RE: default plugins not available

@girish thanks, they are now available and the ‘random short URL’ does work as expected!

Thanks for fixing this.

@girish said in AVX Support in your VPS/Server:

https://github.com/docker-library/mongo/issues/485

NetCup VPS 3000 G9: no AVX support
NetCup RS 8000 G9: AVX support
NetCup RS 4000 G9: AVX support

According to the YOURLS manual there should be a couple of default plugins available.

In the app package I see them in /app/code/user.orig/plugins but not in the app itself.

How can I activate at least random-shorturls?

@d19dotca said in App unresponsive due to error:

@imc67 - what did you increase yours to out of curiosity?

This my current config, it's 99% more stable than before:

<IfModule mpm_prefork_module>
    # On startup, start these many servers
	StartServers	10

    # At any given time, keep atleast these many servers
	MinSpareServers	10

    # At any given time, keep atmost these many idle servers (this is always >= MinSpareServers+1)
	MaxSpareServers 40

    # Maximum number of servers at any given instant. Requests will be queued after this
	MaxRequestWorkers	  256

    # Recycle process after handling these many requests. This protected against accidental memory leaks
	MaxConnectionsPerChild   1000
</IfModule>

@jayonrails
In Apple Mail on iOS :

@LoudLemur said in One Cloudron, Many Websites?:

Website.org with a NodeBB forum

Also forum.website.org so use subdomains to “save” your root domain for a website for example

@LoudLemur YES of course, that IS Cloudron

More and more mail clients are supporting BIMI for for digital certifying mails and show logo as proof.

What is BIMI?
Brand Indicators for Message Identification or BIMI (pronounced: Bih-mee) is an emerging email specification that enables the use of brand-controlled logos within supporting email clients. BIMI leverages the work an organization has put into deploying DMARC protection, by bringing brand logos to the customer’s inbox. For the brand’s logo to be displayed, the email must pass DMARC authentication checks, ensuring that the organization’s domain has not been impersonated.

With BIMI you can:
Display your logos on your emails.
Control the logos that display with your email messages.
Cultivate immediate brand recognition and enhanced user experience.

More information:
https://support.apple.com/en-us/HT213155
https://developer.apple.com/support/bimi
https://bimigroup.org

@girish said in App unresponsive due to error:

Indeed, fixing the values in that file is the correct fix.

The changed values result finally in a more stable situation.

This is not a high traffic site (5k month) and the only one created with Avada Theme and that's really a "monster".

@nebulon said in App unresponsive due to error:

do you have any plugin installed which may use websockets

I checked the inspector but couldn't find any

@privsec thanks for finding however the xmlrpc on my sites are always locked for security reasons.

However, after searching around the internet and this forum I combined some answers and tried the following:

In the filemanager there is a folder /apache/ and it contains a file mpm_prefork.conf.

There I changed the (very low values) to:

StartServers	10

MinSpareServers	10

MaxSpareServers 40

MaxRequestWorkers	  256

MaxConnectionsPerChild   1000

Let’s wait and see if this solves the issue.

One of my WP Dev apps is “crashing” regularly and this is the error message:

server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting

How can I increase this setting?

@nebulon indeed this one is

Was just exploring this app and it seems to work fine however since the initial Cloudron release they had many many update versions. Is this app for a reason not updated and/or still after 6 months “unstable”?

@nebulon for me it’s the same “issue” also bad rendered on the dashboard and your git.

MacOS, iOS, iPadOS all browsers

@BrutalBirdie said in Zabbix - network monitoring solution:

Yes but stopped since I had too much to do.
https://forum.cloudron.io/topic/3486/zabbix-appdev-log
btw. nice reminder. Maybe the new 3.0 base image helps with the issues I had.

Curious if you succeed already to create a Zabbix app? Once one know Zabbix one always want to use it everywhere.

@girish

@girish the middle name can be added in front of the last name. But hen what about the second first name? You wrote the Cloudron code only takes the first word and the last word?

@d19dotca @girish @nebulon after all the recent versions this is still not solved here

@nebulon same issue here, swap is on and stilll no disk stats

@girish then this will also give issues with people who has a double first name like Marie Therese van der Steen will be Marie Steen or double last names like Marie Therese van der Steen tot Oberndorff and that is also absolutely unacceptable.

Maybe the solution is simple: your code is trying to divide the first and last names. If you create only a First Name and Last Name field and migrate current users accoding to the current code. Then admins are able to correct all double first, lastnames and add middle names to lastnames?

btw: the names here are of course fiction but the names by itself do excist.

@robi @girish that’s what I do now manually in WP and FreeScout as there are no middle name fields too. So it becomes:

First name: Jan
Last name: van der Steen

Lately we got a new user who has a middle name like 'Jan van der Steen'.

