Vikunja - The to-do app to organize your life.

https://vikunja.io/
https://code.vikunja.io/

We are continuing to work on getting many more of the apps published, see the WIP tag. Thanks to the community for really helping us out here!

CHANGE IN PLANS: As mentioned in the 5.4 post, we decided to release some of the features listed here in an intermediary release. I have marked the features below as such.

UPDATE 2: There is now a 5.5

UPDATE 3: There is now a 5.6

UPDATE 4: 6.0

6.0 will be a feature rich release:

• Focal support
• Mailbox sharing - we tried IMAP based mailbox sharing but this doesn't work well for the apps we have. We will instead make it such that a single mailbox can have multiple owners.
• Optimize WP and Nextcloud installations. This is not directly related to box code but we want to speeden things up and optimize the configs since we have a large number of installs with these 2 apps. @MooCloud_Matt has given us a lot of ideas to work with here.
• Unified dashboard for multiple cloudron setups - This will provide a unified auth across cloudron setups plus a single dashboard to control multiple cloudrons. Details are still being worked on and I will post it once I have more info.
• Fix access control for service provider setups - There's a few small issues. Service providers wants admin flag per app, better control of SFTP user management and also to unify PHPMyAdmin across apps. We will see what we can do.
• Mail - Full text search via IMAP (solr integration)

Already released

• (5.4) Dark mode for dashboard
• (5.4) File manager UI to edit the files inside apps. For the initial version, one can only view and edit the files under /app/data (i.e one cannot view the files in the read-only parts of the file system. this is because of some technical reasons)
• (5.5) Backup upload/download speed - Currently, backups can be quite slow but we have some ideas to speed it up
• (5.4) Allow admin to lock email and display name globally. This essentially makes the LDAP directory non-editable by normal users.
• (5.5) Allow backup and update time to be set. Currently, this is all hard coded and it's causing problems for people working in the night
• (5.6) Mail: Configurable mail server settings - whitelist/blacklist, max message size, tls configuration. In the next release after 6.0, we will make spam settings configurable.

(We split the features into two release 6.2 and 7.0, they are tagged appropriately below)

Features planned for 7.0:

• (6.2) Move apps to new base image v3 - See https://forum.cloudron.io/topic/4366/docker-base-image-3-0
• (6.2) Database upgrades - MySQL 8, Postgres 12, Redis 5, Mongo DB 4.2.
• (6.2) Update node to 14.15.4
• (6.2) Update docker to 20.10.3
• (7.0) Multihost support. i.e you can have many servers and have a single dashboard to manage users, apps and domains - https://git.cloudron.io/cloudron/box/-/issues/142
• (7.0) Implement LDAP+2FA across apps - See https://git.cloudron.io/cloudron/box/-/issues/705
• Add service account type . This will add a way to create a "service" or bot user that can be used for automation but doesn't appear in LDAP directory queries. Decided against this because of lack of use cases.
• (6.2) Make it possible to restore without updating DNS. This is useful if you want to test out cloudron backups.
• (6.2) Add a way to manage apps <-> groups better. Currently, it's hard to get a grip on what apps a user/group has access to easily (maybe add filters as well).
• FTP access to volumes This is complicated, maybe some other release.
• (6.2) TLS addon (for DoT in AdguardHome)

Update: 6.2 is out. We will work on 6.3 - https://forum.cloudron.io/topic/4723/what-s-coming-in-cloudron-6-3 . It's a required first step for multi-host.

https://github.com/photoprism/photoprism

First off, I hope all you guys are staying safe in these tough times! Our team is split in Santa Clara and Berlin and we are doing well!

5.1 will be a quick release. There are a bunch of security related fixes but the main feature is the integration of turn addon/service into the platform. This will help us get the video conference apps in asap since it's the need of the hour.

OpenSlides is the all-in-one solution for running your plenary meetings and conferences. Show the current presentation on the main screen, while you show the agenda, motions, list of speakers on others. Working on elections and documents in parallel with all participants. Web-based and always up-to-date.

https://openslides.com/en
https://github.com/OpenSlides/OpenSlides

We are continuing to work on getting many more of the apps published, see the WIP tag. Thanks to the community for really helping us out here!

Features planned for 6.0:

• Ubuntu Focal 20.04 support
• Mailbox sharing - we tried IMAP based mailbox sharing but this doesn't work well for the apps we have. We will instead make it such that a single mailbox can have multiple owners.
• Optimize WP and Nextcloud installations. This is not directly related to box code but we want to speeden things up and optimize the configs since we have a large number of installs with these 2 apps. @MooCloud_Matt has given us a lot of ideas to work with here.
• Mail - Full text search via IMAP (solr integration)
• Volume management - this will allow mounting paths on the host into apps.
• i18n

We removed the unified dashboard for now. @nebulon and I think it will take a good 1-2 months to implement and test and we want to keep the releases going. We will start implementing unified dashboard in a branch.

