Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps - Status | Demo | Docs | Install
andreasduerenA

Andreas

@andreasdueren
App Dev
About
Posts
780
Topics
78
Shares
0
Groups
1
Followers
2
Following
0

Posts

Recent Best Controversial

  • Ente for cloudron, help for testing wanted.
    andreasduerenA andreasdueren

    Updated Ente Package: andreasdueren/ente-cloudron:0.6.1

    πŸ”§ Fixes:

    • Ente Locker now works: public-locker was incorrectly pointing to the embed app β€” it now correctly points to the share app (apps/share), which is the actual Public Locker frontend. This fixes Locker redirecting to the photos app.

    Changes since 0.5.9:

    • v0.6.0 β€” Fresh build with latest upstream ente sources
    • Customize email footer for self-hosted instance (removes ente.io branding)
    • Redirect base domain to photos host
    • Fix Museum API matchers scoped to photos host
    • v0.6.1 β€” Fix public-locker β†’ share URL (Locker fix)

    Upstream: https://github.com/ente-io/ente/commit/deb7314

    App Packaging & Development

  • S3 Compatible Storage
    andreasduerenA andreasdueren

    @Divemasterza I really would have preferred R2 for this use case but oh well.

    Formbricks

  • SSO for Postiz
    andreasduerenA andreasdueren

    @James Why is it being abandoned?

    Postiz

  • High Performance Back-end for Nextcloud Files
    andreasduerenA andreasdueren

    @avatar1024 Still can recommend this one https://forum.cloudron.io/post/76397

    App Wishlist

  • OpenObserve on Cloudron - Lightweight, petabyte-scale observability
    andreasduerenA andreasdueren

    @timconsidine Sorry about that, I moved from gitea to gitlab but only migrated the projects I'm actively working on. It's an interesting application but I don't have any current strict needs, the code is here for right now if you want to continue development: https://gitea.due.ren/andreas/openobserve-cloudron

    App Wishlist

  • S3 Compatible Storage
    andreasduerenA andreasdueren

    @Divemasterza Which provider is this? R2 doesn't work, seemingly because it doesn't support the S3 POST Object operation

    Edit:

    Got Hetzner working with these Settings:

    S3_BUCKET_NAME=redacted
    S3_FORCE_PATH_STYLE=1
    S3_ENDPOINT_URL=https://fsn1.your-objectstorage.com
    S3_REGION=fsn1
    S3_ACCESS_KEY=redacted
    S3_SECRET_KEY=redacted
    
    Formbricks

  • S3 provider missing?
    andreasduerenA andreasdueren

    @girish Seems to work fine, thank you!

    Matrix (Synapse/Element)

  • S3 provider missing?
    andreasduerenA andreasdueren

    @girish I’ll try soon when I get a chance to monitor the update thank you

    Matrix (Synapse/Element)

  • S3 provider missing?
    andreasduerenA andreasdueren

    @Package-Updates Was the s3 provider script removed? This update broke my installation. @girish @nebulon ModuleNotFoundError: No module named 's3_storage_provider'

    Matrix (Synapse/Element)

  • S3 Compatible Storage
    andreasduerenA andreasdueren

    @scooke Which provider are you using? I tried R2 with no luck

    Formbricks

  • Let's Encrypt profiles
    andreasduerenA andreasdueren

    @girish said in Let's Encrypt profiles:

    use case

    What about issuing a certificate for the IP address during initial setup? Would encrypt the initial admin credentials.

