Cloudron Forum

So from a packager’s perspective, it’s been very workable and maintainable. Well done ! @pathab said in Fizzy on Cloudron - the Kanban tracking tool for issues and ideas by 37signals: If anyone wants to try it out themselves, the user will also need the relevant CloudronManifest.json as well, and maybe any files it references (e.g. POSTINSTALL.md). I can add it to my custom app installer a bit later, unless you prefer me not to do so.

@humptydumpty I will tidy it up (remove some debug code) and let you know when on CCAI.

I'm using an Amcrest 5MP POE Dome at work with BlueIris at one level behind whatever the max resolution is (higher frame rate). The second cam I bought that I'll be using to test ZM is a REOLINK E1 Pro 3K PT Wi-Fi. Both are 5MP around 2K res iirc. Yeah, the Amcrest motion recordings are in the +1GB range for me. I have BI save to a local nextcloud folder which then gets synced to the server. I also have it taking screenshots and emailing two different resolutions for a quick lookup. Looking forward to testing ZM soon as I forego the local backup addition for now.

Hello @mononym I think I see the issue in the app and will try to reproduce the issue and find a solution.

I did some digging, this is what I think is needed: The current package uses: Synapse v1.144.0 (which is compatible - MAS requires v1.136.0+) Cloudron OIDC for SSO (traditional OIDC provider approach) PostgreSQL as the database Standard Matrix authentication endpoints What MAS Integration Requires MAS is fundamentally different from traditional OIDC - it's not just another identity provider, but a complete replacement for Synapse's internal authentication system per MSC3861. It needs: 1. MAS Service Deployment MAS needs to run as a separate service (not just a config change) It requires its own separate PostgreSQL database It needs its own domain/subdomain (e.g., auth.matrix.example.com) Docker image: ghcr.io/element-hq/matrix-authentication-service:latest 2. MAS Configuration Requirements Encryption secrets and signing keys (RSA minimum) Connection to Synapse via shared secret Database configuration for its own PostgreSQL database HTTP listener configuration Email configuration for password recovery Policy configuration (WASM file) 3. Synapse Configuration Changes Replace traditional OIDC with matrix_authentication_service section: matrix_authentication_service: enabled: true endpoint: http://mas-internal:8080/ secret: "SharedSecretWithMAS" 4. Reverse Proxy Changes These Matrix endpoints must be routed to MAS (not Synapse): /_matrix/client/*/login /_matrix/client/*/logout /_matrix/client/*/refresh 5. User Migration (For Existing Deployments) MAS includes syn2mas tool to migrate: Existing password hashes (bcrypt → argon2id) Sessions and devices Access tokens Upstream IdP mappings

@Eliahou I packaged the signal bridge and now wanted to see how I can make encryption work. Root Cause: Synapse 1.141+ explicitly blocks appservice users from using /sync. The mautrix bridges were configured to poll /sync for encryption data, which caused HTTP 500 errors. Solution: Enabled appservice mode for end-to-bridge encryption, which uses MSC3202/MSC2409 to receive encryption data via appservice transactions instead of /sync. In specific this means: Changes Made Synapse: Added experimental features to homeserver.yaml: experimental_features: msc3202_transaction_extensions: true msc2409_to_device_messages_enabled: true Added org.matrix.msc3202: true to both bridge registration files Signal Bridge: Updated start.sh to set encryption.appservice = true Built and deployed andreasdueren/mautrix-signal:1.0.2 WhatsApp Bridge: Updated start.sh to set encryption.appservice = true Built and deployed andreasdueren/mautrix-whatsapp:2.0.2

@marcusquinn No worries at all, and thank you for the kind words I usually don’t post promotional content here. This was just a one-off post in case anyone felt like contributing or getting involved. I completely understand the need to stay vigilant about spam, and I appreciate you taking the time to explain. Thanks again for the understanding and encouragement, it really means a lot. Keep up the great work, and I’m always happy to help and contribute here as well!

