What's coming in 4.2
-
@tamayers @d19dotca We have made the release available but it's only in use for new installations. This allows us get some early testing before we push it to all the existing Cloudrons. We are still working on the new app configuration UI + the mailbox forwarding feature. The data directory change is also there in the 4.2 release.
-
Quick update: the mailbox forwarding landed today ! You can now creating forwarding addresses to external domains. Cloudron will do SRS and reverse SRS as required.
-
@nebulon & @girish - my Cloudron still shows 4.1.7 when I check for updates. I would definitely say this should be a feature request then that is a user manually clicks/taps the Check For Updates button, the latest build is presented. It would only generally be used when someone is aware of an update and expecting to install it. I understand the blacklist/whitelist thing but I would say it should be ignored when the button is pressed. The rollout using a blacklist/whitelist should only be done for those who don't manually use the button so it notifies them when it's ready.
-
@d19dotca we don't push out 4.2.0 yet, even when checking for updates manually, has good reasons. We have found a few regressions which will affect existing Cloudrons, for example the stats view will miss data since that release would not reconfigure collectd as required. Newly created Cloudrons are not affected here.
-
@nebulon So to confirm then... 4.2 isn't really released at all then yet. It's pretty much in a "beta" state, used for new installs but nobody with an existing install will have received it yet unless we formally request our domain be whitelisted. Is that correct? There seems to be confusion here with the way things are being worded. 17 days ago it was stated "The initial 4.2 was pushed out yesterday" but now you're saying "we don't push out 4.2.0 yet" -- this is creating a bit of confusion.
-
@yusf You can restrict the port in IPTABLES as well, I don't remember if cloudron uses just IPTables or UFW but here is a rule for both that would work for routing to internal networks only:
UFW:
ufw allow from 192.168.1.0/24 to any port 389
(This allows from the 192.168.1.0 network to TCP/UDP port 389. You can change the word "any" to "tcp" to restrict it to TCP only as well.)IPTABLES:
iptables -I INPUT -p tcp -s 192.168.1.0/24 --dport 389 -j ACCEPT
Please research what cloudron uses as it's firewall (I am almost positive it is iptables).
Also note - This is an unsupported modification too.
Also also note - You can probably make an app that can proxy this connection instead, using a different port, you can proxy to the LDAP server instead. (Say port 1389 as an example). This would probably work better since LDAP clients normally allow you to configure a port to connect to anyway.
-
@murgero I’ve been meaning to do the same.
Should be doable with something like HAProxy, but I wanted to use some better auth mechanism, so I’ve been working on this: https://git.iamthefij.com/iamthefij/dockamole
The server is essentially just an ssh server that is configured to disallow running commands and only allow port forwarding. The client can be run anywhere and it exposes the ports for you.
I’m planning to run a server on my Cloudron to forward LDAP and Graphite (hopefully), and then I can deploy a client on my other VPS. I also plan to do the same with my NAS at home so I can have my VPS access it without exposing http access to my home network.
There are many ways to do this though.
-
@iamthefij said in What's coming in 4.2:
There are many ways to do this though.
True. I was more thinking of using stunnel for this.
-
Alright, we have started rolling out 4.2 slowly. If someone here wants it early, ping us on the chat as always. Thanks for your patience!
-
@yusf Did it work out?
4.2 is now available for all