Ok I did it and it works. @rstockm FYI, here is how I did it : Install LAMP and open the terminal Cd to the web root directory cd /app/data/public Download the Latest LinkStack Release LATEST_URL=$(curl -s https://api.github.com/repos/LinkStackOrg/LinkStack/releases/latest \ | grep "browser_download_url" \ | grep "linkstack.zip" \ | cut -d '"' -f 4) wget -O linkstack.zip "$LATEST_URL" unzip -o linkstack.zip rm linkstack.zip Remove Cloudron’s Default index.php rm index.php Fix folder structure LinkStack is extracted inside a folder named linkstack/. Move everything to the real web root: mv linkstack/* ./ mv linkstack/.* ./ 2>/dev/null || true rmdir linkstack Fix permissions chown -R www-data:www-data /app/data/public Restart the app in Cloudron Open the URL and follow the LinkStack setup installation guide.

@jdaviescoates Thank you for the notes. I already read the post. I will watch the video; however, there's no transcript for it, like on YouTube. I've to watch the full video

nginx is still implementing this - https://github.com/nginx/nginx/issues/266

@james Thanks, but I think the original post is also a spam link. Forbes is one giant affiliate website, doing many of the same things as spammers. It's what's known as a parasite. I'd delete this whole post, as it offers no value to anyone here that's focused on self-hosting and open-source.

There are probably no answers here since it is a very uncommon setup. Why put in so much effort to pipe mails via another mail service into Cloudron . At that point, isn't it just easier to accept using the other service for mail entirely ?

Yes, forward proxying does not exist on Cloudron . I think forward proxying is handled by services these days and they are quite expensive since they provide special IPs for scraping.

Hello @sebastienserre Thanks for that. Fixing it right away.

@girish said in App proxy questions and proxy/authentication possible improvement suggestions: But from Cloudron's POV, there is authentication and authorization But basically having the option to block access to any hosted app by putting auth in front of it (presumably thorugh the web server) could have various good use cases.

Hello @3246 With the cloudron cli you can run e.g: cloudron exec --app $APP -- fallocate -l 4M /app/data/4M See cloudron exec --help: Usage: cloudron exec [options] [cmd...] Exec a command in an application Options: -t,--tty Allocate tty --app <id/location> App id or location -h, --help display help for command Examples: $ cloudron exec --app myapp # run an interactive shell $ cloudron exec --app myapp ls # run command $ cloudron exec --app myapp -- ls -l # use -- to indicate end of options Was not sure if possible via the API but since I can debug the cloudron cli and see what it do I figured something out. Send the to /api/v1/apps/$APPID/exec # Command is an array `ls -lah /app/data` would become for each space ["ls", "-lah", "/app/data/"] curl "https://my.$DOMAIN.$TLD/api/v1/apps/$APPID/exec" \ -H 'Authorization: Bearer $APITOKEN' \ -H 'content-type: application/json' \ --data-raw '["ls", "-lah", "/app/data/"]' # this returns and id { "id": "a90bcfcec1d29f7a595638ea66c8ac0bb53b594047ac74fc80bf97f75fed0c19" } But getting the output of the executed command is. . . tricky. Just look at the source code for the cli for this part: const searchParams = new URLSearchParams({ rows: stdout.rows || 24, columns: stdout.columns || 80, access_token: token, tty }); const req = https.request({ hostname: adminFqdn, path: `/api/v1/apps/${app.id}/exec/${execId}/start?${searchParams.toString()}`, method: 'GET', headers: { 'Connection': 'Upgrade', 'Upgrade': 'tcp' }, rejectUnauthorized }, function handler(res) { if (res.statusCode === 403) exit('Unauthorized.'); // only admin or only owner (for docker addon) exit('Could not upgrade connection to tcp. http status:', res.statusCode); }); req.on('upgrade', function (resThatShouldNotBeUsed, socket /*, upgradeHead*/) { // do not use res here! it's all socket from here on socket.on('error', exit); socket.setNoDelay(true); socket.setKeepAlive(true); if (tty) { stdin.setRawMode(true); stdin.pipe(socket, { end: false }); // the remote will close the connection socket.pipe(stdout); // in tty mode, stdout/stderr is merged socket.on('end', exitWithCode); // server closed the socket } else { // create stdin process on demand if (typeof stdin === 'function') stdin = stdin(); stdin.on('data', function (d) { var buf = Buffer.alloc(4); buf.writeUInt32BE(d.length, 0 /* offset */); socket.write(buf); socket.write(d); }); stdin.on('end', function () { var buf = Buffer.alloc(4); buf.writeUInt32BE(0, 0 /* offset */); socket.write(buf); }); stdout.on('close', exitWithCode); // this is only emitted when stdout is a file and not the terminal demuxStream(socket, stdout, process.stderr); // can get separate streams in non-tty mode socket.on('end', function () { // server closed the socket if (typeof stdin.end === 'function') stdin.end(); // required for this process to 'exit' cleanly. do not call exit() because writes may not have finished . the type check is required for when stdin: 'ignore' in execSync, not sure why if (stdout !== process.stdout) stdout.end(); // for push stream socket.end(); // process._getActiveHandles(); process._getActiveRequests(); if (stdout === process.stdout) setImmediate(exitWithCode); // otherwise, we rely on the 'close' event above }); } }); req.on('error', exit); // could not make a request req.end(); // this makes the request From a little debugging I got the API path: /api/v1/apps/$APPID/exec/$EXECID/start?rows=21&columns=257&tty=false But when CURL'ing this: curl "https://my.$DOMAIN.TLD/api/v1/apps/$APPID/exec/$EXECID/start?rows=21&columns=257&tty=false" \ -H "Authorization: Bearer $APITOKEN" \ -H 'content-type: application/json' { "status": "Not Found", "message": "exec requires TCP upgrade" } And I am not sure how to "TCP upgrade" the curl request. I will ask the team.

