D
So almost 4 years later we had to reinstall the whole Cloudron VM and we were depending on the backups Cloudron made.
Since it was (by mistake) the only thing we had left at this point.
So we powered down the VM and did the restore process.
It had a lot of data to restore, but the dashboard was back up and running smoothly in just 20 minutes.
So BIG Thanks to the Cloudron team for such a stable and good working product 
π₯³
What are Canarytokens?
You'll be familiar with web bugs, the transparent images which track when someone opens an email. They work by embedding a unique URL in a page's image tag, and monitoring incoming GET requests.
Imagine doing that, but for file reads, database queries, process executions or patterns in log files. Canarytokens does all this and more, letting you implant traps in your production systems rather than setting up separate honeypots.
and a nice YouTube Video with some explanation...
https://github.com/thinkst/canarytokens-docker
Not sure if it's something for Cloudron, but at least interesting enough i guess 
ps
I didn't use CanaryTokens for this post, no worries 
I am using Netbird for almost a year now and I must say it's rock steady.
Am using it for snmp monitoring and smb/nfs acces to allow only specific servers and or ports together.
This can be achieved by setting up the ACL's on the main page of Netbird (selfhosted).
I say this would be a very interesting potential app for Cloudron 
Speedtest-tracker is a (self-hosted) internet performance tracking application that runs speedtest checks against Ookla's Speedtest service.
The main use case for Speedtest Tracker is to build a history of your internet's performance so that you can be informed when you're not receiving your ISP's advertised rates.
Features:
https://docs.speedtest-tracker.dev/features
Github:
https://github.com/alexjustesen/speedtest-tracker?tab=readme-ov-file
@Recliner2042
I use NTFY for push notifications on my Elements install with Android based clients.
Should work for IOS as well.
It's running very smooth for more than a year...
To make use of your ntfy installation, on Android for example, you need two things:
the ntfy app:
a UnifiedPush-compatible matrix app
You need to install the ntfy app on each device on which you want to receive push notifications through your ntfy server. The ntfy app will provide UnifiedPush notifications to any number of UnifiedPush-compatible messaging apps installed on the same device.
Setting up the ntfy Android app:
Install the ntfy Android app from F-droid or Google Play.
In its Settings -> General: Default server, enter your ntfy server URL, such as https://ntfy.DOMAIN.
In its Settings -> Advanced: Connection protocol, choose WebSockets.
That is all you need to do in the ntfy app. In particular you do not need to follow any instructions about subscribing to a notification topic as UnifiedPush will do that automatically.
Setting up a UnifiedPush-compatible matrix app:
Install any UnifiedPush-enabled matrix app on that same device. The matrix app will learn from the ntfy app that you have configured UnifiedPush on this device, and then it will tell your matrix server to use it.
Steps needed for specific matrix apps:
FluffyChat-android:
Should auto-detect and use it. No manual settings.
SchildiChat-android:
enable Settings -> Notifications -> UnifiedPush: Force custom push gateway.
choose Settings -> Notifications -> UnifiedPush: Re-register push distributor. (For info, a more complex alternative to achieve the same is: delete the relevant unifiedpush registration in ntfy app, force-close SchildiChat, re-open it.)
verify Settings -> Notifications -> UnifiedPush.
Element-android:
choose Settings -> Notifications -> Notification method -> ntfy
verify Settings -> Troubleshoot -> Troubleshoot notification settings
If the matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy".
If the matrix app doesn't seem to pick it up, try restarting it.
Cheers 
That one is actually really easy to solve. Only thing is, that my Peertube instance is in Dutch language and i can't find an option to change it π₯΄
Anyway, i shall do my best to help you get there, because there's a setting for that...
As Peertube admin logged into your instance,
Go to:
Administration > Configuration > Basic >
In there you scroll (almost) all the way down, until you reached the "user import/export" settings.
There you will also find the value for max take out.
