Quo Vadis Cloudron?

chymian

since I recently had a massive problems with backups, I was digging around in the forum and found a couple of statements which make me ask, whether cloudron and it's development-policy is still a system, which I want/can use.

• starting with the development, that it was decided from the devs, to not deliver system-critical information to the admin any longer. I asked that here about not being notified any longer when a backup fails, and didn't got an answer, where the development is going.

• instead the situation gets worth, it was decided that other essential information also not get delivered any longer. i.e., updates of apps.

• another very interesting questions from @mehdi also did not get an answer:

As a pre-requisite for Cloudron 7 multi-host feature, we have to move file system data into the database. Much grunt work to be done here.

I am not sure I understand what you mean by that. Could you expand a bit on this please?

• form the 6.3 announcement:

…mandatory 2FA for dashboard…

means, no phone, no possibility to log into my server? right?

as I tried to communicate to the devs, @girish @nebulon, and have done so occasionally in the past 4 years, running a linux server is different then a embedded windows. linux is a tool-box which gives you complete control over what is happening - and that is how a server should behave.

I have the impression, that the overall dev-policy/goal is more on giving the admin a windows/apple-user experience and patronize the sysadmins in regards, of how they want to make their job, by taking all configuration-possibility away, which the devs think are not useful - but for an sysadmin, who has to manage dozens of systems, they are essential.

IMHO: I have the impression, none of you have ever administered a lot of systems (no offence meant), with all the implications and workflows and Point-of-Informations which have to be implemented because they are necessary to keep overview and control of the fleet.

from the proposed chances I have the impression, the idea is, that the most of your customers run more or less one hobby-server, and therefore can take care of it in an very time-consuming way.

so my questions is, what's the goal? do you want to create a hobby-server or do you want to deliver a system, which behaves like a real server and seamless integrates into a bigger landscape of linux-servers and the way they are managed?

If you opt for the later one, create a notification-central where the admin can choose, which kind of information is delivered on which channels - with criteria like kind of information, severity, source (system, app, OS). implement different notification-channels i.e. email, telegram, matrix, to address wider range of sysadmin-groups and landscapes.
also there is no information-tracking from the underlying OS.
let the admin choose, whether and when he want's allow cloudron to make a system-upgrade (from i.e 6.3 to 6.4) - because every change on a running system is a critical action.
or in short: give the admin (more) control over his system.

for my initial point - the backup, I open another thread.

in all of this there is no offence meant, but I need clarification, where do you want to go with your development and whether I can stay with it, or go for a more fitting system.

greetings
guenter

timconsidine

@chymian said in Quo Vadis Cloudron?:

means, no phone, no possibility to log into my server? right?

you can do 2FA without a phone
maybe it's the common way, but it's not the only way to do 2FA

timconsidine

@chymian I don't understand the 'beef' (which probably means that I am a hobbyist not a pro in your books.)
I think Cloudron is great, saves masses of time, provides significant reliability and does most of what I need to run systems.

The whole point of Cloudron is that you don't need a sysadmin in the traditional sense. Those awkward people who treat users as idiots of a lower intelligence.

Having just spent 30+ hours trying to set up (rather unsuccessfully) systems on docker (because docker makes everything so easy and reliable and out-the-box, right ?!) which are not available on Cloudron, I can clearly say Cloudron has a bright future. May not be the future you want. But it's far more than hobbyist resource.

As I said, I don't understand what the beef is.
If you need more control, then go build your own systems without the "constraints" and restrictions, which are probably needed to make the platform reliable.

necrevistonnezr

@timconsidine Fully agree. If you need full control over everything on your Server (and have the intention and skill to fiddle with it), Cloudron is not the right product for you IMHO.

As far as 2FA - this relates to the web frontend, not SSH access. And yes, I want it so that you can’t login without the 2nd factor - that’s seems to be the whole point.

A Former User

I love it when professions show up and complain that there is a problem with Cloudron when it was clearly not made for them. Why are they even here?

MooCloud_Matt

@atridad
It's true that cloudron miss some feature, but it's Ubuntu under it, we use other tool to manage the server.
This doesn't mean that cloudron is not made for bigger provider, just that doesn't offer a OS integration just an app lvl integration.

jimcavoli

As a professional whatever, I read all of that, and may I just say...uh, what?

Footnote: pretty difficult to imagine "more control" than root, but that's mostly because I don't consider straight assembly into ring 0 a daily-driving sort of necessity.

chymian

@timconsidine said in Quo Vadis Cloudron?:

@chymian I don't understand the 'beef' (which probably means that I am a hobbyist not a pro in your books.)

