Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. App Packaging & Development
  3. Desktop App

Desktop App

Scheduled Pinned Locked Moved App Packaging & Development
46 Posts 10 Posters 7.9k Views 10 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • murgeroM murgero

    @robi docker can run full-system images but cloudron locks down too much of the file system to allow it completely. That's why I am having a challenge getting a basic desktop working.

    robiR Offline
    robiR Offline
    robi
    wrote on last edited by
    #35

    @murgero said in Desktop App:

    cloudron locks down too much of the file system to allow it completely.

    That's the part that isn't clear.. if the new system image you're making is done right, it doesn't matter if it's read only as all the parts that need to write have the / system portion and /app/data paths.

    Next question is where exactly are you getting stuck?

    Conscious tech

    murgeroM 1 Reply Last reply
    0
    • robiR robi

      @murgero said in Desktop App:

      cloudron locks down too much of the file system to allow it completely.

      That's the part that isn't clear.. if the new system image you're making is done right, it doesn't matter if it's read only as all the parts that need to write have the / system portion and /app/data paths.

      Next question is where exactly are you getting stuck?

      murgeroM Offline
      murgeroM Offline
      murgero
      App Dev
      wrote on last edited by
      #36

      @robi Cloudron blocks write access except for /app/data, /tmp, and I think a couple other dirs. but tghe big stuff like in /var, /etc, /lib - you cant write in post build.

      I'd like to note that during the building of the app I can write to whatever directory I want. but once it's deployed though it's locked down.

      Plus some stuff you can't do in docker unless the image(s) are ran in privileged mode, which cloudron does not allow either. Without privileged mode, a lot of stuff has to get worked around like x11, window manager, and even simple stuff like fuse works differently in docker than in regular linux.

      --
      https://urgero.org
      ~ Professional Nerd. Freelance Programmer. ~

      robiR 1 Reply Last reply
      1
      • murgeroM murgero

        @robi Cloudron blocks write access except for /app/data, /tmp, and I think a couple other dirs. but tghe big stuff like in /var, /etc, /lib - you cant write in post build.

        I'd like to note that during the building of the app I can write to whatever directory I want. but once it's deployed though it's locked down.

        Plus some stuff you can't do in docker unless the image(s) are ran in privileged mode, which cloudron does not allow either. Without privileged mode, a lot of stuff has to get worked around like x11, window manager, and even simple stuff like fuse works differently in docker than in regular linux.

        robiR Offline
        robiR Offline
        robi
        wrote on last edited by
        #37

        @murgero sysbox allows for more things without using privileged mode.

        It's likely a good time to map out the things that you need, vs the things cloudron allows and see what the delta is and how that maps to sysbox capabilities and any changes we might need to look into.

        It's these kinds of things that prevent others from seeing an idea can work because of their own limits in knowledge or beliefs, so the immediate response is No, when it could be a YES.

        Conscious tech

        1 Reply Last reply
        2
        • robiR robi

          @marcusquinn said in Desktop App:

          ZorinOS Lite is based on that (XFCE 4.16) too if you wanna try?

          Does it have a functional OS level dark mode?

          marcusquinnM Offline
          marcusquinnM Offline
          marcusquinn
          wrote on last edited by
          #38

          @robi said in Desktop App:

          @marcusquinn said in Desktop App:

          ZorinOS Lite is based on that (XFCE 4.16) too if you wanna try?

          Does it have a functional OS level dark mode?

          Yes

          Web Design https://www.evergreen.je
          Development https://brandlight.org
          Life https://marcusquinn.com

          1 Reply Last reply
          1
          • marcusquinnM marcusquinn

            @timconsidine I actually think that wth a bit more work and collective minds, everything that Kasm offers could be reproduced here for Cloudron. I'm very excited for this concept!

            timconsidineT Offline
            timconsidineT Offline
            timconsidine
            App Dev
            wrote on last edited by
            #39

            @marcusquinn : I tried out out Kasm.
            Generally a good system and an easy install (if you put on its own box not with other stuff).
            However, even after increasing the cores and RAM that can be allocated to an app/image, I found it a little slow. Maybe it's the VPS I put it on, despite the VPS having 32Gb RAM and 8 cores.
            My expectation level has been set at a middle level remote desktop Workspace from AWS. Although I am trying to get off AWS, I have to say that workspace performs well. Better than Kasm.
            So very interested to see what performance a Cloudron Desktop App will be. When it's ready.

            1 Reply Last reply
            2
            • murgeroM murgero

              Cloudron App: FluxBox Desktop With FlatPak

              An app that gives you a full desktop in the browser.

              Screenshots:

              43b6abd5-d99f-4c9c-88a5-699596878e77-image.png 09080951-cbd5-48e0-bca6-9500d4df670a-image.png

              How to Use

              Other than pcmanfm, firefox, and xterm, most apps you will probably use will need to be installed via flatpak - this was done as flatpaks are isolated and easy to control where files install. Flatpaks allow me to keep the cloudron standard read-only file system and keep apps installed to the cloudron app in backups.

