Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Kanboard - Package Updates

    Pinned Kanboard
    46
    0 Votes
    46 Posts
    12k Views
    Package UpdatesP
    [1.17.5] Update kanboard to 1.2.49 Full Changelog fix(ldap): ensure LDAP placeholders are escaped fix: restore Ctrl+Enter submission on the task creation form feat(locale): update translations feat: prevent protocol-relative URL redirects after login feat: block private network access for external web link (configurable) feat: add TRUSTED_PROXY_NETWORKS config option
  • External links: now mangles http URLs by prepending https

    Solved Support
    2
    4 Votes
    2 Posts
    18 Views
    nebulonN
    Great catch! This is now fixed with https://git.cloudron.io/platform/box/-/commit/d97c60832344fff7e9bd7d02cb978e0313c4862f
  • Data Retention / File Management in Mattermost

    Moved Unsolved Mattermost
    3
    1 Votes
    3 Posts
    10 Views
    artaA
    This path does not exist in community version of Mattermost System Console > Compliance > Data Retention Policies Looks like it is only for paying customers. [image: 1767793198537-b45f28e2-f500-457a-afa3-52fdfc91c85a-image-resized.png]
  • Metabase - Package Updates

    Pinned Metabase
    492
    1 Votes
    492 Posts
    326k Views
    Package UpdatesP
    [2.31.0] Update metabase to 0.58.1.1 Full Changelog
  • Password Complexity

    Feature Requests
    4
    9 Votes
    4 Posts
    517 Views
    nebulonN
    We used to have that actually, but given that apps which use LDAP were affected by this, we lifted those. By now the situation has changed quite a bit with most apps now being on OpenID, we have to revisit this. Regarding the roadmap, we are looking into things for v9.1 and will open a thread here to discuss those items soon. We do take this forum section into account, which is why it exists, so if feature requests have some traction by the community, they are more likely to be picked. So bumping threads and revisiting discussions here is a crude but useful way to signal for us.
  • InvoiceNinja - Package Updates

    Pinned Invoice Ninja
    546
    0 Votes
    546 Posts
    724k Views
    Package UpdatesP
    [1.20.30] Update invoiceninja to 5.12.45 Full Changelog Handle changes to PEPPOL rounding for line taxes Fixes for no late invoice notifications Cast correctly - include_drafts query param Ensure location ID is passed through when creating recurring invoices Embed expense documents where add to invoice is selected in settings fix: add missing maldives currency symbol by @ayarse in #11536
  • 0 Votes
    14 Posts
    91 Views
    nebulonN
    I have never seen that failing, unless something is wrong with the ssh connection itself, but we really have to decode the stderr buffer (a fix we have for the next cloudron version to make that readable) to get a better understanding why it fails. For the curious people https://git.cloudron.io/platform/box/-/commit/b89aa4488cef24b68e23fdcafdf7773d6ae9e762 would be that change.
  • Seafile - cloud storage platform

    App Wishlist
    27
    1
    49 Votes
    27 Posts
    8k Views
    timconsidineT
    Cross-posting from https://forum.cloudron.io/post/118075 Making progress on packaging Seafile for Cloudron
  • Apps for file management/sharing/syncing

    Discuss
    13
    5 Votes
    13 Posts
    97 Views
    timconsidineT
    @crazybrad yes, I checked, they are still offering PRO for small deployments - still needs a licence but zero-cost for up to 3 [image: 1767789794845-screenshot-2026-01-07-at-12.42.46-resized.png]
  • Maps on Cloudron - Feedback on Beta

    Discuss maps feedback
    17
    1 Votes
    17 Posts
    84 Views
    timconsidineT
    @nebulon thanks for the update. May I take the opportunity to make 2 requests and a comment : the "log jam" on custom apps can easily be solved by building in to the Cloudron facility something equivalent to CCAI (open hosted custom app installer), or more specifically CCAI-P ("closed" Personal Edition installer). The process to install a custom app from a git repo link and pre-built cloudron-ajusted Docker image is relatively trivial for techs/devs like yourselves. An AppDev who is more pro than me can easily accomplish it. The custom apps catalogue is maybe something you don't want to build into Cloudron, but I would be happy to host it, with suitable links for the user to use in their Cloudron equivalent of CCAI-P. although I built it and am therefore responsible, I don't really like the open CCAI, because it is more complex and forces users to enter their creds on a 3rd party site, which is always a little uncomfortable. But CCAI-P or the Cloudron re-engineered version is a very different situation. Even just adopting CCAI-P into the AppStore, maybe as an interim step, would be a huge leap forward, with relatively minimal effort from Cloudron team. happy to make any changes to CCAI-P which Cloudron team dictate to facilitate its adoption to AppStore Specifically about your Maps package, slightly sad to hear it is suspended for now. It is nice. But as an alternative for those wanting something similar, may I pitch Facilmap - already packaged for Cloudron and available as a custom app - as a candidate for early adoption into the AppStore. Final comment : there has been occasional unhappiness that people cannot deploy apps in a docker-compose fashion. I understand and actually agree with this "restriction" - the benefits of Cloudron stability etc are too important to sacrifice. But this unhappiness pops up occasionally and can be very largely addressed by implementing something like CCAI-P into the AppStore or into the platform. All true Cloudron fans want Cloudron to grow, and I think this would be a big part of doing so. After that long pitch, I am very glad that you said the topic is under active discussion, and that even the initial CCAI was not stamped down immediately as being unacceptable, which I would have understood. I look forward to news on the way forward, acknowledging that Cloudron team have 101 other things on their plate.
  • OAuth configuration disappearing - and my solution

