RE: CodiMD error (since 1.4.0?)

@girish https://github.com/codimd/server/issues/117

@yusf sorry don't know enough about node and codimd development to give any additional insight. Maybe the codimd issue tracker in GitHub would be able to give more insights?

@yusf said in CodiMD error (since 1.4.0?):

allowAnonymousEdits": true

I have this set to true as well and for me the app continues to work after the 1.4.0 update.

@yusf said in CodiMD error (since 1.4.0?):

Default settings makes no difference, neither a fresh install.

So do I understand that right that even if you install the app completely new you still have the crashes of the editor? Did you reinstall to the same domain? I would use a new domain name just to rule out a caching issue (and also try to open the editor in incognito mode).

Just as an FYI the app update of Dokuwiki to 1.6.0 cut my own (and only active user of Dokuwiki) off from my protected pages. Since that user was an admin I did not set explicit access permissions for it.

Adding the following two lines to local.php restored access:

$conf['plugin']['authldap']['mapping']['grps']  = array('memberof' => '/CN=(.+?),/i');
$conf['superuser']   = '@admins';

I have updated the code in the git repo to 1.9.1 and also uploaded and submitted the app to the Cloudron app store. Maybe it will be shown as "untested" on Cloudrons on version 4.x.

@girish I have not yet installed Authelia myself, but from the description I would say that for the Cloudron use case it probably goes too far. The way it seems Authelia brings its own user backend, which in Cloudron is already existant (and with email etc your user backend probably holds more details that Authelia is directly designed for).

But OpenID Connect (oidc) support in general would be very nice. The idea behind this would be that the same login mask you use to log into my.cloudron.io would be shown when for example logging into gitea, codimd, possibly Mattermost (through their gitlab auth) and Rocketchat (has support for oauth 2.0 which is the base for oidc).

For the "multiple cloudron setup" its imho secondary. If you want to go multiserver then you should probably have a copy of the users on your additional servers, afaik your users are not natively in ldap, but your ldap server is implemented in node. the plus side of openid connect could be that you could round robbin between your openid providers.

@girish said in Authelia as a U2F/SSO/TOTP provider:

I don't completely understand how Authelia can help in SSO across two Cloudrons. Can you help me understand how that would work? We were also thinking of making the LDAP server on Cloudron "public". Would this help?

This depends a bit on your exact definition of "SSO". While having access to the same user source (the ldap tree) from multiple system does help with working with a unified username/password its not really a single sign on in the sense of logging in just once and being automatically logged into a different application as well. The last case is exactly where protocols such as SAML (old xml based) or oauth 2.0/openid connect come into play. you login once at your "id provider" and when you visit another applications it asks your provider if you're already logged in (simplified, but still). You the maybe need to give explicit consent for this other application to access your data, but you do not need to provide the application with your username/password.

in regards to security openid can also help protecting applications with 2fa from a central point (your openid provider).

Hi @Enabl-ist,

the purpose of mkdocs is to locally create static pages which could be uploaded to your webserver (for example in Cloudron to the Lamp App, the "Surfer" app probably suffices as well). While mkdocs has a built-in server command, according to their docs this is for preview only.

@willywonka you should find your answer in https://cloudron.io/developer/addons/

@willywonka said in Missing App Store Public made APPs option ?:

Please Cloudron Dev(s) allow community to upload apps for turn key deployment

They do so already:

@girish said in Cloudron 4 released:

Community/Unstable apps. There's been a lot of app packaging going on and we can't keep up with testing of all the apps. So, we will get them all listed in the coming weeks, so others can easily test them out.

While not totally trivial anybody could already before build and install local apps. With the above change the local building step could afais also be skipped.

@willywonka said in Missing App Store Public made APPs option ?:

https://github.com/webtorrent/webtorrent

There is the cloud-torrent app already, which serves a similar use case.