Can't say no to expanded features!! I hope this can be implemented, it would be cool to see autodiscover and autoconfig working for Outlook and maybe even lesser known email clients.

You should be able to create such a user if you operate with the mysql admin credentials which exist in the mysql service container. You can get a terminal into that via docker exec -ti mysql /bin/bash in an SSH session to the host system. However probably don't play around with this in a production system for a start.

I split storj as a separate request to https://forum.cloudron.io/topic/11670/add-storj-as-backup-option

What about a "Turn on maitenance mode" like @girish suggested, but you'd be able to specify which page from the /home/yellowtent/boxdata/custom_pages you want displayed. This would allow a lot more flexibility and even let you have app-specific maintenance pages that you made beforehand.

@girish said in add deSEC as DNS Provider: deSEC integration is implemented for next release. That is the best message of the day. Thank you!

I would like to be able to leave a note alongside a particular application backup, too.

Discourse has OIDC by now. NodeBB has no "supported" plugin, this has to be opened upstream.

@nebulon I have zero doubt about Cloudron and privacy / tracking at this stage. This is more "the other end" that I am doubtful of (Browser / OS). And so I cannot speak for Webcatalog in details since I have not extensively tested it. However regarding the browser, this is simply due to its native config as far as I can tell (LibreWolf - "A custom version of Firefox, focused on privacy, security and freedom"). But more generally, with the toggle, I am also thinking giving the user the freedom to chose to have a different mode between Cloudron and other app/website. Let say for example that you have an ubercool background which marries fantastically well with Cloudron's dark mode but want to keep your browser in light mode. Yet again - and I can only speak for myself here - in the list of wishes and things I am looking forward to see released in Cloudron, a dark mode toggle is very near the bottom.

@nebulon Sure - let's say for example that you have different apps for different department/teams in your company and a user can be part of multiple teams/departments. So for example: One group/category of apps is common to all users. One group/category of apps cater to teachers only One group/category of apps cater to students and teachers. A applicable scenario in our organization would be for example: One group/category of apps (NodeBB; WikiJS etc..) common to all users One group/category of apps (Invoice Ninja, Kimai etc..) for users in the Accounting department One group/category of apps (tools such as Vaultwarden, Cal.com, LanguageTool etc..) for users with specific related needs. Does this make sense? It is simply an arbitrary personalisation, not at the individual level, but at the company/provider level. Let me know if it doesn't or does not seem intelligible. Many thanks,

Good catch, it wasn't advertised from the provider. Fixed with https://git.cloudron.io/cloudron/box/-/commit/76c4002a040d1e5dd262c23441688e90242e28dc

@rosano interesting. I guess this is a way to beat CNAME cloaking for analytics. This is indeed not the purpose of the App Proxy (i.e it's not meant to proxy external sites).

@mrhyk93 well actually, I did get openID connect to work with cloudflare access to cloudron. the only caviot is that it can only except 35 characters for the secret. they also except Google authentication, Facebook, and GitHub. however, when using duo, that is, for cloudflareaccess, only supported for SAML. while duo has generic OIDC, AD or SAML needs to be configured, and if i'm correct, cloudron, by itself, does not hold AD, just things like lDAP, with no actual AD.

Sure, in fact I would like to have some web services only available to users/processes from a specific network (eg. home or office ip address), but not anybody else. In my case I have some kind of intranet webserver running on server B. Cloudron does the App Proxy to give access to it. I cannot use any authentication because there are some processes in the local network running that are not able to do authentication. So I would like to just whitelist them by IP Address.

Currently our OpenID provider does not issue any refresh_tokens yet. All clients created without the refresh_token grant type. For the moment it is only useful as an identity provider as such. But we will extend it further based on requirements. Will look into this for the coming releases.