Posts made by fbartels
RE: CodiMD error (since 1.4.0?)
I have this set to
trueas well and for me the app continues to work after the 1.4.0 update.
Default settings makes no difference, neither a fresh install.
So do I understand that right that even if you install the app completely new you still have the crashes of the editor? Did you reinstall to the same domain? I would use a new domain name just to rule out a caching issue (and also try to open the editor in incognito mode).
Dokuwiki app 1.6.0
Just as an FYI the app update of Dokuwiki to 1.6.0 cut my own (and only active user of Dokuwiki) off from my protected pages. Since that user was an admin I did not set explicit access permissions for it.
Adding the following two lines to local.php restored access:
$conf['plugin']['authldap']['mapping']['grps'] = array('memberof' => '/CN=(.+?),/i'); $conf['superuser'] = '@admins';
RE: Authelia as a U2F/SSO/TOTP provider
@girish I have not yet installed Authelia myself, but from the description I would say that for the Cloudron use case it probably goes too far. The way it seems Authelia brings its own user backend, which in Cloudron is already existant (and with email etc your user backend probably holds more details that Authelia is directly designed for).
But OpenID Connect (oidc) support in general would be very nice. The idea behind this would be that the same login mask you use to log into my.cloudron.io would be shown when for example logging into gitea, codimd, possibly Mattermost (through their gitlab auth) and Rocketchat (has support for oauth 2.0 which is the base for oidc).
For the "multiple cloudron setup" its imho secondary. If you want to go multiserver then you should probably have a copy of the users on your additional servers, afaik your users are not natively in ldap, but your ldap server is implemented in node. the plus side of openid connect could be that you could round robbin between your openid providers.
RE: Authelia as a U2F/SSO/TOTP provider
I don't completely understand how Authelia can help in SSO across two Cloudrons. Can you help me understand how that would work? We were also thinking of making the LDAP server on Cloudron "public". Would this help?
This depends a bit on your exact definition of "SSO". While having access to the same user source (the ldap tree) from multiple system does help with working with a unified username/password its not really a single sign on in the sense of logging in just once and being automatically logged into a different application as well. The last case is exactly where protocols such as SAML (old xml based) or oauth 2.0/openid connect come into play. you login once at your "id provider" and when you visit another applications it asks your provider if you're already logged in (simplified, but still). You the maybe need to give explicit consent for this other application to access your data, but you do not need to provide the application with your username/password.
in regards to security openid can also help protecting applications with 2fa from a central point (your openid provider).
RE: MKdocs project documentation
the purpose of mkdocs is to locally create static pages which could be uploaded to your webserver (for example in Cloudron to the Lamp App, the "Surfer" app probably suffices as well). While mkdocs has a built-in server command, according to their docs this is for preview only.
RE: mySQL login/pw for app(s) (Default generated change) posted in Support
RE: Missing App Store Public made APPs option ?
Please Cloudron Dev(s) allow community to upload apps for turn key deployment
They do so already:
Community/Unstable apps. There's been a lot of app packaging going on and we can't keep up with testing of all the apps. So, we will get them all listed in the coming weeks, so others can easily test them out.
While not totally trivial anybody could already before build and install local apps. With the above change the local building step could afais also be skipped.
There is the cloud-torrent app already, which serves a similar use case.