can I update the config on the each to the right one ? ( can't remove the old one locked ) can't change the app or restore from a backup and still wishing to put it back

@girish Unfortunately setting https://my.cloudron.example/openid/jwks_rsaonly isn't working either and testing auth returns: Failed to get your identity Looks like something went wrong. Here are the details. Failed to verify oidc token with fresh keys undefined PKCE is disabled, Email claim is set to email and OIDC Scopes are set to openid,email and profile. I can see the login attempt as authenticated in the logs for some reason though. Edit: https://my.cloudron.example/openid/jwks_rsaonly for my cloudron returns only {"keys":[]}. Was there a regression? I'm running 9.1.3. The regular jwks endpoint is returning proper values..

Fixed - https://git.cloudron.io/platform/box/-/commit/6e0dc24ecae47ba3175ce1574a86c6724fbc98aa . Thanks for debugging @tobiasb and thanks for reporting @luckow

@joseph thanks a lot for your prompt answer. I migrated and after 24 hours I saw this problem. So, right now what other I did: I enabled LAMP recovery mode I disabled LAMP recovery mode I rebooted whole VPS (not only LAMP app) Problem is solved after those further steps. Migration script could be improved to update cron job container ID if any cron job configured in a specific app.

@girish Totally understood logic. Thanks a lot for your answer.

Small update from my side. I contacted Spamhaus through their ticket system and after communicating with them it seems everything is now resolved and the IP has been removed from the blacklist. Emails are working normally again. Sorry for the false alarm and thank you for your help and responses. I did notice that occasionally I still see the error that was present in the previous version, so I will keep

@girish thank you

Just to come back to the previously suggested solutions - Would it be a big feature request to add group name parsing into the mailing list input box? E.g. instead of (or in addition to) a list of email addresses it could take something like "group:foo" and then this would dynamically pull in the email addresses of all users in group foo as needed. Is there a way that cloudron user group info could be pulled in @roundcube (or another mail system), so that instead of setting up forwarding rules that go to a list of emails it could go to "group:foo". Is there a way that we could run a cron job (or similar) which could hackily create either of the above functionalities by generating and inserting the lists (rather than these lists being dynamically generated), with the downside that this would only ever be as up-to-date as the frequency with which the cron job runs.

@timconsidine I think probably a better way to implement this was so called Device Authorization Flow . That approach doesn't require callback to localhost. We are looking into implement the cli auth that way instead.

O what a pity was hoping this could be a solution

Alright, investigating the matomo health checker next.

@joseph

@dsp76 I think if this happens sporadically it is a bug in the remote service provider. Have you asked their support already if this issue is known?

@girish

OK upgrade wow that looks like it work with me crying do I try to do the domain move now take a snap be for I start just to make sure or do I upgrade to Ubuntu 24.04 1st Nozy

I'm interested to know what you discover because I use Gandi too...

Noted, will wait for the 9.1 release then and revert if there are still issues.

@robi said: @girish Can a migrations check be added to run until none remain, which hopefully evades the stuck condition too? this would actually be a good addition to the CLI toolset... @girish @james

Hello @diego @diego said: However, from a system design perspective, I was wondering if it would be better to: keep the system disk small (OS + Cloudron core) attach a separate disk dedicated to mail storage Yes you can do that. I also do that with my private Hetzner server so I can scale up the CPU/RAM and have the storage seperate. @diego said: Will the Cloudron backup system still include it normally? Yes. If you move e.g.: /home/yellowtent/boxdata/mail to /mnt/sdd1 and create a symlink so /home/yellowtent/boxdata/mail => /mnt/sdd1 this still works. What you can always to is creating a small Cloudron server to test and tinker as much as you like. This way you get a better feeling for everything without risking any damage to production.