Element Server Suite

Today's blog post by Element: "Introducing the ESS Community migration tool"
https://element.io/blog/introducing-the-ess-community-migration-tool/

Hello. That's very kind of you. As a start, maybe an easy one. I was currently in touch with the developer of ControlR. He was very optimistic about the feasibility to get it on Cloudron via Github actions from his repo. The project is taking off right now so there was a lot on his plate. Maybe you could have a look?

https://forum.cloudron.io/topic/14995/controlr-remote-control-and-remote-access

@james said in How to create Sender from outbound mail ?:

Currently, there is an issue with the Keila shared mailer admin ui.

I saw that error after I started this thread. My guess was that it wasn't implemented yet as the app is marked as unstable.

@james said in How to create Sender from outbound mail ?:

This will give you all the details.

That works perfectly, thanks !

• Main Page: https://git-pages.org/
• Git: https://codeberg.org/git-pages/git-pages
• Licence: 0-clause BSD
• Dockerfile: Yes -> https://git-pages.org/running-a-server/#via-docker
• Demo: https://codeberg.page/

---

• Summary: Deploy your website with a single HTTP request or a git push. git-pages is an application that serves static websites from either filesystem or an S3 compatible object store and updates them when directed by the site author through an HTTP request. The server scales linearly from a personal instance running on a Raspberry Pi to a highly available, geographically distributed cluster powering Grebedoc. It is written in Go and does not depend on any other services, although most installations will use a reverse proxy like Caddy or Nginx to serve sites using the https:// protocol.

---

• Notes: Stable and able to scale, as the Codeberg Pages backend switches to git-pages (https://docs.codeberg.org/codeberg-pages/).

---

• Alternative to: GitHub Pages, Netlify

Hello.

I think setting up Keila is straight forward, but I can't figure out how to add the outbound mail as Sender. The main question is: can I simply use the outbound email provided by Cloudron fot the app or do I need to set up a Cloudron mailbox for the app ?

In the Cloudron app dashboard of Keila, the email tab shows an outbound email. I set it to keila@domain.net and save. In Keila, I need to set up a Sender: https://www.keila.io/docs/senders. I attempted to follow the answer here: https://forum.cloudron.io/topic/3247/need-help-with-the-smtp-settings/3?_=1771073978666

Server = my.domain.net
Username = keila@domain.net
Password = my domain cloudron password
Connection security = STARTTLS
Port = 587

The above settings fail to send the email:

Feb 14 14:19:28 2026-02-14T13:19:28.248 [warning] Failed sending email to valid_email@mailbox.org for campaign nmc_xogqjL2z: {:no_more_hosts, {:permanent_failure, ~c"109.77.148.140", :auth_failed}}

109.77.148.140 = IP of the Cloudron server

Do you think I need to create a distinct mailbox in Cloudron and connect it to Keila instead ?
Thanks

The following app is exactly what I was looking for in order to get past emails off the mail server (and reduce the number of maybe sensitive attachment files just lying around): Bichon Email Archiving System https://forum.cloudron.io/topic/15066/bichon-lightweight-rust-based-email-archiving-system-with-full-text-search

P.S.: Keeping a tidy inbox can be rewarding as well: https://posteo.de/en/blog/new-posteo-doubles-storage-space-to-4gb

Mention and live install+demo of ESS during a FOSDEM talk: https://fosdem.org/2026/schedule/event/BRRQYU-sustainable-matrix-at-element/

That's grant ! Thank you very much. I would like see if my wish from https://forum.cloudron.io/post/119520 could already be implemented in the package ? No pressure ️

Yes, this makes perfect sense to me. That's also why I only want to change two specific parameters (localpart_template and display_name_template) and not the whole OIDC setup, which should be unmutable so to say. And in my case, I also wanted to ensure that email_template is kept in sync with the Cloudron account email, only giving freedom to set a desired handle and display name (although that one can be modified afterwards by the user).

P.S.: I did not test yet if other settings are persistent or not, as I intend to set a retention policy for synapse as well.

@james Yes, that would be perfect. The upper part of the start.sh script is checking if homeserver.yaml exists but the OIDC settings are not in that block.

@marcusquinn Sorry, forgot to delete my post when I came across https://forum.cloudron.io/post/119487

