Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • ip used to access website different to what cloudron expects

    Solved Support
    3
    0 Votes
    3 Posts
    476 Views
    girishG

    We detect the IP using curl https://api.cloudron.io/api/v1/helper/public_ip . Can you check what this returns and why this doesn't return your public IP? You can also use something like https://whatismyipaddress.com/ which should return the same value.

  • 2 Votes
    2 Posts
    619 Views
    girishG

    @hendrikvl It's not a problem to have local network specific configuration in unbound. See https://docs.cloudron.io/networking/#private-dns .

    As for the motivation, we use unbound because the mail server needs to do DNSBL queries. Most of the DNSBL servers like Zen SpamHaus will not respond if the queries originate from Google/Cloudflare DNS. This forces us to run our own DNS server.

    The other motivation was also to log DNS lookups by apps to identify any malicious use but we never got around to this (this was initially designed for a setup where we expected all app packages to be done by 3rd party).

    Finally, the unbound server should not be used much at all because most of the apps should not be querying anything external.

  • Overall slowness, lack of connectivity

    Support
    13
    0 Votes
    13 Posts
    1k Views
    P

    As of now, Im not having this issue anymore. I really dont know what would have caused this.

    Im thinking of setting up an opnsense firewall, not sure if it would help though

  • 0 Votes
    5 Posts
    1k Views
    P

    @nebulon I find the solution taking infos from this forum .

    In fact, I opened port 53 TCP and UDP and Cloudron can resolve domain names.

    Configuration now is:

    firewall template.png

    All seems to working fine... I marked this thread as "Solved" 🙂

  • 0 Votes
    14 Posts
    2k Views
    C

    @nebulon Fantastic, thank you!

  • Mounting volumes for dummies. Anyone care to help?

    Support
    17
    0 Votes
    17 Posts
    1k Views
    O

    @odie Still stuck on this. The culprit is definitely that the usb network card fails to receive its configuration on boot. I cannot get netmanager to configure and initialize it at all. Only the two manual commands seem to work:

    sudo ip addr add 192.168.9.101/24 dev enxc4411eb4c476 sudo ip link set dev enxc4411eb4c476 up

    I have tried various thing with network manager, and I've tried adding a config file to systemd-networkd under /etc/systemd/network/ - the only thing I achieved, was to have every network freeze when I inserted the usb ethernet adapter (only to unfreeze as soon as I disconnected it). Tried keeping it disconnected for longer, just to see, but connections were frozen until I unplugged the usb network card. So I had to remove these config files.

    Can anyone offer suggestions? I don't know where to even look for assistance on this now... Thanks!

  • Why does cloudron block ports?

    Solved Support
    4
    0 Votes
    4 Posts
    853 Views
    C

    Tha

    @d19dotca said in Why does cloudron block ports?:

    @cumpal Cloudron expects to be the only one running on the server, so for security reasons it locks it down unless needed by Cloudron or any of the apps on it. If you need to modify it, I think you can just update the firewall rules manually in Ubuntu, though I've not done that part myself as no need for it yet. but hopefully that at least explains why it's locked down. You may want to review the Cloudron docs on security features too.

    @girish said in Why does cloudron block ports?:

    In addition to what @d19dotca said, you can whitelist extra ports using https://docs.cloudron.io/networking/#whitelist-ports . Please use this at your own risk, we don't recommend installing other software alongside cloudron .

    Thanks for these replies! I got them working.

  • Block access to all IPs, but one + firewall admin problem

    Solved Support
    8
    0 Votes
    8 Posts
    1k Views
    robiR

    There is an allow list file, but you have to access it from ssh. It should be in the docs.

  • 0 Votes
    5 Posts
    698 Views
    N

    Thank you all for your answers! Yes i was curious if cloudron did something special with the networking. I will contact the network administrators and try to fix the issue with them.

  • 2 Votes
    2 Posts
    317 Views
    P

    @robi Wow Robi, this is a great feature request!!! Just yesterday one of my Cloudron instances got a lot of traffic to email for a bruteforce attack.