You can read the full announcement in our blog here.

Feature:

• Ubuntu 20.04 LTS (Focal) support. For existing installations. the upgrade to Ubuntu 20.04 is not automatic and you have to follow this guide to upgrade.
• i18n - Cloudron is now fully translatable.
• Volumes - this allows users to mount server paths into one or more app containers. Volume docs
• Mailbox Sharing - via IMAP ACLs. Please note pre-6.0 installations have to migrate using this guide for mailbox sharing to work. This step is not automatic because some email clients may have to be re-setup.
• Group Mailboxes
• Mail Full Text Search
• File Manager improvements - New file, extract, download dir
• Ad Blocker apps
• Branding: footer can have template variables like %YEAR% and %VERSION%
• SFTP access is disabled for non-admins by default. This is a breaking change.
• Postgresql: whitelist pgcrypto extension for loomio.
• Linode DNS is now enabled in the Cloudron setup wizard.
• Log file names are more descriptive on download.
• The proxyAuth addon can be used to setup an authentication wall in front of the app. See docs for more information.
• Elasticemail is a cost-effective email relay option. You can choose Elasticemail as a relay provider in the outbound settings.
• AWS S3: Add China region
• Security: fix issue where apps could send with any username (but valid password)
• rsync backups: add UI warning to remove lifecycle rules
• collectd: remove collectd config when app stopped (and add it back when started)
• Disable THP
• Add export route for apps
• mail: on location change, fix lock up when one or more domains have invalid credentials

http://easyappointments.org/

This is a selfhosted calendly. https://github.com/FredericCasazza/easyappointments-ldap_user_provider has some LDAP integration code.

For the coming weeks, we are going to focus on getting some new apps packaged. The list is:

• OnlyOffice
• Bitwarden - @Felix and @iamthefij have done much of the heavy lifting, we just have to get it across the line.
• OpenVPN - We will add an admin interface that let's the admins configure some popular vpn settings.
• BigBlueButton or Jitsi (we will evaluate which works well for conferencing. We have used both and they both work well but BBB might win). If you have any thoughts here, please leave a comment.
• Development apps - basically provide a git push workflow for hosting custom nodejs/php apps (and make it work so that they can be mixed with various caches and databases).

If we should prioritize something else, please let us know! But the above should keep us occupied this month.

Demo: https://watch.owncast.online

Github: https://github.com/owncast/owncast

Documentation: https://owncast.online

What we initially planned as Cloudron 4.5 is now Cloudron 5. We decided to bump the major version since it got a lot of changes to justify the bump.

New installations will already get Cloudron 5. Existing installations will get an update in a week or two. We roll out updates conservatively as always, if you want it immediately, please just send a mail to support@cloudron.io and we will make it available.

I am preparing the blog post which will have the screenshots for the features.

Changes:

• Add user roles - owner, admin, user manager and user

• Show backup disk usage in graphs

• Mail server event log and mailbox usage information

• Spam auto-learning - the spam solution is now per mailbox. The mail server will now periodically auto learn spam and ham from the mailbox with no user intervention.

• CPU resource allocation - We have implemented CPU Shared

• Whitelabel the footer/404

• App specific passwords

• Import backups UI - this lets you easily move apps across Cloudrons

• Display timestamps in browser timezone in the UI

• linode: add object storage backend

• Enhancements in the built-in LDAP to better support SOGo (more on this in a separate post).

There's a lot of other bug fixes as well. You can read through the commits for that

I have added a new category called Apps - https://forum.cloudron.io/category/9/apps . I am slowly adding all the apps we have into it as subcategories. It seems this might work better than tags (people are mistyping tags) and also provides a better direction/place for people to post.

Ideally, we keep the current Support category to Cloudron platform related issues. I am moving existing Apps related posts this new category.

Finally, we will start posting app updates in these new categories. Basically, https://cloudron.io/appstatus.html with a changelog. But since now apps are a separate category we can post it a bit more freely without being concerned about polluting the main support category.

Another brief update:

• We added auth wall functionality that apps without any notion of login can use
• i18n is mostly done, just lots of testing before we let translators do their work. @nebulon can give some updates on how the language is selected etc.
• We added httpPaths functionality so that @MooCloud_Matt can work on his OLS app. Also, see https://forum.cloudron.io/topic/3755/apache-ols-and-nginx-custom-benchmarks/5
• Reworked a lot of the internal dns stuff, so that we can have apps as dns servers (ad blocker apps)
• solr fts search was merged today.

