Cloudron Forum

we're getting closer, this is a part of the scheduled one this morning: 2026-02-06 06:09:31,611 WARNING Could not figure out development release: Distribution data outdated. Please check for an update for distro-info-data. See /usr/share/doc/distro-info-data/README.Debian for details. 2026-02-06 06:09:31,612 INFO Starting unattended upgrades script 2026-02-06 06:09:31,612 INFO Allowed origins are: o=Ubuntu,a=jammy, o=Ubuntu,a=jammy-security, o=UbuntuESMApps,a=jammy-apps-security, o=UbuntuESM,a=jammy-infra-security 2026-02-06 06:09:31,613 INFO Initial blacklist: 2026-02-06 06:09:31,613 INFO Initial whitelist (not strict): 2026-02-06 06:09:46,207 INFO Packages that will be upgraded: libc-bin libc-dev-bin libc6 libc6-dev libssl3 linux-generic linux-headers-generic linux-image-generic linux-libc-dev locales mysql-client-8.0 mysql-client-core-8.0 mysql-server-8.0 mysql-server-core-8.0 openssl screen 2026-02-06 06:09:46,208 INFO Writing dpkg log to /var/log/unattended-upgrades/unattended-upgrades-dpkg.log 2026-02-06 06:09:48,505 ERROR Installing the upgrades failed! 2026-02-06 06:09:48,505 ERROR error message: installArchives() failed 2026-02-06 06:09:48,506 ERROR dpkg returned a error! See /var/log/unattended-upgrades/unattended-upgrades-dpkg.log for details 2026-02-06 06:09:48,952 INFO Package libc-bin is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,954 INFO Package libc-dev-bin is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,956 INFO Package libc6 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,957 INFO Package libc6-dev is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,016 INFO Package libssl3 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,037 INFO Package linux-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,044 INFO Package linux-headers-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,051 INFO Package linux-image-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,058 INFO Package linux-libc-dev is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,165 INFO Package locales is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,172 INFO Package mysql-client-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,174 INFO Package mysql-client-core-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,175 INFO Package mysql-server-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,177 INFO Package mysql-server-core-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,189 INFO Package openssl is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,224 INFO Package screen is kept back because a related package is kept back or due to local apt_preferences(5). The mentioned /var/log/unattended-upgrades/unattended-upgrades-dpkg.log: Log started: 2026-02-06 06:09:46 Preconfiguring packages ... Preconfiguring packages ... dpkg: unrecoverable fatal error, aborting: unknown system group 'netdata' in statoverride file; the system group got removed before the override, which is most probably a packaging bug, to recover you can remove the override manually with dpkg-statoverride E:Sub-process /usr/bin/dpkg returned an error code (2) Log ended: 2026-02-06 06:09:47 This is a left over of a "total" removing (2 weeks ago) of netdata installation years ago (now we have graphs in Cloudron 9 we don't need it anymore), I did: sudo dpkg-statoverride --list | grep netdata root netdata 755 /usr/share/netdata/www root netdata 755 /var/lib/netdata/www ~# sudo dpkg-statoverride --remove /usr/share/netdata/www ~# sudo dpkg-statoverride --remove /var/lib/netdata/www ~# sudo dpkg-statoverride --list | grep netdata I'll check tomorrow if the nightly unattended upgrade did work. Thanks @James for pointing the right direction!

@andreasdueren I was able to get a working package going pretty easily (subject to more testing). Is this still available ? Seems not. I've had to remove it temporarily from my CustomAppGateway catalogue. Very happy to put it back with updated repo/dcoker image links. If you're not using OpenObserve anymore and have moved on, I might take a bashing at packaging it, because it is definitely useful and contender to replace my hosted Seq (incapable of self-hosting).

CustomAppGateway and CCAI-P back in service. As part of testing installation of all apps in the catalogue, I discovered gremlins (such as what happens if a source repo becomes unavailable or project abandoned, as well some "bound-to-fail-eventually" parsing and other "cleverness"). So I refactored both projects to be simpler and more robust, which needed them to go down. I probably should do another round of testing all listed apps install correctly. That's on the ToDo list. I think it is all working (ha ha ha, famous last words). if you already installed CCAI-P, I strongly recommend you reinstall it from customappgateway.appx.uk Custom apps already installed should not need re-installation. It's just the installers which have changed.

Unfortunately I get the same error with the updated package. Here is my current config: OpenID Client on Cloudron: https://lampoidc.mydomain.com/secure/redirect_uri <clientId> <secret> /app/data/apache/app.conf: ServerName localhost <VirtualHost *:80> ServerName localhost UseCanonicalName Off DocumentRoot /app/data/public LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy CustomLog "|/bin/cat" proxy ErrorLog "|/bin/cat" <Directory /app/data/public> Options +FollowSymLinks AllowOverride All Require all granted </Directory> # Do not remove this include. It's required for your app to see the Real IP Include "/app/code/apache/rpaf.conf" # This line can be commented out, if you do no require PHPMyAdmin Access Include "/app/code/apache/phpmyadmin.conf" </VirtualHost> # OIDCRedirectURI is a vanity URL that must point to a path protected by this module but must NOT point to any content OIDCRedirectURI https://lampoidc.mydomain.com/secure/redirect_uri OIDCCryptoPassphrase somethingsecret OIDCProviderMetadataURL https://my.mydomain.com/.well-known/openid-configuration OIDCClientID <clientId> OIDCClientSecret <secret> /app/data/public/.htaccess: AuthType openid-connect Require valid-user Any ideas?

@difficult222 there is something wrong with that output . It has 2026-01-24-060000-602 and snapshot . These directories should not be there (in fact, they are part of backups). Can you check if those directories exist in the Hezner S3 also? If it did, something has gone wrong with how the backups are getting created . Could it be that you changed the prefix of a site? Or used a prefix that already had some contents from previous backup setup?

@zonzonzon very strange, so only cloudron.io is blocked and not others. We don't really do any specific IP rate limiting or blocking on our side. Can you reach out to me on support@cloudron.io, I can take a look.

@pistou79 I pushed a new package (https://github.com/docusealco/docuseal/issues/578 was the upstream issue)

@Kubernetes my bad, typo... fixed now.

Hello @luckow An app update will be aviable soon. This update moves the following folders in /app/data/writable(session|cache|logs) to /run/castopod/writable/ and /app/data/writable/temp to /tmp/castopod. This will reduce the backup size and also automatically clear the session files.

Cloudron does not set the CSP header unless a custom one is specified in the app configure view in the security page. However apps may set this on their own, either through headers or also as meta tags in the delivered pages. Cloudron does not interfere here. This is however a topic for each app which is not setting those according to your needs.