What's coming 5.3

mehdi

As long as your re-touching the onboarding flow, I have a small suggestion : add a password.

More precisely, when the terminal tells you to go to the IP of your server on your browser, anyone who gets there before could basically take over the server, and could even reset the flow so you don't even notice. I know, the window of opportunity is small. It should basically be impossible as long as you go to the IP in question right then. But still...

A one-time password shown in the terminal, that the web interface would ask you for before allowing you to proceed with the setup would be pretty easy for the user, and would completely solve the issue.

(I must note that I have not gone through the setup and onboarding in a long time, what I am saying may be completely obsolete)

will

@mehdi Even something as simple as a pin could work.

girish

Good idea. Currently, we do this for AWS 1-click images where the AMI id is required for the setup to be completed. AWS provides an API to query this pseudo-"secret" though.

d19dotca

The ability for users to disable / stop services such as redis, mail, etc without needing command-line access to do so. That'd be an awesome (and hopefully small) tweak that'd be useful especially for people who want to optimize their resources on their servers.

savity

Hi,
i just wannted to ask about the Firewall in Cloudron Whitelist and Blocklisting IP's.
Usually i would do it over UFW but since its a bit diffrent in Cloudron.
Because i see some IP's thanks to shodan -.- trying to send some spams and i would like to block them.
And GEO IP Blocking as a feature would be nice, i think login to my.cloudron.com should be really high secured, i mean yes we have 2FA but if someone tries bruteforce attacks will not lead to something because of 2FA, but why create uneeded webservice requests.

nj

Any plans to add the facility to append 2FA Token in LDAP Passwords?

girish

@nj Not in this release, but maybe for the next one. I have opened https://git.cloudron.io/cloudron/box/-/issues/705

jagan

Not a feature for 5.3, but wish to point out that Cloudron does not have even a single e-commerce platform (other than woocommerce on Wordpress, of course).

OTH, we have multiple apps under each category.

Can we get started on Magento and Prestashop please?

Thank you!!

girish

@jagan We are planning to add oxid shortly - https://forum.cloudron.io/topic/2571/oxid-esales (the package is mostly read, just finishing it up with the upstream developers).

scooke

I like this feature of 5.3.1 - Do not count stopped apps for memory use!

plusone-nick

UI* dashboard improvement - add the root domain as a secondary text (maybe above the icon?) for sub-domain apps. The apps with a root domain show this and its easy to see but for apps in a sub-domain you have to hover over the app card to see which root domain it belongs to, would be an awesome addition!...thanks!

murgero

@jagan This is true, but you can install any nodejs or php e-commerce app in the LAMP app. Which I'd honestly perfer anyway as it would give me more control over the install.

plusone-nick

@murgero thats cool i never thought of that - you can use the apache server for a nodejs app?

murgero

@plusone-nick NodeJS is installed in the LAMP app, you can run the app in the background via run.sh in /app/data.

So in run.sh you can:

cd /app/data/nodejs-app/
npm start & # Or other command to start app (The "&" here runs the app in the background.)

Then in /app/data/public/.htaccess:

RewriteEngine On
RewriteRule ^/?(.*)$ http://localhost:3000/$1 [L,P]

ProxyPassReverse / http://app.example.com/

Or something like that, this is untested technically and that will redirect the nodejs via apache.

girish

There is also https://git.cloudron.io/cloudron/tutorial-nodejs-app which is a template for a custom nodejs app