eventlog: fix issue where old events are not periodically removed

6.3 is now available to all. Please open a separate post in the appropriate forum section if you hit any issues.

@atridad usermanagement is probably out-of-scope for some time, since on Cloudron this would be done in the Cloudron dashboard. There is a small cli tool already though for local non-LDAP users.

If you have any specific feature requests around that, might be good to open a github issue to track those.

@girish The script you gave as an example doesn't exist. Maybe you forgot to deploy it on the production release? Here is a working one-liner to enable it. Remove --subdomains from the end to create a subdirectory install (that's the default so you just have to remove the flag).

cd ../data/public && sudo -E -u www-data /app/pkg/wp core multisite-convert --subdomains

I am open to other solutions.

Anyone know the devs for ps and top?

Can you contribute to their code to mark container IDs with something?

Or add a container aware view to the tools to use?

@jeau I started to explore OmekaS and created an instance for testing.
I just wanted to say THANK YOU for a really impressive piece of software. 👍 👏 👏 👏

In 6.3, we also have vultr dns integration.

I have staged 6.2.8 now, will roll out slowly as always.

Additional information: There is no API_Secret in the ENV file in the standard app package. Depending on your thousands of clients, it takes some time to migrate. For me, it was done in less than 5 minutes.

The only moment of confusion was: when installing IN v. 5. you have to fill in the name of the company in a modal frame. After the migration it took me a few seconds to realise that there is a multi-company option in IN v. 5 and I had to switch to the "other" (migrated) company (which has the same company name).

It looks like everything has migrated well.

@mdreira said in Changes to WordPress apps:

1-Is a security plugin necessary in wordpress managed?

I use the Developer package for WordPress so can't speak for the Managed version too much, but my general advice would be the following:

Generally speaking, it'd best to only install plugins when you know you have a need that isn't already addressed in the system. Thus, knowing your exact needs would come before choosing any particular plugin. My rule of thumb personally is not to install a plugin unless I understand why I need it and what I want to achieve with it.

Security is a huge umbrella with probably hundreds of different sub-categories / uses. So for example, it'd be good to know if you are wanting to be notified of any irregular file changes, block specific functionality in WordPress, lockdown user accounts with custom permissions, change the login page URL, rate limit logins, or a mix of those or a whole bunch of other ones.

It's good to copy an existing WordPress site (or a default one) to test new plugins on to see if they will interfere with your current setup, avoiding testing in any live production website.

Aside from the above, I'd honestly recommend just using the Developer package of WordPress. I know that goes against Girish's recommendation 👼 but there are at least several of us "power users" in Cloudron that feel there's no real upside to the Managed package other than a little bit more security by default. Eventually, whether it's sooner or later, you'll likely have the need to use a particular plugin that will need to modify files or access certain files, in which case you'll then have to do a bunch of work to migrate from the Managed package to the Developer package, so IMO you may as well just start on the Developer package to begin with unless you have very basic needs for WordPress and don't plan on growing it at all. And you won't want to be caught in a project that's time-sensitive to then find out you need to now also migrate an entire website to a new app instance type. I learned that lesson the hard way myself. 😉

By the way, every app has its own category in the forum. You may be better served to create a separate and dedicated post in the WordPress (managed or developer) categories. This thread in particular is pretty old and is generally on a different topic than "security plugins" for WordPress.

@girish said in PHP Server Monitor is now available:

Docs: https://docs.cloudron.io/apps/phpservermonitor/

This link actually appears to be https://docs.cloudron.io/apps/php-server-monitor/ - just FYI. 🙂

As a heads up, the app hasn't hit 1.0 yet. Use it at your own risk. We do have tests on the Cloudron package though.

it is possible to make the next one more global hour centric aka noon or 1:00PM UTC+1
so in 🌎 NorthAmerica it would be morning
and 🌏 South-East Asia it would be evening
instead of midnight 😴

@d19dotca Yes, correct. v3 uses focal. More info here - https://forum.cloudron.io/topic/4366/docker-base-image-3-0 . Will make an announcement when we update more apps.

@girish b) 👍

You can batch them up better that way per week as you do spurts of releases.

@girish literally tried SOGo yesterday and wasn't able to login thinking it was weird... now I know! Will update and give it another whirl!

@lolliop @jan_z @zjuhasz1 I started a new topic https://forum.cloudron.io/topic/4119/gnome-shell-installed-in-cloudron-6

Effectively the UK can now do what Jersey (where I live and has always been outside the EU) has done for years.

Europe I LOVE! The EU, well, we'll leave that for the remaining members to decide what works best for all — which I expect still needs some work given the variety of economies and industries.

Anyway, not to distract — great job being on top of the accounting!

@mehdi yes we now decided to simply not have anonymous contributions there, but for anyone interested, just send us a mail with the intended username and language to contribute to. I've also updated the docs accordingly.