I had the apprehension that I would be totaly missunderstood.

I think Cloudron is great, saves masses of time, provides significant reliability and does most of what I need to run systems.

If I would not consider it a useful product I would not pay for it for over 4 years.

The whole point of Cloudron is that you don't need a sysadmin in the traditional sense. Those awkward people who treat users as idiots of a lower intelligence.

that shows how you think, I don't.

Because I questioned the removal off essential functions and wanted to know, where the way leads us, everybody who does not need these, is in your words a what? I don't have these kind of judgement…

@jimcavoli, @necrevistonnezr
sure, ssh & root-access, but what has that todo with the admin-gui and access to the panel?

The point is, leave the choice to the administrator, not patronizing the way, they manage their servers, whether they want the emails delivered, and have not to login to the system to see whats going on, whether they want 2FA for all and every thing or not.
the whole thing is about choice!

none of you, who where so quick with the answers and flames did understand, what my point is!
and I apologize for not being able to find better words to describe what my point is – english is not my mother tongue.

but none of my questions is answered, only flame and smoke…

jimcavoli

@chymian said in Quo Vadis Cloudron?:

none of you, who where so quick with the answers and flames did understand, what my point is!

That's sort of exactly my point. You took a pretty condescending tone with comments like "or do you want to deliver a system, which behaves like a real server" that are just vaguely argumentative, and the whole thing led off with slamming the community for not answering certain questions to your satisfaction. You led right into your opinions of "how a server should behave" and how that isn't this product, peppered with value judgements about different technical specialties. Yes, the reaction was collectively a bit defensive, but I don't think it's a stretch to understand why.

Either way, I still struggle to understand your goal/point/complaint. It seems like perhaps you're just advocating for more configurations for ever more behaviors and included features. There are multiple ways to achieve everything you've discussed. I don't know what the hangup about 2FA is, but the feature you're complaining about is this:

Which seems to be exactly what you think it should be - a setting to require 2FA for users.

There's every choice in how someone wants to manage/monitor their servers. Nothing about Cloudron precludes installing agents for any sort of monitoring/management system whatsoever for the underlying host. Want to wrangle your k hosts with ansible? Fine. Rather prefer DataDog or Nagios or PRTG or whatever? Go for it. If the point is that Cloudron should make more decisions about things like this, I disagree. If rather you think it precludes their use somehow, it does not. If you think that it should make some of its activities more apparent for such tools to notice, I think we'd have an interesting conversation to have. If you meant something else, please explain further, because at this point those are the only parts I understand.

necrevistonnezr

@chymian said in Quo Vadis Cloudron?:

The point is, leave the choice to the administrator, not patronizing the way, they manage their servers, whether they want the emails delivered, and have not to login to the system to see whats going on, whether they want 2FA for all and every thing or not.
the whole thing is about choice!

I like to be able to make sensible choices. But in a complex system like Cloudron, every choice adds complexity and can be a source for additional errors and questions - e.g. what does this setting do? what should be the default setting? how does a combination of certain settings affect the system? etc.

I like cloudron because @girish and @nebulon already made sensible choices for me (e.g. the Mail Server or regarding security)

And again, if you want the ultimate in choices, start afresh with a barebone server (or even https://www.linuxfromscratch.org/) and DIY.

nebulon

There seem to be quite a few things in this thread. But I guess the main issue is the line chosen by us between appliance, hands-off servers vs. traditional server configuration options and monitoring.

I think each and every feature and option brings up this question and it has to be reevaluated again and again. The notification system is a good example of this, where I also think we haven't found a great middleground yet.

To maybe answer @chymian a bit more directly, Cloudron is not aiming to be a control panel with lots of options and knobs to tweak the system or monitor server events in much detail. Those control panels already exist and may serve you better. Among other things, we try make good opinionated decisions for our users, essentially to help users not misconfigure the system by accident, provide solid security out of the box together with updates, and save time reading up on install instructions of upstream apps, while still allowing advanced use-cases where more users benefit from. Thus we do abstract away some technical details which may get into the way of some advanced users, but enables less tech-savvy people to also be able to run all these apps on their own.

Since you are clearly in the advanced sysadmin area, this hopefully doesn't discourage you from using Cloudron, but I hope in the long run we can work out new solutions together by discussion, afterall we are mostly driven by our user's use-cases. If we miss to follow up in some topics, this is usually not intentional but more like an oversight. So maybe we should enter a new discussion about the notification system, but better in a new forum thread.

timconsidine

@necrevistonnezr

scooke

Hello @chymian, it’s probably best to view Cloudron not as a tool to manager Linux servers, or even a systems server management tool.

