Spam ACL whitelist in API but not in GUI?

@imc67 for the moment, it's best not to use allowlist. It's not exposed in UI because it's not really tested or working well. Currently, all it does it add anything in allowlist to SpamAssassin's whitelist_auth - https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html .

Another user reported it and did some debugging - https://git.cloudron.io/platform/box/-/work_items/887 . I will get this fixed for next release (9.2.0)

OK, with the update that log message is gone (in our registry)

@Lanhild https://git.cloudron.io/packages/docker-registry-app/-/merge_requests/15 . I think that probably fixes it per upstream reports - https://github.com/distribution/distribution/issues/4270 , https://github.com/distribution/distribution-library-image/issues/187 . I don't think this related to your original DNS issue though. This traces export is just some log spam .

@jamie_casper pretty sure this is spam. You are just summarizing posts in all the threads. Can you confirm you are not a bot?

@klawitterb said:
Probably not related I've also noticed that the logs on the docker registry container get spammed with this error:

Mar 28 08:46:32 time="2026-03-28T07:46:32.467979729Z" level=error msg="traces export: Post \"https://localhost:4318/v1/traces\": dial tcp [::1]:4318: connect: connection refused" go.version=go1.23.7 instance.id=401bc88b-1bfe-4713-ae09-1cffdf628884 service=registry version=3.0.0

I'm also encountering these.

@firmansi yes, it’s in “in production” for me.
Have not used everything because there’s so much that can be done. Currently for me it is :

• one of my Telegram bot handlers, providing some basic tasks
• handing invoice downloading from a couple of suppliers who require login and fetch
  Planning to extend its functionality.

Only “issue” is that Searx is too slow for it so I use Brave API for search - cost is pennies.

@firmansi for my app I need to build new image, announce it here, then your Cloudron should pick it up available but often quicker to press Check Update in the app dashboard.

On a train now, will see if anything recent, if not just go to app dashboard, Updates, Check Updates.

What an excellent project !

@subven I defer to you. I recall some other posts that all it did was toggle visibility, not actually control access. It’s a bad field name. But I haven’t tested (on the road) and it may have changed, or I might just be plain and simple wrong.