The fix for this to clear the search filter on ESC if the view is active: https://git.cloudron.io/platform/box/-/commit/425e196dfc4f4c7e31870f36df7cab0417f7a523

Haven't encountered such timeouts from thunderbird, unless the network is actually flaky. Maybe check if both ipv4 and ipv6 are setup but only one works? Could be that thunderbird (probably relying on the system's network interface selector) sometimes picks one of the two which resolves but does not route.

@nebulon I had a previous Minio backup destination which had started to fail due to an incorrect region setting (?), so I made a new one using Minio. BUT, I had not changed the setting "Store automatic-update backups here" to the new one. Yeah, it would start by backing up, I could see it in the top part of the app dashboard, then I would look at my other screen to work, and a few minutes later look back and it was running, like it was finished. But the green arrow was there, and it was only a few minutes, like 2 or 3, so I was thinking there is no way it backed up, downloaded the new images, reconfigured and everything in that short amount of time. So I started watching and yeah, it would hit a point early on the backup, then the screen would flash and reload in an instant and just be running again. Not even a fail, or "starting" notice... just running.

Ok I did it and it works. @rstockm FYI, here is how I did it : Install LAMP and open the terminal Cd to the web root directory cd /app/data/public Download the Latest LinkStack Release LATEST_URL=$(curl -s https://api.github.com/repos/LinkStackOrg/LinkStack/releases/latest \ | grep "browser_download_url" \ | grep "linkstack.zip" \ | cut -d '"' -f 4) wget -O linkstack.zip "$LATEST_URL" unzip -o linkstack.zip rm linkstack.zip Remove Cloudron’s LAMP Default index.php rm index.php Fix folder structure LinkStack is extracted inside a folder named linkstack/. Move everything to the real web root: mv linkstack/* ./ mv linkstack/.* ./ 2>/dev/null || true rmdir linkstack Fix permissions chown -R www-data:www-data /app/data/public Restart the app in Cloudron Open the URL and follow the LinkStack setup installation guide.

@jdaviescoates Thank you for the notes. I already read the post. I will watch the video; however, there's no transcript for it, like on YouTube. I've to watch the full video

nginx is still implementing this - https://github.com/nginx/nginx/issues/266

@james Thanks, but I think the original post is also a spam link. Forbes is one giant affiliate website, doing many of the same things as spammers. It's what's known as a parasite. I'd delete this whole post, as it offers no value to anyone here that's focused on self-hosting and open-source.

There are probably no answers here since it is a very uncommon setup. Why put in so much effort to pipe mails via another mail service into Cloudron . At that point, isn't it just easier to accept using the other service for mail entirely ?

Yes, forward proxying does not exist on Cloudron . I think forward proxying is handled by services these days and they are quite expensive since they provide special IPs for scraping.

Hello @sebastienserre Thanks for that. Fixing it right away.

@girish said in App proxy questions and proxy/authentication possible improvement suggestions: But from Cloudron's POV, there is authentication and authorization But basically having the option to block access to any hosted app by putting auth in front of it (presumably thorugh the web server) could have various good use cases.

