Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved TLS Add-On support for Secondary Domains

    Feature Requests
    3
    5
    128
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      syn App Dev last edited by

      Now that cloudron has custom secondary domains feature, some apps that require their own TLS on subdomains (like XMPP servers) are made possible.

      Here is a patch that expands TLS addon to support this:
      https://git.cloudron.io/synchrone/box/-/commit/575247af0610dd6cc76142fe697e5415b256427b

      This will help the following prospective apps to provide a sufficient level of XMPP support, as verifying TLS on their TCP ports under subdomain names is mandatory nowadays:

      https://forum.cloudron.io/topic/7755/openfire-xmpp-server
      https://forum.cloudron.io/topic/2486/ejabberd-robust-scalable-and-extensible-realtime-server-using-xmpp-mqtt-and-sip/12
      https://forum.cloudron.io/topic/4188/snikket-server-your-own-messaging-server-in-a-box/9
      https://forum.cloudron.io/topic/1234/prosody-kaiwa/5

      nebulon 1 Reply Last reply Reply Quote 3
      • Moved from App Packaging & Development by  girish girish 
      • nebulon
        nebulon Staff @syn last edited by

        @syn thanks for fix on that front. We will pick that up for the next release only though. It further needs more changes to trigger for example app container restarts if certs change.

        S 1 Reply Last reply Reply Quote 0
        • S
          syn App Dev @nebulon last edited by

          @nebulon that feature is already implemented. Has been there since cloudron 6.2.0 as far as I can see

          girish 1 Reply Last reply Reply Quote 0
          • girish
            girish Staff @syn last edited by

            @syn that only restarts the app when the primary domain cert renews.

            I did a whole bunch of changes over the weekend to fix some cert renewal issues (specifically, mail container was not getting updated properly when cert renews). I will try to incorporate your changes into it (probably only for 7.4 though).

            1 Reply Last reply Reply Quote 0
            • girish
              girish Staff last edited by

              Thanks @syn . This is implemented in 7.3.4 . The /etc/certs directory has the certs in DOMAIN.cert and DOMAIN.key form (both pem format).

              1 Reply Last reply Reply Quote 2
              • Topic has been marked as a question  girish girish 
              • Topic has been marked as solved  girish girish 
              • First post
                Last post
              Powered by NodeBB