I created the user and as always only have the "Full Name" field and filled in the full name 'Jan van der Steen'.

When this user logged into Wordpress it became 'Jan Steen' which is of course wrong. There I could change it and even after re-login it keeps it.

However: when this user logs into FreeScout it is also wrong but there if I change it to the correct version after re-login it is changed back to the wrong version.

Is it possible to split the "Full name" field in the mostly used "First name", "Middle name" and "Last name" and from then on propagate it correctly via LDAP to the various apps?

Hi, I really would like to connect our Synology NAS (DSM 7.1.1) to our Cloudron LDAP so our Cloudron users can login to the NAS with the same credentials. That saves a lot of time and issues with user management.

After some trial and error I got to a point where I can't solve the issue, who knows how to continue?

In Synology DSM there is a wizard to start the connection:

Step 1: (server IP and DNS IP's)

Step 2: Enter needed info, got inspiration from the Cloudorn docs
BIND DN: cn=admin,ou=system,dc=cloudron
Password: set in LDAP Cloudron
BASE DN: ou=users,dc=cloudron

Step 3: check and join, first 3 checks succeeded but 4th one failed:

Details:

@nebulon it's up again

when visiting the site you're not able to because of:

MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

@msbt @girish same here on 7.3.4

Dec 06 21:53:20 box:apphealthmonitor app health: 27 running / 2 stopped / 0 unresponsive
Dec 06 21:53:23 box:tasks startTask - starting task 12679 with options {}. logs at /home/yellowtent/platformdata/logs/tasks/12679.log
Dec 06 21:53:23 box:shell startTask spawn: /usr/bin/sudo -S -E /home/yellowtent/box/src/scripts/starttask.sh 12679 /home/yellowtent/platformdata/logs/tasks/12679.log 0 400
Dec 06 21:53:23 box:shell startTask (stdout): Running as unit: box-task-12679.service
Dec 06 21:53:24 box:shell startTask (stdout): Finished with result: exit-code
processes terminated with: code=exited/status=50
runtime: 750ms
Dec 06 21:53:24 box:shell startTask (stdout): Service box-task-12679 failed to run
Dec 06 21:53:24 box:shell startTask (stdout): Service box-task-12679 finished with exit code 1
Dec 06 21:53:24 box:shell startTask code: 1, signal: null
Dec 06 21:53:24 box:tasks startTask: 12679 completed with code 1
Dec 06 21:53:24 box:tasks startTask: 12679 done. error: {
stack: "TypeError: Cannot read properties of undefined (reading 'contents')\n" +
' at getDisks (/home/yellowtent/box/src/system.js:106:60)\n' +
' at processTicksAndRejections (node:internal/process/task_queues:96:5)\n' +
' at async updateDiskUsage (/home/yellowtent/box/src/system.js:182:19)',
message: "Cannot read properties of undefined (reading 'contents')"
Dec 06 21:53:24 box:shell startTask (stdout): 0 (process group ID) old priority 0, new priority 0

@jdaviescoates said in Fix for kernel bug in Ubuntu 20.04 causing various issues:

@imc67 I've not tried yet, but I'm interested in why @girish recommends the kernel reversion as opposed to updating Ubuntu 22.04?

was thinking about that too, but then first you need to update Cloudron to 7.3.2 and that's not stable yet? Or won't even update because of the issues?

@girish was anyone succesful in reverting the kernel (especially on NetCup)?

@nebulon sorry to say but OpenHAB was not in the top 100 of the app wishlist! Why not focus on the top 20 of not created apps? Is Cloudron still a personal hobby project?

@girish for backups yes

@fbartels https://forum.cloudron.io/topic/8032/apps-stuck-updating-cleaning-up-old-install-even-after-stopping-restarting-task/

@jdaviescoates @girish me too

@girish nope still on 7.2.5

@avatar1024 same here on one of my 4 NetCup Cloudrons 2 apps hung in this task, after rebooting the server from the Cloudron GUI (2 days ago via the NetCup GUI) it was solved.

@d19dotca was it solved then? I've never seen a full list of green dots while it should be.

@LoudLemur on Cloudron there is already the 5.4.2 version, the only difference between the two is a typo correction?

@LoudLemur I think the screenshot is from version 3.x. In 5.x it's in the same screen (Question summary) but it's now a drop-down button called Tools.

@imc67 one way to solve it (temporary?) is to clear cache and cookies

Maybe a coincidence but last night I did a server reboot and this morning some users discovered that the File Explorer tab in Nextcloud is blank/empty, it doesn't show any file while there is a 123GB with files and searching for files makes it possible to find and open. A stop/start of the app didn't helped.

