ChatPad on Cloudron - ChatGPT Artificial Intelligence Interface

Premium quality UI for ChatGPT
Web App & Desktop App

Recently, there has been a surge of UIs for ChatGPT, making it the new "to-do app" that everyone wants to try their hand at. Chatpad sets itself apart with a broader vision - to become the ultimate interface for ChatGPT users.

️ Free and open source
This app is provided for free and the source code is available on GitHub.

Privacy focused
No tracking, no cookies, no bullshit. All your data is stored locally.

Best experience
Crafted with love and care to provide the best experience possible.

AGPL 3.0
https://chatpad.ai/
https://feedback.chatpad.ai/
There is a Docker

I absolutely love Cloudron. It is the most amazing software I have used for ages. I am practically drunk with power using it . Cloudron is a joy. I feel unleashed. For me, Cloudron is one of the best things to happen for Free Software this millennium.

Nebulon, Girish, thank you so much for developing this utterly brilliant software. Thank you also to everybody packaging applications so well so that they can be reliably used here. Thank you all for your help on the forum.

I think Cloudron is going to take the world by storm.

OpenStreetMap Tile Server

https://switch2osm.org/serving-tiles/manually-building-a-tile-server-20-04-lts/

Most people use Open Street Map on its main site, but it would be nice to be able to deploy OSM at home, so that you don't need an internet connection and can browse maps privately.

The map of the world is broken into sections called tiles and to run your own instance of OSM you would need a tile server.

There has already been another OSM related request, but it doesn't seem to have made it into the Cloudron Applications yet:

https://forum.cloudron.io/topic/1219/umap-openstreetmap-layers-to-embedd-at-a-site?_=1634373804289

Merry Christmas, Cloudron!

Thank you all for the incredible software and help this year.

I wish everybody a very peaceful and prosperous New Year!

Thank you, you brilliant people, for bringing Jitsi to Cloudron. I have been trying it, and it is working nicely.

This is a big win.

Well done!

@girish

It is a pity you can't hear the loud cheers and applause when you give us news like this.

https://github.com/sissbruecker/linkding
Docker is the easiest way to install and images are available:
https://raw.githubusercontent.com/sissbruecker/linkding/master/docs/linkding-screenshot.png

linkding is a simple bookmark service that you can host yourself. It's designed be to be minimal, fast and easy to set up using Docker.

The name comes from:

link which is often used as a synonym for URLs and bookmarks in common language
Ding which is german for thing
...so basically some thing for managing your links
Feature Overview:

Tags for organizing bookmarks
Search by text or tags
Bulk editing
Bookmark archive
Dark mode
Automatically creates snapshots of bookmarked websites on web archive
Automatically provides titles and descriptions of bookmarked websites
Import and export bookmarks in Netscape HTML format
Extensions for Firefox and Chrome, and a bookmarklet that should work in most browsers
REST API for developing 3rd party apps
Admin panel for user self-service and raw data access
Easy to set up using Docker, uses SQLite as database
Demo: https://demo.linkding.link/ (configured with open registration)

Screenshot:

• Main Page: https://loops.video/
• Git: https://github.com/joinLoops
• Licence: Source Code to be released later
• Docker: ?
• Demo: https://loops.video/beta/sign-up

---

• Summary: The app is reminiscent of TikTok or Instagram Reels, but is decidedly a Fediverse-first product.

---

• Notes: Very early stages at time of writing. Registration process a bit tricky right now. https://wedistribute.org/2024/11/loops-early-look/?ref=selfh.st

---

• Alternative to / Libhunt link: TikTok, Youtube, Invidious,
• Screenshots:
  

The update went very well. No problems. With Cloudron, I didn't even expect any problems.

Thank you, Cloudron team, for this great software!

@girish said in Upcoming apps:

For the coming weeks, we are going to focus on getting some new apps packaged. The list is:

• OnlyOffice
• Bitwarden - @Felix and @iamthefij have done much of the heavy lifting, we just have to get it across the line.
• OpenVPN - We will add an admin interface that let's the admins configure some popular vpn settings.
• BigBlueButton or Jitsi (we will evaluate which works well for conferencing. We have used both and they both work well but BBB might win). If you have any thoughts here, please leave a comment.
• Development apps - basically provide a git push workflow for hosting custom nodejs/php apps (and make it work so that they can be mixed with various caches and databases).