Looks like we are set for a release next week!

Back in the day, we had an "oauth proxy" for apps that didn't support any authentication to put up an auth wall. This was brought up https://forum.cloudron.io/topic/1451/alternative-to-oauth-proxy . We removed that proxy when we removed OAuth support altogether.

Recently, there is a bunch of apps that require an auth wall including:

• Prometheus server/alert manager
• Cloud torrent
• Transmission
• Apps like surfer
• Many of our internal apps

I have put in this "proxy auth" feature in Cloudron 6. Just have to add it to addons in the manifest like:

"addons": {
    "proxyAuth": {}
}

Just like the ldap addon, user can then select which users/groups can authenticate. If the manifest also has optionalSso, then user can choose to let the app have no auth wall altogether.

When using this feature, two routes are "reserved" - /login and /logout. Some benefits of having this on the platform side (as opposed in the app are):

• 2FA login
• Session management in the user's profile page. i.e can logout from apps etc
• Easier for us to maintain this feature. Currently, this feature has already been re-implemented in the apps using 3 different stacks - nginx/apache/node...

I took a lot of inspiration from https://github.com/andygock/auth-server and @mehdi's transmission code. So, big thanks to them!

Hi All,
Small change in plans for the Cloudron releases. Previously, we had announced that next release will be Cloudron 6. It turns out some of the features are in good shape already and we just want to get it out instead of waiting for everything to get done.

So, there will be a 5.4 release, hopefully later this week, with the following features:

• Dark mode for dashboard
• File manager UI to edit the files inside apps. For the initial version, one can only view and edit the files under /app/data (i.e one cannot view the files in the read-only parts of the file system. this is because of some technical reasons)
• Allow admin to lock email and display name globally. This essentially makes the LDAP directory non-editable by normal users.
• Mandatory 2FA - this is new feature that wasn't announced as part of 5.4! This will require users to setup 2FA before accessing the dashboard.
• We are moving nginx to latest upstream packages instead of ubuntu ones since they are lagging behind a lot.
• Backblaze b2 provider - also new

Some big news: We will be adding i18n support in Cloudron 6. This work is being sponsored by Medias-Cite and their Cloudron project OSINUM. Thanks @Benoit ! As part of the work, we will also package the Weblate app (for translations).

@hakunamatata I have automated the mail autoconfig for all domains. It's part of 6.1.2. Should be out next week.

https://git.cloudron.io/cloudron/box/-/commit/ef68cb70c07f2abd524879aef70930b572f48917

I recorded a quick video showing host the tests run. The browser on the left is my Firefox that just shows the Cloudron dashboard. The browser that appears on the right is Chrome and it is where the automated testing happens.

Youtube Video

EDIT: OK, this is funny. @nebulon was wondering why I had some dark music in the video. I thought I had recorded a silent video and did not even know there was some background music Investigating, I found out that my youtube at some point has started auto-playing "3 HOURS Most EPIC POWERFUL BATTLE MUSIC"! and OBS was happily recording that. Since, I don't have a headset connected to this setup, I had no idea. Funnily, when I uploaded this video, it immediately told me there is a "copyright claim" and I thought "yeah, right". Now I know why.

Some updates on volume management. There is now a volume view.

You add a host path as a volume and give it a name. This is most likely some EBS/external hard disk/Block Storage. There is also the file manager integration (the button next to the delete button).

You can then go to the app view and mount these volumes into the apps. There is a new Storage section.

There is a section overload in the app configure view We are looking to reducing the list of sections in the left pane. It's making things hard to find.

@jdaviescoates For pricing, as mentioned, we just offer discounted pricing on a case by case basis. Given we are a small company ourselves, we don't want Cloudron pricing to be a blocker for another business relying on us. We have a dozen or so re-sellers and they are generally IT admins, sysadmins who host for co ops, non-profits and schools.

As for Cloudron the company itself, we are profitable and pay ourselves a salary, and I can say we are not going away anytime soon. We are completely bootstrapped and haven't tried to ever raise money nor do we plan to. Future wise, one thing we really want to happen it is to grow to a size where we can start supporting upstream opensource apps - either by contributing with people or funding them.

Just finished up on the "Dry run" feature for Cloudron restore. You can use this to test your backups, test migrate to another server to see how well the server performs (for example, when you switch VPS) etc.

The way it works is :

• you select this "Dry run" checkbox. When enabled, it will restore as always except it won't update the DNS.

  

• Before you click 'Restore', add an entry in /etc/hosts for my.domain.com to this new server's IP. You probably also want to add entries for your app domains if you want to test them.

• Once restored, and you feel happy, you can "switch over" to this new server, using the new sync DNS feature. This is in the Domains view.

