Slowly rolling-out automatic updates, but allowing manual updates immediately, seems a great idea to me.
Best posts made by mehdi
-
RE: security updates for appsposted in Support
-
RE: I want to run a Docker imageposted in Discuss
@christiaan There is absolutely no need to be on the official docker.io paid apps thing. It has to be a specific docker image for cloudron (see https://cloudron.io/documentation/custom-apps/tutorial/ )
-
RE: Jellyfin - open source media centerposted in App Wishlist
I'm actually working on it, in a package with a bunch of other stuff in the same app so it can actually be useful (Transmission to download stuff, SickChill to auto-download TV Shows, and a custom file manager). I'd love feedback if you want to check it out : https://git.cloudron.io/mehdi/river/
-
RE: Jellyfin - open source media centerposted in App Wishlist
@jdaviescoates I would love that too
It has been awaiting review for a while 
You can go ahead and try it right now !
-
RE: Cloudron Password Hash Algorithmposted in Discuss
Exactly what Mario just said. Your data is not at risk. This is not a security flaw.
To explain a bit more, I posted this in the chat:
To explain a bit more, hash functions should have 2 main caracteristics : non-reversibility (given the output, you cannot know the input), and minimal collisions (2 inputs should not have the same output). For SHA1, the collisions part was completely broken, but for passords we mainly care about the non-reversibility part.
But PBKDF2 is definitely not state-of-the-art either... I would recommend moving to scrypt (which has my personal preference), or argon2, yeah. There is, however, no urgency whatsoever. And the migration may be a bit tricky.
-
RE: PTY allocation request failed on channel 0posted in Support
Or use the cloudron CLI with the
cloudron execcommand !
-
RE: Jellyfin - open source media centerposted in App Wishlist
@murgero this is basically what my app "River" does. It packages Jellyfin together with Transmission for downloading stuff + CouchPotato & Sickchill to automate + a simple file manager
-
RE: Cloudron email 'social' and 'promotion' filters?posted in Support
From what I can see, these services use Vade Secure, which is probably the most advanced independent (not Google or Microsoft) email filtering system.
There is basically no way for Cloudron to have filters as good as these, without contracting Vade Secure and paying hundreds / thousands of dollars in licences per instance...
-
RE: n8n.io - Zappier, IFTTT, Integromat alternativeposted in App Wishlist
I would love to see this too
-
RE: Baremetal dedicated server or VPS?posted in Discuss
Just my 2 cents here : like girish said, if you want to run other things besides cloudron, you should install cloudron in a VM.
If you really want to dedicate the whole machine to cloudron, there is really no need to bother with the additional layer of complexity, another OS to keep up to date and such. I would go bare-metal in this case. That's how I've been running cloudron for 2 years, and it's great.
-
RE: Is it possible to limit IP address which can access to Cloudron instance login page?posted in Support
@will When you enable, Cloudflare proxying, you do see their cert (or the cert you have provided them with).
It's basically a break-and-inspect that they do. Except their root certificate is already trusted by most machines by default ^^
-
RE: Jellyfin - open source media centerposted in App Wishlist
I am indeed, but you can try it before
If you have already packaged any app, it's really easy: https://git.cloudron.io/mehdi/river/
-
RE: The "real" SSO withposted in Discuss
@murgero This does not need the password to be stored in plaintext in the DB. While checking the credentials, the server has access to the password in plaintext that was just sent by the client.
The problem in what you said is the "each app that supports MFA" part. A lot of apps don't.
-
RE: Jellyfin - open source media centerposted in App Wishlist
@imc67 It is packaged in my river app
you can try it ! feedback is welcome https://git.cloudron.io/mehdi/river/
-
RE: Password policyposted in Discuss
I totally agree with the removal of such policies. Most studies have shown that the only good policy is length. Everything else makes passwords "hard for humans, easy for computers", which is bad.
However, I think @yusf suggestion is to make them configurable by the admin. Some IT departments may have dumb policies they have to follow, and may need it
-
RE: Jellyfin - open source media centerposted in App Wishlist
@girish I have already done major work for jellyfin in my river app, like ldap integration & such. We should coordinate to avoid duplicate work
-
RE: Can cloudron use docker-compose during the install?posted in Support
Sorry, it currently is not.
-
RE: The "real" SSO withposted in Discuss
@girish I think it should be a boolean in the
ldapaddon in CloudronManifest. Of course, there would be no need to enable this for apps that natively support their own 2FA.If the flag is true, and 2FA is enabled on the main server, the ldap addon verifies that the password is of the form
ACTUAL_PASSWORD;TOTP, or is an app-specific password.Also, it would be great to have an env var that says whether or not 2FA is enabled on the main server, so the app package can possibly adapt its interface / show a warning that explains the format / something
It could also be controlled /enabled by each user for each app, with a different TOTP per-app.
-
RE: Firefox Send - Simple, private file sharing from the makers of Firefoxposted in App Wishlist
I think they are not quite the same. FilePizza just transfers the files between 2 users, Firefox send actually stores them (encrypted of course)