Cloudron Forum

@james Thanks for the quick reply. I didn't change any ports manually. Could it be that this and another application are conflicting and it's not being detected? I'll run this lsof command next time it happens to see if I can identify the culprit.

new! Updated to 1.0.1. codeberg.org/themeerkat/hecapte-cloudron:1.0.1 I added customization options: renaming sites, deleting sites, and specifying CORS(!) on registration. This should make it a lot easier to use.

Well, there are 44 services, so I don't really want to select and de-select them in varying configurations. I would add an app list somewhere, that's the suggestion I have made above.

Hello @lividly3510 I have identified the issue and an app update will be available soon. This app update will also include OIDC support. But, if you want to use OIDC, you will have to reinstall the @dawarich app, then you can select if Cloudron should handle users or the app should self mange its users.

So if you have Nextcloud installed with Cloudron usermanagement, then the app package would install user_oidc plugin and also configure it accordingly. A new installation works fine with Cloudron 9 and also an update instance here looks ok. So maybe some other plugin might interfere here? Have you seen any errors anywhere? Maybe login with the nextcloud built-in admin account, which is not using openid to get to see errors within nextcloud admin panel.

https://git.cloudron.io/packages/umami-app/-/merge_requests/16

@fanvyr we also try to keep dependency on shiny upstream projects as low as possible, even if they may offer great benefits, those quickly become a time sink and risk, since those frameworks move fast and often are not aligned with our goals or timeframe (this is not a critique but just different goals). Also since we are into it for the long run and with self-hosting it is much harder to push out updates for fixes to servers we don't even have access to by design, compared to a "saas git push" style for a quick hotfix, we take different decisions here. We are slowly trying to reduce dependency on npm packages overall also, given the history (leftpad was only the wakeup call). Alone nuxt for example would bring in 737 dependencies from npm. Such amounts are impossible to vet and almost everyone just banks on someone in the community will keep an eye on them...Already choosing vuejs was a tough call.

We also have to see what this "hardened" in the end really means. Already we have a base image from a well known Ubuntu state and unlike with many upstream docker images we are not blindly updating those base layers during a rebuild, which could potentially pull in malicious broken packages. If at all, I would be lots more worried about the actual apps, which pull in GBs of modules from like npm (looking at those nextjs apps...)