Cloudron OS settings/security and "enterprise" focus
-
Feel free to move this (entire topic/parts of it) to the best category as appropriate.
As my company/businesses mature and I am pursuing larger contracts/fundraising, I have more involved due diligence requirements from my board and counter parties.
-
Using Cloudron as our central IDP, we would like to be able to set password complexity requirements. For now, using 2fa (since everything we use now supports OIDC with the recent dollibar update) we can get an exception to the complexity requirements, but that won't last forever. Any possibility of being able to set complexity requirements? Even if it needs to be done via changing a json file or something?
-
Centralized logging (OS/container) logs. I have a Librenms VM I run on premise (where all my bulk/slow storage is) running syslog-ng integrated into Librenms.
-
Official support for Tailscale (or other overlay networks such as Netbird). Currently installing Tailscale into the Cloudron VM and editing /etc/resolv.conf to point at my Librenms Vm (running a DNS docker container) allows everything to work.
-
Support for the Wazuh agent (for compliance reporting/enforcement)
-
Hardening of the underlying Ubuntu server (via say https://github.com/ComplianceAsCode ) (and also things like hardening the SSH configuration).
I am happy todo all of the heavy lifting in regards to the above. I have a set of provisioning scripts https://git.knownelement.com/KNEL/FetchApply ) and am working on all of the security hardening/system monitoring/centralized logging on all of my non Cloudron servers. I would like to work with the project to "officially" integrate (in a maintainable/supportable way) these more "enterprise" focused things into the Cloudron product. I realize that it's a slider between hardening and convenience and that (many? most?) Cloudron users are small/medium businesses/(pro)sumers who don't necessarily want these things. Product management/positioning is very difficult!
I imagine, many/most of the Linux hardening things will have zero impact on most users, and only serve to make attackers life harder.
-
-
Will do.
What about adding SNMP support (in the GUI) (community setting and ACL)?
I have a pretty customized snmpd.conf (which I would need to modify for Cloudron) . It would be good to have support for custom snmpd.conf (even if it needs to be pasted into the gui).
Also SMART support/reporting? (my snmpd.conf uses smartmontools).
-
Thanks for the detailed write-up – I generally agree with the direction you're taking, especially regarding enterprise-readiness.
One additional aspect I’ve been thinking about: redundancy and failover.
As far as I can tell, Cloudron currently doesn’t offer a built-in way to mirror or replicate an instance across multiple servers in an active-active or active-passive setup.The only feasible option right now seems to be to regularly back up the primary instance to an external location (e.g. Hetzner Storage Box, another VM, or rsync/restic setup) and keep a secondary recovery VM on standby. In case of failure, a manual restore could be initiated relatively quickly.
I’d be very interested to see Cloudron explore options for more automated redundancy or rapid recovery, possibly by supporting database replication (e.g. PostgreSQL), block-level snapshot mirroring, or some kind of lightweight failover orchestration.
Are there any best practices from the community around this already?
-
For me, I have avoided all HA/replication (with the exception of backups). In my 20+ year career as a professional system admin/engineer/architect in increasing levels of responsibility/authority I have only seen HA/replication cause more issues than it's worth.
To be clear, I am referring to things with state (databases). Starless (application frontends) and clustered "semi stateful" (think memcached/redis) is quite welcome/acceptable.
Database replication with appropriate monitoring/resiliency/planning could be useful. It can also go sideways in nasty ways.
I have found Cloudron backup/restore to be quite fast (presuming your Cloudron instance is network close enough to your backup target). The upcoming backup changes are quite welcome and address all of my concerns.
Add a CDN in the front and enjoy stateless/horizontal scaling.
As I understand it, swapping out your data store to a cluster (and keeping the docker/readonly/app bits in Cloudron) should be easy? Just need to update the DB_ related environment variables?
I (and my company) are very heavy users of Cloudron. Being on a single box hasn't been an issue for us. When we need to scale (we expect to have some massive read heavy apps using some complex GIS stuff) we will use a CDN. We are spinning up a large k8s cluster to run a number of high compute workloads. All of the command/control will be via Cloudron hosted apps (BOINC/SLURM).
Cloudron is for "bootstrap/core" "pets" (but using a kind of "cattle" architecture/model)(this combination is very powerful) , k8s is for your scale out cattle. (k3s/rancher/longhorn) makes k8s deployment quite easy).