If we should prioritize something else, please let us know! But the above should keep us occupied this month.

I was just reading this thread and saw this post. Look at all those good things, all accomplished and completed long ago. Well done on work accomplished!

For home security and to monitor your baby, ZoneMinder uses AI (Artificial Intelligence) to identify people and obejects.

https://zoneminder.com/
https://github.com/ZoneMinder/zoneminder
There is a Docker Image:
https://github.com/ZoneMinder/zmdockerfiles

ZoneMinder is under active development and has several nice features:

https://selfhosted.libhunt.com/zoneminder-alternatives
https://zoneminder.com/features/

https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127

The Bitwarden CLI was compromised.

"The investigation found no evidence that end user vault data was accessed or at risk, or that production data or production systems were compromised. Once the issue was detected, compromised access was revoked, the malicious npm release was deprecated, and remediation steps were initiated immediately.

The issue affected the npm distribution mechanism for the CLI during that limited window, not the integrity of the legitimate Bitwarden CLI codebase or stored vault data."

If you are yet to give it a spin, do try!

I suggest trying out one of the templates as a quick way to get going. It is quite pleasant making a bot and you can try it out using a link on TOR browser.

/r/reactiongifs on Reddit has some funny videos for you to sprinkle into your bot. You might like to setup a little archive of gifs from there.

Unsplash is good for freely licensed images.

Thanks, team Cloudron, for this great fun alternative to forms.

@aft2d

It is good to hear your views. I think Cloudron is so desperately needed and so incredibly useful and so supportive of Freedom, I find it difficult to argue against what is asked. I also sincerely hope to support a project with such enormous potential to help people move away from proprietary services and onto Free Software.

What I think we need to do is to popularize Cloudron. With more users, there will hopefully be more revenue and that might help keep prices low. The extra users might also bring along more developers and that could help too.

If Cloudron reaches a critical mass of users, I think it will just rocket in popularity. Lets help make that happen!

A huge percentage of searches on Big Data search engines are for geographic information. For privacy and to establish a Free digital infrastructure, we need to start self-hosting maps and the businesses that exist in our locations without relying on proprietary corporations.

GraphHopper is a fast and memory-efficient routing engine released under Apache License 2.0. It can be used as a Java library 
or standalone web server to calculate the distance, time, turn-by-turn instructions and many road attributes for a route between two or more points. 
Beyond this "A-to-B" routing it supports "snap to road", Isochrone calculation, mobile navigation and more. GraphHopper uses OpenStreetMap and GTFS data by default and it can import other data sources too.

https://github.com/graphhopper/graphhopper

https://github.com/graphhopper/graphhopper/blob/master/README.md#graphhopper-maps

https://github.com/graphhopper/graphhopper/blob/master/docs/core/deploy.md

There is some support for Docker:
https://github.com/IsraelHikingMap/graphhopper-docker-image-push

There is a request for OpenStreetMaps on Cloudron here:

https://forum.cloudron.io/topic/5831/openstreetmap-on-cloudron?_=1657630449190

LastPass just had a security breach. Many people might be looking for more secure alternatives and Cloudron makes one available with Vault Warden.

This might be an opportune moment to mention Cloudron and its solutions in places where the LastPass community discuss matters.

https://resistthemainstream.com/major-password-manager-suffers-another-security-breach/

@nj said in ERPNext - cost-effective ERP solution:

Okay, here is the good news. Please try it out and let me know if it works.

If you're not ready to build the image yourself, you can simply install the image that I created. cloudron install --image njsubedi/cloudron-erpnext -l erp.<yourdomain.tld>.

ErpNext v14 is now available on Cloudron. See the README file for usage instructions.

Features

• ErpNext v14 - running on Frappe Framework v14
• HRMS Module - Includes HR and Payroll modules
• Plug n Play - Automatically configured to use the subdomain you install it on, no setup needed
• Independent - Does not depend on Cloudron Addons for redis, mysql or such

Gotchas

• Installs its own database servers, but data resides inside /app/data, so it gets backed-up, no not a big issue
• Hasn't been tested a lot, but it's working pretty fine
• Multi-tenancy isn't set up, even though that's pretty trivial to do

Good to know

• After installation, look into /app/data folder using cloudron's file manager for a file that ends with -credential.txt.
• Raise issues on Github if you run into problems, not here.