After some debugging I discovered that it was only on Firefox and gives a lot of browser console errors and warning (see below). In Safari Nextcloud File browser does work but with same warnings (no errors) as in Firefox.

Does anyone know what this could be?

No OC found index.js:46:4
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
Handlebars is deprecated: please ship your own, this will be removed in Nextcloud 20 globals.js:62:15
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
jQuery is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. globals.js:62:15
$ is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. globals.js:62:15
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
Uncaught TypeError: OCA.Files.FileList is undefined
    46658 sharedfilelist.js:28
    Webpack 4
sharedfilelist.js:28:5
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
Proxying an event bus of version 2.1.1 with 1.3.0 major.js:2:14
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
jQuery is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. globals.js:62:15
Handlebars is deprecated: please ship your own, this will be removed in Nextcloud 20 globals.js:62:15
Uncaught TypeError: OCA.Files.FileList is undefined
    99641 systemtagsfilelist.js:38
    Webpack 7
systemtagsfilelist.js:38:7
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
jQuery is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. globals.js:62:15
$ is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. globals.js:62:15
Handlebars is deprecated: please ship your own, this will be removed in Nextcloud 20 globals.js:62:15
Proxying an event bus of version 2.1.1 with 1.3.0 index.es.js:2337:14
[WARN] viewer: Some mimes were ignored because they are not enabled in the server previews config 
Object { app: "viewer", uid: "admin", ignoredMimes: (3) […] }
ConsoleLogger.js:37:16
$ is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. 2 globals.js:62:15
jQuery is deprecated: The global jQuery is deprecated. It will be removed in a later versions without another warning. Please ship your own. globals.js:62:15
Uncaught TypeError: OCA.Files.fileActions is undefined
    registerAction main.js:322
    each jQuery
    registerAction main.js:318
    initPage main.js:548
    <anonymous> main.js:554
    <anonymous> main.js:556
main.js:322:13
Gebruik van Mutation Events wordt niet meer ondersteund. Gebruik in plaats daarvan MutationObserver. listener.js:151:11
Proxying an event bus of version 2.1.1 with 1.2.0

https://github.com/owncast/owncast/releases/tag/v0.0.12

@shan @girish I recognize similar effect but was in time because I use a seperate Zabbix server with triggers.

This was my situation after long long search:

1. since Cloudron doesn't notify admin by mail if there is something wrong like 'backup not succeeded' or 'CIFS connection lost' after a few days I noticed backup failure because of CIFS disconnection.
2. I reconnected and everything seemd fine, except in Zabbix I noticed the disk usage graph was increased
3. long story short: when I umount the CIFS I noticed the "hidden" backup at the mount path (before connecting)! I deleted all backups there and mounted again: SOLVED

This same issue was on 2 of my 4 Cloudron Premium servers.

@girish any news? Also in Nextcloud and probably all other file and photo apps on Cloudron HEIC is not working because of Cloudron core (apps do support it it seems).

@jdaviescoates

use this in the app CLI:

wp search-replace https://domain1.coop https://domain2.coop --dry-run

You see the dry run results, if there is something to change just do it again without --dry-run

@guyds @nebulon @girish after all these months its a pity that this issue is not fully solved, if it happens it has a huge user impact as they receive certificate errors on their devices.

On 1 of my 4 Cloudrons Premium it again happens just minutes ago, the mail.domain certificate was expired at 13:00h (CEST) today. After 45 minutes I discovered myself and restarted the mail server, now the expiry date gives:

notBefore=Jul 16 11:00:49 2022 GMT
notAfter=Oct 14 11:00:48 2022 GMT

The other 3 are giving:

notBefore=May 24 11:05:39 2022 GMT
notAfter=Aug 22 11:05:38 2022 GMT

notBefore=May 23 23:00:54 2022 GMT
notAfter=Aug 21 23:00:53 2022 GMT

notBefore=May 24 23:01:26 2022 GMT
notAfter=Aug 22 23:01:25 2022 GMT

So it seems and looks like all 3 of them will get expired as they are not (copied???) refreshed in time?

BTW: please remove the SOLVED label as it is definately not solved.

@girish tried the plugin but alas it doesn't work, maybe it's too old and/or doesn't work with LDAP and/or I'm doing something wrong....

I guess we have to wait for native support as you wrote earlier.

