Hello! Sorry - yes inbound 80 is open. results of journalctl:

No journal files were found.

Normal users can create tokens but they don't have access to any call other than the /api/v1/profile/* routes. Internally, each token has a list of "scopes" (oauth scopes) which indicate what API can be allowed. For normal users, this scope is only the profile scope. For admin users, it includes all the other API calls.

@girish The update worked! The first steps didn't work for me, but the apt update did the trick. Thank you!

@girish Tank you. I apologise for my ignorance. I will try the --no-sso part 🙂

@girish Thanks for the response. I have wiped the server and did a restore, so I can't do what you suggest atm.

There is/was plenty of space (42gb used out of 490), and ram (1gb out of 6gb).

I was/am running 2.0.1.

I'll check the event log size once the problem comes in again and will report here.

@x1tan I have made the page publicly accessible now. For some reason it had a wrong setting there.

I have updated the ciphers now according to mozilla's config generator. The commit is https://git.cloudron.io/cloudron/box/commit/ddaa52163bf3844b36d6c29fdffb5db3e0b3f5d0

For the CSP settings, this indeed cannot properly be done on a platform level, as apps require differently strict settings there and have to provide this on their own, so this should ideally be fixed in each app upstream.

@girish I have a 238 ko iCal file.
I've split it in twice and I went from 250 importation err from 1 err.
The problem should come from that, thanks!

I was at the beginning thinking about it (splitting the file) but after that, I was focusing on RateLimit - wrong way! Also, I advise people which want to import a big file to increase drastically the mem allowance of the app (2Gb in my case)

Yep! I am on a Lightsail instance and simply needed to open up port 25 for traffic. Thanks!

It works. Thanks.

Hi there,

running on bare metal is totally fine. For the setup within your network behind the router, please make sure that at least port 80 and 443 are forwarded. Port 80 is required to obtain LetsEncrypt SSL certificates. Otherwise please check the logs with journalctl -u box when performing the dns setup on your Cloudron, this should show for which IP it is waiting for the DNS records to be in-sync. Possibly it is checking for the wrong (private) IP.

Further when using Cloudrflare, please note that currently Cloudron does not support installing apps that are proxied via Cloudflare. Cloudflare backend only sets up the DNS via Cloudflare API and expects website traffic to be unproxied.

@Marcelo-Barcelos Cloudron 1.9 added a restore ui and we have thus discontinued support for restore-url since.

For pre-1.9 cloudrons, just get the right cloudron-setup script from our git repos. So,

wget https://git.cloudron.io/cloudron/box/raw/v1.8.4/scripts/cloudron-setup chmod +x cloudron-setup ./cloudron-setup --provider <provider> --restore-url="..."

More info here - https://cloudron.io/documentation/backups/#legacy-restore-pre-19