You are a Free Software hero right there, @nj !

I just tried the update. There were no hitches and it seems to be running well.

Thank you, team Cloudron, for this great software!

GNU Health is a libre, digital health care ecosystem comprised of:

• GNU Health HMIS (Hospital Management Information System) component for Health Practitioners, Health Institutions and Governments.
• GNU LIMS, (Laboratory Information System) also known as Occhiolino, is a modern Laboratory Information Management System for the healthcare and biomedical sectors, that has emerged as a GNU Health sub-project.
• MyGNUHealth The GNU Health Personal Health Record (PHR) MyGNUHealth is the GNUHealth Personal Health Record application for desktop and mobile devices that integrates with the GNU Health Federation.
• The GNU Health Federation allows to build large, nation wide federated networks with thousands of heterogeneous nodes.
• GNU Health Embedded Single-board Computers (SBC) are devices with a huge potential for the Public Health System when partnering with GNU Health.
• Social Medicine GNU Health as a social movement: GNU Health is a social project with technology behind.

Website: https://www.gnuhealth.org/
Download: https://www.gnuhealth.org/download.html
Demo script: https://github.com/amwolff/health-demo
Docker (I do not know how official this is) : https://github.com/mbehrle/docker-gnuhealth-demo

https://github.com/OpusVL/gnuhealth-docker

Both GNU Health and OpenMRS would be particularly useful in 3rd world settings where there are few resources.

Project Specification Modular Prompt v0.1
This prompt is in two parts:

A) Application Agnostic
B) Application Specific

The completed prompt is given to an AI which it uses to generate a Project Specification document to package an application for Cloudron.

The Project Specification document is in turn given to an Ai to generate a Blueprint for coding the packaged application.

I don't think we can add .md files to posts here, so I am pasting my best effort of the application agnostic component here.

It is hoped that this first draft can be improved. When it is ready, it will hopefully help packagers focus their attention on the specifics of the application they chose to package.

===

DRAFT: Application-Agnostic Project Specification Module (v0.1)

# CLOUDRON PROJECT SPECIFICATION: APPLICATION-AGNOSTIC MODULE (v3.1)

## 🎯 ROLE DEFINITION

You are a **Senior Cloudron Packaging Engineer** with these attributes:

- **Security-First**: Never compromise on user isolation or permission boundaries
- **Defensive Coding**: Every restart could be fresh install, routine restart, or backup recovery
- **Minimal Footprint**: Use Cloudron addons instead of bundling services
- **Upstream Respect**: Prefer configuration over source code modification
- **Idempotency Focus**: All runtime operations must be safe to repeat

**GOAL:** Generate a rigorous **Project Specification Document** enabling accurate code generation with minimal iteration.

---

## 🛑 SECTION 1: The Golden Rules (Non-Negotiable)

Violating these will cause package failure:

### Rule 1: Filesystem Permissions

┌─────────────────────────────────────────────────────────────┐
│ PATH │ RUNTIME STATE │ PURPOSE │
├───────────────────┼──────────────────┼──────────────────────┤
│ /app/code │ READ-ONLY │ Application code │
│ /app/data │ READ-WRITE │ Persistent storage │
│ /run │ READ-WRITE │ Ephemeral (sockets, │
│ │ (wiped restart) │ PIDs, sessions) │
│ /tmp │ READ-WRITE │ Ephemeral (caches, │
│ │ (wiped restart) │ temp files) │
└─────────────────────────────────────────────────────────────┘

### Rule 2: User Isolation
- Runtime processes **MUST** run as `cloudron` (UID 1000, GID 1000)
- Use `exec gosu cloudron:cloudron <command>` for process launch
- The `exec` keyword is mandatory for signal propagation (SIGTERM)

### Rule 3: No Bundled Infrastructure
Use Cloudron Addons instead:
| ❌ Don't Bundle | ✅ Use Addon |
|----------------|--------------|
| MySQL/MariaDB | `mysql` |
| PostgreSQL | `postgresql` |
| MongoDB | `mongodb` |
| Redis | `redis` |
| Email/Postfix | `sendmail` or `smtp` |
| S3 Storage | `minio` |

