RE: Question for the service providers using Cloudron

@doodlemania2 yes, as mentioned above, it's in the linked post, first I was following the Hetzner docs to generate the ssh key, the rest is written in there

@andreasdueren sure thing, I've documented it here, except the mounting is now done by Cloudron itself instead of adding it via /etc/fstab tinkering (only caveat is that I have to trigger a remount in the UI after a reboot)

system view looks like this:

@humptydumpty probably not the intended usecase, but I'm using Hetzner VPS for Cloudron and mount a storagebox into it (via SSHFS), which serves solely as Nextcloud storage. That way the VPS itself can't run out of space (at least not because of NC) and the storage space is easily scaleable. This can be done on multiple servers (the storagebox allows up to 10 connections). So you don't have a quota system, but at least you can expand/scale it easilty up to 10TB with one click when the space gets low.

@neurokrish check out this post

@timconsidine JSON does not have any notion of environment variables by default, probably easiest if you sed/replace them via start.sh and just enter the actual values from env | grep MONGO.

I have a server with 2 Nextcloud instances that use Hetzner Storageboxes as storage backend and until today, the directory was mounted manually via fuse.sshfs in /etc/fstab. Since every restart ended up with a lost race condition which made me manually remove empty directories and remount the storagebox, I wanted to use the built-in SSHFS Volumes to get this done.

So I added the server, stopped Nextcloud, changed the path to the data dir in the config.php and wanted to add the newly created Volumes. While reconfiguring it threw the message An error occurred during the create container operation: Inactive: Error getting IP of redis-xxx-id service and went into an erronous state. I had to go to Services / Redis and restart the corresponding redis service and hit retry in the Repair tab - after that the Volume was added successfully. I could easily reproduce the issue with the second Nextcloud instance, so either adding or removing Volumes in a stopped app made redis crash, maybe something to check out for consistency.

Apparently I still have to manually hit the remount Volume button after a restart to get it online, but that beats sshing into the box and rm empty directories

I am one of those "single person companies" that's doing hosting and web development (mostly WordPress sites), but I wouldn't mind partnering up with other devs and get a working team/joint venture going, so if anyone interested, drop me a message, would be happy to discuss things over a virtual beverage. I'm located in Vienna/Austria, GMT +1

@alphagroup if it's an actual clone, you can just install the initial app, create a backup and clone the app to a new (sub)domain for each customer. If they don't have access, you might want to check out the Cloudron CLI or API and build some Dashboard around that

perfect, thanks, will try it out and get back if it's not working

I could as well just try it, but maybe someone already did and before I screw things up with my domain settings, I'd rather ask

One of my Cloudrons is using my.example.com as the dashboard domain and backups are with the same hoster (Hetzner), just a different storage method (storagebox). Since it's always better to have a backup on an external host, I was planning to get some cheap VPS elsewhere and run a MinIO instance on Cloudron to go full circle. Is it now possible to use a subdomain like my.backup.example.com to set up the new Cloudron on that other VPS and then minio.backup.example.com or does it need to be a fully dedicated domain?

@jdaviescoates and this works for you? Also getting the same 404 error when I click the folder icon

@jdaviescoates ah I didn't know you could access the volumes via the filemanager. I however am getting a 404 when trying to open that up, like GET https://my.cloudron.com/api/v1/volumes/id/files/ [HTTP/2 404 Not Found 192ms]

@murgero no, have already tried that, but the owner isn't changeable

root@xxx:/media# ls -la
total 8
drwxr-xr-x 1 root root 4096 Dec  7 20:57 .
drwxr-xr-x 1 root root 4096 Dec  7 20:57 ..
drwxr-xr-x 2 1001 1001    0 Dec  8 08:52 Ebook

I tried to use a mounted volume to keep the Cloudron installation itself slim, but as soon as I move the sqlite db and ebooks to that volume and adjust the path in calibre, it says DB is not Writeable.

This is easily reproducable, if you jump on a terminal and try to write anything on the mount as the cloudron-user (which also runs the app), you get a permission denied, if you do the same as root, it works. How would I go about to give the mount write permission for the cloudron user?

