@girish said in Catchall for multiple domains:

@d19dotca Wouldn't you create a single mailbox called say admin@ and then put your standard addresses as aliases of that mailbox?

Ah, I forgot you can add other domains as aliases now, so yes I suppose in my case I could use my main email address at my own domain and add in aliases of postmaster and webmaster and abuse and hostmaster for each domain from the same window, this would definitely save a little bit of time as I couldn't need to add from each domain page individually. Ideally though it'd be great to have some of those standard ones just be auto-created for example and setting it to one email or something since those emails are generally required for proper RFC compliance.

I'll work in the meantime on migrating from the old system I had to the new system. I created those before the multi-domain email aliases was added. 😉

Work-around for the time being: Show disk usage for the last 7 days via SSH login

nano diskusage.sh (note, I have two local disks that need monitoring; the command below adds date and data for both disks in one line)

#!/bin/sh echo $(date +%F && df -h /dev/sda1 --output=source,fstype,size,used,avail,pcent | tail -n1 && df -h /dev/sdc --output=source,fstype,size,used,avail,pcent | tail -n1)>> /home/USER/Disk.txt

cat Disk.txt

2021-12-08 /dev/sda1 ext4 1,8T 1,1T 694G 61% /dev/sdc ext4 916G 444G 426G 52% 2021-12-09 /dev/sda1 ext4 1,8T 1,1T 694G 61% /dev/sdc ext4 916G 445G 426G 52%

crontab -e add

45 4 * * * sh /home/USER/diskusage.sh >/dev/null 2>&1

nano ~/.bash.rc add

printf "\t\n" cat /home/kdj/Disk.txt | tail -7

@thpuffin yup, working on ipv6 support for 7.1!

@jodumont said in Harden security features:

provide and identifiy authentification via SAML (if it is possible)

SAML is an old and outdated protocol (that is also hard to work with), a more modern alternative is oidc (OpenID Connect, a standard based on Oauth 2.0), which is also offered in your screenshot.

@jodumont For apps that require multiple domains from the get-go i.e they require multiple domains at installations time, this is part of the next release (7.1) - https://forum.cloudron.io/topic/5982/what-s-coming-in-cloudron-7-1 .

Many (most?) apps can only handle being configured with a single domain. There is usually an APP_ORIGIN or equivalent setting that can only be set to one domain and is not an array. It is used by the app to set up CORS headers, generate static links, email links etc.

@mehdi said in Disk IO Tracker:

just trying to periodically write stuff and checking the performance, as suggested, would not be great IMO, as it would 1/ be influenced by what's already running on the system 2/ wear out SSDs for little benefit

Agreed, there are better ways, the example was more for the output or datapoints.

Aspects of BPF tools make this light on resources, but there's a whole stack of tools down the line, including 'iolatency'.

In the Postfix world this feature is called "always bcc", but it does not look like something like this exists out of the box in Haraka.

@jodumont I recently posted about crowdsec under feature requests.

I think crowdsec is more appropriate, afaik, for cloudron

@nebulon Great stuff, glad it seem plausible in the medium term..

@moocloud_matt that's really true.
My concern is that for example, when user uses it in public computer in laboratory for example, and they totally forget to log out manually. This can be an issue.
For public use in research team or something, I might suggest 2FA, but it is no use too, if it keep the token alive. Alternatively, editing the config file in Nextcloud seemed to do the trick.

@potemkin_ai Thanks!

@fiwand thanks for reporting! Will look into this for our next release but we didn't intend to average points over 6 hours, atleast not intentionally.

@jlx89 said in App Pages:

This issue also affects admins like me who have to scroll through ~45 apps to find what I am looking for.

I tend to filter by group or domain first, or just use the search, to avoid excessive scrolling (but, yeah, before I got into that habit I scrolled lots)

@sam_uk I'm interested in this use case too. We want to incubate groups on our Cloudron until they've reached a size where they can afford their own.

@brutalbirdie thank you very much, appreciate that!
The need is not big enough, at least not for now, let me revert back to you, if it will appear to be so

@marcusquinn because it already exists 🙂

Best bet so far would be to do a Cloudron instance migration and set it up on a new subdomain. (Restore from backup in a new VPS)

@luckow Yes, similar view to the aliases ones where all are listed for the mailbox user.

I would love this for the app images. Ideally a build which was made today from a git tag and made 10 days ago from the same git tag should result in the same docker image. But currently, it doesn't. I don't know if this is a solved problem for docker. If there's any docs/ideas here, would be good to know.

DNSBLs are configurable in 6.4

@fbartels I do believe you.

There is a "Spam" filter type in next release - 6.4

@girish what about just a normal organization level rights separation?
I mean - it's really two different set of roles:

1st line support, dealing with mailboxes 2nd or 3rd, making sure the system and services are up and running.

I don't need hiding anything, I just want to ensure my users can manage they mailboxes and users for they own.

For now I have to temporary give admin permissions to the 1st line and that's kind of risky...

@girish WHOOP!!! Thank you!!

@fbartels Optimism and hope? /s

Great points.

@murgero I didn't say it wouldn't be accessible; it would, just through my proxies, that make sure to remove any information, that would help in disclosure.

You also miss an option with Intranets.