Vikunja - The to-do app to organize your life.

https://vikunja.io/
https://code.vikunja.io/

First off, I hope all you guys are staying safe in these tough times! Our team is split in Santa Clara and Berlin and we are doing well!

5.1 will be a quick release. There are a bunch of security related fixes but the main feature is the integration of turn addon/service into the platform. This will help us get the video conference apps in asap since it's the need of the hour.

We are continuing to work on getting many more of the apps published, see the WIP tag. Thanks to the community for really helping us out here!

CHANGE IN PLANS: As mentioned in the 5.4 post, we decided to release some of the features listed here in an intermediary release. I have marked the features below as such.

UPDATE 2: There is now a 5.5

UPDATE 3: There is now a 5.6

UPDATE 4: 6.0

6.0 will be a feature rich release:

• Focal support
• Mailbox sharing - we tried IMAP based mailbox sharing but this doesn't work well for the apps we have. We will instead make it such that a single mailbox can have multiple owners.
• Optimize WP and Nextcloud installations. This is not directly related to box code but we want to speeden things up and optimize the configs since we have a large number of installs with these 2 apps. @MooCloud_Matt has given us a lot of ideas to work with here.
• Unified dashboard for multiple cloudron setups - This will provide a unified auth across cloudron setups plus a single dashboard to control multiple cloudrons. Details are still being worked on and I will post it once I have more info.
• Fix access control for service provider setups - There's a few small issues. Service providers wants admin flag per app, better control of SFTP user management and also to unify PHPMyAdmin across apps. We will see what we can do.
• Mail - Full text search via IMAP (solr integration)

Already released

• (5.4) Dark mode for dashboard
• (5.4) File manager UI to edit the files inside apps. For the initial version, one can only view and edit the files under /app/data (i.e one cannot view the files in the read-only parts of the file system. this is because of some technical reasons)
• (5.5) Backup upload/download speed - Currently, backups can be quite slow but we have some ideas to speed it up
• (5.4) Allow admin to lock email and display name globally. This essentially makes the LDAP directory non-editable by normal users.
• (5.5) Allow backup and update time to be set. Currently, this is all hard coded and it's causing problems for people working in the night
• (5.6) Mail: Configurable mail server settings - whitelist/blacklist, max message size, tls configuration. In the next release after 6.0, we will make spam settings configurable.

For the coming weeks, we are going to focus on getting some new apps packaged. The list is:

• OnlyOffice
• Bitwarden - @Felix and @iamthefij have done much of the heavy lifting, we just have to get it across the line.
• OpenVPN - We will add an admin interface that let's the admins configure some popular vpn settings.
• BigBlueButton or Jitsi (we will evaluate which works well for conferencing. We have used both and they both work well but BBB might win). If you have any thoughts here, please leave a comment.
• Development apps - basically provide a git push workflow for hosting custom nodejs/php apps (and make it work so that they can be mixed with various caches and databases).

If we should prioritize something else, please let us know! But the above should keep us occupied this month.

What we initially planned as Cloudron 4.5 is now Cloudron 5. We decided to bump the major version since it got a lot of changes to justify the bump.

New installations will already get Cloudron 5. Existing installations will get an update in a week or two. We roll out updates conservatively as always, if you want it immediately, please just send a mail to support@cloudron.io and we will make it available.

I am preparing the blog post which will have the screenshots for the features.

Changes:

• Add user roles - owner, admin, user manager and user

• Show backup disk usage in graphs

• Mail server event log and mailbox usage information

• Spam auto-learning - the spam solution is now per mailbox. The mail server will now periodically auto learn spam and ham from the mailbox with no user intervention.

• CPU resource allocation - We have implemented CPU Shared

• Whitelabel the footer/404

• App specific passwords

• Import backups UI - this lets you easily move apps across Cloudrons

• Display timestamps in browser timezone in the UI

• linode: add object storage backend

• Enhancements in the built-in LDAP to better support SOGo (more on this in a separate post).

There's a lot of other bug fixes as well. You can read through the commits for that

We are continuing to work on getting many more of the apps published, see the WIP tag. Thanks to the community for really helping us out here!