  

Welcome to the Cloudron community, we hope you will find many like-minds here for making good things happen with the Cloudron platform and community.

If you have work or skills to offer, please post your needs and expectations to announce your availability and interests.

All agreements are between yourselves and the Cloudron forum is simply a place to meet people that can help each other.

Please state your preferred contact method; DM chat in the forum is probably the safest way to share contact details privately.

Be respectful for the value of what you ask for or offer. It takes years of experience to know how to do something in hours and days. Respect your work or your developer commission for the value of the results to you both. Allow for unexpected issues and maintenance.

You can include links to your work if you wish but no affiliate links 3rd-party platforms, and no freelance recruitment platform marketing please.

This is only for person to person networking, so no company promotion please. If you are seeking or know of full-time employment opportunities, that is still a personal networking referral.

Cloudron is not a party to any contracts, offers no endorsement or assurances on the forum members communications and reserves the right to remove any advertising that is not related to the Cloudron platform, Apps and community spirit. Caveat Emptor & Caveat Venditor; Buyer Beware & Seller Beware.

The moderators reserve the right to query any post or member on the legitimacy of their post, remove any post at any time for any reason without obligation for explanation, and all other forum etiquette rules apply.

Welcome to your Cloudron Freelance Work community, and we look forward to hearing what you can all create together!

I am one of the co-founders. Before I started Cloudron, I used to be a C++ developer (contributed a lot to Qt, WebKit, Crosswalk, KDE). Back then, I used to self-host things but it wasn't a conscious choice, it was just what people did (for example, i used to self-host gitosis before github, mediawiki etc). I think the turning point was Google Reader shutdown which forced me to make a conscious choice. And now I am a web developer

Given holiday time and end of the year, not sure we are going to be all that productive We have a bunch of apps which are already good to go, so we will get those out first before 6.1.

6.1 is mostly implementing some low hanging fruit. Idea is to get it out end of this or first week of Jan, so not much is planned.

• Token based login for the dashboard. This will allow service providers to have a clickable link using which one can auto-login to the Cloudron dashboard.
• Add a way to secure the cloudron-setup with a token
• Remember app update notification status across restarts
• proxyAuth: add 2fa
• Include alias in mailbox search
• turn server: support REST API for auth credentials
• Add well-known support in Domains view. This is essentially trying to automate the matrix well-known setup. It seems many people struggle with the SSH instructions.
• Add netcup DNS provider
• Domain aliases

Before Cloudron 7, we need some more work to make the single server install secure. For this reason, we will spend some time first with the following:

• (Security) - Inform users about new browser/IP logins.
• (Security) - Better email monitoring/visibility for admins. @d19dotca raised many important posts and there's also existing ones. We have to read the posts in more detail and discuss internally before we give more details on what we plan to do here.
• (Security) - Add a way to secure/limit access to specific apps and dashboard. For example, a set of apps are public and the rest are only accessible via wireguard/openvpn. This combined with mandatory 2FA for dashboard will make good security.
• Reduce/remove some notifications. It seems a bit noisy.
• Fix email situation for Go apps like Statping, Commento that are having trouble sending mails via our email server.
• Make email setup inside apps optional. This will make it possible to configure specific apps to use some external service for mail delivery directly and the Cloudron package won't touch their mail settings.
• Volumes - make mounting easier by automating fstab/exports entries
• Move TURN server to port 443.
• As a pre-requisite for Cloudron 7 multi-host feature, we have to move file system data into the database. Much grunt work to be done here.

This is forked from OwnPhotos:

https://librephotos.com/
https://github.com/LibrePhotos/librephotos
https://demo2.librephotos.com/ Username: demo Password: demo1234

Hi all,
We released Cloudron 4 now. The blog has more details about the release.

Changes:

• SFTP access is built into the platform. As of this release, WordPress, Surfer and LAMP apps support SFTP access. You can get the SFTP credentials from the i button in the app grid. Note that the username for each app is different!
• App tags and labels - this lets you easily categorize and search app. The current UI is very basic, we hope to iterate on this. Feedback welcome.
• Scaleway Object Storage backend for backups
• Easier email import. There is some basic docs on how to use imapsync here
• Unmanaged WordPress app - this app allows you to edit WordPress code unlike the existing WordPress app. Since, we let you edit the code, we won't deal with updates either. You can to use the WPs built-in updater for that. Docs for this app are here. Currently, this app is marked as unstable. So, you have to enable the unstable flag in settings before you can install it/see it in your Cloudron.
• Immediate App Update notifications
• Backups created right before an app update are retained for upto 3 weeks. This lets admins roll back in case they notice some breakage late.
• Community/Unstable apps. There's been a lot of app packaging going on and we can't keep up with testing of all the apps. So, we will get them all listed in the coming weeks, so others can easily test them out.
• Upstream app version is now listed in the app info dialog
• Support for email relays that do not require authentication and self-signed certificates
• Cloudron updates can now be applied without taking a full backup. This was added for situations where there might a bug in the backup logic and an upcoming Cloudron update fixes the backup issue.
• Add a way to disable outbound mail for a domain. Email -> Outbound -> Select Disabled

https://github.com/chatwoot/chatwoot

https://www.chatwoot.com/docs

For the coming weeks, our focus is simply to get more of the apps out. bitwardern/jitsi/matrix etc are in various states and we want to get those out asap.