@hav81 this could be either, your WordPress setup which redirects to non-www and Cloudron is trying to redirect back or the other way around. You should check your .htaccess file and the wp-options table of your WP installation.

@zezaung said in Blank page in Wordpress LAMP stack unexpectedly:

Nov 24 21:10:50 [Thu Nov 25 02:10:50.252770 2021] [php7:error] [pid 142] [client 62.221.254.71:46940] PHP Parse error: syntax error, unexpected '<', expecting end of file in /app/data/public/wp-config.php on line 89

this suggests an error in your wp-config.php file in /app/data/public, you might want to check out line 89 and see what's missing

I have a similar issue with my sshfs mount for my Nextcloud instances (setup described here). On every reboot, I have to manually remove both subfolders from the where the mount should be (empty directories) and run mount -a manually to get the correct content online.

So the sshfs mount is at /mnt/cloud and there are 2 volumes set up like this:

After reboot, there are those two empty mount points in there that block the actual mounting (/mnt/cloud/cloud1 and /mnt/cloud/cloud2). Those two I have to rm -r in order to get the mounts back. Hope that makes sense.

the same works in the regular cmd.exe (if you start it with admin credentials) without the PS stuff

@p44 cwd into the folders and check if all of them are complete backups, there are probably app backups from updates in those folders, they aren't listed in the backups view, only when you open each apps settings.

repo isn't maintained anymore though

It was abandoned by the devs and since Ubuntu 16.04 is now EOL, it's now archived

@arshsahzad maybe try clearing the cache, there are supposed to be radiobuttons next to the user management items

@girish sounds good! that was a contabo machine which isn't the fastest, maybe it's some race condition issue?

@girish I think this is it:

...
2021-10-26T06:05:40.818Z box:shell removePostgresql (stderr): null
2021-10-26T06:05:40.818Z box:shell startPostgresql exec: docker run --restart=always -d --name="postgresql"                 --hostname postgresql                 --net cloudron                 --net-al>
2021-10-26T06:05:41.479Z box:shell startPostgresql (stdout): e14886de0e8f7fed78d8696cf094ba54bf5b498d56f1ce85b2218cfa94d87e11

2021-10-26T06:05:41.479Z box:shell startPostgresql (stderr): null
2021-10-26T06:05:41.479Z box:services Waiting for postgresql
2021-10-26T06:05:56.567Z box:database Connection 176 error: Connection lost: The server closed the connection. PROTOCOL_CONNECTION_LOST
2021-10-26T06:05:56.576Z box:database Connection 177 error: Connection lost: The server closed the connection. PROTOCOL_CONNECTION_LOST
2021-10-26T06:05:56.892Z box:cloudron Startup task at index 3 failed: connect ECONNREFUSED 127.0.0.1:3306

2021-10-26T06:10:24.215Z box:locker Lock unreleased platform_start
2021-10-26T06:15:24.215Z box:locker Lock unreleased platform_start
2021-10-26T06:20:24.216Z box:locker Lock unreleased platform_start
2021-10-26T06:25:24.215Z box:locker Lock unreleased platform_start
...

Not sure if this is helpful, but after doing the box restart it was coming up fine

Just realized that my gitlab machine updated Cloudron last night (so >10 hours ago) and GitLab didn't come back up. The dashboard said

and I've tried a systemctl restart box which didn't help.

The app just came back online after issuing that cmd, just wanted to let you know that there was an issue, but I don't know what it was

@girish that's what I meant, the cmd ran always before, but now only in the rare case the directory isn't there

@girish no, the line with chown root:systemd-journal /var/log/journal, that was always running before, now only in the if condition, not sure if it's required though

@girish isn't that bit supposed to be outside of the if?

@girish hah true, I'll try again next year

@girish what I would want is something like a domain-administrator, who can add users/email and apps (or maybe with the option not to install apps) for one or more domains, so they can't interfere with admins from other domains

@girish do you need anything from me or can you replicate that by yourself?

Just chiming in here because I came back from a short trip and thought everything would be okay (since I didn't get any emails that said otherwise) but then I saw this (no, the first notification is not about the primary domain):

and the Backup-view

So instead of 7 backups (1 per day) I only got two left, the others apparently got cleaned after the backup failed.