Set it to your desired value and voila 
I reported upstream and this is the outcome:
https://github.com/Chocobozzz/PeerTube/commit/e7ebcb16acbd43043fd7f95e8918b8ab50595796
Should be fixed within the next update(s) of Peertube
I'll keep an eye open π§
Peertube has a new release, the export problem should be fixed in this one
"Fix big user export file size"
https://github.com/Chocobozzz/PeerTube/releases/tag/v6.2.0#:~:text=Fix big user export file size
Dear Cloudron team and forum members,
Because I host my Cloudron at home, i depend on my Internet Service Provider (ISP) and their decisions regarding opening ports to the Internet.
Now unfortunately they have blocked turn/stun ports 3478 and 5349 TCP/UDP to the internet.
No problem i thought, because I still have another Cloudron instance installed on Hetzner, wich i can (maybe) use for my turn server at home.
Now comes my BIG QUESTION...
I transferred (copied) the turn settings included the "turn_shared_secret" from the Cloudron instance installed on Hetzner, to my own self-hosted instance of Cloudron at home.
So that way my Matrix synapse installation at home is now using an external Turn server, my Cloudron instance on Hetzner.
I copied these settings into the turn settings of Matrix synapse (homeserver.yml) and everything (calls and videocalls) seem to work perfectly again, maybe even better than before.
I do see some weird complaining logs about credentials, in the turn logs on Hetzner instance ....
Like i said, video calls and normal calls through Matrix synapse are working prefectly.
However, it does worry me whether this is the correct and safe way to do it?
Here we go fellow Cloudron enthusiasts!
Just wanted to share my experience with NetBird, and man, it's been quite a journey! 
I use to have Zerotier installed, but it had a BIG learning curve (for me) when it comes to apply the Firewall rules at the Zerotier web-ui (controller-interface).
The whole idea with Zerotier worked well for me a couple of years, but i did not like the fact that clients connecting all together, had full acces all together, in both ways.
Sure, you could make different networks for different clients, but there's gonna be that time when you need some of them together for certain things.
So i tried Netmaker for that particular reason, worked well for my needs.
But after a few updates, it had problems connecting the clients and i had to start all over again, no fun when you have SMB/NFS and so on setup for particular clients!!
Finally i stumbled across Netbird and thought.... let's give that a go, since it looked promising.
Like Netmaker, Netbird installs the coordination server on a cloud instance. This is the air traffic controller. Netmakerβs setup was easy, but with Netbird βs clear installation instructions, it was even easier to setup.
The initial deployment of NetBird was done on a:
Ubuntu 20.04.6 LTS (Hetzner-CX11)
1 VCPU
2GB RAM
20GB DISK
Pricing per month: β¬3.98/mo (as of feb-2024)
The VM should be publicly accessible on TCP ports 80, 443, 33073 and 10000; and UDP ports: 3478, 49152-65535.
Install is done through the installer script (shoutout to the Netbird team for that).
source --> https://docs.netbird.io/selfhosted/selfhosted-quickstart#quick-self-hosting-with-zitadel-id-p
Be aware that this is an "single-line setup script" with Zitadel
Actually i installed Netbird alongside with my existing Keycloak installation, and it was somewhat more advanced to setup.
source --> https://docs.netbird.io/selfhosted/selfhosted-guide
If anyone is really interested about the Keycloak integration with Netbird and how i did it? Just throw your questions here and i shall do my best to answer them.
I thought that my review otherwise would going to be to long, if i would explain that whole setup process with Keycloak.
for anyone interested, the documentation here is a good guide for succesfully installing it.
and other things i may forget to mention here.....
Also one really big thing were Netbird shines, is it's capability to use "Network routes".
source-->https://docs.netbird.io/how-to/routing-traffic-to-private-networks
Netbird supports egress servers β called network routes in Netbird β that allow you to access devices that donβt have the Netbird client on them, as if you and your computer were transported to wherever the egress server is.