We are working on some ideas on the Cloudron side:

• Mail fts search - This will be optional since the dovecot+solr integration takes a lot of memory.
• Mail server queue and reports - This is just a UI to get an insight into what emails are incoming and outgoing on the mail server
• Mail spam controls - This will tackle the popular "Spams are still getting through" reports
• CPU resource allocation - Currently, you can control memory per app. This will allow you to control the CPU allocation as well.
• Firewall API
  • This will allow setting up basic application firewall rules. This is not clear yet but we will build on top of modsecurity/fail2ban potentially.
  • For email, this will have whitelist/blacklist
• Backup - listing, download and remove API and UI (for box and the apps).
• Per-app backup format.
• Group admins - The idea here is to create "sub admins" who can invite users but cannot control server level settings like backups.
• Whitelabel the footer/404
• App specific passwords

BTW, if you have comments/suggestions, feel free to open a thread in the Discuss section or comment here for any clarification

We released Cloudron 5.1 for all now. See the blog for screenshots and more info.

• TURN Service - This allows completely private P2P voice/video and data transfer. We have updated Kopano Meet, Nextcloud Talk, Matrix Synapse and FilePizza to use this built-in turn server. No configuration needed from your side, just make sure you are running Cloudron 5.1!
• We have released Mastodon. For supporting federated apps like Mastodon and Matrix, we have added support for .well-known URIs (docs)
• Mail eventlog now has search and filter options
• Disk graphs are now sorted by usage (thanks to @d19dotca for the suggestion)
• Apps that have automatic backups disabled are now listed in the Backups view (thanks to @d19dotca for the suggestion)
• Dropped support for TLSv1 and TLSv1.1 (thanks to @zerononcense)
• Support for ECC certs (thanks to @zerononcense for helping us test)
• Docker addon is now more secure (thanks to @iamthefij for reporting)
• fix bug with listing of >25 mailboxes and aliases
• branding: make the login page title show cloudron name
• mail fix incorrect eventlog db perms

Wanted to give some progress on the release here. Both @nebulon and I are taking a bit of break for Jitsi We will revisit once we finish some more enjoyable tasks.

• Update base image - this is done! Apps are slowly getting updated one by one.

• Add support for member-only mailing lists - done!
  

• Default to ECC certs from Let's Encrypt - done!
  

• Redis status - Under services, you can now tune redis instance of each app
  

App firewall will not make it this release since the changes are stacking up.

Some more updates.

• Clicking the update button now will always give you an update, if it's available. No more required to ask us to whitelist an update.

• Encrypted backups - there were security flaws with the current encryption. It's been fixed (more info when we do the actual release). thanks to @mehdi who has patiently worked with us through this.

• App graphs! Currently, just RAM and Disk. CPU and Network will come later.
  

• System graphs
  

• Backup listing UI for the platform
  

• New backup retention policy (this is same as keep daily/weekly/monthly in borg/restic).
  

• Finally, there is a way import and export the backup configuration easily. You see this in the right of the backups. You get a config file that can then be put in another Cloudron instance for restore or import.

We hope to get this out next week. Just doing a lot testing now.

There's a few minor bugs/annoyances in 5.4. So, we though we will do a quick 5.5 with a couple of features before 6.0. We also have to update all the app packages to have correct screenshots links since they use the old s3 path style links (they have to be changed to vhost style links).