For one, the requirement to have Ubuntu installed already sets the tone for how to manage the actual server.

But Cloudron doesn’t manage the server, it manages Docker on the server. It’s essentially a Docker Management system. A such, any admin or user can use Docker commands to get info about the Docker env. The same can use typical commands to get info about the server. The admin can then choose how to pipe that info to something more easily feasible, and editable., obviously via txt files.

Of course, to manage Docker Cloudron needs to manage settings on the system too, such as that 2FA setting, log files, Terminal commands, etc. There is not a lot going on in the server that we need to check on: ALmost everything is in a Docker contained, or bridged. There is no LAMP for me to check on, there is no DBs, or firewalls. I made sure I had a spare, non-Cloudron user who had root access to the server if need be. Cloudron took care of the rest precisely so that it can manage the Docker environment the best. Even so, I as admin can still run Docker commands (and screw things up)!

I’ll assume your sysadmin foo is top-notch… but if you’ve never spent time running more than one Docker image, and messing with Docker-compose, and bridges, and what-else-can-i-waste-my-precious-life on-Docker nonsense, then you’d really, truly appreciate the magic that Cloudron does.

I find Cloudron allows for a lot of interaction and notification, both using it’s GUI, but also the normal docker commands and CLI. And it does so much, too. I run a Yunohost instance too, just to try things. You know, I’ve spent weeks trying to find out how to increase a given apps RAM allocation…. Forget about it. NO one knows. And what worked for sysadmin A doesn’t for sysadmin B. Cloudron. Just. Works.

So, repeating myself, I like that Cloudron does most of the heavy lifting, while STILL letting me use docker and CLI commands to get the other info I want and need.

chymian

ok, I formally apologize to everybody who feels offended by me, missing the right tone to express my real points.

it started with the problems I had with backup – backup timeouts/hangs, and not being notified right away.
I just found out about the problems after 2 days, randomly, while logging into cloudron.

looking around in the forum I saw a few topics, which would go into the same direction of not notifying the admin about what's going on on the system (i.e app-updates) - which you can guess right (from all the above), is for me not a sustainable way to manage systems, because information is the road to (pro-)actively manage your fleet and deliver services without interruption/minimized down-times.

on top of that, I stumbled above these announcement for 6.3 that "2FA will be mandatory" for the dashboard", which implements, IMHO, a single point-of-failure: losing access to your phone, in which way that might ever happen, leaving the admin stranded without access to his server.

all these made me – as it is obvious to see, but I didn't realize how much – mad about the "way/policy/direction" which I was seeing unfolding. and which would mean in consequence, that I had to drop cloudron, which I really love because of all the points you guys mentioned - it's a great system for deploying apps easily.
even so, there a a few essential points missing.

so again, please forgive me my tone and offensive wording, it was not meant that way.

kudos to @girish & @nebulon: you created a system, where everybody gets emotional about – means your users love what you have created. but big success also means big responsibility!

with all what happend here brings up the question for an "voting-like-process" where people can have influence on what to come & in what way these are implemented, without spending hours over hours in the forum to pick up a discussion randomly, which might not be doable for everyone?
the keyword here will be Roadmap were the interested one can subscribe.
i.e. like vote on a user-inspired feature to be included for the roadmap, then open discussion on the implementation for both, the user- and dev-inspired features on the roadmap.

necrevistonnezr

@chymian said in Quo Vadis Cloudron?:

IMHO, a single point-of-failure: losing access to your phone, in which way that might ever happen, leaving the admin stranded without access to his server.

Most 2FA apps have a backup or sync system (Authy, OTP Auth, or even Vaultwarden as a password manager, etc.). I don’t have my second factors in one place but several.

@chymian said in Quo Vadis Cloudron?:

because information is the road to (pro-)actively manage your fleet and deliver services without interruption/minimized down-times.

Fully agree.

nebulon

@chymian actually I guess the mandatory 2fa is poorly described. It means that an admin can configure the system to require users to setup 2fa. This is optional for the admin to specify.

Otherwise I feel we still have to discuss the notification system then to also work for your use-case. Maybe you can start a separate thread describing what your ideal solution would look like a bit and we can see how this makes sense for us to implement this way or not.

chymian

@nebulon said in Quo Vadis Cloudron?:

Otherwise I feel we still have to discuss the notification system then to also work for your use-case. Maybe you can start a separate thread describing what your ideal solution would look like a bit and we can see how this makes sense for us to implement this way or not.

yes, I agree, will do that the next days.