With LDAP, 2FA needs to be built out in each application or added via some form of LDAP proxy (I think this was discussed on GitLab or Rocket.Chat somewhere). With OAuth, the provider can handle that.
Also, OAuth only requires access via HTTP(S). I would like to use Cloudron as a single source for my identity, but that's impossible today since I can't use it as an OAuth provider or securely access LDAP from any other server.
I totally understand a preference towards LDAP, if available, but removing the option for OAuth does impose limitations.
A while back I started working towards my own workaround by building a Cloudron app that provides a VPN interface and proxy to the Cloudron LDAP server. I decided against that and to instead just host an instance of Authelia from within Cloudron, but I've since run into a wall there as well.
I'm not dead set on any particular solution, but would be great to have some mechanism to use Cloudron as SSO for all my services.
From what I understand, the device you are trying to connect from does not support any of the ciphers which Cloudron is requesting. We are following the security guidelines of the following communities:
This is indeed also a common case to have the email not hosted on Cloudron. However Cloudron will still want to send out emails for this domain. There are two components doing so:
the system as such which would send out with email@example.com
the apps, if they need to send out app specific notifications. In such a case the address is dynamically generated depending on the app and which domain it is installed on
Currently none of those can be changed to use some customer email address to send out as.
Regarding the DMARC issue, just to be sure, did you check the mail status tab in the Cloudron dashboard for this domain? The UI will attempt to provide guidance or show issues with email related DNS records there.
@necrevistonnezr it is possible to change the cloudron.io account email, but only by us, since we haven't added the ui bits for that. Just drop an email at firstname.lastname@example.org with your current email and the one you want to have it changed to and we will take care of that.
For the rest: The issue is that there are a large number of files (> 400k) getting backed up and the syncer code is running out of memory since it loads all those filenames in memory. I will get this fixed in the next version. For now, disable automatic backups for nextcloud.