Features planned for 6.0:

• Ubuntu Focal 20.04 support
• Mailbox sharing - we tried IMAP based mailbox sharing but this doesn't work well for the apps we have. We will instead make it such that a single mailbox can have multiple owners.
• Optimize WP and Nextcloud installations. This is not directly related to box code but we want to speeden things up and optimize the configs since we have a large number of installs with these 2 apps. @MooCloud_Matt has given us a lot of ideas to work with here.
• Mail - Full text search via IMAP (solr integration)
• Volume management - this will allow mounting paths on the host into apps.
• i18n

We removed the unified dashboard for now. @nebulon and I think it will take a good 1-2 months to implement and test and we want to keep the releases going. We will start implementing unified dashboard in a branch.

You can read the full announcement in our blog here.

Feature:

• Ubuntu 20.04 LTS (Focal) support. For existing installations. the upgrade to Ubuntu 20.04 is not automatic and you have to follow this guide to upgrade.
• i18n - Cloudron is now fully translatable.
• Volumes - this allows users to mount server paths into one or more app containers. Volume docs
• Mailbox Sharing - via IMAP ACLs. Please note pre-6.0 installations have to migrate using this guide for mailbox sharing to work. This step is not automatic because some email clients may have to be re-setup.
• Group Mailboxes
• Mail Full Text Search
• File Manager improvements - New file, extract, download dir
• Ad Blocker apps
• Branding: footer can have template variables like %YEAR% and %VERSION%
• SFTP access is disabled for non-admins by default. This is a breaking change.
• Postgresql: whitelist pgcrypto extension for loomio.
• Linode DNS is now enabled in the Cloudron setup wizard.
• Log file names are more descriptive on download.
• The proxyAuth addon can be used to setup an authentication wall in front of the app. See docs for more information.
• Elasticemail is a cost-effective email relay option. You can choose Elasticemail as a relay provider in the outbound settings.
• AWS S3: Add China region
• Security: fix issue where apps could send with any username (but valid password)
• rsync backups: add UI warning to remove lifecycle rules
• collectd: remove collectd config when app stopped (and add it back when started)
• Disable THP
• Add export route for apps
• mail: on location change, fix lock up when one or more domains have invalid credentials

(We split the features into two release 6.2 and 7.0, they are tagged appropriately below)

Features planned for 7.0:

• (6.2) Move apps to new base image v3 - See https://forum.cloudron.io/topic/4366/docker-base-image-3-0
• (6.2) Database upgrades - MySQL 8, Postgres 12, Redis 5, Mongo DB 4.2.
• (6.2) Update node to 14.15.4
• (6.2) Update docker to 20.10.3
• (7.0) Multihost support. i.e you can have many servers and have a single dashboard to manage users, apps and domains - https://git.cloudron.io/cloudron/box/-/issues/142
• (7.0) Implement LDAP+2FA across apps - See https://git.cloudron.io/cloudron/box/-/issues/705
• Add service account type . This will add a way to create a "service" or bot user that can be used for automation but doesn't appear in LDAP directory queries. Decided against this because of lack of use cases.
• (6.2) Make it possible to restore without updating DNS. This is useful if you want to test out cloudron backups.
• (6.2) Add a way to manage apps <-> groups better. Currently, it's hard to get a grip on what apps a user/group has access to easily (maybe add filters as well).
• FTP access to volumes This is complicated, maybe some other release.
• (6.2) TLS addon (for DoT in AdguardHome)

http://easyappointments.org/

This is a selfhosted calendly. https://github.com/FredericCasazza/easyappointments-ldap_user_provider has some LDAP integration code.

I have added a new category called Apps - https://forum.cloudron.io/category/9/apps . I am slowly adding all the apps we have into it as subcategories. It seems this might work better than tags (people are mistyping tags) and also provides a better direction/place for people to post.

Ideally, we keep the current Support category to Cloudron platform related issues. I am moving existing Apps related posts this new category.

Finally, we will start posting app updates in these new categories. Basically, https://cloudron.io/appstatus.html with a changelog. But since now apps are a separate category we can post it a bit more freely without being concerned about polluting the main support category.

OpenSlides is the all-in-one solution for running your plenary meetings and conferences. Show the current presentation on the main screen, while you show the agenda, motions, list of speakers on others. Working on elections and documents in parallel with all participants. Web-based and always up-to-date.

https://openslides.com/en
https://github.com/OpenSlides/OpenSlides

Another brief update:

• We added auth wall functionality that apps without any notion of login can use
• i18n is mostly done, just lots of testing before we let translators do their work. @nebulon can give some updates on how the language is selected etc.
• We added httpPaths functionality so that @MooCloud_Matt can work on his OLS app. Also, see https://forum.cloudron.io/topic/3755/apache-ols-and-nginx-custom-benchmarks/5
• Reworked a lot of the internal dns stuff, so that we can have apps as dns servers (ad blocker apps)
• solr fts search was merged today.

