@girish As far as I know, it's correct - unless DKIM has the IP included, since that did change during the migration. Unfortunately, the Email section of Cloudron wasn't properly giving the needed information - previously it was saying DKIM was incorrect, but the display just said something like "expected null to equal null". DKIM isn't showing in the Email status page at all with the workaround I added here.

I'll put that in as a separate issue, though, once the update comes out and I see the proper message.

@girish I've never changed backup method no there should not be any remains from that. I did have a directory from april sitting around at 8.6 GB though 😁.

Removing that still leaves Other quite large though, so I'll appreciate more hints if you have any.

@d19dotca Indeed, there was a typo in the eventlog code. I have fixed it for the next release - https://git.cloudron.io/cloudron/box/commit/ae5722a7d4865a1924737a7e7d1697c6c9b94d6e

@timmeh Your assessment is correct. If you switched the backups to rsync mode, you can remove the .tar.gz files. They are left overs from your previous backup. Maybe we can add an option to remove the old backup files (of previous configs). But of course, that will require cloudron to remember previous config as well.

Also, to be 100% clear, only remove the .tar.gz files. Do not remove any other files in the snapshot directory. The snapshot directory is the "working directory" of the backup system and stores the previous state.

@spdustin Cloudron doesn't support running any services that are not installed via Cloudron itself. So, it won't co-exist with Dokku.

BTW, you can build and install custom apps on Cloudron as well - https://cloudron.io/documentation/custom-apps/tutorial/ . It's very similar to developing and deploying apps on Heroku.

As you may know, Cloudron has a built-in email solution (imap/smtp/sieve). This is optional an can be enabled per domain. Sending emails must always work though, for example to send password reset emails. For this Cloudron supports a bunch of email relay providers. Not sure, maybe Proton Mail can be added for this scenario? I am not super familiar with their service though.

With the last major release we have reworked quite a bit of the state handling and by now we found a couple of missing state handling. What you describe also falls into this category. We are working on a better fix for this.

Generally regarding the "stopping" of an app, do you see anything suspicious in the logs?

Sorry for my new thread - i did not check if this Issue was already posted on here!, shame on me!

This was resolved in the chat

This has worked. Thanks!

In your case, the DNS provider should be set to No-op since otherwise the Cloudron will attempt to resolve the domain, which would fail for you.

So i had a little time to further inspect this issue.
I was able to reproduce this every time in following setup: Firefox 70.0.1 (64-Bit), Privacy setting "strict"

Typing in the adressbar: my.xxx.tld forwards me to https://my.xxx.tld/api/v1/session/login?returnTo=https://my.xxx.tld/login_callback.html

Normal login-screen appears, i fill in my credentials and getting forwarded to https://my.xxx.tld/login_callback.html?token=[STRING]&state=[STRING]
This site then does nothing.
This is the source-code:

<html> <head> <title> Cloudron OAuth Callback </title> <script> 'use strict'; var search = decodeURIComponent(window.location.search).slice(1).split('&').map(function (item) { return item.split('='); }).reduce(function (o, k) { o[k[0]] = k[1]; return o; }, {}); if (!search.token) { console.error('No token found'); } else if (!search.state || !window.localStorage.oauth2State || search.state !== window.localStorage.oauth2State ) { console.error('OAuth2 state error'); } else { // the actual app picks up the access token from localStorage localStorage.token = search.token; // clear oauth2 state delete window.localStorage.oauth2State; var returnTo = window.localStorage.returnTo; delete window.localStorage.returnTo; if (returnTo) window.location.href = returnTo; else window.location.href = '/'; } </script> </head> <body> </body> </html>

As @murgero said, yes; when i then just remove the "/login_callback.html?token=[STRING]&state=[STRING]" in address-bar everything works fine.

This is the Browserlog, if it helps:

Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIDOMWindowUtils.removeSheetUsingURIString]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: resource://gre/modules/ExtensionCommon.jsm :: runSafeSyncWithoutClone :: line 75" data: no] 2 ExtensionCommon.jsm:75:12 runSafeSyncWithoutClone resource://gre/modules/ExtensionCommon.jsm:75 cleanup resource://gre/modules/ExtensionContent.jsm:402 close resource://gre/modules/ExtensionContent.jsm:925 destroyed resource://gre/modules/ExtensionContent.jsm:1010 observe resource://gre/modules/ExtensionContent.jsm:1028 Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. [Exception... "Favicon at "https://my.xxx.tld/favicon.ico" failed to load: Not Found." nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: resource:///modules/FaviconLoader.jsm :: onStopRequest :: line 236" data: no]

@oatwalker from those posts, I assume you installed mumble on the side on your Cloudron. While this might work, it could break on future updates as we cannot reliably test such setups. If you are interested, you might want to look into https://cloudron.io/documentation/custom-apps/tutorial/ to see how you could package mumble as a Cloudron app. Also the firewall would have been setup by the platform automatically then.

@girish Just wanted to say that this resolved the issue. Thank you! 🙂 So to clarify, this was not a Cloudron issue but a simple DNS issue for the SPF records.

We investigated this offline. The root cause was that the S3 storage service (strato hidrive) does not support multi-part copy. The workaround is to use the rsync format (Backups -> configure -> Format) when you have backups > 5GB.

This is fixed now, will be part of next release.

@jasonh Ah got it. It looks like adding sender_bcc/recipient_bcc is quite doable. Cloudron uses haraka internally and not postfix and this feature is not available out of the box. We will look into adding this. I will reach out to you by email to double check some of the finer details.

@johnbolt Yes, that's the case. If you have multiple instances, please send us a mail to support@cloudron.io and depending on your use case we can set you up with a discount.

Hi @subven and @nebulon: sorry for not replying sooner. In the middle of the project we decided not to use Ghost (or Cloudron) after all. But you gave me a clearer picture of how it could work if we do with another project. Thanks for the tips.

@d19dotca This is fixed in 4.3 (will be released in the coming days)

Are there any errors reported in the browser console?

@iJoel You can do this by simply concatenating the intermediate and CA cert files into a single cert file.

So, in the '.crt' file which you upload to Cloudron, it will have:

-----BEGIN CERTIFICATE----- the *.foo.com certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- intermediate cert -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- root cert if any -----END CERTIFICATE-----

The ordering of the certs is important above.

@988uh is there any update on this from your side?

Please try again on a fresh Ubuntu install and see if this is reproducible or just some intermediate issue.

Please send an email to support@cloudron.io with the email address you have registered at git.cloudron.io and I will deactivate the 2fa for that one.

@d19dotca That is strange, we will do a bit more testing here (I think atleast one thing to help us narrow this down is you use encrypted backups)

Thanks, investigating this. I suspect the node module is unable to parse the output because of something in the output. I will keep you posted here.

Is there anything which needs solving then or can it be closed? If this is a permissions issue, maybe the package needs to be adjusted?

@girish Oh okay, thank you! My next question was going to be about deleting the snapshot folder, but it was already answered. I appreciate it!