Guess it has something to do with app/pkg/start.sh

# oidc
if [[ -n "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
    echo " ==> Configuring OIDC auth"
    yq eval -i ".oidc_providers[0].idp_id=\"cloudron\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].idp_name=\"${CLOUDRON_OIDC_PROVIDER_NAME:-Cloudron}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].issuer=\"${CLOUDRON_OIDC_ISSUER}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].client_id=\"${CLOUDRON_OIDC_CLIENT_ID}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].client_secret=\"${CLOUDRON_OIDC_CLIENT_SECRET}\"" /app/data/configs/homeserver.yaml

    yq eval -i ".oidc_providers[0].scopes=[\"openid\", \"email\", \"profile\"]" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].authorization_endpoint=\"${CLOUDRON_OIDC_AUTH_ENDPOINT}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].token_endpoint=\"${CLOUDRON_OIDC_TOKEN_ENDPOINT}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].userinfo_endpoint=\"${CLOUDRON_OIDC_PROFILE_ENDPOINT}\"" /app/data/configs/homeserver.yaml
    # https://s3lph.me/ldap-to-oidc-migration-3-matrix.html
    yq eval -i ".oidc_providers[0].allow_existing_users=true" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].skip_verification=true" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].user_mapping_provider.config.localpart_template=\"{{ user.sub }}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].user_mapping_provider.config.display_name_template=\"{{ user.name }}\"" /app/data/configs/homeserver.yaml
    yq eval -i ".oidc_providers[0].user_mapping_provider.config.email_template=\"{{ user.email }}\"" /app/data/configs/homeserver.yaml
else

Basically, the script should not update the homeserver.yaml localpart_template key, if its value was set (manually) to null (changing it to null is maybe easier to detect than just commenting it out).

Hello,
I want to comment out the following entries in homeserver.yaml so that users can define their matrix usernames.

user_mapping_provider:
      config:
        #localpart_template: '{{ user.sub }}'
        #display_name_template: '{{ user.name }}'
        email_template: '{{ user.email }}'

But when restarting the app, the two lines are added again, uncommented, overwriting my changes.

• Main Page: https://controlr.app/
• Git: https://github.com/bitbound/ControlR
• Licence: MIT
• Dockerfile: Yes (https://hub.docker.com/r/bitbound/controlr)
• Demo: https://demo.controlr.app/

---

• Summary: Remote access, without the strings. Self-hosted remote access and device management that puts you in control. No paywalls, no rug-pulling, no surprises.

---

• Notes: This is where the energy from Remotely moved, and the package seems in good hands with the help of a sponsorship: https://github.com/bitbound/ControlR/discussions/83

---

• Alternative to: Rustdesk, Remotely, DWService

---

Device Dashboard

Device Details

Remote Terminal

File Manager

Session Selection

Real-Time Chat

Thank you @james !

I'll maybe open an upstream issue for the missing images. I guess the expected behaviour would be that at least the emoji picker simply omits the images not present in the emoji folder. For existing posts, it's understandable that a broken image is shown.

@mononym said in Link (emoji) assets to app/data:

replace the 6 standard reaction emojis manually with custom images from within the Discourse admin UI. One has to set the name heart, +1, etc. before uploading the file. The new images show up as reactions, but now, the original set is not coherent anymore as 6 images differ in style.

Once done the steps above, I thought that it is all set. Now, I discovered that there are many more emoji present in quick access at least inside the chat interface. @staff would it be possible to move the app/code/public/images/emoji/ into app/data/.../emoji so that one could remove entire emoji sets or to make customization at the source please ?

• Main Page: https://speckle.systems/
• Git: https://github.com/specklesystems/speckle-server
• Licence: Apache + “The Speckle Enterprise Edition (EE) license”
• Dockerfile: Yes; https://docs.speckle.systems/developers/server/getting-started
• Demo:
  

---

• Summary: Exchange Design Data. Watch models flow freely across tools and teams. Forget file exports. Share only what's needed to easily coordinate with other disciplines. Server = The Speckle Server, Frontend, 3D Viewer, & other JS utilities.

---

• Notes: Needs an S3 storage, but hopes are high to get this onto Cloudron.

---

• Git: https://github.com/ekzhang/rustpad
• Licence: MIT
• Dockerfile: Yes
• Demo: https://rustpad.io

---

• Summary: Rustpad is an efficient and minimal open-source collaborative text editor based on the operational transformation algorithm. It lets users collaborate in real time while writing code in their browser. Rustpad is completely self-hosted and fits in a tiny Docker image, no database required.

---

• Notes: I was looking for a classroom tool in order to code together in real time.

---

• Alternative to: codepad (abandoned), etherpad (not for code), cryptopad/code (heavy)

@joseph said in Add UnifiedPush settings in documentation:

Maybe I am missing something but isn't that rule giving anon access to channels starting with 'up' .

I had the same concern but in the end it made sense. It is a write only access which certain application servers need to have. Ex. I set up Element to use UnifiedPush with the ntfy app on my device. The test all worked except "Test Push loop back". No idea what that does but it did work once I configured "everyone:up*:write-only" like the suggested settings.

When choosing ntfy as UnifiedPush the app created some random string (i.e. the ntfy topic) and it starts with up. In the end, it is difficult to guess the topic name as it is random and as long you're not subscribed to that topic, you won't see the messages as well. Basically, write-only access is not enough to use the nfty server like a public instance as credentials are necessary to read the topic. So I think not really a concern here.

I guess there's more about this on: https://unifiedpush.org