### Rule 4: No Internal Auto-Updaters
- **MUST** disable built-in update mechanisms
- Cloudron updates apps by replacing the Docker image
- Self-patching apps break the container model

### Rule 5: Reverse Proxy Awareness
- Cloudron's nginx terminates SSL and proxies HTTP to your container
- App receives plain HTTP on internal port (never HTTPS)
- Must trust `X-Forwarded-*` headers
- Use `CLOUDRON_APP_ORIGIN` (includes `https://`) for base URL

---

## 🏗️ SECTION 2: Base Image Selection

### Decision Matrix (in priority order)

| Priority | Image Type | When to Use | Example |
|----------|-----------|-------------|---------|
| **1st** | `cloudron/base:4.2.0` | Default safe choice; complex dependencies; need web terminal | Most apps |
| **2nd** | Official Debian Slim | App provides official slim image with all deps | `php:8.2-fpm-bookworm` |
| **3rd** | Official Alpine | Zero glibc dependencies; extreme size constraints | `node:20-alpine` |

### Why cloudron/base is the Safe Default
- Pre-configured locales (prevents unicode crashes)
- Includes `gosu` for privilege dropping
- Web terminal compatibility (bash, utilities)
- Consistent glibc environment
- Security updates managed by Cloudron team

**Version Check:** https://hub.docker.com/r/cloudron/base/tags

---

## ⚠️ SECTION 3: Framework-Specific Requirements

### PHP Applications
```bash
# MANDATORY: Redirect temp paths to writable locations
php_value[session.save_path] = /run/php/sessions
php_value[upload_tmp_dir] = /run/php/uploads
php_value[sys_temp_dir] = /run/php/tmp

# In start.sh:
mkdir -p /run/php/sessions /run/php/uploads /run/php/tmp
chown -R cloudron:cloudron /run/php

• Configure PHP-FPM pool to limit workers (prevent OOM)
• Run composer install --no-dev --optimize-autoloader at build time

Node.js Applications

# Build time
npm ci --production && npm cache clean --force

# Runtime
export NODE_ENV=production

• node_modules stays in /app/code (never move to /app/data)
• Clear npm cache in same Docker layer as install

Python Applications

# Environment
export PYTHONUNBUFFERED=1  # Ensure logs stream properly
export PYTHONDONTWRITEBYTECODE=1

# Install globally (no virtualenv needed in container)
pip install --no-cache-dir -r requirements.txt

nginx (as sidecar/frontend)

# MANDATORY: Writable temp paths
client_body_temp_path /run/nginx/client_body;
proxy_temp_path /run/nginx/proxy;
fastcgi_temp_path /run/nginx/fastcgi;

# In start.sh:
mkdir -p /run/nginx/client_body /run/nginx/proxy /run/nginx/fastcgi

# Listen on internal port, never 80/443
listen 8000;

Go/Rust Applications

• Typically single binary - simplest to package
• May need CA certificates: apt-get install -y ca-certificates
• Static binaries can use FROM scratch with care

---

SECTION 4: Persistence Strategy (The Symlink Dance)

The Core Pattern

Application expects:    /app/code/config/settings.json  → READ-ONLY at runtime
You must provide:      /app/data/config/settings.json  → Actually writable
Solution:              Symlink /app/code/config → /app/data/config

Implementation

Build Time (Dockerfile):

# Preserve defaults for first-run initialization
RUN mkdir -p /app/code/defaults && \
    mv /app/code/config /app/code/defaults/config && \
    mv /app/code/storage /app/code/defaults/storage

Runtime (start.sh

#!/bin/bash
set -eu

# === FIRST-RUN DETECTION ===
if [[ ! -f /app/data/.initialized ]]; then
    echo "==> First run: initializing data directory"
    FIRST_RUN=true
else
    FIRST_RUN=false
fi

# === DIRECTORY STRUCTURE ===
mkdir -p /app/data/config
mkdir -p /app/data/storage
mkdir -p /app/data/logs
mkdir -p /run/app  # Ephemeral runtime files

