RE: Jitsi Meet

I am using jitsi as well, if I could host this via cloudron that would be amazing.

Create an Ethereum node app. This is very similar to any Golang based app (e.g. https://git.cloudron.io/cloudron/prometheus-server-app) where you just launch the binary inside a container.

@marcusquinn thank you for your extra tips and comments on the cloud provider side, really appreciated I am already using CloudFlare (without the proxy -- just DNS) and I'm really happy with the service. It's not that I am not experienced to configure all those things by hand, but my current daily work is being an SRE for Kubernetes, so the last thing I need right now is to spend my off-work hours to work-related topics

Anyway, I would most likely go with Hetzner to give them a try, so you made them a customer.
My current internet speed at home is a 250 VSDL. See:

Is that good enough? I guess it's OK, but only production usage will tell.
Wireguard is my second step in the process. First I need to make sure this setup works with OpenVPN so to avoid any compatibility/legacy hiccups -- and then as soon as I have a proof that cloudron can redirect the traffic, I suppose I can easily switch to to Wireguard for better speed.

So from what I understand, after setting up the DNS Server (on remote VPS) and the Cloudron server (at home), I have to tell Cloudron to use tun0 (https://docs.cloudron.io/networking/#dynamic-dns). Right? In that case the SSL certificates will use the IP Address taken from the tun0 interface -- that would be the private/local network of the VPS.

@marcusquinn thank you very much

Is there any way to mark this thread as solved or a moderator/admin has to do it?

@girish in my case it's even easier because I my router (fritzbox) has a setting that bypasses NAT completely and my machine (only one) is exposed in the internet.

tldr; I don't have any problem with the way it is; everything is working fine for me. This is just a feature request for the future. Not a necessity, but a nice to have.

It normally comes from your VPS provider, not your ISP. And you can normally change it.

@jdaviescoates I have cloudron installed at home.

@girish I restarted the app, it's working now. I have created an admin and the federation works (just searched for your instance as described in the docs)

Restarting the app is good work-around for IT, so I would not push further for this. Maybe some env variable is not present at first but gets available later. In the meantime, just make sure this information (restarting the app) is mentioned in the docs -- unless it's easier/faster to solve this.

I had the exact same issue with Redit and Pixelfed. I removed it. Not it seems to be fine.

Also looking at the graphite logs:

Mar 12 23:07:05 12/03/2021 22:07:05 :: [tagdb] Error tagging collectd.localhost.table-0e95e7bb-2ffb-4b5c-af67-64484fe51e33-memory.gauge-cache: Error requesting http://127.0.0.1:80/tags/tagMultiSeries: HTTPConnectionPool(host='127.0.0.1', port=80): Max retries exceeded with url: /tags/tagMultiSeries (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fdc0f856af0>: Failed to establish a new connection: [Errno 111] Connection refused'))
Mar 12 23:07:26 12/03/2021 22:07:26 :: [tagdb] Tagging collectd.localhost.table-e1ca318a-a940-477b-bb4f-43722b127b92-memory.gauge-hierarchical_memory_limit, collectd.localhost.table-d03dd73e-4045-42f7-8e6d-7b6e36b2caba-memory.gauge-total_active_file, collectd.localhost.table-9cea909a-e860-4a20-8d38-bd7820088c93-memory.gauge-inactive_anon, collectd.localhost.table-4d6310dd-104d-4eae-bdd2-025ad353bc45-memory.gauge-total_pgmajfault, collectd.localhost.table-42c605b3-e603-43a2-bfa7-f24fc238c899-memory.gauge-pgpgin, collectd.localhost.table-33db8df1-0687-4415-b5a2-d1ffc5a1339c-memory.gauge-total_swap
Mar 12 23:07:26 12/03/2021 22:07:26 :: [tagdb] Error tagging collectd.localhost.table-e1ca318a-a940-477b-bb4f-43722b127b92-memory.gauge-hierarchical_memory_limit, collectd.localhost.table-d03dd73e-4045-42f7-8e6d-7b6e36b2caba-memory.gauge-total_active_file, collectd.localhost.table-9cea909a-e860-4a20-8d38-bd7820088c93-memory.gauge-inactive_anon, collectd.localhost.table-4d6310dd-104d-4eae-bdd2-025ad353bc45-memory.gauge-total_pgmajfault, collectd.localhost.table-42c605b3-e603-43a2-bfa7-f24fc238c899-memory.gauge-pgpgin, collectd.localhost.table-33db8df1-0687-4415-b5a2-d1ffc5a1339c-memory.gauge-total_swap: Error requesting http://127.0.0.1:80/tags/tagMultiSeries: HTTPConnectionPool(host='127.0.0.1', port=80): Max retries exceeded with url: /tags/tagMultiSeries (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fdc0e772700>: Failed to establish a new connection: [Errno 111] Connection refused'))
Mar 12 23:07:26 12/03/2021 22:07:26 :: [tagdb] Tagging collectd.localhost.table-0ea62e64-2569-4095-942e-81f50c4c93a3-memory.gauge-shmem
Mar 12 23:07:26 12/03/2021 22:07:26 :: [tagdb] Error tagging collectd.localhost.table-0ea62e64-2569-4095-942e-81f50c4c93a3-memory.gauge-shmem: Error requesting http://127.0.0.1:80/tags/tagMultiSeries: HTTPConnectionPool(host='127.0.0.1', port=80): Max retries exceeded with url: /tags/tagMultiSeries (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fdc0e7b18e0>: Failed to establish a new connection: [Errno 111] Connection refused'))
Mar 12 23:07:26 12/03/2021 22:07:26 :: [tagdb] Tagging collectd.localhost.aggregation-cpu-max.cpu-system
Mar 12 23:07:26 12/03/2021 22:07:26 :: [tagdb] Error tagging collectd.localhost.aggregation-cpu-max.cpu-system: Error requesting http://127.0.0.1:80/tags/tagMultiSeries: HTTPConnectionPool(host='127.0.0.1', port=80): Max retries exceeded with url: /tags/tagMultiSeries (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fdc0e789b20>: Failed to establish a new connection: [Errno 111] Connection refused'))

