RE: What's coming in 5.2

Because I just gave a user the "User Manager" role (I thought this would enable a user to manage the users of a certain group): It would be awesome to lock that user-manager to a specific domain/group, so all other users won't be visible to that person.

Same goes for admin vs. group-admin (admin = global, group admin can only install/manage apps, email and users on the (primary-) groups he's added. This way you can let people manage their own users without interfering with other groups. Does that explanation make sense?

Today I had two compromised WordPress installations (one on Cloudron, one on an external webhoster). The webhoster sent me an email with the infected files and asked for removal. Would be a nice addition to cloudron if it scanned the files of certain apps for malware and notifies the admin.

Any thoughts on that?

Best regards

federation is working, thanks to the help of the synapse admins and community! Please grab the latest version from here and let me know if it also works for you. You might need to adjust the homeserver.yaml again, probably best if you install a fresh one and compare the config. There might be some finetuning required for preview and such, but since I'm on vacation, that's a topic for another day

this is already available in the app store: https://cloudron.io/store/com.github.shaarli.html

@girish said in matrix.org (communication):

We just integrated coturn into master branch yesterday. So, we are waiting for testing it a bit to get matrix published. Otherwise, the first complaint is going to be that voice doesn't work...

nice!

A workaround to have a unified inbox is the mail app in nextcloud. You can add multiple imap accounts that can use a single inbox to send and receive mails.

You can use plugins like InfiniteWP, MainWP or ManageWP to manage all your WordPress sites from one place, update plugins/themes, backups and such. Not sure if that's the solution you want, but it is one that makes it a bit more convenient

nice, thank you too @girish, always glad to see my contributions going live (and also learn to improve future packages )

Ok I gave it another try, because jitsi would be one of the few killer applications that are still missing from cloudron, but I can't get it to install properly from the ubuntu repo, probably because of the minimal image discussed here. I did get it to work somewhat on 16.04, but the 18.04 image probably requires a lot more tinkering (or complete manual installation).

also some of my servers are encrypted and require me to enter a password when booting, this would take the whole thing offline until I enter it, so this needs to be optional

the redis password option just got added to the repo, I'll push the changes when a new release is out.

fyi, v1.0.0 got released earlier and I'm working on it. Everything is looking good so far, the only things that aren't working at the moment are videocalls (audio is working) and the integration server, not sure why. Will keep you posted and eventually push the "final" version so people can test it.

@yusf in earlier versions the homeserver.yaml contained a config item

# File to write logging to. Ignored if log_config is specified.
log_file: "/run/synapse/homeserver.log"

This got removed by moving it into the log_config itself which is set in log_config: "/app/data/synapse/..." - apparently the config for my main matrix server had that still in there because it's rather old and always migrated including this setting. Matrix wouldn't start after the latest update if you had this still enabled so I had to #comment it out be able to start afterwards.

@girish sure thing, I'll look into it later today

If it's a LAMP, this will do it:
https://cloudron.io/documentation/apps/lamp/#cron-support

If it's a custom one:
https://cloudron.io/developer/addons/#scheduler

Very nice! Does this mean all future app-updates require Ubuntu 18.04 or can the server upgrade be postponed?

Updated the repo to the latest 2.9.4, as far as I can tell most of the things work.

I did not implement email just yet because I had no use for that, but maybe I can take a look at that soon.

https://git.cloudron.io/msbt/piwigo-app/ - LDAP, themes, plugins are working out of the box, but the users cannot be added to a specific group automatically, the groups filter doesn't work properly.

Best regards

it does not, but there's this blogpost: https://cloudron.io/blog/2018-11-26-upgrading-to-bionic.html

For those using my version and want to migrate to the official cloudron version, this is how you get there (it is a bit hacky, but worked out better in the end than exporting/importing the db and files) - BE CAREFUL WITH THE CLOUDRON CMDS, I DON'T WANT YOU TO MESS UP YOUR SETUPS:

• backup!

• grab the latest version from here

• get the app-id from resources tab/cli/terminal and ssh into your cloudron to update the appstore-id via:

  • mysql -uroot -ppassword
  • use box
  • UPDATE apps SET appStoreId='org.matrix.synapse' WHERE id='your-current-synapse-matrix-app-id';

• go to Updates, check for a new version and update (do that 3 times and you should be on 0.7.0 which is the latest one)

• if you had external users like I did, you might need to adjust the following config items in the new homeserver.yaml

enable_registration: true
allow_guest_access: true
password_config:
  enabled: true
  localdb_enabled: true

• move your media_store files from /app/data/synapse/media_store to /app/data/data/media_store or adjust the path in homeserver.yaml
• restart and test if everything is working, also check https://federationtester.matrix.org/

Depending on your setup, you might also want to check the new config if the server_name is the same as before - else it won't start I think (I was using a subdomain and the main domain is not on cloudron, so I had to rename it to matrix.mydomain.com and also added echo '{ "m.server": "matrix.mydomain.com:443" }' > server to well-known as described above.

I also had to re-verify the devices to read the encrypted history, but that worked out fine and it seems to be all there. To finish up, you can rm -rf the old dirs and files, best to compare with a fresh installation to be on the safe side.

You need to cwd into the cloned directory, where all the files are located and run the build and install commands from there.

@girish said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

I like the idea. I guess a periodic scan of the files in application's data directory is all we need to do? Since code is read-only anyway.

that's what I'm thinking, yea maybe a daily scan before/after backups might be good