Open AI Integration

I haven’t spend a lot of time in tandoor, but I really find the ui unappealing.

Also an interesting side fact: you can connect self hosted LLMs as long as they support the open ai api. It’s also mentioned in the docs.

Just stumbled upon this and thought this might be interesting for others as well: Mealie has an integration with Open AI which enables importing recipes from images. Worked really well in my tests.

To enable this you'll need an API key and at least Tier 1 which you'll get after depositing 5$, see also https://docs.mealie.io/documentation/getting-started/installation/open-ai/.

For cloudron simply open the env file in the file manager and add OPENAI_API_KEY=<your_key>.

A shared cloudron base image gives you at least all the dependencies needed for accessing the addons like databases, also the shared layer should result in less storage consumption when running many apps on one server.

Im running a nuxt.js/vue.js app I’m building for myself on cloudron. Feel free to reach out to me, I’m guessing it shouldn’t be too different from react/next.

I’m using multi stage dockerfiles for my projects, works like a charm. Only for final stage I use the cloudron base image.

@girish just wanted to check this but my /.well-known/openid-configuration endpoint doesn't list the picture claim?
Am I missing something? I'm on v7.7.2.

"claims_supported": [
    "sub",
    "email",
    "email_verified",
    "family_name",
    "given_name",
    "locale",
    "name",
    "preferred_username",
    "sid",
    "auth_time",
    "iss
]

Tbh not really but I am check with my own app if I’m getting anything

So here's a little sum up how I do it:

1. Create dockerfile

ARG nodeversion=21-bullseye

# build stage using standard node container
FROM docker.io/node:$nodeversion AS builder

WORKDIR /app

# copy & install dependencies
COPY package.json yarn.lock .yarnrc.yml ./
COPY .yarn/ .yarn
RUN yarn install
# copy source code & build
COPY . .
ENV NODE_ENV=production
RUN yarn build --standalone 

# use cloudron base image for running the app
FROM docker.io/cloudron/base:4.0.0@sha256:31b195ed0662bdb06a6e8a5ddbedb6f191ce92e8bee04c03fb02dd4e9d0286df

WORKDIR /app
ENV NODE_ENV=production

# copy built files
COPY --from=builder ./app/.output ./.output/
# start script for execution of the app, make sure its executable
COPY --from=builder ./app/start.sh ./
RUN chmod +x /app/start.sh

# set the port and host and expose the port
ENV HOST 0.0.0.0
ENV PORT 8000
EXPOSE 8000

# start the app using start script
CMD [ "/app/start.sh"]

2. Create start.sh

#!/bin/bash

set -eu

# set any environment variables here, e.g. database connection details

# run the server
node .output/server/index.mjs

3. Create CloudronManifest.json
   Nothing special here, follow documentation from Cloudron, set app details, add addons, set exposed port, etc.
4. Create CI/CD pipeline
   This depends a bit on your runner setup, I'm using a custom gitlab runner package on Cloudron I build for myself + the cloudron build service app. This has some quirks but works for me. Its a docker in docker runner but without access to the docker.sock its not possible to run docker commands itself (or at least didn't figure out how). Normally you'd need access to the docker.sock which is not possible with app packages and a security risk.
   Nevertheless here's a sample of my .gitlab-ci.yml

stages:
  - stage

deploy_stage:
  stage: stage
  image: node:19
  environment:
    name: STAGE
  variables:
    BUILD_SERVICE: 'https://builderbot.serverdomain.de'
    FQ_IMAGE_NAME: 'docker.serverdomain.de/imagepath'
    TAG: pre
  only:
    - main
  script:
    - npm install -g cloudron
    - cloudron build --tag $TAG --set-build-service $BUILD_SERVICE --set-repository $FQ_IMAGE_NAME --build-service-token $CI_BUILD_SERVICE_TOKEN
    - cloudron update --server my.serverdomain.de --token $CI_CLOUDRON_TOKEN --app appsubdomain.serverdomain.de --image docker.serverdomain.de/imagepath:$TAG
    #- cloudron install --server my.serverdomain.de --token $CI_CLOUDRON_TOKEN --location appsubdomain.serverdomain.de --image docker.serverdomain.de/imagepath:$TAG

For first run you need to use install cli cmd and afterwards update. Hence I always keep it commented out in the pipeline in case I need to reinstall the app from scratch. A combined command for this would be brilliant *hint *hint @girish

Apart from that there's a little more to it in terms of one time setup which I ommited:

• Setup private docker registry in Cloudron (alternative use a public registry)
• Register the gitlab runner in gitlab
• Setup secrets in gitlab, e.g. Cloudron access tokens
• might be more I've forgotten, as always once setup things get blurry in memory

My code might be a bit to specific for my way of doing it, but I can try to give more details when I find the time.

I’m building a nuxt.js app myself (same as next but for vue). I find it relatively easy to build a custom docker image for cloudron. Using gitlab + gitlab runner on cloudron to build the app and push a docker image to the internal docker registry and deploy it from there to cloudron. Even got 2 versions of the app running for some test staging.

FYI the changed username fixed it, everything is running fine now.

@subven You might be right, noticed my username is different from the one on Cloudron, changed it to mach the Cloudron Username and will try again after I return from Vacation. @girish guess you can make the update stable for now. I've disabled automatic update on my Cloudron until I return.

@girish no, admin user has a generic email.
Happy to help debugging if I can do anything, but I'll be on vacation starting tomorrow for a week, so it would have to wait til next week.

@girish I'm only using it myself, so the only accounts active are my own account through LDAP, an admin account and a couple of bots.

Something went wrong with the OIDC migration in v1.88. I can't login any more. Using Sign in with Cloudron gives me an "Email already in use" error.

Reverted back to v1.87 for now.

Unless I'm missing something the profile information provided by the build in oidc provider doesn't seem to include the users profile picture.
Would it be possible to include this as well?

@brianb you can compile your app as self contained. It will eliminate the need of having the .net framework installed in the cloudron base images.

@robi but this would mean I’d have to change the container runtime on my cloudron server to achieve that, or am i mistaken?

I had this running like this a while back. It works fine if you feel comfortable spinning it up manually on your server. Something to remember is to backup this stuff manually as obviously it will not be part of any automatic cloudron backups.
I did run it using the docker in docker mode which means you have to mount the docker sock. Maybe not the best idea to give a build agent access to the docker system running your production cloudron images.
Hence I have abandoned this eventually and running now a gitlab runner as a custom cloudron app. Has some downsides as well, like docker in docker not working (at least didn’t figure out how to do this).

Has anyone tried setting up oidc authentication with cloudron?

Getting a "oauth2: "invalid_grant" "grant request is invalid"" error when cloudron redirects back to vikunja after authentication.