At one time i had an VM at another location where it refused to install the Netbird client on 
But "Network routing" in Netbird helped me connecting the desired VM anyway, without the Netbird client installed on there.
Another situation i had is that where a Raspbery-pi acting as a dumb energy monitor, without the possibility of opening firewall ports on there, was now acting as my Network Route to all the devices listed on that network. Plus the other network was like 200 miles away from here, and working like it was all locally.
I also made that network route HA (High Availability) and did setup the appropriate ACL rules on it, so the whole network is not exposed to every client assigned to it.
This is one of the main choices i did go for Netbird. Because connecting clients all together in a private network over the internet works great.
Still, if one client could get hacked, this has now full access to al private clients on that particular private network. Included access to all services like SMB/NFS and so on.
So what i did here is adding clients to groups and from there build my network in that way, only particular clients have particular access with the help of ACL rules on the Netbird main page.
So one example here;
i have a snmp monitoring (master) server and all clients reporting back to that server.
This all happens on port:161 UDP.
Now for the ACL rule i have setup a one way connection from the snmp server to my clients on port 161 UDP.
This way the snmp master server is allowed to connect to the clients for the status reports, but clients could never make an connection back to the master snmp server.
And also the clients together in the same network, can not see or ping each other, because there not allowed to, based on the ACL rulesοΈ
Overal Netbird is a game-changer for someone like me who doesn't want to spend hours on configurations for setups.
Also in terms of security, simplicity, and a bit of tech exploration, it's been a solid and steady choice for the last year.
Sure, i had one problem after an update of Netbird in the past, but when i noted this on their Github page, they were very helpful and motivated to catch the cause and solve that in a future update.
Like i said, this is probably one of the thirst ever review that i wrote in my whole tech savy life, but i hope it helps a bit to give you guys my experience about using Netbird....
For the moment i only use Netbird for an SMB connection from my Cloudron hosted at Hetzner to home, for backups.
But i think there's more to explore here, like some dns magic with Adguard maybe?
https://docs.netbird.io/how-to/manage-dns-in-your-network
For instance, you connect multiple clients through the dns of Adguard? That way you have some kind of VPN with an Adguard filtering resolution? Also handy for mobile clients on the go, i mean the moments you depend on public wifi anywhere outside your home, you connect to Netbird and voila
Another thing that crossed my mind, but i don't know if that's even possible? Sometimes you want to run an app on Cloudron, but don't want it to be publicly available? You only want it to be available for a certain group of clients. This is where Netbird comes in handy also.
Think of it when installing an Cloudron app, you have the ability to only make it available through Netbird? So that way the app is not publicly available, but only to it's clients connected through Netbird.
Hi everybody,
Question...
I have Authelia installed at another location and i use it for applications that are running without 2fauth. I use Authelia here for the 2fauth in front.
Now i want to offer my already existing users in Cloudron, to login with Authelia and use the other services at the other location.
I am following this guide:
https://docs.ibracorp.io/authelia/authelia/configuration
(Option 2 - Using an LDAP database) but not sure wich ldap section i have to follow for the Cloudrons Ldap integration..(?)
Another question is, that Cloudrons LDAP port:636 is exposed to the outside world, but restricted to only the IP adress of the other location in my firewall. And of course in the Cloudrons Ldap section, the IP address of the other location is in place there also.
Am i doing this the right way?
Also stumbled on this one last week:
https://web-check.xyz/
Selfhosted:
https://github.com/Lissy93/web-check
And a little explanation on how this works:
https://www.helpnetsecurity.com/2024/02/26/web-check-website-open-source-intelligence/
Please some advice!!
I have been out for work since June this year and disabled automatic updates just in case.
Now finally back again at my Cloudron instance and ready to catch up with things, like updating my Cloudron version.
I noticed that when i want to upgrade, it wants to upgrade to an unstable version (See attachment)
My question...... Is it safe to update from this point? And will it finally catch up to the latest version?
and all of you the best wishes for 2023.