Here are my questions:

As you can see, I'm using encrypted tgz as storage format. Wouldn't it double the required space if I added more times to the scheduler?

Why was there no notification if it failed so often?

The logs of the last crash (the app in question was the culprit for earlier crashes, a mid-size Magento store whose cache might interfere with the backup process, but I thought we fixed that along the way):

Sep 13 01:09:35 box:backups some-app.at Unable to backup BoxError: Backuptask crashed
at /home/yellowtent/box/src/backups.js:901:29
at f (/home/yellowtent/box/node_modules/once/once.js:25:25)
at ChildProcess.<anonymous> (/home/yellowtent/box/src/shell.js:77:9)
at ChildProcess.emit (events.js:315:20)
at Process.ChildProcess._handle.onexit (internal/child_process.js:277:12) {
reason: 'Internal Error',
details: {}

@girish what about https://docs.docker.com/engine/reference/commandline/run/#set-storage-driver-options-per-container (from https://stackoverflow.com/questions/38542426/docker-container-specific-disk-quota)

@rosano 2GB is the minimum for a single Discourse app, if you have other apps running as well, it's probably not enough - so yes, more RAM = better. I haven't tried a migration, but installing and setting it up worked fine.

@nebulon oh ok, thanks! I already did, just thought I would let you know since I didn't see it anywhere

As the title suggests, clicking on either of the reboot buttons (in notifications or in system) doesn't trigger a reboot anymore, the modal window just closes, but the reboot never happens. Saw this on Cloudron 6.3.4 and 6.3.5, not sure about older ones. Can anyone confirm?

@girish said in What's coming in 6.4:

Operator role for specific app. This new role will allow assigning a user as "operator" for some apps and that user can then view logs, restart app, increase memory limit etc but without being a cloudron admin as such.

any chance that this update in management comes with a "group admin", who can install/operate apps and add users for specific groups only?

@girish thanks for that, I added one line to it, so the mails stay in the inbox in addition to the redirect, else they would not be saved:

require "editheader";
require "variables";
require "envelope";
require "fileinto";

# ... Any other rules
fileinto "INBOX";

# Obtain the user's full email address somehow
# It can be obtained from the recipient address (without full name)
# An alternative is to put the primary address into the script as a literal.
if envelope :matches "to" "*" { set "user_email" "${1}"; }
if envelope :matches "from" "*" { set "real_from" "${1}"; }

# This part of the script MUST be the final rule, otherwise other rules are
# affected since the message is modified.

# Drop the original "From:" header
deleteheader "from";
deleteheader "to";

# Add a new "From:" header
addheader "From" "${user_email}";
addheader "Reply-To" "${real_from}";
addheader "To" "test@cloudron.io";

redirect "test@cloudron.io";

where test@cloudron.io is the address that the emails should be forwarded to.

To activate this you have to edit the file /home/yellowtent/boxdata/mail/vmail/address_to_be_forwarded@example.com/sieve/rainloop.user.sieve and paste it inside the filter block.

@atridad you could run cloudron-support --enable-ssh - this should have the same effect

@girish I can tell you that it doesn't make much sense in German either

@girish thanks, lmk if you need testing, I tried some things with @nebulon already

@girish the only things that happened were the logo from the branding disappearing and the app-update icons were misplaced (top right corner ). After updating to 6.3.2 the arrows are back where they belong (although on the left side, but this is by design I reckon). The logo I just reuploaded. Other than that it all seemed fine

@carrabelloy-0 I guess it's an easy calculation, if 15$/month is too expensive for you, then I don't want to know how much your own time is worth. Depending on your rates, this is only a fraction of an hours work - which Cloudron takes off your shoulders in abundance. So if this is too much, then Cloudron is probably just not for you And of course there's VAT, they have a business, that's what needs to be paid. Just my two cents here...

@girish Sorry to hijack this topic, but this could be related to my issue as well. I was already talking to @nebulon on the chat but I couldn't get this to work even with the latest version of Cloudron (6.3.2).

What I'm trying to do (and please, tell me if there's another way to solve this): I'm hosting a website where different cities/locations get email addresses like location@example.com. Those that are new to the project don't get to use the address to send emails, they should only be on the receiving end, so they give me their address and I'll add a forwarding rule in Rainloop.