and redis gets oom:

Mar 12 22:54:34 2021-03-12 21:54:34,993 INFO exited: redis (terminated by SIGKILL; not expected)
Mar 12 22:54:35 2021-03-12 21:54:35,003 INFO spawned: 'redis' with pid 577
Mar 12 22:54:35 2021-03-12 21:54:35,003 INFO reaped unknown pid 576
Mar 12 22:54:35 577:C 12 Mar 2021 21:54:35.037 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
Mar 12 22:54:35 577:C 12 Mar 2021 21:54:35.037 # Redis version=5.0.7, bits=64, commit=00000000, modified=0, pid=577, just started
Mar 12 22:54:35 577:C 12 Mar 2021 21:54:35.037 # Configuration loaded
Mar 12 22:54:35 577:M 12 Mar 2021 21:54:35.039 * Running mode=standalone, port=6379.
Mar 12 22:54:35 577:M 12 Mar 2021 21:54:35.040 # Server initialized
Mar 12 22:54:35 577:M 12 Mar 2021 21:54:35.040 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
Mar 12 22:54:35 577:M 12 Mar 2021 21:54:35.611 * DB loaded from disk: 0.571 seconds

After updating my redis is complaining ...

any ideas? what I should do? This looks like a regression.

@nebulon there was no error reported by cloudron. The issue was that if I tried to curl, there was nothing returned back (I don't remember the exact reply -- sorry for that). Basically it was like nginx was not routing properly, as if nothing was running at the subdomain.

I am using jitsi as well, if I could host this via cloudron that would be amazing.

I tried with another device to make sure this is not a cache problem. In any case, I found out that if I change the domain later then it works fine. Sadly I don't have a good reproducer or logs to provide for this.

If this happens to anyone else, this is a workaround:

1. Uninstall the app from domain A
2. Reinstall the app to domain B
3. Move the app domain from B to A

It should work.

curl panos.domain.com
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

but
curl -L panos.domain.com
works

something seems fishy with the redirection.

Install an app to panos.domain.com
then uninstall this app.
then install again this app to panos.domain.com

This doesn't work.
You have to use another domain. Picking another domain solves the problem.
Why?

Create an Ethereum node app. This is very similar to any Golang based app (e.g. https://git.cloudron.io/cloudron/prometheus-server-app) where you just launch the binary inside a container.

@ericdrgn to find the correct ports, login to your cloudron server and run:

# docker inspect $(docker ps | grep synapse | awk '{ print $1}')  | grep CLOUDRON_TURN_TLS_PORT

# Output:
"CLOUDRON_TURN_TLS_PORT=5349",

And run again:

# iptables -L | grep 5349

# Output:
ACCEPT     tcp  --  anywhere             anywhere             multiport dports 3478,5349
ACCEPT     udp  --  anywhere             anywhere             multiport dports 3478,5349

So in my case this is the port and the firewall on my machine is configured properly. I do NOT have another external firewall to block this. Please check if you are using any other firewall blocking this port. To verify if something is blocking those ports, try from another PC:

sudo nmap -p 5349 -sUT <yourdomain>

The expected output should be:

PORT     STATE SERVICE
5349/tcp open  stuns
5349/udp open  stuns

Note: yourdomain means example.com.

To find out if the TURN server is running:

# ps ef `pgrep turnserver`

The expected output should be:

    PID TTY      STAT   TIME COMMAND
   2170 ?        Ssl    1:22 /usr/bin/turnserver -c /run/turnserver/turnserver.conf --pidfile /run/turnserver/turnserver.pid CLOUDRON_REALM=<YOURCLOUDRONINSTANCE> HOSTNAME=turn PWD=/ HOME=/root GOR

or check the container:

docker ps | grep turn

fd3541325e01        cloudron/turn:1.1.0                                                     "/app/code/start.sh"     4 days ago          Up 29 hours

May look at the logs of the turn server when you try to do the call.