Cloudron Forum

Okay, I'm at a loss. I tried sending a message today, the same two addresses gave the same DMARC errors. Email > Status is all green checks, https://mail-tester.com gave me 10/10 and https://easydmarc.com seems to indicate that my DMARC is valid. I'm not sure what to do next. Is there anything else I can do to troubleshoot?

@User123456 the demo being a demo is by nature very publicly accessible, making it prone to things like this. Unfortunately, there's not very much the team's able to do without locking a lot of the features, which in turn would make the demo unpleasant.

@James Was this resolved or why is twenty not marked unstable anymore?

Hello @eiclu Currently, it is not possible to configure an external OAuth2 or SAML provider as the main authentication service for a Cloudron server. But you can use LDAD.

Hello @ekevu123 When you delete a mailbox in the Cloudron dashboard you get asked if you want to delete the message data of the mailbox. If you don't choose that option, the mail data will be retained on the system and backup.

Hello @teiluj Thanks for reporting. An app update will be available soon that includes this fix.

I'm currently looking for such a feature. We want to block any request to applications as a security measurement. It would hinder any unauthenticated request to any resource which would create a significant barrier for any application which is not supposed to be publicly accessible. No request would reach the application if the client does not have a valid Cloudron SSO token. Nice and practical feature on top of that: create an allow-list for resources or path-patterns which may be excluded from the proxyAuth requirement. This would allow us to selectively publish certain parts of an application.

While interesting, as long as they don't use ODFs as default this all EU claim is misleading. "Our dev is EU based but we default to and lock people into a US and proprietary file format"

@sponch it shouldn't be a problem if troubleshoot works fine. Overall, it's become quite common now to run apt upgrade by habit or the VPS providers are running this automatically. With that in mind, we have decided to change our policy to allow apt upgrades (but not dist upgrades). We will (already have) change the platform code accordingly to adapt to different base packages as required. For Cloudron 10, the warning is already removed - https://git.cloudron.io/platform/box/-/commit/1ae9fb2477a33b724ccffb17a1fda800953aafda

Update: After more testing, I can confirm that normal video uploads work correctly – the intermediate web video file is created during HLS transcoding but gets properly deleted afterwards. Only HLS remains on S3. However, videos imported from YouTube still leave the intermediate web video file on S3 – it never gets cleaned up after HLS transcoding is complete. So the issue seems to be specifically in PeerTube's YouTube import pipeline, not in the transcoding process itself. This is likely an upstream PeerTube bug rather than a Cloudron packaging issue. I'll open a report on the PeerTube GitHub. Thanks again for the quick fix of start.sh!

@mononym https://forum.cloudron.io/post/94152

TinaCMS-based Cloudron app now exists, but a quick note on positioning: TinaCMS is not an out-of-the-box full-featured CMS. It needs configuring, and Tina themselves mainly document it around content-model/schema setup plus general site configuration. What I’ve built is about 90% TinaCMS, but configured as a generic, customizable brochure-website editor aimed at non-technical users, rather than e.g. a docs site or an e-commerce site. The implementation is quite opinionated, so it may not suit everyone’s preferences or use case. I’m not releasing it as a Community App for general use yet, as I want more testing and a few more tweaks first. That said, if someone has a strong use case and genuine interest, I can make it available on request.

A follow-up, because raising nginx client_max_body_size alone turns out not to be enough — there is a second, hard-coded ceiling that hits right after. Even with the /api/ location bumped to 10m, a blocklist POST now fails with HTTP 500 and this JSON body: {"status":"Internal Server Error","message":"request entity too large"} Note it is a 500, not an nginx 413 — the body passes nginx and is then rejected inside box. The cause is the JSON body-parser limit in: box/src/server.js (9.0.0, ~line 41) const QUERY_LIMIT = '2mb', // max size for json queries (see also client_max_body_size in nginx) ... const json = middleware.json({ strict: true, limit: QUERY_LIMIT }, true); That QUERY_LIMIT applies to every JSON POST route, including POST /api/v1/network/blocklist. So there are two coupled limits — the nginx one and this one — and the box default (2mb = 2,097,152 bytes) is the real wall for large blocklists. Concrete numbers from a live install: the combined blocklist is ~90,600 entries and the JSON request body is 2,096,109 bytes — about 1 KB under the 2 MiB limit. One of my servers already fails as soon as a few hundred new IPs are added, while others with a slightly shorter list still squeak through. (JSON encoding inflates it further: each newline becomes \n → \n, ~90 KB on top of the raw list. JSON_UNESCAPED_SLASHES is already applied.) Request: please raise both limits, ideally toward the ipset capacity (262,144 entries). At minimum, give the blocklist route a QUERY_LIMIT that matches a raised client_max_body_size (e.g. 8–10 MB) — otherwise raising the nginx value has no effect for this endpoint. The in-code comment already acknowledges the two are meant to track each other. Happy to provide a sample 90k-entry blocklist for testing if useful.