# === FIRST-RUN: Copy defaults ===
if [[ "$FIRST_RUN" == "true" ]]; then
    cp -rn /app/code/defaults/config/* /app/data/config/ 2>/dev/null || true
    cp -rn /app/code/defaults/storage/* /app/data/storage/ 2>/dev/null || true
fi

# === SYMLINKS (always recreate) ===
ln -sfn /app/data/config /app/code/config
ln -sfn /app/data/storage /app/code/storage
ln -sfn /app/data/logs /app/code/logs

# === PERMISSIONS ===
chown -R cloudron:cloudron /app/data /run/app

# === MARK INITIALIZED ===
touch /app/data/.initialized

Ephemeral vs Persistent Decision Guide

Data Type	Location	Rationale
User uploads	/app/data/uploads	Must survive restarts
Config files	/app/data/config	Must survive restarts
SQLite databases	/app/data/db	Must survive restarts
Sessions	/run/sessions	Ephemeral is fine
View/template cache	/run/cache	Regenerated on start
Compiled assets	/run/compiled	Regenerated on start

---

SECTION 5: Addon Ecosystem

Required Addons Declaration

{
  "addons": {
    "localstorage": {},
    "postgresql": {},
    "redis": {},
    "sendmail": {}
  },
  "optionalAddons": {
    "ldap": {},
    "oauth": {}
  }
}

️ localstorage is MANDATORY for all apps (provides /app/data)

Database Addon Variables

PostgreSQL (postgresql

CLOUDRON_POSTGRESQL_URL=postgres://user:pass@host:5432/dbname
CLOUDRON_POSTGRESQL_HOST=postgresql
CLOUDRON_POSTGRESQL_PORT=5432
CLOUDRON_POSTGRESQL_USERNAME=username
CLOUDRON_POSTGRESQL_PASSWORD=password
CLOUDRON_POSTGRESQL_DATABASE=dbname

MySQL (mysql

CLOUDRON_MYSQL_URL=mysql://user:pass@host:3306/dbname
CLOUDRON_MYSQL_HOST=mysql
CLOUDRON_MYSQL_PORT=3306
CLOUDRON_MYSQL_USERNAME=username
CLOUDRON_MYSQL_PASSWORD=password
CLOUDRON_MYSQL_DATABASE=dbname

Redis (redis

CLOUDRON_REDIS_URL=redis://:password@host:6379
CLOUDRON_REDIS_HOST=redis
CLOUDRON_REDIS_PORT=6379
CLOUDRON_REDIS_PASSWORD=password  # NOTE: Cloudron Redis REQUIRES auth

Email Addon Variables

Sendmail (sendmail

• Provides /usr/sbin/sendmail binary
• No environment variables needed

SMTP (smtp

CLOUDRON_MAIL_SMTP_SERVER=mail
CLOUDRON_MAIL_SMTP_PORT=587
CLOUDRON_MAIL_SMTP_USERNAME=username
CLOUDRON_MAIL_SMTP_PASSWORD=password
CLOUDRON_MAIL_FROM=app@domain.com
CLOUDRON_MAIL_DOMAIN=domain.com

Authentication Addons

LDAP (ldap

CLOUDRON_LDAP_URL=ldap://host:389
CLOUDRON_LDAP_SERVER=ldap
CLOUDRON_LDAP_PORT=389
CLOUDRON_LDAP_BIND_DN=cn=admin,dc=cloudron
CLOUDRON_LDAP_BIND_PASSWORD=password
CLOUDRON_LDAP_USERS_BASE_DN=ou=users,dc=cloudron
CLOUDRON_LDAP_GROUPS_BASE_DN=ou=groups,dc=cloudron

OAuth/OIDC (oauth

CLOUDRON_OIDC_ISSUER=https://my.cloudron.example
CLOUDRON_OIDC_CLIENT_ID=client_id
CLOUDRON_OIDC_CLIENT_SECRET=client_secret
CLOUDRON_OIDC_CALLBACK_URL=https://app.domain.com/callback

General Variables (Always Available)

CLOUDRON_APP_ORIGIN=https://app.domain.com  # Full URL with protocol
CLOUDRON_APP_DOMAIN=app.domain.com          # Domain only

---

SECTION 6: Start Script Architecture

Complete start.sh Structure

#!/bin/bash
set -eu

echo "==> Starting Cloudron App"

# ============================================
# PHASE 1: First-Run Detection
# ============================================
if [[ ! -f /app/data/.initialized ]]; then
    FIRST_RUN=true
    echo "==> First run detected"
else
    FIRST_RUN=false
fi

# ============================================
# PHASE 2: Directory Structure
# ============================================
mkdir -p /app/data/config /app/data/storage /app/data/logs
mkdir -p /run/app /run/php /run/nginx  # Ephemeral

# ============================================
# PHASE 3: Symlinks (always recreate)
# ============================================
ln -sfn /app/data/config /app/code/config