Tried with LDAP user:

May 12 21:27:53 [videos.domain.tv:443] 2022-05-12 19:27:53.656 info: Login success with auth method ldap of plugin peertube-plugin-auth-ldap for ***admin user ldap***.
May 12 21:27:53 [videos.domain.tv:443] 2022-05-12 19:27:53.659 info: Bypassing oauth login by plugin peertube-plugin-auth-ldap.
May 12 21:27:53 [videos.domain.tv:443] 2022-05-12 19:27:53.671 warn: Login error {
May 12 21:27:53 "err": {
May 12 21:27:53 "statusCode": 400,
May 12 21:27:53 "status": 400,
May 12 21:27:53 "code": 400,
May 12 21:27:53 "message": "Invalid grant: user credentials are invalid",
May 12 21:27:53 "name": "invalid_grant",
May 12 21:27:53 "stack": "invalid_grant: Invalid grant: user credentials are invalid\n at new InvalidGrantError (/app/code/server/node_modules/oauth2-server/lib/errors/invalid-grant-error.js:27:14)\n at /app/code/server/dist/server/lib/auth/oauth.js:77:19\n at Generator.next (<anonymous>)\n at fulfilled (/app/code/server/node_modules/tslib/tslib.js:114:62)\n at runMicrotasks (<anonymous>)\n at processTicksAndRejections (node:internal/process/task_queues:96:5)"
May 12 21:27:53 }
May 12 21:27:53 }

Tried with local admin:

May 12 21:28:42 [videos.domain.tv:443 peertube-plugin-auto-import-ytb] 2022-05-12 19:28:42.639 warn: Error during the credential validation : Error: Cannot get access Token : Bad Request
May 12 21:29:14 [videos.domain.tv:443] 2022-05-12 19:29:14.003 info: 172.18.16.14 - - [12/May/2022:19:29:14 +0000] "GET /api/v1/oauth-clients/local HTTP/1.1" 200 99 "-" "node-fetch/1.0 (+https://github.com/bitinn/node-fetch)"
May 12 21:29:14 [videos.domain.tv:443] 2022-05-12 19:29:14.015 info: 62.238.0.0 - - [12/May/2022:19:29:14 +0000] "PUT /api/v1/plugins/peertube-plugin-auto-import-ytb/settings HTTP/1.1" 204 - "https://videos.domain.tv/admin/plugins/show/peertube-plugin-auto-import-ytb" "Firefox"
May 12 21:29:14 [videos.domain.tv:443 peertube-plugin-auth-ldap] 2022-05-12 19:29:14.119 warn: Cannot login ***local admin*** in LDAP plugin. {
May 12 21:29:14 "err": "no such user: \"***local admin***\""
May 12 21:29:14 }

@rmdes @girish install still fails

@girish ?

There is a small bug with uploading a logo (configuration - general - logo), it looks like its not saved and there is an error in the logs (home):

open webroot/thumbnail.jpg: read-only file system

@girish just for inspiration I found an easy way to configure and manage WireGuard in Docker:

https://github.com/WeeJeWel/wg-easy

This can make the long awaited WireGuard app on Cloudron also easy?

@atridad @girish really curious when the app will be there in the app store?

@doodlemania2 could it be that:

1. there are self registered "users" you don't know
2. that these users use your Vaultwarden Send to send spam maybe even with ("phishing") attachments?

I think it's good to have a look at the users and their Sends?

@nebulon very good news!!

How do we disable anonymous access so only LDAP?

@girish is it something I can do right now?

@girish I think it's somewhat irresponsible to set app updates to an upcoming not stable platform version. Especially as this chatwoot app contains security updates. Same with AdGuard, this also has security updates but also that app requires 7.1.

@girish thanks for your quick response.

The current list with IPv4 was exactly 1MB, I wanted to add some IPv6 altogether 1.1MB and got the error.

I tried to add IPv6 ACL to the Firewall but received this error message:

<html> <head><title>413 Request Entity Too Large</title></head> <body> <center><h1>413 Request Entity Too Large</h1></center> <hr><center>nginx</center> </body> </html>

@girish said in What's coming in Cloudron 7.1:

@girish said in What's coming in Cloudron 7.1:

Final update before the release. Initial, IPv6 support is in - all the DNS backends have been updated to support AAAA records. There is a checkbox in the Network view to enable the IPv6 support.

This is currently "experimental". Currently, there is a lot of complications and unknowns wrt docker's ipv6 support. I will make a separate post about this, but for Cloudron, the initial iteration the plan is to enable IPv6 only for HTTP(S) services. Essentially, the apps will have IPv6 support but not any exposed ports (like say the git port) nor the email server.

We figured this one out and IPv6 support will be complete in 7.1. It will support export ports and the email server from the get-go! But as mentioned in previous comment, please hold on before updating if your Cloudron instance is critical.

Just updated to 7.1.2 I noticed I had to 'save location' of the apps to add the AAAA records. However the mailserver and Cloudron access URL still don't have AAAA records, not even after restarting the mailserver. Is this expected?

@nebulon after 7 hours it’s still not available

@nebulon Restic is a solid and fast solution for this: https://forum.cloudron.io/topic/1575/backup-improvements-restic-backend