    Discuss

  • We need the Matrix Authentication Service (MAS)
    andreasduerenA andreasdueren

    I did some digging, this is what I think is needed:

    The current package uses:

    • Synapse v1.144.0 (which is compatible - MAS requires v1.136.0+)
    • Cloudron OIDC for SSO (traditional OIDC provider approach)
    • PostgreSQL as the database
    • Standard Matrix authentication endpoints

    What MAS Integration Requires
    MAS is fundamentally different from traditional OIDC - it's not just another identity provider, but a complete replacement for Synapse's internal authentication system per MSC3861. It needs:

    1. MAS Service Deployment

    • MAS needs to run as a separate service (not just a config change)
    • It requires its own separate PostgreSQL database
    • It needs its own domain/subdomain (e.g., auth.matrix.example.com)
    • Docker image: ghcr.io/element-hq/matrix-authentication-service:latest

    2. MAS Configuration Requirements

    • Encryption secrets and signing keys (RSA minimum)
    • Connection to Synapse via shared secret
    • Database configuration for its own PostgreSQL database
    • HTTP listener configuration
    • Email configuration for password recovery
    • Policy configuration (WASM file)

    3. Synapse Configuration Changes
    Replace traditional OIDC with matrix_authentication_service section:

    matrix_authentication_service:
      enabled: true
      endpoint: http://mas-internal:8080/
      secret: "SharedSecretWithMAS"
    

    4. Reverse Proxy Changes
    These Matrix endpoints must be routed to MAS (not Synapse):

    • /_matrix/client/*/login
    • /_matrix/client/*/logout
    • /_matrix/client/*/refresh

    5. User Migration (For Existing Deployments)
    MAS includes syn2mas tool to migrate:

    • Existing password hashes (bcrypt β†’ argon2id)
    • Sessions and devices
    • Access tokens
    • Upstream IdP mappings
    Matrix (Synapse/Element) mas matrix authentication

  • Matrix Signal Bridge
    andreasduerenA andreasdueren

    I packaged the Matrix Signal Bridge

    Repo: https://git.due.ren/andreas/mautrix-signal-cloudron
    Image: andreasdueren/mautrix-signal:1.0.2

    App Packaging & Development

  • Matrix WhatsApp Bridge
    andreasduerenA andreasdueren

    @Eliahou I packaged the signal bridge and now wanted to see how I can make encryption work.

    Root Cause: Synapse 1.141+ explicitly blocks appservice users from using /sync. The mautrix bridges were configured to poll /sync for encryption data, which caused HTTP 500 errors.
    Solution: Enabled appservice mode for end-to-bridge encryption, which uses MSC3202/MSC2409 to receive encryption data via appservice transactions instead of /sync.

    In specific this means:

    Changes Made

    1. Synapse:
      • Added experimental features to homeserver.yaml:
               experimental_features:
                     msc3202_transaction_extensions: true
                     msc2409_to_device_messages_enabled: true
    
    • Added org.matrix.msc3202: true to both bridge registration files
    1. Signal Bridge:
      • Updated start.sh to set encryption.appservice = true
      • Built and deployed andreasdueren/mautrix-signal:1.0.2
    2. WhatsApp Bridge:
      • Updated start.sh to set encryption.appservice = true
      • Built and deployed andreasdueren/mautrix-whatsapp:2.0.2
    App Packaging & Development

  • Bitwarden Lite on Cloudron
    andreasduerenA andreasdueren

    Does anyone know if Bitwarden Lite includes the secrets manager? That would be an argument.

    Feature Requests

  • Vaultwarden fails to start after update – DB migration error (SSO)
    andreasduerenA andreasdueren

    @Grienauer You need to put it into recovery mode, execure the script, take it out of it again

    Vaultwarden

  • Vaultwarden fails to start after update – DB migration error (SSO)
    andreasduerenA andreasdueren

    @james this won’t fix the issue of logging everyone out though I assume?

    Edit: just saw the newest update.

    Vaultwarden

  • Bitwarden Lite on Cloudron
    andreasduerenA andreasdueren

    Should be trivial to package. But what would be the benefits over vaultwarden?

    Feature Requests

  • Blinko on Cloudron
    andreasduerenA andreasdueren

    I packaged this so I could test it:

    https://git.due.ren/andreas/blinko-cloudron
    andreasdueren/blinko-cloudron:20251230-014843-727262a70

    App Wishlist

  • Vaultwarden fails to start after update – DB migration error (SSO)
    andreasduerenA andreasdueren

    Looks like it's a larger upgrade with various issues

    Screenshot 2025-12-29 at 17.23.16.png

    Vaultwarden
  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search