So a mail to location1@example.com should be delivered to non-cloudron-email@somehoster.com. I've added a filter in Rainloop and use Postmark as an email relay. The mails to location1@example.com (obviously) arrive with no problems, but the forwarding does not work due to a SMTP API Error on Postmark:

The 'From' address you supplied ("Name" mytest@email.com) is not a Sender Signature on your account. Please add and confirm this address in order to be able to use it in the 'From' field of your messages.

I can't add that address to the sender signatures, because this could be any email address out there. This also includes mailinglists, so every forward to a non-Cloudron address is being blocked.

So the important question is (and it's a rather urgent one, because I was hoping the last update fixed this): How can I forward mails to non-Cloudron addresses, any ideas?

@girish what if some eager user already updated to 6.3.1, will those issues be resolved or will they run into problems?

Ok so quick update here: I was following the mount procedure from the first link and it's looking good! However, I started with a fresh installation instead of moving my files around, but seeing as it worked out, migrating an existing installation should be no problem either.

So what I did:

• deployed a new Cloudron with Nextcloud installed on a fresh CPX21 on Hetzner Cloud (kept it at 40GB though, might scale down if performance allows it)
• mounted a 5TB Hetzner Storagebox via sshfs into /mnt/cloud and added it as Cloudron volume (/media/cloud)
• mounted that volume into the Nextcloud app (uncheck read-only)
• change the datadirectory in config/config.php from 'datadirectory' => '/app/data', to 'datadirectory' => '/media/cloud',
• cp -r /app/data/admin to the mounted volume and touch .ocdata in /media/cloud

That's pretty much it I reckon, if you log in now you have this extra storage available:

I have both, uploaded a few GB manually and the rest via sync client, no errors so far. A restart won't change the datadirectory, so this should continue working after reboots. Encryption is also enabled and working as intended, still waiting for something that doesn't work properly.

@ccfu you should always consider people that have impaired vision (like color-blindness), not sure if screen readers can do colors

@girish good question, I'll try sshfs later, read a few tutorials of people that are using that (like https://juliane.alton.at/roland/rolog/mounting-storage-sshfs or https://www.d-photos.de/nextcloud-in-der-hetzner-cloud/), so I can rule out that part.

@msbt the Nextcloud package for Cloudron does not support changing the primary storage as such. You have to use the external storage plugin in Nextcloud. Maybe in the future we can integrate the volumes on Cloudron to be set as primary storage (ie /app/data) for apps, but we are not there yet.

I just poked around a little and added a storage box as a cloudron-volume and mounted it into the Nextcloud app. After changing 'datadirectory' => '/app/data', to point to the mount and cp'ed over my files, it said

Your data directory is invalid. Ensure there is a file called ".ocdata" in the root of the data directory.

Obviously I also created/touched the file but the message wouldn't go away, is that because the mount is added as the "cloudron" user and www-data can't access/write into it or is there some tougher apache/htaccess stuff that I would need to adjust? If it was only the permissions, is there a way to mount the directory as someone else?

@jdaviescoates it started happening again here as well and I've already sent a message to support with access to the corresponding servers. It also happened on one server which has 768MB reserved for the mail service with almost no traffic, so the problem is probably somewhere else.

@girish because the server is like 4-5y old and it's only a Raid1, I don't have too much confidence in that old thing

@marcusquinn the storage box CIFS mount (or the storage share if I get the usermanagement sorted) would be an option, this should work better than the remote webdav that I've tried back then, or maybe I'll try to make a custom package or something

@marcusquinn volumes aren't really an option either, I wouldn't want to pay ~100€ for 2TB of disk space. I do have one dedicated server left which would have plenty of space, but I would prefer a cloud server with SSDs, that specific server has only HDDs and they're rather slow. Maybe I'll opt with that storage share after all...

