Cloudron Forum

Seriously, that is some amazing support. You will not find this elsewhere, anywhere. Cloudron rules!

Seems related, but I didn't update manually.

@perelin said in ArchiveBox initial setup: Should I use the regular login mask, but what password to use / where to set a password. If you followed the first time setup guid step by step, you should be able to user your cloudron username and password in the login mask. I have just tested and confirmed it is working if the first time setup guide is followed.

@Teiluj said in N8N Security: Would this obfuscate the n8n frontend, at least partially? Yes, but security via obscurity is useless. @jorrg said in N8N Security: So the only thing that I presume would change that if some automated scraper comes passing by my IP asking: "Do you run N8N?" my server would answer: "Please log in with your cloudron details" instead of "Sure I am running this N8N version" If your IP is scraped it will not even reply with N8N but would return Cloudron. They would need to know the subdomain of your N8N Cloudron app, which is also possible from e.g. the SSL/TLS certificate if wildcard is not used. Example for cloudron.io https://www.merklemap.com/search?query=cloudron.io&page=0 Anything that is publicly accessible in the World Wide Web is subjected to access attempts. And again, if N8N would use the custom OIDC plugin, the brute force would just move to a new target, the OIDC login. We are planning to add per app IP-Whitelisting. With that, apps could be gated behind e.g.: the Cloudron VPN app. This would be a reliable way to block public access.

@IniBudi: Thank you for your comment. The DNS entries for MTA-STS are not the problem; I can easily store them with a domain and DNS provider. The critical point is storing the necessary TXT file with the actual rules of conduct, which cannot be provided at the DNS level. To do this, I need a web server under the respective domain, and so, when using Cloudron, I automatically end up in the Cloudron user interface and in the domain settings area. There is already an area for so-called “well-known URIs” where entries for services such as Matrix, Mastodon, and Jitsi can already be stored. In my opinion, to implement this cleanly in cloudron, all that is needed is an input field where the MTA-STS rules can be stored.

Hello @jdaviescoates There already is an entry in the App Wishlist: https://forum.cloudron.io/post/102445

I just started using Jmap because of ThunderMail (not Thunderbird), but I really like that server. @andreasdueren I think having an additional mail server app would be great, but the actual mail server is perfectly integrated into Cloudron itself. Nice find! If this server becomes more stable (see the breaking changes when updating: https://github.com/stalwartlabs/stalwart/blob/main/UPGRADING/v0_15.md), it could be a very nice drop-in replacement for the internal mail server as long as the licence (https://github.com/stalwartlabs/stalwart?tab=readme-ov-file#license) fits. However, reading the 'Enterprise' options (https://stalw.art/enterprise/), it may not be suitable because 'Multi-Tenant' is an 'Enterprise' feature. If I find some time, I can do some tests and post the results here, but that's low priority.

@sfeldkamp yeah, that works for the Cloudron package.

Hello @luisegundo As @necrevistonnezr pointed out, this is the Cloudron forum. Also, please use English, so everyone is able to participate.

I agree. The same feature exists in Elestio which prevents accidental deletion and shutdown. [image: 1768337338130-c464088f-e61b-40c0-9300-9d10a2b23d01-image-resized.png]