Today I had two compromised WordPress installations (one on Cloudron, one on an external webhoster). The webhoster sent me an email with the infected files and asked for removal. Would be a nice addition to cloudron if it scanned the files of certain apps for malware and notifies the admin.
Any thoughts on that?
Best regards
Since I was documenting what I was doing to debug errors, here's a short how-to for people who want to use the docker-registry app with authentication to build their own apps. Before submitting I realized that @girish already made a post here, but that was without the registry so I'm posting it either way 
A machine that has both, docker and the cloudron cli installed and of course one or two Cloudrons for the apps to build and/or install
Docker: https://docs.docker.com/engine/install/ubuntu/
Cloudron CLI: https://docs.cloudron.io/custom-apps/cli/
install the docker-registry app on a cloudron (if possible don't use a production server), e.g. docker.example.com (you might want to create a dedicated user to work with it). Add the URL and docker credentials to your target cloudron in Settings / Private Docker Registry
install the Build Service app, e.g. https://build.example.com, open the terminal or file manager of the app and enter your docker credentials in
/app/data/docker.json. After those changes reboot the build service app to make sure the correct registry is in there. You can directly login to your build service (no trailing slash in the url! see https://docs.cloudron.io/apps/build-service/ for more information) via
$cloudron build --set-build-service(enter https://build.example.com)
clone any repo you want to build
$git clone https://git.cloudron.io/cloudron/lamp-app
cwd into the cloned git directory
$cd lamp-app/
login to the docker-registry with your credentials (as non root user you might need to use sudo when issuing docker commands)
$docker login docker.example.com
build the thing (use custom lamp-app:tags if you want specific tag names)
$docker build -t docker.example.com/lamp-app .
push to the registry - this does not work without logging in first
$docker push docker.example.com/lamp-app
install on your target cloudron after logging in via
cloudron login
$cloudron install --image docker.example.com/lamp-app
If you're using the build service, you can just run
$cloudron buildand enter your docker-repo (e.g.docker.example.com/lamp-app)
and after logging in to your cloudron
$cloudron install --image docker.example.com/lamp-app
If you updated an app, you can use cloudron update to push a new version for an existing app.
Cheers, M
Ok so quick update here: I was following the mount procedure from the first link and it's looking good! However, I started with a fresh installation instead of moving my files around, but seeing as it worked out, migrating an existing installation should be no problem either.
So what I did:
/mnt/cloud and added it as Cloudron volume (/media/cloud)config/config.php from 'datadirectory' => '/app/data', to 'datadirectory' => '/media/cloud',/app/data/admin to the mounted volume and touch .ocdata in /media/cloudThat's pretty much it I reckon, if you log in now you have this extra storage available:
I have both, uploaded a few GB manually and the rest via sync client, no errors so far. A restart won't change the datadirectory, so this should continue working after reboots. Encryption is also enabled and working as intended, still waiting for something that doesn't work properly.
Not sure if paying for updates defeats the purpose of having a secure system with rolling auto-updates, people will probably postpone important patches because they want to save a buck
Wasn't sure where to put that, Support or Discussion, but I just realized that regular admins are able to impersonate a Superadmin and can then do what every Superadmin is allowed to, like change branding, edit backup config and such. I would think this shouldn't be possible, right?
Haven't had the time (or need for my usecase) to migrate to something fancier. Still using PHP Server Monitor, even made an almost complete package. Since I don't need a public status page, this fulfills all my needs (it does ping, monitor certs, check for strings, mail and other services, even custom ports)
Chiming in here since I just tested the 9.0.0 setup and ran into some issues (maybe you fixed them already, didn't check):
After setting up the user and getting forwarded to the dashboard, I got the message "Removing containers for upgrade" at the top which never disappeared and docker didn't start properly. At some point I did a service box restart which seems to have fixed it, all service came back on after that which they didn't before.
stats aren't working, box.log is getting spammed with
box:cron TypeError: Cannot read properties of undefined (reading 'trim')
at readDiskMetrics (/home/yellowtent/box/src/metrics.js:117:29)
at async readSystemMetrics (/home/yellowtent/box/src/metrics.js:154:25)
at async Object.sendToGraphite (/home/yellowtent/box/src/metrics.js:164:20)
/#/metrics hovering on the apps in disk usage changes width of the container, not really a problem, but doesn't look great
/#/users I've added a bunch of users and only 10 are visible, the container has a max-height of 400px and adds scrollbars, even though there's plenty of vertical space available. Also not a problem, but not great ux
/#/backup-sites the admin-users seems to be able to add backups ("add"-button is visible even though it shouldn't be), when clicking next, I get a 403 error with
body: Object { status: "Forbidden", message: "role 'owner' is required but user has only 'admin'" }
There were a few more errors which I could't reproduce, so leaving them out for now.
Other than that, great work on everything!