Hello @3246 With the cloudron cli you can run e.g: cloudron exec --app $APP -- fallocate -l 4M /app/data/4M See cloudron exec --help: Usage: cloudron exec [options] [cmd...] Exec a command in an application Options: -t,--tty Allocate tty --app <id/location> App id or location -h, --help display help for command Examples: $ cloudron exec --app myapp # run an interactive shell $ cloudron exec --app myapp ls # run command $ cloudron exec --app myapp -- ls -l # use -- to indicate end of options Was not sure if possible via the API but since I can debug the cloudron cli and see what it do I figured something out. Send the to /api/v1/apps/$APPID/exec # Command is an array `ls -lah /app/data` would become for each space ["ls", "-lah", "/app/data/"] curl "https://my.$DOMAIN.$TLD/api/v1/apps/$APPID/exec" \ -H 'Authorization: Bearer $APITOKEN' \ -H 'content-type: application/json' \ --data-raw '["ls", "-lah", "/app/data/"]' # this returns and id { "id": "a90bcfcec1d29f7a595638ea66c8ac0bb53b594047ac74fc80bf97f75fed0c19" } But getting the output of the executed command is. . . tricky. Just look at the source code for the cli for this part: const searchParams = new URLSearchParams({ rows: stdout.rows || 24, columns: stdout.columns || 80, access_token: token, tty }); const req = https.request({ hostname: adminFqdn, path: `/api/v1/apps/${app.id}/exec/${execId}/start?${searchParams.toString()}`, method: 'GET', headers: { 'Connection': 'Upgrade', 'Upgrade': 'tcp' }, rejectUnauthorized }, function handler(res) { if (res.statusCode === 403) exit('Unauthorized.'); // only admin or only owner (for docker addon) exit('Could not upgrade connection to tcp. http status:', res.statusCode); }); req.on('upgrade', function (resThatShouldNotBeUsed, socket /*, upgradeHead*/) { // do not use res here! it's all socket from here on socket.on('error', exit); socket.setNoDelay(true); socket.setKeepAlive(true); if (tty) { stdin.setRawMode(true); stdin.pipe(socket, { end: false }); // the remote will close the connection socket.pipe(stdout); // in tty mode, stdout/stderr is merged socket.on('end', exitWithCode); // server closed the socket } else { // create stdin process on demand if (typeof stdin === 'function') stdin = stdin(); stdin.on('data', function (d) { var buf = Buffer.alloc(4); buf.writeUInt32BE(d.length, 0 /* offset */); socket.write(buf); socket.write(d); }); stdin.on('end', function () { var buf = Buffer.alloc(4); buf.writeUInt32BE(0, 0 /* offset */); socket.write(buf); }); stdout.on('close', exitWithCode); // this is only emitted when stdout is a file and not the terminal demuxStream(socket, stdout, process.stderr); // can get separate streams in non-tty mode socket.on('end', function () { // server closed the socket if (typeof stdin.end === 'function') stdin.end(); // required for this process to 'exit' cleanly. do not call exit() because writes may not have finished . the type check is required for when stdin: 'ignore' in execSync, not sure why if (stdout !== process.stdout) stdout.end(); // for push stream socket.end(); // process._getActiveHandles(); process._getActiveRequests(); if (stdout === process.stdout) setImmediate(exitWithCode); // otherwise, we rely on the 'close' event above }); } }); req.on('error', exit); // could not make a request req.end(); // this makes the request From a little debugging I got the API path: /api/v1/apps/$APPID/exec/$EXECID/start?rows=21&columns=257&tty=false But when CURL'ing this: curl "https://my.$DOMAIN.TLD/api/v1/apps/$APPID/exec/$EXECID/start?rows=21&columns=257&tty=false" \ -H "Authorization: Bearer $APITOKEN" \ -H 'content-type: application/json' { "status": "Not Found", "message": "exec requires TCP upgrade" } And I am not sure how to "TCP upgrade" the curl request. I will ask the team.

I use Cloudns for DNS - they’re good

@JOduMonT said in Ubuntu Pro & Cloudron: Cloudron lose control on the update ? Totally, completely, assuredly, obviously. Why pay for this "pro" service when Cloudron already manages the server? Cloudron IS the thing managing the server, and by that, also Ubuntu. Choose one. [image: 1761996317898-17937c13-0f69-494f-bb00-086de7b14899-image.png]

We use https://github.com/panva/node-oidc-provider internally and that is supposed to support PKCE. Not sure yet how to use it to test what this needs. Until that is working, the options are a keycloak instance or a small backend which gives the SPA some kind of session while handling the oidc login bits.

@jdaviescoates cheers! Well yes, basically people get a managed Cloudron with proper onboarding, the difference is the selection of preinstalled apps (or none for the Cloudron package), the distinction is mostly for marketing purposes.

Good on them for this initiative. Despite web browser now being fundamental functionality, the offerings from all the others are frankly pretty poor, bloated dinosaurs. Look forward to their first usable release

Thanks guys