@girish No I actually meant instead of storing those files in the box folder, moving them into a standartly installed surfer instance on the same server where one can easily update/modify them etc. without the fear of having them replaced on an update
@nebulon Possibly related... would it be possible to add a column maybe (or even if just a hover message on a user) that would show when the user was last used to login to Cloudron? May be helpful in narrowing down users which should be marked inactive that may have been missed earlier. Essentially good for doing an audit of users. I guess as a workaround we can look at the Event History, however it may not go far enough back.
I second this request, however, is slightly different to the private interface your referencing @girish
x1 server, 5 public interfaces (eth0-5) all with public static IP's.
In my scenario, a client would be assigned a single static IP for all their applications. I'm doing this currently by spinning up an individual VPS on Runcloud for their apps. The main advantage for them is RDNS for their 'assigned' IP address.
Even if I'm using Cloudflare DNS Provider using API Token, Cloudron adds an A-Record but the certificate error still shows up because the A-Record is still in DNS-Only mode. If Cloudron gave an option to set the A-Record in Proxy Mode while installing the app, I didn't have to go to Cloudflare and change the record from DNS Only mode to Proxied Mode and wait for DNS to propagate.
This is the best way to do it.
Add the domain in Cloudron with Cloudflare DNS provider
Cloudron will always add the A record in DNS Mode.
Go to Cloudflare, and turn on proxying.
For future DNS changes to this domain, Cloudron has code to "persist" the proxying flag. Just noting this down, since we have code explicitly for this use case.
I agree having a checkbox or something at app install time to enable proxying would be nice.
@girish I would say pick and choose what is applicable obviously you would know best it's also worth noting there are CIS benchmarks specifically for Docker Containers which might be a better fit. You could combine the two for better hardening.