I use Cloudns for DNS - they’re good

@JOduMonT said in Ubuntu Pro & Cloudron: Cloudron lose control on the update ? Totally, completely, assuredly, obviously. Why pay for this "pro" service when Cloudron already manages the server? Cloudron IS the thing managing the server, and by that, also Ubuntu. Choose one. [image: 1761996317898-17937c13-0f69-494f-bb00-086de7b14899-image.png]

We use https://github.com/panva/node-oidc-provider internally and that is supposed to support PKCE. Not sure yet how to use it to test what this needs. Until that is working, the options are a keycloak instance or a small backend which gives the SPA some kind of session while handling the oidc login bits.

@jdaviescoates cheers! Well yes, basically people get a managed Cloudron with proper onboarding, the difference is the selection of preinstalled apps (or none for the Cloudron package), the distinction is mostly for marketing purposes.

Good on them for this initiative. Despite web browser now being fundamental functionality, the offerings from all the others are frankly pretty poor, bloated dinosaurs. Look forward to their first usable release

Thanks guys

An automatically created badge from Cloudron's perspective: App Verification and Registry After the app is reviewed and approved, Cloudron adds it to its verified apps registry, which includes metadata like app ID, name, version, and verified status. Badge Graphic Creation Cloudron prepares a badge image (SVG or PNG) showing "Packaged by Cloudron" or a similar verified label. This badge image is hosted on Cloudron's servers or CDN. Generate Standardized Markdown Snippet Cloudron creates a standardized Markdown snippet that developers can embed into their README or website. The snippet typically looks like this: [](https://cloudron.example.com/apps/appid) Here, the image URL links to the dynamically generated badge image, and the anchor URL links to the app's Cloudron info page. Probably this can be done here, taking comentario as an random example: https://www.cloudron.io/store/app.comentario.cloudronapp.html Badge Hosting and Dynamic Updates The badge image URL is managed by Cloudron, allowing automatic updates if badge styles, wording, or verification states change. All instances where the badge is embedded will reflect updates immediately. Developer/User Integration Cloudron provides the app developer or user with this snippet along with clear instructions to paste it into their GitHub README or other documentation. Automatic Badge Rendering When README files or web pages load, the badge image is fetched from Cloudron's servers and displayed in place, confirming official packaging and build trust visually. This automated generation and hosting process allows Cloudron to centrally manage trust badges and makes it very easy for app maintainers to add a professional verification mark to their repos without manual image management or styling.