CouchPotato

For once, this post is not really to request an app, but to announce that my package for it is ready ^^

https://git.cloudron.io/mehdi/couchpotato-app

http://couchpota.to/

I am strongly against replacing the server in the current OpenVPN app.

However, it totally makes sense as a new, separate, app.

@fbartels said in 2FA for all LDAP apps:

and rotate them regularly

(Forcing password rotation when there has been no indication of compromise has actually been proven experimentally to lower security, rather than enhance it : if encourages users to chose simpler passwords, because they're gonna have to remember more passwords)

@girish @nebulon My Transmission app is done, tests and all https://git.cloudron.io/mehdi/transmission-app

In my opinion, it's ready to push to store. It may need a bit more doc, but other than that it's good to go

BTW, the proxyAuth addon rocks !

@lonk It combines Jellyfin (for which there's already an app now), Transmission, SickChill, Couchpotato (the 3 I just mentioned), a custom file manager (built before Cloudron had one), and a custom TV Shows and Movies streaming interface (built before I integrated Jellyfin). Plus a few custom things, like a script to auto-remove finished torrents on transmission, and a script to auto-convert videos to MP4 for easy streaming in the browser (for my custom streaming interface. I disabled it now that I mainly use jellyfin, which handles this automatically).

@ruihildt said in Why not make Cloudron fully open source again?:

I'm sad not to be able to recommend Cloudron as the best open source paas since the license change.
It has in effect changed my relation to the project, from an invested advocate to a simple client.

I totally agree with this part. More than that, I would never have picked up Cloudron at all at the beginning if it weren't open source.

And as to contributions, I am the author of one of these rare contributions ^^ (to make the platform compatible with the OpenVPN app), and I would definitely not have contributed if it were not open source.

TLDR: I am 100% in favor of switching back to an open source licence.

(As for the precise licence, I do not really care, be it MIT, Apache, GPL, AGPL ... whatever.)

Slowly rolling-out automatic updates, but allowing manual updates immediately, seems a great idea to me.

Personally, from a security standpoint, I would totally not recommend Cloudflare. Their model is literally performing a (authorized) man-in-the-middle attack on your traffic. They have access to all your data.

I'm not saying they're nefarious. I'm just saying that for the minute benefit they offer, I don't think it's worth it to add yet another entity to the chain of trust.

@infogulch said in Scaling / High Availability Cloudron Setup:

I'd rather have multi-node app management than distributed app runtime. Manage all your cloudron nodes and assign apps between them, migrate them etc, but most apps can still only be deployed to one cloudron instance at a time. At least I think this would be a better scaling/ha goal for a v1 implementation.

I totally agree, and I think it's the way the cloudron team is headed for the V1

@girish I think a reasonable default would be to blacklist all non-local IPs (RFC 1918) by default. That way, connecting from VPNs should work, connecting from LAN should work, but connecting from public internet would require manual white-listing.

@eddowding I think you have to pull the git repo and do it from there. There has to be a CloudronManifest.json in the local directory when you do this.

Why not use the multi-domain thing, and only route to the console on a specified domain ?

@nebulon the "update" to the older version with CLI worked fine

BTW, any idea why the notification indicated the wrong version?

@kaxline Which VPS provider are you using? Are there any other apps that you use which use external ports?

@nebulon How can I roll back to the previous version ?

Also, any idea how a completely broken package slipped through your CI tests ?

BTW, not related I think, but I had a weird dashboard bug : It just updated to SickChill 2021.07.14-6, but the notification I got says:

Jul 22 10:37:23 Starting SickChill...
Jul 22 10:37:23 Checking poetry
Jul 22 10:37:23 Current environment is not writable!
Jul 22 10:37:23 Source dir is not writable by this user either, we cannot continue: f/app/code/sickchill
Jul 22 10:37:25 Starting SickChill...
Jul 22 10:37:25 Checking poetry
Jul 22 10:37:25 Current environment is not writable!
Jul 22 10:37:25 Source dir is not writable by this user either, we cannot continue: f/app/code/sickchill

Sickchill is sometimes tricky ...

@nebulon Oh yeah, I had not thought to try the right-click, good catch. Right-clicking on a webpage never feels intuitive to me, except when I want the browser's context menu

Just a small file manager bug I encountered a few times, but I just understood how to reproduce it reliably:

• Have a folder with another folder in it, stuff inside it. Let's say folder A contains folder B, which contains file C.
• Be on the page showing the contents of folder A. Reload the page to be sure the state is clean.
• Double click on B to enter it.
• Now you are seeing the content of folder B : select file C and click on the menu item to delete it.
• The prompt will ask if you are sure you want to delete B and C (it should only list C, not B). If you accept, it will correctly delete only C, but it will also show an error notification.

My 2 cents: seems like a DNS problem, not a certificate problem. What DNS registrar are you using?