    @girish I think this feature have to put on the top of the list to improve safety but also to reduce workload of instances and network traffic...

    Schermata 2021-01-13 alle 09.49.21.png

    This is a statping how network performances was impacted before and later bruteforce.

    Also, need a robust alert system - email or other - to let us know that something is happens.

  • IP camera to emby with no direct internet access

    Support
    3
    0 Votes
    3 Posts
    473 Views
    mehdiM

    @dkdkdkk what I do in similar cases is quite simple : allow routing between the 2 VLANs on the router.

    So, your Cloudron and the camera would be able to talk to each other directly. And you can still only allow the first VLAN to route to the internet. That's what I'm doing for my "smart home" stuff. This should check all your boxes 🙂

  • Nextcloud can't connect to Collabora

    Solved Collabora Online (CODE)
    30
    1 Votes
    30 Posts
    6k Views
    nebulonN

    Looks like this is fixed upstream with next release then https://github.com/nextcloud/richdocuments/pull/1412

  • Format for IP Blocking

    Solved Support
    3
    0 Votes
    3 Posts
    490 Views
    robiR

    @shai said in Format for IP Blocking:

    If you are curious, blocking China and Russia came to 19,000 rows. Cloudron didn't stutter.

    The firewall does. It will take progressively longer to make fw changes as you keep adding IP blocks. Not an issue for one time things, but something to keep in mind.

  • Network usage monitoring

    Feature Requests
    9
    4 Votes
    9 Posts
    1k Views
    robiR

    @hillside502 yes, would be cool to map home networks and the upcoming Cloudron Multiserver.. and any ActivityPub App federations.

  • 0 Votes
    13 Posts
    1k Views
    girishG

    Follow up from the customer: "The issue here turned out to be that in Wordpress, WP Rocket caching plugin was used. This plugin automatically starts to preload the cache of each page once something in the site has been updated. The preload itself causes some stress on the CPU and maybe some other processes. Turning off the plugin, the products were sent for less than 2 mins."

    They are working with the WP Rocket team to find a workaround.

  • Looking for a networking expert

    Solved Discuss
    9
    1 Votes
    9 Posts
    969 Views
    mehdiM

    @girish I did not know the term. I certainly did know the effect ^^ (I might have to invest in an actual rubber duck... maybe they are especially effective)

  • 0 Votes
    7 Posts
    1k Views
    M

    @girish Hey, did just that, and I'm having trouble resolving names AFTER setting them. Cloudron is able to set dns records on aws just fine, but then the check to see if the records are created never gets done. Checked the logs and it's server timeouts. Tried running an nslookup query, to no avail as well.

    Kinda weird, seems like the same problem I had on the hosting provider, with unbound, maybe? When I try to sudo, it also says sudo: unable to resolve host ubuntu: Resource temporarily unavailable, but it gets me to root anyway.

    I'm a bit beyond my skills here, though, if anyone would like to chime in, I'd appreciate it.

  • Add Network selections to each App

    Feature Requests
    4
    1 Votes
    4 Posts
    392 Views
    LonkleL

    Oh, interesting, I hadn't thought of those other use cases for this, but I really like that you brought them up, thanks for the feature request! I'll keep this thread updated with any development on that end if @girish doesn't beat me to it! â˜ș

  • Organize Apps via Networks they belong to

    Feature Requests
    5
    0 Votes
    5 Posts
    481 Views
    LonkleL

    @robi Ahh, i completely understand now. This is a much complex level of what @girish and I are building right now with the VPN Client being one network you can choose to connect multiple other networks to. We’ve scoped that out pretty well so as we work on that and as it gets more fleshed out, I’ll update this ticket with advancements of how we might be able to have take this “sharing networks” basic concept further. I really like this train of thought though so I won’t forget it! â˜ș

  • 5 Votes
    3 Posts
    327 Views
    LonkleL

    @girish https://www.ipdeny.com/ipblocks/data/countries/all-zones.tar.gz

    But I did get that from your blog post for 5.6: https://blog.cloudron.io/cloudron-5-6-released/ so maybe you're looking for better ones?