Thanks for the replies, probably easiest if I just stick with Contabo and hope for a miracle

@nebulon ah ok, I've tried using a storagebox as external storage quite a whole ago and the performance wasn't great, that's why I figured I could try to do that with primary storage

@jagan as @jdaviescoates suggested, LDAP and other apps are the reason for trying to accomplish that

@girish said in Has anyone set up Nextcloud with a Hetzner Storagebox cifs mount as primary storage?:

This won't work with CIFS because CIFS lacks permissions and things like symlinks (unlike ext4) right?

ah yes, that's probably the reason why it wasn't working on the last attempt

@girish said in Has anyone set up Nextcloud with a Hetzner Storagebox cifs mount as primary storage?:

Get large storage which is near the server

any suggestions?

@robi said in Has anyone set up Nextcloud with a Hetzner Storagebox cifs mount as primary storage?:

Or, it could be a standalone Nextcloud instance configured to run directly on the object store from Minio. (Cannot be done with current container config for Nextcloud in Cloudron as it's an install time thing.)

thanks for the suggestions, but this sounds a bit too hacky to work properly for a long period of time

I'm still looking for a decent way to have a lot of storage on a smaller/cheaper SSD cloud server (original issue). I've tried those 1400 VPS on Contabo, but the performance is terrible, that's why I'm looking to go back to Hetzner Cloud + Storagebox as primary storage. I remember trying to move the whole apps data on a Storagebox, but that didn't work out at all (probably because of the fs?). I was in contact with their support and they said it should be no problem to use it as CIFS mount, because this counts only as one connection (you're limited to 10 with the regular Storageboxes).

The question is how to properly do it. Should we create a cloudron volume containing the Storagebox, mount it into the Nextcloud app, copy over the /app/data folder and change it in the config or will that result in the same issue that I've had before? What's the proper way to go here, any suggestions?

@girish sure thing, will do when they pop up the next time. For whatever reason the OOMs stopped since Tuesday, I haven't changed anything on any machine...

@carbonbee at least for the first thing I've had a similar issue on a new cloudron and old LAMP, @girish suggested to just use another apps' terminal to connect to the db and do you alterations there.

@nebulon I could enable ssh on the cloudrons in question and you could take a look, should I do that and write down some timestamps of the restarts? maybe you see something that I don't, email is not my strongsuit and there is a lot happening that I don't know

@nebulon as I said, this happens without any emails being sent, it seems to be all attempts from spammers in a short period of time: https://paste.cloudron.io/okumavovil.coffeescript - eventually the mail service runs out of memory, restarts and a day later they try again. And this is on multiple cloudrons, happy to share more logs/access

@fbartels no fts, on some servers there aren't even any mailboxes

@girish I know that, but since I'm not using mail in most of those cases, I would rather want to find out what spam-methods create the memory spike instead of allowing more attempts

Since a few weeks I'm getting more and more random OOM notifications from the mail service. I ignored it at first, because one of the machines where it happened is a bit overprovisioned and doesn't have a lot of free memory. But lately also machines that have almost nothing on it and don't even use mail are affected. Any chance you can take a look at it? What logs and access can I offer?

Prior to the restart, a lot of these are happening (mail.log):

...
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<very@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":41}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <very@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<promise@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":42}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <promise@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<pocket@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":43}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <pocket@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<receive@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":44}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <receive@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [NOTICE] [-] [core] worker 2 killed by signal SIGKILL
2021-05-06T22:17:34.000Z [NOTICE] [-] [core] worker started worker=3 pid=469
2021-05-06T22:17:34.000Z loaded TLD files:
2021-05-06T22:17:34.000Z   1=1504
2021-05-06T22:17:34.000Z   2=8569
2021-05-06T22:17:34.000Z   3=2448
2021-05-06T22:17:34.000Z loaded 9105 Public Suffixes
2021-05-06T22:17:35.000Z loglevel: INFO
2021-05-06T22:17:35.000Z invalid log format: undefined defaulting to DEFAULT
2021-05-06T22:17:35.000Z [WARN] [-] [core] smtp.ini.nodes unset, using 1, see https://github.com/haraka/Haraka/wiki/Performance-Tuning
2021-05-06T22:17:35.000Z Starting up Haraka version 2.8.27
...

Thanks, M

@atrilahiji I tried Directus the other day and couldn't for the life of me figure out how to create a simple repeater for a textfield