HSTS Preload

It would be nice to have a way to modify the default nginx headers of WordPress Apps.

By default, WordPress Apps in Cloudron have the header "strict-transport-security: max-age=63072000". You can find a screenshot below and the reference in here: https://git.cloudron.io/cloudron/box/-/blob/master/src/nginxconfig.ejs#L98

This feature request would be useful in several ways; one of them is because there are simple requirements to submit a domain to the HSTS Preload List. The requirements are adding the "strict-transport-security" header with:

• The max-age must be at least 31536000 seconds (1 year).
• The includeSubDomains directive must be specified.
• The preload directive must be specified.

Using a WordPress plugin I added the required header, but then I would have 2 "strict-transport-security" headers that would result in an "ineligibility" status by submitting the HSTS Preload form.

Please comment if you think I missed something or want to add something to this request. Thanks for reading!

This is a screenshot of our website's headers using Chrome Tools:

@girish Are there any plans of having v5 in Cloudron App Store soon?

@girish If I try this, the server goes very slow and redis never finishes. I tries also redis restart from the services tab but it stays unresponding. Any suggestions?

@vova I'm having this redis problem as well with 10 apps. Did you solved it by running something or was it just a miracle?

@girish Any news about this? I have a customer that wants to add his Cloudron email addresses to his gmail account because of the UX it offers. Adding the account will allow gmail to receive and send emails with the Cloudron email address. So it's a cool feature! Unfortunately, gmail only supports POP3 or Gmailify.

@girish are there any plans for upgrading mongodb to 4.2 soon? I have the same error even with Cloudron 5.5. I cannot use Rocket.Chat at all, it says "Not Responding" and already submitted an app_error issue.

@girish you're a genius man! I think it should work, I'll try it and come back. Thanks!!

@girish Well, the thing is that I download a JSON Object with some timestamps indicating the next time the server needs to run a specific script. These timestamps are different each day.

For example, Monday the 1st should run at 3pm and 5 pm, but next Monday should run at 1pm and 9 pm.

Could it be possible to edit the crontab file using a script?
The lamp app needs to restart after cron has changed right?

Maybe that could be a workaround.

Is it possible to enable the at command using a LAMP app?

I installed it using apt-get in a custom LAMP app, but I cannot enable it or use it. My goal is to schedule a task (run a script) at the indicated time (timestamps are downloaded from a server and may vary from day to day).

@ruihildt I already add it. Thanks!

Reference: https://www.jetbrains.com/youtrack/download/get_youtrack.html#section=standalone

Hello! Is there a way I can install this standalone docker image in my server, using Cloudron?

Reference: https://www.jetbrains.com/youtrack/download/get_youtrack.html#section=standalone

This was solved by adding "mongodb" addon to the CloudronManifest.json file, then building and installing the LAMP app in a new location.

Hello! I want to know if MongoDB can be used instead of MySQL for managing user information and user data in a Web App we're developing. Currently we have databases created using phpMyAdmin, but we're looking forward to have these databases moved to MongoDB. Can this be possible and how can we create a new admin user for MongoDB?

@girish We're making a web app with HTML5, JS and PHP.

Hello. I'm having the same question since I'm new to Cloudron. I added the mongodb addon to the Manifest in a LAMP app, but I still don't know any mongo username and password, and it won't let me create new users or databases