"Failed to open stream: Permission denied" for cache/data

are you on the package 1.13.2 ? just to get that out of the way.

@sponch you can check the mail headers. there will be header called X-Spam-Status and X-Spam-Report . You can paste those here. It will give a rough idea of what is being detected.

Hard to say what is going on. I tested on a new install and it seems to work as expected. Maybe something to report upstream? Alternately, just delete the old admin account?

@sponch are you training the spam filter? The bayesian filter of spamassassin requires training. you have to do this by periodically marking mails as "Spam" using the mail client.

@NCKNE said in EntraID / AzureAD LDAP wrapper:

Entra ID / Azure AD is not LDAP

TIL Had no clue, ignore my previous comment then. Just read about it a little more and it seems you need something called Azure AD DS per https://www.reddit.com/r/sysadmin/comments/120e71z/ldaps_with_azure_ad_tenant_bundled_with_office_365/

AD support seems to be something we should add directly to Cloudron's existing LDAP server, if this is deemed useful. Incidentally, Cloudron's ldap server is also based on ldapjs.

@andreasdueren yeah, I think the last line gives it away "only makes sense if you use the backend for nextcloud and mailserver" . So, it is taking the raw password that was given during nextcloud login and using it for the mail server. Seems a bit dangerous (to allow an app to get the raw password) but what do I know

@andreasdueren what does automatic configuration mean? the mail app stores the raw cloudron password (how does it authenticate?)

@mononym said in Updating Plugins:

gosu cloudron:cloudron bundle exec rake db:migrate
gosu cloudron:cloudron bundle exec rake assets:precompile

These two can be skipped, I think. The package does this already on a app restart (you should restart the app after you git update).

Did you check both ipv4 and ipv6? is there anything in the box logs?

edit: i was wrong, cloudron does not check ipv6 (cc @girish

maybe you can try host -t A <reverse-ip-address>.zen.spamhaus.org 127.0.0.150 on your server . This is what Cloudron does to determine if it's listed or not. If your IP is say 1.2.3.4, then reverse-ip is you have to look up 4.3.2.1.zen.spamhaus.org . If listed, it will return some loopback address

@marylou the mysql is not exposed to the world. It is internal. By Sheets, do you mean the SaaS product ? (or is this some plugin or something in LimeSurvey?).

Does Google Sheets support connecting via ssh tunnel? See https://docs.cloudron.io/guides/connect-mysql/

@khm_ oauth is the way forward. In recent future, email auth will also move to oauth. Just using passwords is not secure anymore.

I just tested it, you just need an app password from Cloudron . https://docs.cloudron.io/profile/#app-passwords . Choose Mail Client . Each user has to create one for the mailboxes they own and put it in nextcloud mail app. After that it works even after relogin.

@im-fabian it looks like the code is crashing somewhere and the crash error is not logged.

You are able to access the apps itself, correct? Since nginx/mysql are running, apps should be fine. It is the dashboard which is crashing non-stop .

Can you try this:

• Edit /home/yellowtent/box/src/users.js
• Just add a "return;" here - https://git.cloudron.io/platform/box/-/blob/master/src/users.js?ref_type=heads#L752 . Mostly because all the time code crashes in notifyLoginLocation
• systemctl restart box

@RedzzDragon it looks like mongodb is not running . If you click on the logs button, maybe it gives a hint as to why it's not running . There is a very small chance that you are using a server/CPU that does not support mongodb . Modern mongodb requires CPU to have AVX support. If this is the case, the logs will tell you as much.

(And to host WP, you don't need mongodb, it's fine if it's not running)

@IniBudi there should be incompatibility but afaik you don't need Ubuntu Pro for Cloudron. Any specific reason?

@DualOSWinWiz do you think "Encrypt DNS" in your router mean DNSSEC ? If that is the case, an idea is to just disable DNSSEC in unbound instead of for your domain . https://docs.cloudron.io/networking/#unbound .

@neoplex are you able to reproduce this by running the cron task manually? You can do this by Web Terminal -> Cron on the top. thanks

@jdaviescoates https://github.com/dani-garcia/vaultwarden/pull/3899 no?

@andreasdueren ah no, I was referring to the initial post. vaultwarden is fine because it doesn't have Cloudron SSO. This means that you can't get locked out of Vaultwarden and cloudron since they don't share passwords. In OPs situation, 2FAAuth app and Cloudron are sharing the same password (like in the case of a password manager storing it's own passworD)

Was discussing this with a friend yesteday and an analogy he gave me was this is like saving the password manager's password in the password manager itself This won't end well ultimately