Let's Encrypt profiles

@girish said in Let's Encrypt profiles:

use case

What about issuing a certificate for the IP address during initial setup? Would encrypt the initial admin credentials.

Working on scripting in my ClouDNS Steward app

I want to programatically retrieve information on a domain's email settings which is visible in the Cloudron portal (all, not just the bits in the screenshot), e.g.

NB : this is a GET - I am not trying to change anything in Cloudron

Is there a way to do this "properly" ?
Or I have to get creative and hack something ?

@robi at your suggestion, I checked about DNS providers offering an API.

Cloudron supported DNS providers :

• AWS Route 53 – Yes, full REST/Query API and SDKs.
• Bunny (Bunny.net DNS) – Yes, HTTP API for DNS zones/records.
• Cloudflare – Yes, very complete REST API.
• deSEC – Yes, JSON API (desec.io).
• DigitalOcean – Yes, v2 API for DNS.
• DNSimple – Yes, full REST API.
• Gandi LiveDNS – Yes, HTTP API for LiveDNS.
• GoDaddy – Yes, REST API for DNS and domain management.
• Google Cloud DNS – Yes, Google Cloud API (REST + client libraries).
• Hetzner (Robot / DNS) – Yes, DNS API via Robot; plus…
• Hetzner Cloud – Yes, separate Cloud API (mainly servers, networks, but supports reverse DNS).
• INWX – Yes, DNS API (REST and XML‑RPC style).
• Linode – Yes, v4 API with DNS endpoints.
• Name[.]com – Yes, REST API including DNS.
• Namecheap – Yes, XML‑based HTTP API with DNS functions.
• Netcup – Yes, DNS API (JSON over HTTPS).
• OVH – Yes, OVHcloud API includes DNS.
• Porkbun – Yes, JSON HTTP API for DNS and domains.
• Vultr – Yes, v2 API for DNS.

Other well‑known DNS providers with APIs :

• Azure DNS (Microsoft Azure)
• NS1 (nsone)
• CloudNS
• Dyn Managed DNS (now Oracle Cloud Infrastructure DNS)
• PowerDNS (via its own API, if you self‑host)
• Huawei Cloud DNS, Alibaba Cloud DNS, etc.

So if there is demand, there is certainly scope for making Steward support those, as separate apps or some multi-provider app.

I'm going to get ClouDNS Steward to a point I am happy with and then review this.

As I have never used a Cloudron-supported dns provider, I don't yet know what benefit users would have via Steward. But I can look into that later.

@jdaviescoates said in Add UnifiedPush settings in documentation:

I could be missing something and I'm not even using the app, but just because I'd guess most people would want UnifiedPush stuff on in an app that's all about getting notified about stuff.

Unifiedpush is not used to send you notifications from Ntfy, but unifiedpush is a system that can use your ntfy server to relay notifications from apps through it, instead of using Google infrastructure for these. The list of supported software can be found at https://unifiedpush.org/users/apps/, but at least when testing this with NeoChat I not only needed give write access to up_*, but also read access.

@mononym said in Add UnifiedPush settings in documentation:

When choosing ntfy as UnifiedPush the app created some random string (i.e. the ntfy topic) and it starts with up. In the end, it is difficult to guess the topic name as it is random and as long you're not subscribed to that topic, you won't see the messages as well. Basically, write-only access is not enough to use the nfty server like a public instance as credentials are necessary to read the topic.

What I personally find difficult with Unifiedpush is giving the whole world the ability to send data (text and files) to your server. There are too many bad actors on the internet for this to be a good idea.

@jdaviescoates exactly correct

@mirotalk apologies if my answer was not clear

I think I’m fully clear about MiroTalk licence.
It’s simply that I have not yet decided how I will use MiroTalk. But licence in the bag at reasonable cost gives me flexibility (and more to play around with - always need more things to play around with )

Just published 17.0.1 and it works in our CI . Can you guys check?

I investigated this to understand why this happens. Just idle curiosity... Turns out we don't set ServerName in the vhost configs. This is required for mod_dir to work. A ServerName in the global config also gets rid of the whole server name not set warning in all our PHP apps. I pushed a change to all the packages.

For yourls, the redirect from admin to admin/ should work now.

@Elephant thank you

Will add it to the packaging list.

@MiroTalk thank you, that's a very clear response

I don't have a clear view of whether I will need a Licence or not, but you have a generous offer so have signed up. Thank you

This will take some time because it requires Mongo DB 8.x . Cloudron's mongodb was in 6.x but was just upgraded to 7.x in Cloudron 9.0.16 . Cloudron 9.1 will have mongodb 8.x . We can only move step by step because mongodb does not support jumping versions.