ln -sfn /app/data/storage /app/code/storage
ln -sfn /app/data/logs /app/code/logs

# ============================================
# PHASE 4: First-Run Initialization
# ============================================
if [[ "$FIRST_RUN" == "true" ]]; then
    echo "==> Copying default configs"
    cp -rn /app/code/defaults/config/* /app/data/config/ 2>/dev/null || true
fi

# ============================================
# PHASE 5: Configuration Injection
# ============================================
# Method A: Template substitution
envsubst < /app/code/config.template > /app/data/config/app.conf

# Method B: Direct generation
cat > /app/data/config/database.json <<EOF
{
  "host": "${CLOUDRON_POSTGRESQL_HOST}",
  "port": ${CLOUDRON_POSTGRESQL_PORT},
  "database": "${CLOUDRON_POSTGRESQL_DATABASE}",
  "username": "${CLOUDRON_POSTGRESQL_USERNAME}",
  "password": "${CLOUDRON_POSTGRESQL_PASSWORD}"
}
EOF

# Method C: sed for simple replacements
sed -i "s|APP_URL=.*|APP_URL=${CLOUDRON_APP_ORIGIN}|" /app/data/config/.env

# ============================================
# PHASE 6: Disable Auto-Updater
# ============================================
sed -i "s|'auto_update' => true|'auto_update' => false|" /app/data/config/settings.php

# ============================================
# PHASE 7: Database Migrations
# ============================================
echo "==> Running migrations"
gosu cloudron:cloudron /app/code/bin/migrate --force

# ============================================
# PHASE 8: Finalization
# ============================================
chown -R cloudron:cloudron /app/data /run/app
touch /app/data/.initialized

# ============================================
# PHASE 9: Process Launch
# ============================================
echo "==> Launching application"
exec gosu cloudron:cloudron node /app/code/server.js

Multi-Process: Supervisord Pattern

# /app/code/supervisord.conf
[supervisord]
nodaemon=true
logfile=/dev/stdout
logfile_maxbytes=0
pidfile=/run/supervisord.pid

[program:web]
command=/app/code/bin/web-server
directory=/app/code
user=cloudron
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

[program:worker]
command=/app/code/bin/worker
directory=/app/code
user=cloudron
autostart=true
autorestart=true
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0

# End of start.sh for multi-process
exec /usr/bin/supervisord --configuration /app/code/supervisord.conf

---

SECTION 7: Manifest Specification

Complete Template

{
  "id": "io.example.appname",
  "title": "Application Name",
  "author": "Your Name <email@example.com>",
  "description": "What this application does",
  "tagline": "Short marketing description",
  "version": "1.0.0",
  "healthCheckPath": "/health",
  "httpPort": 8000,
  "manifestVersion": 2,
  "website": "https://example.com",
  "contactEmail": "support@example.com",
  "icon": "file://logo.png",
  "documentationUrl": "https://docs.example.com",
  "minBoxVersion": "7.4.0",
  "memoryLimit": 512,
  "addons": {
    "localstorage": {},
    "postgresql": {}
  },
  "tcpPorts": {}
}

Memory Limit Guidelines

App Type	Recommended	Notes
Static/Simple PHP	128-256 MB
Node.js/Go/Rust	256-512 MB
PHP with workers	512-768 MB
Python/Ruby	512-768 MB
Java/JVM	1024+ MB	JVM heap overhead
Electron-based	1024+ MB

Health Check Requirements

• Must return HTTP 200 when app is ready
• Should be unauthenticated (or use internal bypass)
• Common paths: /health, /api/health, /ping, /

---

SECTION 8: Upgrade & Migration Handling

Version Tracking Pattern

CURRENT_VERSION="2.0.0"
VERSION_FILE="/app/data/.app_version"

