Cloudron Forum

Yes, problem solveld. Thank you!

@Jan-Macenka The sync dns also syncs the mail related dns settings. There should also be an event in the eventlog indicating the dynamic dns updated your dns (or not). When things are going out of sync, can you check what it says in the event log?

@Jan-Macenka as a follow up.
This module is for the acme protocol: https://datatracker.ietf.org/doc/html/rfc8555

And if I understand this module and everything correctly this will not auto renew on the system it self.
So you will have to run the ansible deployment again to renew the certs.

For the BigBlueButton Role I maintain I've written a task for installing acme.sh to manage the cert of the deployment.

https://github.com/ebbba-org/ansible-role-bigbluebutton/blob/master/tasks/certificate-letsencrypt.yml

I also turned this into a standalone Role for my company but not published it since its such a little role/task.

Maybe this can help you even further.

ps: big thanks for the beer 🍻 @Jan-Macenka

Blocking /metrics and /health endpoints for Apps by default

I'd also like to track Jellyfin which I love to run as an cloudron App. It comes with pre installed Prometheus endpoint according to the documentation which I'd like to use. The default Cloudron-location for this file is /app/data/jellyfin/config/system.xml
However I dont want to expose this endpoint to the public Internet. Any Ideas how I could prevent this?

If we find a good solution, I think it would be best to have the /metrics and /health endpoints blocked by default because Cloudron-Admins most likely dont want to expose these to the Internet anyway.

@girish would you have an Idea where I could apply such a config change?

Best regards and thanks for the answer in advance 🙂

PS: Will gladly contribute to the Documentation as we found a good solution. I just fell down the rabbit hole to a certain degree in advancing my home-lab more towards a real data-center 🙂