Ente

andreasdueren

I'm hitting a road block with this package. @girish any advice?

Go's smtp.PlainAuth (used by Museum) refuses to send credentials (the TOTP) over unencrypted connections for security. Cloudron's sendmail on port 2525 requires authentication but is unencrypted, causing the error: "unencrypted connection".

What I Tried:

1: Port 2525 without auth → 550 "cannot deliver mail" (requires auth)
2: Port 2525 with auth → "unencrypted connection" (PlainAuth rejects)
3: Port 2587 with STARTTLS → Certificate validation fails (x509: certificate is valid for *.tld.com, not mail)
4: Port 2465 with TLS → Same certificate issue

girish

@andreasdueren oh this is a general problem with Go apps which don't want to send email to servers without valid TLS certificates . You can set requiresValidCertificate as an option for sendmail addon in the manifest . See the fider and pocketbase packages which use this. Currently, this flag needs Cloudron 9.

andreasdueren

@girish thanks I'll try that out

andreasdueren

E-Mail sending works. But I'm exploring how I can use a subdomain setup because the /auth app still returns 401 (“Session expired”) because the auth frontend isn’t picking up the access token the photos/accounts app stored, so the request only carries X-Auth-Token and gets treated as anonymous.

Upstream solves this by using separate subdomains (photos., accounts., auth.*) so each app stores its own token bundle. On my single-origin deployment (https://ente.tld.com/...), the auth app never sees the right token, hence the recurring 401s.

robi

@andreasdueren would adding aliases help with this?

andreasdueren

@robi Yes I'm currently using aliases but those can't be automatically be set up upon install so the user will need to manually add family, albums, cast, auth and accounts subdomain aliases.

robi

@andreasdueren I know we have a modal from an App Store install where these are prefilled, but you are right it’s not automated.

andreasdueren

https://forum.cloudron.io/post/114641

Please help me test this package

girish

@andreasdueren haven't found time to test ente but for multiple domains, Cloudron has two concepts - multiDomain (https://docs.cloudron.io/packaging/manifest/#multidomain) and httpPorts (https://docs.cloudron.io/packaging/manifest/#httpports). httpPorts is best suited when the domain names are to be known in advance (for example , minio's API subdomain). multiDomain is when an app can handle many subdomain but it's not needed for the app to work - wordpress multidomain concept, espocrm customer portals etc.

andreasdueren

@girish said in Ente:

httpPorts

Oh I forgot about that! I'll see if I can implement it.

andreasdueren

@girish Works, thank you! https://forum.cloudron.io/post/114909 Do you want to clean it up and take over?

girish

@andreasdueren thanks, will add it to @vladimir.d 's list! But he has quite a few other apps to push out already, but he will get to it eventually.