RE: Lost all my files on nextcloud, need to better understand backups

Given that this atleast the second time this has happened, I will add a warning in the UI when a user selects rsync in the backup configuration.

@malvim Oh, you have lifecycle rules, if so that's the problem. We actually put a warning about this long time ago in https://docs.cloudron.io/backups/#amazon-s3 . Setting up the roles will end up corrupting rsync based backups. I guess this is what you are hitting.

@malvim said in Lost all my files on nextcloud, need to better understand backups:

And now it seems there are JUST incremental backups there and no full backups

@malvim Cloudron always does full backups, we don't have incremental backups. What's incremental is just the "upload" part (but this is an implementation details). From the users point of view, all backups are self-contained.

Since you are using rsync, are you saying, the backups on s3 are missing some files or are all files missing altogether? Also, if you go to the Activity Log and filter by backup, do you see any errors or completion events?

@Lonk said in Latest package with LDAP add-on:

Is this a Cloudron LDAP limitation or just a Wordpress LDAP integration limitation? Because some web apps only have email and password for login

This is just for consistency across all apps (not just WP). The general flow we are going for is:

• You have an admin user. Admin user is important to exist in the case the LDAP is not working (for whatever reason like networking issue).
• Cloudron users can login with username into apps (not email). Only exception is webmail apps, that require email to login.
• The admin user can make a cloudron user an administrator inside the app. We want to delegate all role/permission management to the app itself. Cloudron will only do authentication and not authorization.

Note that we arrived at this flow from experience and trial/error. So, it's just being pragmatic.

Cloudron logs is anything that appears on standard output/error. If there is a way to send WP logs to stdout, then it should appear. FWIW, if i use error_log in PHP, it does appear in cloudron logs. But maybe WP writes to a file directly. Maybe try /dev/stdout as the file name for the logs, not sure.

@JOduMonT Thanks, this looks like a good idea. I think I will add it to the default install for more security.

It seems the config docs (https://gogs.io/docs/advanced/configuration_cheat_sheet) is now broken. Maybe https://github.com/gogs/gogs/blob/main/conf/app.ini is a better reference now.

To disable registration, add the below in app.ini and restart the app:

[auth]
DISABLE_REGISTRATION = true

@ambaxter All user settings for Cloudron apps are localed under /app/data. For Gogs, you can add custom settings to /app/data/app.ini. You can also edit this file using the File Manager (under 'Console' section of the app).

There's more info here - https://docs.cloudron.io/apps/gogs/

@JOduMonT said in Where the COOKIEHASH comes from ?:

so this code is not generated by the WordPress installation and it is a parameter Cloudron added for more security ?

Yes, we added it in the package. I installed a whole bunch of security plugins like WP Fence, SecuPress and what not and ran all the scans. One of the scan suggested that this be set to a more random value than the default for more security. Currently, this is only set for new installations.

@d19dotca I checked in 2 separate cloudrons and I can login immediately with my cloudron credentials. Cloudron uses get editor role, by default. You can change this as an admin though in the WP Admin Panel -> Settings -> authLdap -> Default Role.

Also, to double check what @imc67 said, are you logging in by username or email? Logging in by email is not supported.