Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    "App" password for SFTP access to volume

    Feature Requests
    app passwords
    2
    5
    82
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mehdi
      mehdi App Dev last edited by girish

      Hi there !

      I'd like like to give access to a volume to a Kodi instance.

      What I'm currently doing is using a custom app (https://git.cloudron.io/mehdi/river/), which serves its files with a basic nginx server, and I use the HTTPS feature of Kodi, which basically parses the basic directory views of a few of the most used HTTP servers (basically nginx and apache, I believe, maybe one or two others). This is all authenticated with basic-auth on the app side, so I can just use an app password on Kodi's side.

      Now that volumes are a thing, I'm moving my setup towards separate apps which share data through volumes. And I'd like to give Kodi access to the files in question.

      One way would be to create an app for that purpose, which serve the volume in question through the same HTTP/nginx thing, but it feels quite "hacky".

      A cleaner way would be to be able to create an "app" password that would just give access to the volume only, through SFTP, and plug this into Kodi. However, that's not currently possible.

      I think this could also be useful in other scenarios.

      Also, side note, I think it would be good security practice to differentiate actual app passwords that allow logging into the app, and SFTP passwords that should only give SFTP access to the app storage. They are currently combined, and while it's convenient, I think it would be better to apply the principle of least privilege and only give necessary access to app passwords.

      1 Reply Last reply Reply Quote 1
      • girish
        girish Staff last edited by

        I guess we need to first implement SFTP access to volumes first and then implement app passwords for this feature.

        @mehdi Is kodi run outside Cloudron? Is that why you can't just mount the volume into kodi (I have no experience with Kodi).

        mehdi 1 Reply Last reply Reply Quote 0
        • mehdi
          mehdi App Dev @girish last edited by

          @girish said in "App" password for SFTP access to volume:

          I guess we need to first implement SFTP access to volumes first and then implement app passwords for this feature.

          Yeah, I may have forgotten about this detail 😅

          @girish said in "App" password for SFTP access to volume:

          @mehdi Is kodi run outside Cloudron? Is that why you can't just mount the volume into kodi (I have no experience with Kodi).

          Yes, Kodi is client-side actually. It doesn't run on a remote server, but on the device where you wanna play your media.

          girish 1 Reply Last reply Reply Quote 0
          • girish
            girish Staff @mehdi last edited by

            @mehdi I think maybe as a first step we can fix the FTP to be able to access not just the app data directory but also the volumes. That way you can then create an app password and then access the volume via FTP. Would that work for you? I put a task in Cloudron 7 to investigate.

            mehdi 1 Reply Last reply Reply Quote 2
            • mehdi
              mehdi App Dev @girish last edited by

              @girish Having SFTP access to volumes through the app's SFTP connection would be a good first step, yeah. TBH, I assumed it was already the case 😅

              It would work for my usecase, yes.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Powered by NodeBB