Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • 1 Votes
    10 Posts
    61 Views
    girishG

    I would also check Services -> unbound status and cloudron-support --troubleshoot output.

  • 0 Votes
    9 Posts
    168 Views
    O

    Hi, I just wanted to follow up on this. We found the relating issue in this case which resulted in several different problems. In that case, it was bug in a firmware update on a firewall and not related to Cloudron and can be marked as resolved. Thank you anyway for your help.

  • 0 Votes
    10 Posts
    143 Views
    girishG

    This is fixed now.

    The original issue is that the zone is added in Cloudflare but the nameservers of the domain are not set to Cloudflare. This makes Cloudflare return name_servers as empty in the response which makes our code crash.

  • 1 Votes
    7 Posts
    150 Views
    S

    Thank you @laurent I'll try something like that.

  • Invalid SSL certificate - Cloudflare

    Solved Support
    5
    1 Votes
    5 Posts
    74 Views
    girishG

    @robi I think the user put zone restrictions on his existing API keys. The Cloudron zone was not part of the API key.

  • 5 Votes
    2 Posts
    573 Views
    nebulonN

    Great write-up thanks for sharing all those insights, this will surely help users down the line 🙂

  • 0 Votes
    10 Posts
    235 Views
    adisonA

    @girish said in trying to use cloudron openid connect with cloudflare0trust:

    @

    ok i tryed that.
    only problem, it keeps changing the token, the zero-trust does. everytime i put it in, it puts like 34more bullets (what i hear on the screen reader when trying to enter) in the tokens field.

  • Trusted IP Address

    Solved Support
    4
    0 Votes
    4 Posts
    152 Views
    A

    So I think I've found the solution.
    Modify the Proxy Host config > Advanced and paste the following:

    set_real_ip_from 03.21.244.0/22; set_real_ip_from 103.22.200.0/22; set_real_ip_from 103.31.4.0/22; set_real_ip_from 104.16.0.0/13; set_real_ip_from 104.24.0.0/14; set_real_ip_from 108.162.192.0/18; set_real_ip_from 131.0.72.0/22; set_real_ip_from 141.101.64.0/18; set_real_ip_from 162.158.0.0/15; set_real_ip_from 172.64.0.0/13; set_real_ip_from 173.245.48.0/20; set_real_ip_from 188.114.96.0/20; set_real_ip_from 190.93.240.0/20; set_real_ip_from 197.234.240.0/22; set_real_ip_from 198.41.128.0/17; #use any of the following two real_ip_header CF-Connecting-IP; #real_ip_header X-Forwarded-For;

    this will allow True Client IP Address to be passed to Cloudron.

  • 1 Votes
    3 Posts
    95 Views
    girishG

    Are you also using the domain outside of Cloudron? I am surprised you hit any limit at all, Cloudron API usage is quite low.

  • 0 Votes
    8 Posts
    216 Views
    P

    Thank you for your help. Website filing is to register the services provided by this server to improve network security. When I tried to use servers in other countries, it was very successful, thank you for your help, and wish you success in your work!

  • 0 Votes
    5 Posts
    101 Views
    girishG

    @ghstandard that feature is coming in 7.5.1 which we will stage tomorrow.

  • 2nd domain mail

    Solved Support
    3
    0 Votes
    3 Posts
    95 Views
    P

    ahhh, so just have to nix cloudflare altogether, thanks!
    confused myself because my plains.cloud is cloudflared, but mail.plains.cloud specifically is not!
    appreciate the clarification 🙂

  • 1 Votes
    4 Posts
    126 Views
    robiR

    Sometimes it's browser cache related as well, so make sure to use Shift-reload after major changes like this.

  • 0 Votes
    2 Posts
    214 Views
    girishG

    @jordanurbs With no proxying, does redirection to www work ?

  • 0 Votes
    12 Posts
    400 Views
    J

    Alright, I've got another update and seemed to have reworked things so this is fixed. I've removed all of the old rules and created a new one under WAF Rules using the following:

    (http.host eq "https://my.cloudron.tld" and ip.src eq 127.0.0.1 and http.request.uri.path contains "/filemanager/") or (http.request.uri.path contains "/api/v1/apps")

    Then take action: Skip Log matching requests: turned on WAF components to skip: All managed rules More components to skip: Managed rules (previous versions)

    Note: Edit the items in bold to reflect your Cloudron Domain and your IP Address.

  • 0 Votes
    12 Posts
    317 Views
    aessenA

    @girish you hit the nail on the head. that was 100% what was going on but odd that it only started doing it recently. honestly, if I could use anybody else but Cloudflare, I would. #takingsuggestions

  • 2 Votes
    8 Posts
    533 Views
    arshsahzadA

    Hi @JOduMonT,

    I ran Cloudron with a combination of Tailscale & Cloudflared for two weeks without a public IP at my home setup. So far, everything was working well and I didn't encounter any significant issues. Below is the process that I followed:

    1# I had two servers - one for Cloudron and the second with docker and docker-compose. Tailscale was installed and configured with Tailscale IP on both servers. The automatic domain configured was disabled in Cloudron and was set manually.

    2# I ran the docker-compose.yml file on the second server using the following:

    version: '3.8' services: tunnel: image: 'ghcr.io/shmick/docker-cloudflared' container_name: tunnel hostname: tunnel restart: unless-stopped user: 1000:1000 env_file: - $PWD/tunnel.env volumes: - /etc/timezone:/etc/timezone:ro command: tunnel run network_mode: host TUNNEL_TOKEN={TUNNEL-TOKEN}

    3# I set up and configured the domain in the Cloudflared UI, and used HTTPS for the Cloudron Tailscale IP with No TLS Verify enabled.

  • 0 Votes
    7 Posts
    351 Views
    M

    @Mad_Mattho So the way I understand it, because This tunnel is initiated from my server to cloudflare, I don't have any need to open very many ports on the server, and because I am using a CNAME record to point my DNS to the tunnel ID (no publicly routable IP addresses involved anywhere) it will make no difference where in the world this machine is, or what IP address it gets its internet from, as long as it has internet and can open the tunnel to cloudflare it should just be automatically online, and with the bare minimum amount of ports open, is that correct? Sounds good.

  • 0 Votes
    2 Posts
    102 Views
    girishG

    @j_vmess your domain works just fine for me here. Maybe it's a browser cache issue? Have you tried another browser or after clearing the browser cache? I removed your domain from the original post, since it was showing the setup screen.

  • 0 Votes
    14 Posts
    392 Views
    benborgesB

    This can be set to solved !

    Cloudflare reply :

    c09bd926-0b5e-4850-8e26-b9413779a021-image.png