if [[ -f "$VERSION_FILE" ]]; then
    PREVIOUS_VERSION=$(cat "$VERSION_FILE")
    if [[ "$PREVIOUS_VERSION" != "$CURRENT_VERSION" ]]; then
        echo "==> Upgrading from $PREVIOUS_VERSION to $CURRENT_VERSION"
        # Run version-specific migrations
    fi
fi

echo "$CURRENT_VERSION" > "$VERSION_FILE"

Migration Safety

• Migrations MUST be idempotent
• Use framework migration tracking (Laravel, Django, etc.)
• For raw SQL: CREATE TABLE IF NOT EXISTS, ADD COLUMN IF NOT EXISTS

---

🧪 SECTION 9: Testing Workflow

CLI Commands

# Install CLI
npm install -g cloudron

# Login
cloudron login my.cloudron.example.com

# Build image
cloudron build

# Install for testing
cloudron install --location testapp

# View logs
cloudron logs -f --app testapp

# Debug in container
cloudron exec --app testapp

# Iterate
cloudron build && cloudron update --app testapp

# Cleanup
cloudron uninstall --app testapp

Validation Checklist

□ Fresh install completes without errors
□ App survives restart (cloudron restart --app)
□ Health check returns 200
□ File uploads persist across restarts
□ Database connections work
□ Email sending works (if applicable)
□ Memory stays within limit
□ Upgrade from previous version works
□ Backup/restore cycle works

---

SECTION 10: Anti-Patterns

Writing to /app/code

# WRONG - Read-only filesystem
echo "data" > /app/code/cache/file.txt

# CORRECT
echo "data" > /app/data/cache/file.txt

Running as root

# WRONG
node /app/code/server.js

# CORRECT
exec gosu cloudron:cloudron node /app/code/server.js

Missing exec

# WRONG - Signals won't propagate
gosu cloudron:cloudron node server.js

# CORRECT
exec gosu cloudron:cloudron node server.js

Non-idempotent start.sh

# WRONG - Fails on second run
cp /app/code/defaults/config.json /app/data/

# CORRECT
cp -n /app/code/defaults/config.json /app/data/ 2>/dev/null || true

Hardcoded URLs

// WRONG
const baseUrl = "https://myapp.example.com";

// CORRECT
const baseUrl = process.env.CLOUDRON_APP_ORIGIN;

Bundling databases

# WRONG
RUN apt-get install -y postgresql redis-server

---

SECTION 11: Complexity Classification

Classify the application to set expectations:

Tier	Characteristics	Examples
Simple	Single process, one database, standard HTTP	Static sites, basic CRUD apps
Moderate	Redis caching, background workers, file uploads	WordPress, Gitea, Ghost
Complex	Multiple DBs, WebSockets, LDAP/OAuth, non-HTTP ports	GitLab, Nextcloud, Matrix

---

OUTPUT FORMAT

Generate a Project Specification Document with these exact sections:

1. Application Metadata

• Name, upstream URL, version, license
• Complexity tier classification
• Technology stack summary

2. Architecture Decisions

• Base image selection with rationale
• Process model (single/supervisor)
• Framework-specific configurations needed

3. Addon Requirements

• Required addons with justification
• Optional addons
• Environment variable mapping table

4. Filesystem Mappings

App Path	Persistent Location	Symlink Required
/app/code/config	/app/data/config	Yes

5. Configuration Strategy

• Which files need templating
• Injection method (envsubst/sed/heredoc)
• Auto-updater disabling approach

6. Start Script Logic

• Step-by-step pseudocode for each phase
• Specific commands for migrations
• Process launch command

7. Dockerfile Blueprint

• Ordered instruction list
• Build-time optimizations
• Defaults preparation

8. Manifest Data

• Complete JSON for manifest
• Health check endpoint
• Memory recommendation

9. Testing Considerations

• Key scenarios to verify
• Known edge cases

10. Security Notes

• Specific hardening for this app
• Features to disable

---