• Contrast issues in dark mode
• File manager does not work when a custom data directory is set
• Fix sticky notifications
• Backup upload/download speed - Currently, backups can be quite slow but we have some ideas to speed it up
• Allow backup and update schedule to be set. Currently, this is all hard coded
• Mailbox sharing

Just one more sprint before 6.0. Mostly, it's mail related. Just trying to address some immediate needs in this release:

• Mail
  • Make some of the existing settings configurable via the UI. Whitelist/blacklist, max message size, tls configuration etc.
  • Make mail server name configurable. Instead of my.domain.com as email server, you can setup the name as mail.domain.com, for example.
  • Autodiscover/Autoconfig support for email - https://git.cloudron.io/cloudron/box/-/issues/556 . I am not sure how easy/hard this is, but worth trying.
  • Server side signature - If haraka allows this easily, we will add it.
  • Keep mail backups separate from box backups. This will make it easy to backup/restore emails separately. EDIT: decided it's a lot of work, postponed to some future release.
• Add a way to whitelist inbound ports. This will help apps like netdata, snmp monitors and other monitoring "agents".
• Add flag in manifest for reverse proxying to a port (for the OLS app).
• Update MongoDB to 4.2 - EDIT: this was not needed. The index length problem is solved by having smaller mongodb database names.
• Hardware transcoding for emby/jellyfin (and in the future plex)
• Do not auto-update to pre-release version
• Allow configuring schedule of platform updates
• Network usage graphs (See issue)
• Optimize WP and Nextcloud installations

Anything small/obvious I left out?

6.1 is out now. As always, we will roll out slowly since there are many changes. We are already aware of a small breakage that affected one server, so we will make a 6.1.1 soon till we find out any other issues. The breakage will manifest itself in the UI as "Waiting for platform to update" when installing an app or updating an app. If you hit this, let us know here, so we can know how common it is but most of the servers we control updated fine.

Hi all,
Jirafeau is now available in the app store. Jirafeau is a "one-click-filesharing": Select your file, upload, share a link. That's it.

Code: https://git.cloudron.io/cloudron/jirafeau-app.git
Docs: https://docs.cloudron.io/apps/jirafeau
Appstore link: https://www.cloudron.io/store/net.jirafeau.cloudronapp.html

For those on twitter, we created a new account where we will start posting important package update information. We used to do this in our main twitter account but since we push updates often it felt very spammy. At the same time, we think it's important to post this somewhere so the app community can forward/tag it.

You can follow the updates on https://twitter.com/CloudronUpdates

See update below

@girish said in What's coming in Cloudron 6.3:

As a pre-requisite for Cloudron 7 multi-host feature, we have to move file system data into the database. Much grunt work to be done here.

A big chunk of this landed today. Certificates also need to be migrated to the database, that should be done tomorrow. Essentially, from the next release, /home/yellowtent/boxdata will only contain mail server data and nothing else since everything has moved to the database. I will probably take this opportunity to separate box backups and mail backups. The box backup is going to be just the mysql dump and nothing else.

In our (admittedly limited) experience, the lower we go, the more we have to hand hold and support. People who are new to selfhosting are going to ask all sorts of questions - why is the nextcloud client not working? how are ghost and wordpress different? where do i setup email filters like gmail? How do I setup my DNS and what is a domain? and so on. Cloudron as a company is simply not setup to answer those sort of questions. We can support sysadmins and techies, but not general consumers.

To me, the issue is not pricing. It's just the product has to be packaged and marketed very differently and also developed differently. For example, I imagine the best way to target consumers is to make a hardware appliance and focus on a very limited set of apps. That too, you will find that you are non stop competing with comparisons of these limited apps with SaaS. Alternately, you have to make Managed Cloudron SaaS (this is how Cloudron started, we couldn't make it work and won't do this again).

FWIW, we encourage people to try other business models and pricing models on Cloudron instead of expecting us to try those. If pricing is what stops you, feel free to reach out to us directly and we can come to some agreement. We have made several such agreements already with service providers.

As others pointed, Cloudron uses PBKDF2-HMAC-SHA1 with a per-user salt. This is totally different from just using SHA1.

As we are not cryptographers ourselves, the best approach is to not try to re-implement crypto ourselves and just follow NIST guidelines - NIST 800-63 Specs.

It recommends PBKDF2 and atleast 10k iterations. We also follow most of it's other password guidelines including following including 8 character minimum, support at least 64 characters maximum length, all ASCII characters (including space) should be supported, no password hints/expiry, non-SMS 2FA etc.

There is a good article summarizing the NIST guidelines at the Sophos website and also an article how to store passwords safely.

Project Lightspeed is a fully self contained live streaming server. With Lightspeed you will be able to deploy your own sub-second latency live streaming platform. The Lightspeed repository contains the instructions for installing and deploying the entire application.

https://github.com/GRVYDEV/Project-Lightspeed

Here's what you can expect from 5.2. We are still working actively on a few more apps and the apps have more priority. Specifically @nebulon is working on Bitwarden and I am trying to get Jitsi/BBB.

• Update base image - this should update many packages, the vim/bash history configuration etc.
• Some user onboarding flow - don't have concrete plans here. But sometimes new users are confused by all the automation we do - like db, email, user management. Feels very magical, so we have to put in some videos/images to re-assure them/explain what's happening.
• Add support for member-only mailing lists.
• Support for external volumes for apps
• Default to ECC certs from Let's Encrypt.
• App firewall (protect login screens and login routes of apps)

Any more suggestions?

