Use Cloudron Logins for host protected settings

nebulon

In that case maybe just try to reinstall the app so it gets provisioned with a fresh config.js if the migration during update didn't work out for some reason.

cvachery

The reinstall doesn't change the content of this file.
And I don't see how it could be looking at the docker file but maybe I'm missing something

nebulon

To be clear the file you were linking from the package repo is a wrapper for config.js which will read values from /app/data/config.js and merges it with Cloudron specific ones. Maybe this is where the confusion comes from?

cvachery

Yes I got that it's a wrapper but this wrapper is never used neither in the dockerfile or start.sh so I don't get when this merge is done

nebulon

That file overwrites the upstream config.js in https://git.cloudron.io/cloudron/mirotalksfu-app/-/blob/main/Dockerfile?ref_type=heads#L13 and then loads the one in /app/data/config.js and then patches up the process internal config object. Only very specific config options are copied over though. For auth it is only those three essentially https://git.cloudron.io/cloudron/mirotalksfu-app/-/blob/main/config.js?ref_type=heads#L20

But maybe to take a step back, whatever is specified regarding oidc in the /app/data/config.js will get overwritten during runtime. So that is probably not the root cause of the issue you are facing.

cvachery

You are right I misread the Dockerfile, thanks for pointing this out!

Maybe it would it be easier to have an example of a config.js file in the documentation.
I guess I'm not the only one failing to configure it
Do I need to create an OpenID Connect Provider in my Cloudron user directory?

jdaviescoates

@cvachery I'm confused by this thread.

You shouldn't need to configue anything.

Just select the relevant User management settings when installing and Cloudron sets it all up, no?

cvachery

I did the same but ticked Allow all users from this Cloudron
Thing is @jdaviescoates by default anyone can create/join a room. But I want to restrict room creation to logged in users and anyone can join with the link.
And when activating those parameters is when problems arise.

jdaviescoates

This post is deleted!

jdaviescoates

@cvachery said in Use Cloudron Logins for host protected settings:

Thing is @jdaviescoates by default anyone can create/join a room. But I want to restrict room creation to logged in users and anyone can join with the link.

Ah, right. That ought to be default when choosing Cloudron user management, but I guess it isn't.

cvachery

Thanks to @MiroTalk in the latest version it works and the config is nearly perfect
Only issue is still one identified erlier that anonymous users can create room if they go to the specific URL

@MiroTalk said in Use Cloudron Logins for host protected settings:

@avatar1024 said in Use Cloudron Logins for host protected settings:

Otherwise, while guest cannot enter the app base domain without a login, they can still create rooms freely by creating a url: mirotalkappprefix.mydomain.com/join/roomname

@MiroTalk is that behaviour intended?

Not a behaviour intended! I'm considering a refinement where guests are only allowed to join specified rooms that have already been created by authenticated users. This approach might offer better control and security. Will be released in the next version.

MiroTalk

@cvachery said in Use Cloudron Logins for host protected settings:

Thanks to @MiroTalk in the latest version it works and the config is nearly perfect
Only issue is still one identified erlier that anonymous users can create room if they go to the specific

Should be fixed in both MiroTalk P2P v.1.3.79 & MiroTalk SFU v.1.5.80. Cheers.

nebulon

Both packages are updated also now.