In System Info at https://my.domain.coop/#/system

But prob should also be in app storage tab too and/ or on graphs tab

@girish Well that's interesting. I get Welcome to Node.js v12.22.9
Type ".help" for more information.

How in the world is that possible? How can I fix it?

@girish No idea. Nor could i find any issue in their repo regarding anything related to this.

Could you recommend any workaround for now?

@stevespaw you can symlink the /home/yellowtent/appsdata/appid to some external disk . Something like:

Stop the app mv /home/yellowtent/appsdata/appid /mnt/volume/ ln -s /mnt/volume/appid /home/yellowtent/appsdata/appid Start the app

Have a backup before you do this 🙂

I agree about using an external SMTP relay. In my case, Postmark has been flawless. Because they separate marketing from transactional messages, their deliverability seems better than their competition. I also set up a sub-account (in Postmark jargon, it's called a Server). By doing that, each domain's reputation is isolated. If someone behaves badly, it is easy to delete their server keeping the rest of your infrastructure intact. By adding a "domain-based" Sender Signature with DKIM and Return-Path, any email sender from that domain is permitted. It works really well!

I remove the user from the group and add the user again to the group.

@flaxxain not sure why/how, but docker was corrupt. The box code was unable to reach the containers (like postgresql) via http . Solution was to run cloudron-support --recreate-docker which re-creates docker from scratch (without destroying any data).

Can't think of a drawback of disabling IPv6 on the server. You should disable IPv6 on Cloudron side if this got auto-enabled Network -> IPv6 -> Diable. This way it won't configure AAAA records. You will have issues when installing new apps otherwise.

@girish said in Bug: When adding of a volume fails, docker container creation fails, removal of old volume impossible:

nvm, I reproduced it. If you change the path behind Cloudron's back, it doesn't work. I think it's correct to error since that path doesn't exist anymore. But anyway quick fix is: simple create empty /media/SG2TB/M/Calibre on the server and then Retry configure will work.

After it comes up, remove the mount from the app, delete the volume, add new volume with correct path, add mount into app...

That's what I did, I went behind Cloudron's back 😉
... and didn't think of the obvious solution presented by you! Thank you.

@czeimke can you update to 8.2.3 ? Is this still a problem?

@avatar1024 good point about redirection not being affected! I will add this into the next release checklist.

@jdaviescoates does curl -6 https://ipv6.api.cloudron.io/api/v1/helper/public_ip work on the server?

If not, check the IPv6 setup. You can also disable Cloudron's IPv6 with Network -> IPv6 -> Disabled .

@scooke in my case, you've to reupload the private key instead of using the backup config.

@potemkin_ai said in Dump user's password to try to crack them:

@nebulon Thank you! Would you mind helping with selecting proper resulting encryption, please?

It'something at that page: https://hashcat.net/wiki/doku.php?id=example_hashes and I though it shall be 7300, but it isn't...

P.S. Yeah, forcing some password complexity would be nice!

@nebulon , @girish , (or anyone else, actually) I offload the task from my radars for now, but as soon as you want me to run a brute-force attack of the algorithms you've chosen using modern GPU HW, please, let me know the function from hashcat to run.

For my or any other reference, here are the steps to do:

mysql -uroot -ppassword box -e "select username,password,salt from users;" > users.list # note salt field - it's a must

Use hashcat -m $mode $password:$salt then to try if it will be accepted.
$mode to be taken from example hashes table above, better also verify if with hashcat -m $mode --example-hash - the later will show the hash structure expected by hashcat.

Once appropriate mode found (hashcat starts checking the hashes) - this could be offloaded to GPU for a much faster checks and verification against various dictionaries, etc.

I had to do some other password recovery task now and I was unpleasantly surprised with the speed of the brute force efficiency (with john just on modern CPU).

Shall my time permit, I will return here some time in the future; otherwise would be glad to pick up this task once Cloudron's resulting hash will be matched with hashcat's one (or a new mode created).

@girish Perfect, thank you! That did the trick.

@fanvyr Cloudron won't auto-update to beta/unstable releases. You can check for it and update it manually if you like but it won't automatically update.

@saad-qasim ah this is a Cloudron forum, not related to generic server or contabo issues, we can probably not help you much then 😕

Thank you for the clarification, @girish .

I have already reached out to security@cloudron.io and I’m currently awaiting a reply. I appreciate your assistance and look forward to hearing back soon.

Best regards,

Confirmed, it seems to be much better now. Thank you so much for the quick turnaround on that! Great job! 👏

https://unspam.email/results/6edDuKodjB