I changed the title of this post to be less flame-baity

Here's what you can expect from 5.3. This will be a fairly short release as we are going to get back into packaging apps. Pixelfed, Metabase, Grafana, Akaunting, Jellyfin, River are all packaged and waiting for our attention, so we want to get them out. Jitsi has to be completed as well.

As for 5.3 itself:

• User onboarding flow - Currently, many of the automation we do - like db, email, user management is not understood entirely by users because other tools don't do it and we don't explain what we do.
• s3: path style is being deprecated by AWS in Sep 2020 - https://forums.aws.amazon.com/ann.jspa?annID=6776
• CIFS storage backend
• Synchronize LDAP groups - issue

Anyone else have any pressing need? The release after this will be a more feature rich release but we want to keep this one as minimal as possible.

We are going to steal many of the comments in this thread for our testimonials Thanks for all the nice words!

Hi all,
Pixelfed is now available in the app store. Most of the packaging work was done by @doodlemania2 (thanks!)

Code: https://git.cloudron.io/cloudron/pixelfed-app
App store link: https://cloudron.io/store/org.pixelfed.cloudronapp.html
Docs: https://cloudron.io/documentation/apps/pixelfed/

A bit of a tangent... A part of @nebulon and me want to have add some core services to the platform itself - like caldav, cardav (just like email). And then, something like what @nebulon made could probably be an app that you can install. It will be pre-configured with the dav endpoints thanks to this new dav addon. We could also then have say roundcube etc pre-configured to use these dav endpoints. SOGo/Nextcloud though have their own dav servers, so it probably won't work with them. But we have lots of users who use Cloudron Email Server and they don't want to install a nextcloud just for caldav/cardav.

Thoughts?

Hi all,
Moodle is now available in the app store. It's marked as unstable at the moment, we have to add LDAP support and add tests. Do not use in production yet. Thanks to @atrilahiji for much of the work!

Code: https://git.cloudron.io/cloudron/moodle-app.git
Docs: https://docs.cloudron.io/documentation/moodle/

Great question!

I would say:

• chat.cloudron.io - this is not to be used for support. When we were smaller, we used this to network with our initial customers. But with our current size, it's not manageable. People bombard us with questions on chat and expect immediate answers (I don't blame them, I blame the tool). This was also stressing us out since we don't like to see questions unanswered So, for all practical purposes, this is our internal tool.

• git.cloudron.io - this is not to be used for support. Our issue tracker is meant to help us in development. GitLab is really our internal tool to track bugs and milestones. It's public because why not, it shows transparency. As a user, one can use those issues to track progress and also see other issues etc. We discourage people from creating bug reports directly in git. Thankfully, not many people do this anyway right now since account creation and 2FA discourages them

• forum.cloudron.io - This is the right place for all support, feature requests and discussions. Please use this as much as possible.

• support@cloudron.io - This is the right place for all support related things. I think some people are just more comfortable writing in private than in public forum and also maybe their setup and usage is sensitive/confidential.

• info@cloudron.io - for general information about our product. this is mostly pre-sales and not support related.

As for priority, the source of the tickets (forum or email) does not matter. premium+ customers have high priority. When we have no premium+ tickets, we treat email and forum requests equally. I think we might even treat forum with higher priority than email since we want to show that we respond with diligence and quickly

Hope that clarifies!

We got some inquiries about what languages we will support. Currently, it's early days and we are just deciding on how to go about internationalization. Usually, translating an app is 2 steps. Step 1 is i18 phase where the app is made translation friendly. Step 2 is the l10n phase where localizations are provided.

At this point, all we know is that we will atleast launch with french and german translations.

@atrilahiji That was easy.

@marcusquinn Yes, it's searchable like the one in user's/group's view. The search only appears with more than 5 users.

An update on this. The i18n is going along well, I think @nebulon is ~80% done. Once we are almost there, we will let you guys know in the translations thread. There is a large number of strings to be translated. We plan to ship Cloudron 6 with the code being translatable while the actual translations will be made available whenever they get ready.

Email container now has solr integration! While search is fast and I can search body (and maybe in future release attachments as well), there is something strange about how IMAP searches work. It seems it will search only under INBOX without the mail client having support for ESEARCH IMAP extension. I am also trying to figure how various mail clients behave here. Hopefully, should get sorted out this week.

Other features are done.

Hi all,
Docker Registry is now available in the app store. Thanks to @mario for getting this going and @mehdi for some creative ideas on how to support this!