I'm using non-superadmin accounts to manage apps and user setup and get this when accessing the support tab:
Since I'm managing that Cloudron, I would be the only one using this tab with the superadmin account. Can we hide that from other admins? I don't think there is much use for that if the customers created separate accounts and opened support tickets, which I will end up resolving anyways 
I know this has already been suggested here, but this doesn't go as far as that thread.
There was also a time where we could override this page with custom addresses and disable the form, is that still a thing?
@edapm I've pushed the latest version which has various updates (.ie. latest base image and such) and basically it works, the only 2 things that make problems are email and the slugify feature from node.js.
Here's the repo where you can check it out: https://git.cloudron.io/msbt/strapi-app
After you've built and installed it, you have to run /usr/local/bin/gosu cloudron:cloudron yarn build in the terminal to build the adminpanel, this step can be added to the start.sh as well, but I wanted to do it manually for the time being, because it takes quite a while on slower machines. Talking of which: this step requires 2,5GB+ RAM, so make sure your machine has plenty available. After that you can create an admin user.
Email:
error Error: Couldn't send test email: Greeting never received.error Error: Couldn't send test email: Mail command failed: 550 Authenticated user strapi.app@example.com cannot send mail as .As for the slugify issue: I followed the tutorial from here to dynamically create slugs for collections, but as soon as I edit the modelname.js in /api/collectionname/models/ and add const slugify = require('slugify');, strapi crashes with Error: Cannot find module 'slugify' even though it's in node_modules and referred to from other places - no idea why, if I build strapi on an empty machine with just a few commands, it works without any issues:
apt update
curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
apt-get install -y nodejs
npm install --global yarn
yarn create strapi-app cloudron --quickstart --no-run
cd cloudron/
yarn add pg slugify strapi-provider-email-smtp
yarn strapi install email documentation graphql
yarn build
yarn develop
So if you don't need email or slugs, you're good to go 
I'm a web developer for a startup and run my own little company on the side which offers programming and hosting for designers, agencies and other customers.
Take a breather and read https://docs.cloudron.io/backups/#import-app-backup - it's just the config of a single backup, not the whole server.
@3246 sorry for the late reply, but I was working on various things - including a new website, that's why I didn't want to comment on the old one. Even though it's gone now, I appreciate the compliment
The shiny new thing is this one: The Happy Hosting Company at https://www.happyhosting.co - feedback is welcomed and appreciated!
@humptydumpty probably not the intended usecase, but I'm using Hetzner VPS for Cloudron and mount a storagebox into it (via SSHFS), which serves solely as Nextcloud storage. That way the VPS itself can't run out of space (at least not because of NC) and the storage space is easily scaleable. This can be done on multiple servers (the storagebox allows up to 10 connections). So you don't have a quota system, but at least you can expand/scale it easilty up to 10TB with one click when the space gets low.
Quick update on this: A customer of mine refined the package and supplied the code to dynamically enable/disable features and also rebuild the executable on restart. Corresponding MR is here.
Until now custom providers were not usable because adding them required a rebuild of the app (which wasn't working due to readonly fs), with this patch this should work.
federation is working, thanks to the help of the synapse admins and community! Please grab the latest version from here and let me know if it also works for you. You might need to adjust the homeserver.yaml again, probably best if you install a fresh one and compare the config. There might be some finetuning required for preview and such, but since I'm on vacation, that's a topic for another day
While you're touching that, maybe you can also add the time it took from start to finish?
@p44 cwd into the folders and check if all of them are complete backups, there are probably app backups from updates in those folders, they aren't listed in the backups view, only when you open each apps settings.
I was trying to shift my focus on hosting (with Cloudron) the last few years but haven't got around to really fine tune everything and get the pricing down so it's a sustainable business model and also attractive for customers (attractive in the sense of presentation, explaining the thing and spreading the word).
My time is split in half, 50% employed at a company and 50% self employed, which most of the time is developing stuff which leaves only little time to get ahead in the hosting business. The websites of my clients mostly end up on one of my bigger Cloudrons, but they don't know that it is Cloudron because they only need their WordPress and sometimes Email.
You can see the current status here https://bits.at/hosting/ - but as mentioned, haven't had much time to invest there the last months so the apps section and the knowledgebase are rather outdated and the pricing needs a bump
Edit: Obivously my primary target audience would be german speaking, but I was looking forward to translate the page for the european market. But again, time being the limiting factor here 
Ok I've got it to work, but there are some things missing, maybe you can take over from here @girish
Here's the repo: https://git.cloudron.io/msbt/strapi-app
You build it, install it, jump on the terminal, cwd into /app/pkg/cloudron and run yarn build. The build process requires 2GB of RAM, I tried with less and it failed a few times. This step should eventually go into the start.sh, but I was rebuilding a lot, that's why it's still there.
After that the adminpanel is available in /admin where you can create your first user and add data.
What's not working (from what I can see):
Other than that, tests are missing, but it doesn't look so bad.