              To install an app, you simply install it's flatpak: flatpak --user install <path_to_pakref_file> or flatpak --user install flathub <packageID>

              Fluxbox is configured to open firefox normally or to flathub for easy download of flatpaks.

              Fluxbox (and the user session) run under the username desktop which has it's password disabled and su/sudo is not possible. This helps with security but also I've had trouble running stuff as root via the noVNC stuff (for now).

              VNC Also does not have a password on it - I don't think it's really needed (but can be applied if enough people ask) since this app is protected by the cloudron proxy (requires login to access the webapp)

              Warnings

              • I built the app, and although I am a trusted developer here, please note I DID NOT MAKE THE APP WITH SECURITY IN MIND.
              • This app is considered alpha-stages. It may crash, it may burn, it may take your first born.
              • Please PLEASE don't use this in production until it can be vetted by a few other people.

              Installing

              Once I get the package finalized I will push to cloudron's public git server for cloning 🙂

              timconsidineT Offline
              timconsidineT Offline
              timconsidine
              App Dev
              wrote on last edited by
              #40

              @murgero polite enquiry : how's the project going ?
              I appreciate there is probably a ton of work to do to get to a release.

              murgeroM 1 Reply Last reply
              0
              • P Offline
                P Offline
                plusone-nick
                wrote on last edited by
                #41

                Love the use case...reminds me of KASM 🙁: https://forum.cloudron.io/topic/3269/kasm-virtual-desktop-browser-isolation/2?_=1643939053102

                ✌💙+1

                1 Reply Last reply
                0
                • timconsidineT timconsidine

                  @murgero polite enquiry : how's the project going ?
                  I appreciate there is probably a ton of work to do to get to a release.

                  murgeroM Offline
                  murgeroM Offline
                  murgero
                  App Dev
                  wrote on last edited by
                  #42

                  @timconsidine Howdy! It's probably ready for testing tbh. But i worry about security - since I am not an export (though I know a lot) on Linux security - It'd be a good idea to test it, and maybe even have a 3rd party audit of it.

                  --
                  https://urgero.org
                  ~ Professional Nerd. Freelance Programmer. ~

                  timconsidineT 1 Reply Last reply
                  1
                  • murgeroM murgero

                    @timconsidine Howdy! It's probably ready for testing tbh. But i worry about security - since I am not an export (though I know a lot) on Linux security - It'd be a good idea to test it, and maybe even have a 3rd party audit of it.

                    timconsidineT Offline
                    timconsidineT Offline
                    timconsidine
                    App Dev
                    wrote on last edited by
                    #43

                    @murgero I'd be interested to test it if you need another set of eyes.
                    But I'm no expert, and certainly not on security. It's so broad these days. Lots of stuff on reddit/selfhosted on security. trying to absorb this : https://arvind.io/posts/using-fail2ban-to-protect-exposed-services/

                    necrevistonnezrN 1 Reply Last reply
                    0
                    • timconsidineT timconsidine

                      @murgero I'd be interested to test it if you need another set of eyes.
                      But I'm no expert, and certainly not on security. It's so broad these days. Lots of stuff on reddit/selfhosted on security. trying to absorb this : https://arvind.io/posts/using-fail2ban-to-protect-exposed-services/

                      necrevistonnezrN Offline
                      necrevistonnezrN Offline
                      necrevistonnezr
                      wrote on last edited by
                      #44

                      @timconsidine maybe do this https://forum.cloudron.io/topic/6224/crowdsec-install-guide-for-cloudron-purposes instead of just fail2ban?

                      timconsidineT murgeroM 2 Replies Last reply
                      1
                      • necrevistonnezrN necrevistonnezr

                        @timconsidine maybe do this https://forum.cloudron.io/topic/6224/crowdsec-install-guide-for-cloudron-purposes instead of just fail2ban?

                        timconsidineT Offline
                        timconsidineT Offline
                        timconsidine
                        App Dev
                        wrote on last edited by
                        #45

                        @necrevistonnezr good point

                        1 Reply Last reply
                        0
                        • necrevistonnezrN necrevistonnezr

                          @timconsidine maybe do this https://forum.cloudron.io/topic/6224/crowdsec-install-guide-for-cloudron-purposes instead of just fail2ban?

                          murgeroM Offline
                          murgeroM Offline
                          murgero
                          App Dev
                          wrote on last edited by
                          #46

                          @necrevistonnezr That seems more for the host than installed in apps? Or am I misreading some of it?

                          --
                          https://urgero.org
                          ~ Professional Nerd. Freelance Programmer. ~

                          1 Reply Last reply
                          0
                          Reply
                          • Reply as topic
                          Log in to reply
                          • Oldest to Newest
                          • Newest to Oldest
                          • Most Votes


                          • Login

                          • Don't have an account? Register

                          • Login or register to search.
                          • First post
                            Last post
                          0
                          • Categories
                          • Recent
                          • Tags
                          • Popular
                          • Bookmarks
                          • Search