@chopsol it seems their license URL has changed. Can you check this in your /app/data/env ? GET_LICENSE_KEY_URL="https://goblin.cal.com/v1/license" CALCOM_PRIVATE_API_ROUTE="https://goblin.cal.com"

Thank you @james I could not get it to work. After several attempts, I ultimately deleted the backup files and started with a new configuration. As advised, I also set the retention period to "unlimited" (it was previously set to two days). Everything is working well now, and I was able to back up and clone the app without any issues. Thanks again, and keep up the good work!

Hello @potemkin_ai Just to make sure, when is the last time this Cloudron Server was restarted? To ensure that a simple reboot does not fix the issue.

Hello @potemkin_ai @potemkin_ai said in Backup is failing for UpTime Kuma on 9.0.15: It's UpTime Kuma Okay. I think this might be an issue with SQLITE that is used by Uptime Kuma. How many hosts do you monitor with Uptime Kuma? I have the suspicion that while creating the SQLITE backup the file changes and causes this error. @potemkin_ai said in Backup is failing for UpTime Kuma on 9.0.15: Just in case - the forum software keeps changing my e-mail notification settings. I'm returning to e-mail notifications for the topic I've created for a second or third time now and it keeps reseting to notifications only. Could this be related to your profile notification setting overwriting the individual topic notification setting? You have configured: [image: 1768568125449-6af45965-c288-4e78-af6f-fb1de8aa859a-image.png] Or do you mean this setting is getting overwritten again and again?

Hello @flamotte I have removed your AI generated output since this degrades the forum search and potentially creates feedback-loop degradation for AIs. In other words, AI training on AI output is 'House of Habsburg' like behaviour. If you wish to share output from an AI in the future, like for example ChatGPT, use the share function to share the AI Chat with a URL. I have put your output into paste.cloudron.io and edit your response to include this link to that output. Also, AI tends to make a lot of mistakes in such specialized and detailed context. For example: @flamotte said in Saxx missing > unable to send data to Peppol: What Perplexity says : The Invoice Ninja package on the Cloudron App Store uses the standard Alpine image, which does not support Saxon/Peppol. Which is straight up wrong since all Cloudron apps are based on Ubuntu. This error message is relevant: 'amount is mandatory for NlGaBeneficiaryPaymentMean' It indicates that the amount is missing in the invoice or that invoice ninja does not correctly parse the amount. If the amount is missing, add the amount to the invoice and try again. If the amount is present in the invoice this should be report upstream to Invoice Ninja https://github.com/invoiceninja/invoiceninja/issues This also explains the following error messages of malformed input to a URL function. If this is not present or parsed correctly, the input will be malformed.

@joseph I just tested, and now I can use the SSO login. Thank you @james and @vladimir.d

I came across Safeline through a Meta Ads. The ad was run by a web dev based in Indonesia who offers a course on how to secure WordPress websites against hacking. After reviewing the course modules listed on the landing page, I noticed that Safeline was mentioned and that it can be integrated with Cloudflare. This caught my interest, so I decided to do some research. I then looked into third-party benchmarks and evaluations of Safeline’s protection capabilities and found the following articles: https://dev.to/carrie_luo1/the-6-best-web-application-firewalls-compared-2024-1d9l https://medium.com/@tvvzvpb186/which-open-source-waf-really-delivers-a-head-to-head-benchmark-37631e08fb7f Based on the benchmark data presented in those articles, Safeline appears to perform well in blocking common web application attacks. That said, this is purely based on third-party analysis. I have not personally used Safeline in a production environment yet. I should also mention that I am not an IT developer or sysadmin by profession. My background is primarily in digital marketing, so I fully understand that many people in this forum have far deeper technical expertise than I do. That said, I find Safeline interesting due to its feature set and open-source offering, which prompted me to explore it further and request the app here.

Hello @albertbeaufrand and welcome to the Cloudron Forum This topic is a duplication of https://forum.cloudron.io/post/97415 and will be merged into it. Please read the responses above to get the full answer to your question.

Hello @cloud802 Currently, there is no import function in the Cloudron dashboard for email aliases. What you would need to is import them programmatically with the API. See: https://docs.cloudron.io/api/set-aliases-by-name