Enabling features

Thank you. I read that WEB_AUTHN is also required for passkeys, though that seems explicitly disabled.

Can we then add support for passkeys, which seems like something most users here can use?

Enabling disabled features does not seem to work, possibly because of the read-only nature of the code path.

Enabling and disabling features @ keycloak

For example, I tried to enable all the experimental features and got this error.

I would appreciate any assistance here.

root@5363463a-79ec-415e-b263-fba477ce5607:/app/code/bin# ./kc.sh build --features="preview"
WARNING: The following run time options were found, but will be ignored during build time: kc.cache, kc.db-url, kc.db-username, kc.db-password, kc.hostname, kc.hostname-strict, kc.http-enabled, kc.http-host, kc.http-port, kc.proxy-headers, kc.proxy-trusted-addresses

Updating the configuration and installing your custom providers, if any. Please wait.
2025-02-08 13:37:06,809 INFO  [org.key.com.Profile] (main) Preview features enabled: admin-fine-grained-authz:v1, client-secret-rotation:v1, dpop:v1, passkeys:v1, recovery-codes:v1, scripts:v1, token-exchange:v1, update-email:v1, user-event-metrics:v1
2025-02-08 13:37:07,622 WARN  [io.qua.config] (build-11) Unrecognized configuration key "quarkus.smallrye-health.extensions.enabled" was provided; it will be ignored; verify that the dependency extension for this configuration is set or that you did not make a typo
2025-02-08 13:37:09,785 INFO  [io.qua.hib.orm.dep.HibernateOrmProcessor] (build-20) Persistence unit 'keycloak-default': Enforcing Quarkus defaults for dialect 'org.hibernate.dialect.H2Dialect' by automatically setting 'jakarta.persistence.database-product-version=2.3.230'.
2025-02-08 13:37:09,790 INFO  [io.qua.hib.orm.dep.HibernateOrmProcessor] (build-20) A legacy persistence.xml file is present in the classpath. This file will be used to configure JPA/Hibernate ORM persistence units, and any configuration of the Hibernate ORM extension will be ignored. To ignore persistence.xml files instead, set the configuration property 'quarkus.hibernate-orm.persistence-xml.ignore' to 'true'.
ERROR: Failed to run 'build' command.
ERROR: io.quarkus.builder.BuildException: Build failure: Build failed due to errors
        [error]: Build step io.quarkus.deployment.pkg.steps.JarResultBuildStep#buildRunnerJar threw an exception: java.nio.file.ReadOnlyFileSystemException
        at jdk.zipfs/jdk.nio.zipfs.ZipFileSystem.checkWritable(ZipFileSystem.java:370)
        at jdk.zipfs/jdk.nio.zipfs.ZipFileSystem.createDirectory(ZipFileSystem.java:708)
        at jdk.zipfs/jdk.nio.zipfs.ZipPath.createDirectory(ZipPath.java:742)
        at jdk.zipfs/jdk.nio.zipfs.ZipFileSystemProvider.createDirectory(ZipFileSystemProvider.java:186)
        at java.base/java.nio.file.Files.createDirectory(Files.java:700)
        at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:808)
        at java.base/java.nio.file.Files.createDirectories(Files.java:753)
        at io.quarkus.deployment.pkg.steps.JarResultBuildStep.buildThinJar(JarResultBuildStep.java:664)
        at io.quarkus.deployment.pkg.steps.JarResultBuildStep.buildRunnerJar(JarResultBuildStep.java:228)
        at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:733)
        at io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
        at io.quarkus.builder.BuildContext.run(BuildContext.java:256)
        at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
        at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2516)
        at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2495)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1521)
        at java.base/java.lang.Thread.run(Thread.java:1583)
        at org.jboss.threads.JBossThread.run(JBossThread.java:483)

ERROR: Build failure: Build failed due to errors
        [error]: Build step io.quarkus.deployment.pkg.steps.JarResultBuildStep#buildRunnerJar threw an exception: java.nio.file.ReadOnlyFileSystemException
        at jdk.zipfs/jdk.nio.zipfs.ZipFileSystem.checkWritable(ZipFileSystem.java:370)
        at jdk.zipfs/jdk.nio.zipfs.ZipFileSystem.createDirectory(ZipFileSystem.java:708)
        at jdk.zipfs/jdk.nio.zipfs.ZipPath.createDirectory(ZipPath.java:742)
        at jdk.zipfs/jdk.nio.zipfs.ZipFileSystemProvider.createDirectory(ZipFileSystemProvider.java:186)
        at java.base/java.nio.file.Files.createDirectory(Files.java:700)
        at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:808)
        at java.base/java.nio.file.Files.createDirectories(Files.java:753)
        at io.quarkus.deployment.pkg.steps.JarResultBuildStep.buildThinJar(JarResultBuildStep.java:664)
        at io.quarkus.deployment.pkg.steps.JarResultBuildStep.buildRunnerJar(JarResultBuildStep.java:228)
        at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:733)
        at io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
        at io.quarkus.builder.BuildContext.run(BuildContext.java:256)
        at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
        at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2516)
        at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2495)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1521)
        at java.base/java.lang.Thread.run(Thread.java:1583)
        at org.jboss.threads.JBossThread.run(JBossThread.java:483)

I'll wait for them to merge the fix then. Thanks.

