With the last major release we have reworked quite a bit of the state handling and by now we found a couple of missing state handling. What you describe also falls into this category. We are working on a better fix for this. Generally regarding the "stopping" of an app, do you see anything suspicious in the logs?

Sorry for my new thread - i did not check if this Issue was already posted on here!, shame on me!

This was resolved in the chat

This has worked. Thanks!

In your case, the DNS provider should be set to No-op since otherwise the Cloudron will attempt to resolve the domain, which would fail for you.

So i had a little time to further inspect this issue. I was able to reproduce this every time in following setup: Firefox 70.0.1 (64-Bit), Privacy setting "strict" Typing in the adressbar: my.xxx.tld forwards me to https://my.xxx.tld/api/v1/session/login?returnTo=https://my.xxx.tld/login_callback.html Normal login-screen appears, i fill in my credentials and getting forwarded to https://my.xxx.tld/login_callback.html?token=[STRING]&state=[STRING] This site then does nothing. This is the source-code: <html> <head> <title> Cloudron OAuth Callback </title> <script> 'use strict'; var search = decodeURIComponent(window.location.search).slice(1).split('&').map(function (item) { return item.split('='); }).reduce(function (o, k) { o[k[0]] = k[1]; return o; }, {}); if (!search.token) { console.error('No token found'); } else if (!search.state || !window.localStorage.oauth2State || search.state !== window.localStorage.oauth2State ) { console.error('OAuth2 state error'); } else { // the actual app picks up the access token from localStorage localStorage.token = search.token; // clear oauth2 state delete window.localStorage.oauth2State; var returnTo = window.localStorage.returnTo; delete window.localStorage.returnTo; if (returnTo) window.location.href = returnTo; else window.location.href = '/'; } </script> </head> <body> </body> </html> As @murgero said, yes; when i then just remove the "/login_callback.html?token=[STRING]&state=[STRING]" in address-bar everything works fine. This is the Browserlog, if it helps: Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIDOMWindowUtils.removeSheetUsingURIString]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: resource://gre/modules/ExtensionCommon.jsm :: runSafeSyncWithoutClone :: line 75" data: no] 2 ExtensionCommon.jsm:75:12 runSafeSyncWithoutClone resource://gre/modules/ExtensionCommon.jsm:75 cleanup resource://gre/modules/ExtensionContent.jsm:402 close resource://gre/modules/ExtensionContent.jsm:925 destroyed resource://gre/modules/ExtensionContent.jsm:1010 observe resource://gre/modules/ExtensionContent.jsm:1028 Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. Content Security Policy: 'x-frame-options' wird wegen 'frame-ancestors'-Direktive ignoriert. [Exception... "Favicon at "https://my.xxx.tld/favicon.ico" failed to load: Not Found." nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: resource:///modules/FaviconLoader.jsm :: onStopRequest :: line 236" data: no]

@oatwalker from those posts, I assume you installed mumble on the side on your Cloudron. While this might work, it could break on future updates as we cannot reliably test such setups. If you are interested, you might want to look into https://cloudron.io/documentation/custom-apps/tutorial/ to see how you could package mumble as a Cloudron app. Also the firewall would have been setup by the platform automatically then.

@girish Just wanted to say that this resolved the issue. Thank you! So to clarify, this was not a Cloudron issue but a simple DNS issue for the SPF records.

This is fixed now, will be part of next release.

@jasonh Ah got it. It looks like adding sender_bcc/recipient_bcc is quite doable. Cloudron uses haraka internally and not postfix and this feature is not available out of the box. We will look into adding this. I will reach out to you by email to double check some of the finer details.

@johnbolt Yes, that's the case. If you have multiple instances, please send us a mail to support@cloudron.io and depending on your use case we can set you up with a discount.

Hi @subven and @nebulon: sorry for not replying sooner. In the middle of the project we decided not to use Ghost (or Cloudron) after all. But you gave me a clearer picture of how it could work if we do with another project. Thanks for the tips.

@d19dotca This is fixed in 4.3 (will be released in the coming days)

Are there any errors reported in the browser console?

@iJoel You can do this by simply concatenating the intermediate and CA cert files into a single cert file. So, in the '.crt' file which you upload to Cloudron, it will have: -----BEGIN CERTIFICATE----- the *.foo.com certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- intermediate cert -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- root cert if any -----END CERTIFICATE----- The ordering of the certs is important above.

@988uh is there any update on this from your side?

Please try again on a fresh Ubuntu install and see if this is reproducible or just some intermediate issue.

Please send an email to support@cloudron.io with the email address you have registered at git.cloudron.io and I will deactivate the 2fa for that one.

@d19dotca That is strange, we will do a bit more testing here (I think atleast one thing to help us narrow this down is you use encrypted backups)