Code: https://git.cloudron.io/cloudron/docker-registry-app.git
Docs: https://docs.cloudron.io/apps/docker-registry/
App store: https://www.cloudron.io/store/com.docker.registry.html

IMPORTANT: this app only works with Cloudron 6.1. If you want to try immediately, you can go to Settings -> Check For Updates and update to 6.1.1. Unfortunately, there are a few small regression in 6.1.1 (for example, the app disk usage graphs are not working, sogo login is broken). So please update only if you can live with these issues. 6.1.2 should be on monday or so.

Most of the apps are updated to the new base image, yay! That was a lot of work but atleast we can be confident that the apps work with the latest databases. So, we will push out a 6.2 release very soon with the following:

• Move apps to new base image v3 - See https://forum.cloudron.io/topic/4366/docker-base-image-3-0
• Database upgrades - MySQL 8, Postgres 12, Redis 5, Mongo DB 4.2.
• Update node to 14.15.4
• Update docker to 20.10.3
• Make it possible to restore without updating DNS. This is useful if you want to test out cloudron backups.
• Add a way to manage apps <-> groups better. Currently, it's hard to get a grip on what apps a user/group has access to easily (maybe add filters as well).
• TLS addon (for DoT in AdguardHome)

@imc67 Ah yes, we used to call this "retire" back in the managed hosting days We used to show a page that the server is migrating. Incidentally, I just removed the retire script last night! It's really just systemctl stop docker box but of course these days you will see a "app is down page" instead of a better "migration in progress" page.

I have created https://git.cloudron.io/cloudron/box/-/issues/774 but it won't make it to this release.

Looks like a fantastic release - https://blog.taiga.io/taiga6-release.html

Cloudron package is not ready yet, but we are working on it.

Hi All,
A number of packages are currently marked as WIP now. Some of you have reached out and asked on what is blocking releasing them. What's blocking them essentially is automated tests. We maintain a large number of apps and as a small team what makes it possible for us to push reliable updates quickly is our automated tests. These tests, while it takes a bit of time to write them, help us in maintaining the package in the long run. Without the tests, we are simply not in a position to update apps quickly.

These automated tests are browser based selenium tests. The focus of the tests is not to focus on the app testing but to focus on the packaging. What the tests do is:

• Install the app the Cloudron. By convention, this is the 'test' subdomain.
• Open the app in a browser and login with admin credentials or Cloudron credentials and check if the login works
• Depending on the app, it will create something like a document or a post or file or chat message etc
• Restart the app and check if the app works
• Backup the app and then restore the app from the backup. Then we check if the above post/file/chat message is still around. This provides sanity test that the app is backing up properly
• Move the app to a different location. By convention, this is the 'test2' subdomain. Check if the app has the above post/file/chat. This checks if the package is setting up domain/app urls correctly.
• Finally, to test updates, it installs the current version of the app from the app store. It logs in and creates post/file/chat. It then applies the current app package build on top of the app store version and checks if data is still OK.

The tests while they follow a common pattern have to be individually tuned per app (specifically the login and the post/file/chat message is different for each app). Writing the tests requires some javascript knowledge and also some xpath knowledge but we have written tests for enough packages that we have automated all sorts of things. Just ask here and we can help.

Running existing tests

Before writing tests, the first thing to do is to simply start with ensuring you can run the tests of some existing package. For example, say https://git.cloudron.io/cloudron/minio-app . To run the tests:

• Install the cloudron CLI tool and do cloudron login
• git clone https://git.cloudron.io/cloudron/minio-app
• cloudron build
• cd minio-app/test
• npm install
• USERNAME=cloudronusername PASSWORD=cloudronpassword node_modules/.bin/mocha --bail test.js

The above will produce an output like this:

  Application life cycle test
    - build app
App is being installed.

 => Queued 
 => Cleaning up old install 
 => Registering subdomains 
 => Downloading image ..
 => Creating container .
 => Waiting for DNS propagation ..................
 => Wait for health check .....

App is installed.
    ✓ install app (37267ms)
    ✓ can get app information (735ms)
    ✓ can login (3062ms)
    ✓ can add bucket (1304ms)
...

Writing tests

To write tests, usually, I just copy an existing app's test directory straight into the new one. And then, I slowly start fixing the tests. Tip: you can just change it() to xit() to skip a test.

We have also not tested running tests on Mac or Windows. Though, I am confident that it works well or can be made to work well on Mac.

Long story short, if you can help us write tests for the packages, we can get it published almost immediately. Please let us know what information you require from us to help writing these tests.

OK, this is published as unstable now. I haven't really looked into the package code itself but I will take a look when I find the time this week. I created a n8n app category, so please continue discussing there.

To add to this, for home installations, I want to be able to push encrypted backups to a friend's cloudron (after he/she has given me permission, of course).