    Solved FreeScout
    10
    1 Votes
    10 Posts
    66 Views
    nebulonN
    Just released a new package which fixes the issue. The root problem was a missing LANG environment variable which caused some trouble.
  • FreeScout - Package Updates

    Pinned FreeScout
    256
    0 Votes
    256 Posts
    247k Views
    Package UpdatesP
    [1.15.26] Fix OIDC login with provider names containing umlauts
  • Miniflux - Package Updates

    Pinned Miniflux
    44
    0 Votes
    44 Posts
    11k Views
    Package UpdatesP
    [1.6.10] Update v2 to 2.2.16 Full Changelog Disallow the media proxy from fetching resources on private networks to mitigate potential SSRF issues. This behavior is configurable at the instance level. Disallow fetching feed icons from private networks to reduce the SSRF attack surface. This is also configurable at the instance level. Add the TRUSTED_REVERSE_PROXY_NETWORKS configuration option to prevent spoofing of HTTP headers such as X-Forwarded-For, X-Forwarded-Proto, and X-Real-Ip. This option must be configured when AUTH_PROXY_HEADER is enabled. Stop logging generated Google Reader API tokens, even when debug mode is enabled. Remove the CORS handler from the Google Reader API, as it is not intended to be used by web clients, reducing the overall attack surface. Avoid indexing the content of removed entries, significantly reducing database index size after cleanup. Add a new API endpoint to import entries into an existing feed. Execute the content sanitizer when updating or importing entries through the API to ensure consistent sanitization. Improve Google Reader API compatibility by removing unnecessary output parameter checks and aligning behavior with other open-source RSS readers. Add smooth page transitions for a more polished navigation experience.
  • Is there an admin role built in?

    Release Bell
    2
    1 Votes
    2 Posts
    14 Views
    nebulonN
    Indeed, that app treats each user individually and since an app would have to actively sync up some deactivated (or even deleted) user state explicitly, which releasebell does not, it just keeps working for that user. Since the app uses OpenID, there is actually no real way for the app, to know if a user even still exists to then purge the user. A login of the user would of course not work, but since this works in releasebell without a login-session, not sure what to besides manually purging that user. Have to think more about how to better handle that, until that you may have to actually do what you proposed. I was trying to quickly come up with a mysql statement to purge, but that is more involved than I thought, due to all the constraints.
  • Authorization errors with almost everything

    Postiz
    11
    1 Votes
    11 Posts
    2k Views
    D
    hi @msbt How exaclty did you get Cloudflare R2 for Postiz to work? I am trying to get LinkedIn Page working without success and the same error message "Could not add channel .... " tried to overwrite ``` STORAGE_PROVIDER=local in the env file put it never worked
  • Local Storage Forced, Image Cache Fails

    Postiz
    1
    0 Votes
    1 Posts
    1 Views
    No one has replied
  • Focus on Business Apps

    Discuss
    76
    12 Votes
    76 Posts
    15k Views
    A
    I'm not saying it will suit everyone but dwservice is a free and useful remote support solution. And you don't have to host anything.
  • Upgrade to 8.0.1 but interface seems to be 7.x

    PeerTube
    4
    1
    2 Votes
    4 Posts
    39 Views
    jdaviescoatesJ
    @mrejas said in Upgrade to 8.0.1 but interface seems to be 7.x: Haha, I obviously got lost somehow! The Cloudron forurm's search ranking is just Too Good
  • Kimai - Package Updates

    Pinned Kimai
    159
    0 Votes
    159 Posts
    113k Views
    Package UpdatesP
    [2.40.0] Update kimai to 2.46.0 Full Changelog Fix PWA theme color (#​5757) Add security check to prevent access to sensitive data in twig export templates (#​5757) Re-introduced computed fallback color for all API entities color-safe which will never be null (#​5757) Fix calendar colors (#​5757)
  • Firefly III - Package Updates

    Pinned Firefly III
    126
    0 Votes
    126 Posts
    54k Views
    Package UpdatesP
    [3.10.10] Update firefly-iii to 6.4.15 Full Changelog Issue 11264 (Add GUI for some settings, replacing environment variables) reported by @jacobburrell Discussion 11433 (Updates to Date Range selection) started by @fett327 Moved some settings to your system settings The following environment variables are removed and will no longer work. They are now in your settings. Removed sentry.io code Issue 11378 (Wrong account balance with initial transfer from different currency) reported by @bozho Issue 11383 (Login flow could redirect to javascript path) reported by @stefvonb Issue 11388 (TypeError bugs during upgrade to 6.4.14 + account_balances corruption) reported by @jaconde2 Issue 11396 (Reconciliation adds extra digits) reported by @niklas2810 Issue 11399 (Unusual behavior in audit logs (multi-currency)) reported by @jgmm81