Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Surfer version 6

Scheduled Pinned Locked Moved Surfer
8 Posts 4 Posters 118 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #1

    We just released a new surfer app version, which is a major version upgrade, since it moves from LDAP to OpenID integration.

    Also the cli tool now only supports access tokens. So if you use username+password in some CI/CD script with surfer. Make sure to move that to access tokens.

    Because of those breaking changes, the app instances have to be updated manually via the Cloudron dashboard.

    robiR 1 Reply Last reply
    3
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    wrote on last edited by
    #2

    I just updated my first instance to the new Surfer (still with Cloudron 7.4) and am wondering if the upgrade should work out of the box.

    When loading the login form and putting in my user (and 2fa) nothing seems to happen on submit (the page just stays the same). In the browser console I can see a cors error being logged on the initial load of the page.

    curl 'https://my.domain.com/openid/auth?client_id=111&scope=openid%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fstatic.domain.com%2Fapi%2Foidc%2Fcallback&nonce=111&state=111&code_challenge_method=S256&code_challenge=111' \
      -H 'authority: my.domain.com' \
      -H 'accept: */*' \
      -H 'accept-language: en-GB,en;q=0.9,de;q=0.8,de-DE;q=0.7,en-US;q=0.6,nl-NL;q=0.5,nl;q=0.4' \
      -H 'dnt: 1' \
      -H 'origin: https://static.domain.com' \
      -H 'sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114", "Google Chrome";v="114"' \
      -H 'sec-ch-ua-mobile: ?0' \
      -H 'sec-ch-ua-platform: "Linux"' \
      -H 'sec-fetch-dest: empty' \
      -H 'sec-fetch-mode: cors' \
      -H 'sec-fetch-site: same-site' \
      -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36' \
      --compressed
    

    Trying to submit the form then results in an error 500:

    curl 'https://my.domain.com/openid/interaction/111/login' \
      -H 'authority: my.domain.com' \
      -H 'accept: */*' \
      -H 'accept-language: en-GB,en;q=0.9,de;q=0.8,de-DE;q=0.7,en-US;q=0.6,nl-NL;q=0.5,nl;q=0.4' \
      -H 'content-type: application/json; charset=UTF-8' \
      -H 'cookie: _interaction=111; _interaction.sig=111' \
      -H 'dnt: 1' \
      -H 'origin: https://my.9wd.eu' \
      -H 'referer: https://my.comain.com/openid/interaction/111' \
      -H 'sec-ch-ua: "Not.A/Brand";v="8", "Chromium";v="114", "Google Chrome";v="114"' \
      -H 'sec-ch-ua-mobile: ?0' \
      -H 'sec-ch-ua-platform: "Linux"' \
      -H 'sec-fetch-dest: empty' \
      -H 'sec-fetch-mode: cors' \
      -H 'sec-fetch-site: same-origin' \
      -H 'user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36' \
      --data-raw '{"username":"felix","password":"111","totpToken":"111"}' \
      --compressed
    

    These are the logs I can find in https://my.domain.com/logs.html?id=box that match with this:

    Jun 29 16:58:50 box:apphealthmonitor app health: 19 running / 1 stopped / 0 unresponsive
    Jun 29 16:58:53 box:oidc [Interaction] find id:111
    Jun 29 16:58:53 box:oidc [Interaction] find id:111 {
    id: '111',
    expiresIn: 3600,
    payload: {
    iat: 1688050314,
    exp: 1688053914,
    returnTo: 'https://my.domain.com/openid/auth/111',
    prompt: { name: 'login', reasons: [Array], details: {} },
    params: {
    client_id: '111',
    code_challenge: '111',
    code_challenge_method: 'S256',
    nonce: '111',
    redirect_uri: 'https://static.domain.com/api/oidc/callback',
    response_type: 'code',
    scope: 'openid profile email',
    state: '111'
    },
    kind: 'Interaction',
    jti: '111'
    },
    consumed: false
    Jun 29 16:58:53 box:oidc route interaction login post uid:111 prompt.name:login
    invalid DN
    at /home/yellowtent/box/src/oidc.js:474:38
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    
    1 Reply Last reply
    0
  • girishG girish moved this topic from Announcements on
  • nebulonN nebulon marked this topic as a question on
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #3

    The update should work as such, and unfortunately I am not able to reproduce the issue. Neither on Cloudron v7.4.2 nor v7.5 and also with 2fa setup.

    The callstack showing /home/yellowtent/box/src/oidc.js:474 is also curious as with v7.4.1 it would be https://git.cloudron.io/cloudron/box/-/blob/v7.4.1/src/oidc.js?ref_type=tags#L474

    fbartelsF 1 Reply Last reply
    0
  • robiR Offline
    robiR Offline
    robi
    replied to nebulon on last edited by robi
    #4

    @nebulon said in Surfer version 6:

    Because of those breaking changes, the app instances have to be updated manually via the Cloudron dashboard.

    Ohh that's painful as we have hundred+ surfer instances and none of the issues mentioned.

    This will only get amplified in a multi-cloudron setup too.

    We need a better solution than manual updates.

    Any ideas?

    Life of sky tech

    1 Reply Last reply
    0
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to nebulon on last edited by
    #5

    @nebulon said in Surfer version 6:

    with v7.4.1 it would be

    I just checked and I am on 7.4.2. on Ubuntu 20.04 (just recently upgraded from 18.04). Maybe my machine is the odd one out, but if you want to check the system out let me know.

    girishG 1 Reply Last reply
    0
  • girishG Offline
    girishG Offline
    girish Staff
    replied to fbartels on last edited by
    #6

    @fbartels yes, can you please write to support@cloudron.io with the IP ? Thanks!

    1 Reply Last reply
    1
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    wrote on last edited by
    #7

    Small update from my side. The Surfer update was innocent instead I had general authentication troubles with my ldap backend.

    1 Reply Last reply
    0
  • nebulonN Online
    nebulonN Online
    nebulon Staff
    wrote on last edited by
    #8

    glad it got sorted out, I guess this can be marked as solved then

    1 Reply Last reply
    0
  • girishG girish marked this topic as a regular topic on
  • robiR robi referenced this topic on

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.