Looks like we are set for a release next week!

https://github.com/photoprism/photoprism

Hi All,
Small change in plans for the Cloudron releases. Previously, we had announced that next release will be Cloudron 6. It turns out some of the features are in good shape already and we just want to get it out instead of waiting for everything to get done.

So, there will be a 5.4 release, hopefully later this week, with the following features:

• Dark mode for dashboard
• File manager UI to edit the files inside apps. For the initial version, one can only view and edit the files under /app/data (i.e one cannot view the files in the read-only parts of the file system. this is because of some technical reasons)
• Allow admin to lock email and display name globally. This essentially makes the LDAP directory non-editable by normal users.
• Mandatory 2FA - this is new feature that wasn't announced as part of 5.4! This will require users to setup 2FA before accessing the dashboard.
• We are moving nginx to latest upstream packages instead of ubuntu ones since they are lagging behind a lot.
• Backblaze b2 provider - also new

Demo: https://watch.owncast.online

Github: https://github.com/owncast/owncast

Documentation: https://owncast.online

Some big news: We will be adding i18n support in Cloudron 6. This work is being sponsored by Medias-Cite and their Cloudron project OSINUM. Thanks @Benoit ! As part of the work, we will also package the Weblate app (for translations).

Back in the day, we had an "oauth proxy" for apps that didn't support any authentication to put up an auth wall. This was brought up https://forum.cloudron.io/topic/1451/alternative-to-oauth-proxy . We removed that proxy when we removed OAuth support altogether.

Recently, there is a bunch of apps that require an auth wall including:

• Prometheus server/alert manager
• Cloud torrent
• Transmission
• Apps like surfer
• Many of our internal apps

I have put in this "proxy auth" feature in Cloudron 6. Just have to add it to addons in the manifest like:

"addons": {
    "proxyAuth": {}
}

Just like the ldap addon, user can then select which users/groups can authenticate. If the manifest also has optionalSso, then user can choose to let the app have no auth wall altogether.

When using this feature, two routes are "reserved" - /login and /logout. Some benefits of having this on the platform side (as opposed in the app are):

• 2FA login
• Session management in the user's profile page. i.e can logout from apps etc
• Easier for us to maintain this feature. Currently, this feature has already been re-implemented in the apps using 3 different stacks - nginx/apache/node...

I took a lot of inspiration from https://github.com/andygock/auth-server and @mehdi's transmission code. So, big thanks to them!

Some updates on volume management. There is now a volume view.

You add a host path as a volume and give it a name. This is most likely some EBS/external hard disk/Block Storage. There is also the file manager integration (the button next to the delete button).

You can then go to the app view and mount these volumes into the apps. There is a new Storage section.

There is a section overload in the app configure view We are looking to reducing the list of sections in the left pane. It's making things hard to find.

I recorded a quick video showing host the tests run. The browser on the left is my Firefox that just shows the Cloudron dashboard. The browser that appears on the right is Chrome and it is where the automated testing happens.

Youtube Video

EDIT: OK, this is funny. @nebulon was wondering why I had some dark music in the video. I thought I had recorded a silent video and did not even know there was some background music Investigating, I found out that my youtube at some point has started auto-playing "3 HOURS Most EPIC POWERFUL BATTLE MUSIC"! and OBS was happily recording that. Since, I don't have a headset connected to this setup, I had no idea. Funnily, when I uploaded this video, it immediately told me there is a "copyright claim" and I thought "yeah, right". Now I know why.

@jdaviescoates For pricing, as mentioned, we just offer discounted pricing on a case by case basis. Given we are a small company ourselves, we don't want Cloudron pricing to be a blocker for another business relying on us. We have a dozen or so re-sellers and they are generally IT admins, sysadmins who host for co ops, non-profits and schools.

As for Cloudron the company itself, we are profitable and pay ourselves a salary, and I can say we are not going away anytime soon. We are completely bootstrapped and haven't tried to ever raise money nor do we plan to. Future wise, one thing we really want to happen it is to grow to a size where we can start supporting upstream opensource apps - either by contributing with people or funding them.