OK. Solution so far: I removed all backup sites and rebooted. (There's a question at the end.) I added a CIFS point (instead of SSHFS) to the local NAS. Gave the backup 5GB of RAM, and set the concurrency to 100 Waited an hour or two. Two? What is time. The backup for Immich succeeded. I may try an SSHFS backup with similar parameters, but I'll... be limited on the storage box with regards to concurrency. So, we'll see. QUESTION: I have noticed when app backups fail, there's sometimes a stale lock. Where is that lock? I would like to be able to remove the lock without having to reboot. Is it in the DB? A file? Where does Box keep those app backup locks? I'm not convinced I've solved my problem, but I'm starting to think the RAM for the backup(s) may matter, which I had never encountered before.

@joseph said in SQL error: support@cloudron.io I sent an email on support@cloudron.io please check

You’ll find way too many horror stories if you search for Contabo on this forum. I had the nvme plan and the speeds were constantly under 500mb/s. Support was useless. Frequent network issues were common. I’ve since moved to Hetzners dedicated vcpu entry plan that costs less than half but performance is top notch. It’s hosting my public facing sites while the rest are self hosted on premise. Before you go nuts trying to fix things on Contabo, go through a migration to a new provider and see how it goes. Use dry run feature when setting up the dns so the live sites are still using Contabo for now.

I did, thanks

@girish probably for when we fixed the usernames having trouble with special chars and allowing just a dot which couldn't be deleted!

Fixed - https://git.cloudron.io/platform/box/-/commit/1ce5fcafd908c8362f57a7f6c1955591542bd895

Hello @jadudm Always happy to help.

Hello @hakunamatata Great find. We should still look into that. Thanks to the details I now have an approach to reproduce this issue.

Yes, you have to adjust the schedule manually to not overlap. Otherwise, if a single app is backing up to multiple sites in parallel, they will get serialized internally (with the lock).

There is also a Logs dropdown button in the backups view which opens the corresponding log file in the logsviewer, from there the full logs can also be downloaded, avoiding the need to ssh into the server.

@girish Can a migrations check be added to run until none remain, which hopefully evades the stuck condition too?

Hello @cbcun Great to read that you were able to resolve this issue yourself.

Hello @miednr Yes, for stopped apps a new backup will not be created since nothing has changed. See: https://docs.cloudron.io/backups#retention-policy For installed apps and box backups, the latest backup is always retained regardless of the policy. This ensures at least one backup remains preserved even if all backups fall outside the retention policy. This also preserves the latest backup of stopped apps when not referenced by any box backup. Did you know you can also archive apps? https://docs.cloudron.io/apps#archive

@girish Thank you, after upgrading to Cloudron version 9.0.17 (latest), everything started working again.

we're getting closer, this is a part of the scheduled one this morning: 2026-02-06 06:09:31,611 WARNING Could not figure out development release: Distribution data outdated. Please check for an update for distro-info-data. See /usr/share/doc/distro-info-data/README.Debian for details. 2026-02-06 06:09:31,612 INFO Starting unattended upgrades script 2026-02-06 06:09:31,612 INFO Allowed origins are: o=Ubuntu,a=jammy, o=Ubuntu,a=jammy-security, o=UbuntuESMApps,a=jammy-apps-security, o=UbuntuESM,a=jammy-infra-security 2026-02-06 06:09:31,613 INFO Initial blacklist: 2026-02-06 06:09:31,613 INFO Initial whitelist (not strict): 2026-02-06 06:09:46,207 INFO Packages that will be upgraded: libc-bin libc-dev-bin libc6 libc6-dev libssl3 linux-generic linux-headers-generic linux-image-generic linux-libc-dev locales mysql-client-8.0 mysql-client-core-8.0 mysql-server-8.0 mysql-server-core-8.0 openssl screen 2026-02-06 06:09:46,208 INFO Writing dpkg log to /var/log/unattended-upgrades/unattended-upgrades-dpkg.log 2026-02-06 06:09:48,505 ERROR Installing the upgrades failed! 2026-02-06 06:09:48,505 ERROR error message: installArchives() failed 2026-02-06 06:09:48,506 ERROR dpkg returned a error! See /var/log/unattended-upgrades/unattended-upgrades-dpkg.log for details 2026-02-06 06:09:48,952 INFO Package libc-bin is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,954 INFO Package libc-dev-bin is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,956 INFO Package libc6 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,957 INFO Package libc6-dev is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,016 INFO Package libssl3 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,037 INFO Package linux-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,044 INFO Package linux-headers-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,051 INFO Package linux-image-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,058 INFO Package linux-libc-dev is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,165 INFO Package locales is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,172 INFO Package mysql-client-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,174 INFO Package mysql-client-core-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,175 INFO Package mysql-server-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,177 INFO Package mysql-server-core-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,189 INFO Package openssl is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,224 INFO Package screen is kept back because a related package is kept back or due to local apt_preferences(5). The mentioned /var/log/unattended-upgrades/unattended-upgrades-dpkg.log: Log started: 2026-02-06 06:09:46 Preconfiguring packages ... Preconfiguring packages ... dpkg: unrecoverable fatal error, aborting: unknown system group 'netdata' in statoverride file; the system group got removed before the override, which is most probably a packaging bug, to recover you can remove the override manually with dpkg-statoverride E:Sub-process /usr/bin/dpkg returned an error code (2) Log ended: 2026-02-06 06:09:47 This is a left over of a "total" removing (2 weeks ago) of netdata installation years ago (now we have graphs in Cloudron 9 we don't need it anymore), I did: sudo dpkg-statoverride --list | grep netdata root netdata 755 /usr/share/netdata/www root netdata 755 /var/lib/netdata/www ~# sudo dpkg-statoverride --remove /usr/share/netdata/www ~# sudo dpkg-statoverride --remove /var/lib/netdata/www ~# sudo dpkg-statoverride --list | grep netdata I'll check tomorrow if the nightly unattended upgrade did work. Thanks @James for pointing the right direction!

@Kubernetes my bad, typo... fixed now.

Cloudron does not set the CSP header unless a custom one is specified in the app configure view in the security page. However apps may set this on their own, either through headers or also as meta tags in the delivered pages. Cloudron does not interfere here. This is however a topic for each app which is not setting those according to your needs.

I solved my problem by updating Cloudron to version 9.0.17. There’s no longer any need to run a backup before a manual app update.