Same problem with FIrefox.

This might be related to this issue.

Same problem. When I try to login to Pixelfed first, Comentario gives the same error.

I just realized what the problem was. I'm not sure if it can be fixed here or upstream.

I had PIxelfed installed on my root domain (While Comentario was installed on a subdomain in the same domain). Once I removed the cookies for Pixelfed, it started working again.

Whenever I try to sign up, I keep getting the error below.

I tried setting it up with and without OAuth support without success. When I do use the OAuth login option, I get another error complaining that the OAuth login failed (right when I press the button). Any ideas?

Invalid or missing XSRF token. Please reload the page and try again.
(CSRF token invalid)

{
  "headers": {
    "normalizedNames": {},
    "lazyUpdate": null
  },
  "status": 403,
  "statusText": "OK",
  "url": "https://comments.somesite.com/api/auth/profile",
  "ok": false,
  "name": "HttpErrorResponse",
  "message": "Http failure response for https://comments.somesite.com/api/auth/profile: 403 OK",
  "error": {
    "id": "xsrf-token-invalid",
    "message": "XSRF token is missing or invalid",
    "details": "CSRF token invalid"
  }
}

In case anyone needs it, I added support to dismiss the notification.

After the if node, assuming true, add another connection, a 'Loop over items' node, with a batch size of 1.

Connect the node's "loop" connection to a new function node with this code.

// Access the input JSON data
const item = $json;

// Ensure the structure is correct and 'filteredID' exists
if (item.filteredID && Array.isArray(item.filteredID) && item.filteredID.length > 0) {
    const notificationId = item.filteredID[0]; // Extract the first ID

    // Return the data for the HTTP Request node
    return {
        json: {
            notificationId: notificationId,
            acknowledged: true
        }
    };
} else {
    throw new Error("Invalid JSON structure or 'filteredID' not found.");
}

Then, connect the function node to a new HTTP request node with the method of 'POST', URL of "https://my.cloudron.site/api/v1/notifications/{{ $json.notificationId }}" (As an expression), same authorization header as the first HTTP request nodes, with the (JSON) body of:

{
  "acknowledged": true
}

I'm pretty sure this process can be written better, but this approach was quick and dirty. I've also adjusted the notifications to be sent via email rather than using NFTY, but that's a pretty straightforward step.

I had the same problem as you did. Turning off the discourse-follow plugin resolved the issue for me. It could be either that or one of your other plugins.

@nebulon Just did. Thanks again.

Quite a few.

The Angular error gets repeated a lot, and then:

Again, the Angular error gets repeated a lot. All with a similar error but different line codes.

This happens on a different browser as well. No blocking of any kind.

I do not see any graphs when entering into the settings of each graph. This seems to happen on all the apps.

Graphite is running and is allocated enough memory.

And collectd is running normally.

I am running on 22.04 / Cloudron 7.2.5. The graphs on the system info page show correctly.

Any ideas?

@micmc said in Amazon SES - DKIM:

Enter your domain name and click "create identity" that's it. No need to mess with the advanced dkim for now.

So that means I'll have to create the new DKIM DNS records regardless of the existing ones that Cloudron already created previously. Correct?

Hello,

I'm trying to set SES for my Cloudron, and I've encountered a problem with your documentation.

The docs mention "Go to Amazon SES dashboard and add a new domain to verify under Domains. Leave the Generate DKIM Settings unchecked since Cloudron has already generated DKIM keys".

There's no such option in SES.

The only two options are "Provide DKIM authentication token", and "DKIM signatures" (Which can either be enabled or disabled).

Using Cloudron's DKIM private key isn't possible, because then Amazon requires us to set a CNAME with a hostname (cloudron._domainkey. ) that is similar to the TXT field that Cloudron already sets, which isn't allowed.

So do your documents only refer to the signatures field?

Thanks in advance.

Hello,

Any chance of seeing oragono?

It's a complete ircd+services package which has an official docker repo and seems to support ldap out of the box.

https://github.com/oragono/oragono

Thanks in advance!