RE: Essential information about failuers are not forwarded to the sysadmin

Just chiming in here because I came back from a short trip and thought everything would be okay (since I didn't get any emails that said otherwise) but then I saw this (no, the first notification is not about the primary domain):

and the Backup-view

So instead of 7 backups (1 per day) I only got two left, the others apparently got cleaned after the backup failed.

Here are my questions:

As you can see, I'm using encrypted tgz as storage format. Wouldn't it double the required space if I added more times to the scheduler?

Why was there no notification if it failed so often?

The logs of the last crash (the app in question was the culprit for earlier crashes, a mid-size Magento store whose cache might interfere with the backup process, but I thought we fixed that along the way):

Sep 13 01:09:35 box:backups some-app.at Unable to backup BoxError: Backuptask crashed
at /home/yellowtent/box/src/backups.js:901:29
at f (/home/yellowtent/box/node_modules/once/once.js:25:25)
at ChildProcess.<anonymous> (/home/yellowtent/box/src/shell.js:77:9)
at ChildProcess.emit (events.js:315:20)
at Process.ChildProcess._handle.onexit (internal/child_process.js:277:12) {
reason: 'Internal Error',
details: {}

@girish what about https://docs.docker.com/engine/reference/commandline/run/#set-storage-driver-options-per-container (from https://stackoverflow.com/questions/38542426/docker-container-specific-disk-quota)

@rosano 2GB is the minimum for a single Discourse app, if you have other apps running as well, it's probably not enough - so yes, more RAM = better. I haven't tried a migration, but installing and setting it up worked fine.

@nebulon oh ok, thanks! I already did, just thought I would let you know since I didn't see it anywhere

As the title suggests, clicking on either of the reboot buttons (in notifications or in system) doesn't trigger a reboot anymore, the modal window just closes, but the reboot never happens. Saw this on Cloudron 6.3.4 and 6.3.5, not sure about older ones. Can anyone confirm?

@girish said in What's coming in 6.4:

Operator role for specific app. This new role will allow assigning a user as "operator" for some apps and that user can then view logs, restart app, increase memory limit etc but without being a cloudron admin as such.

any chance that this update in management comes with a "group admin", who can install/operate apps and add users for specific groups only?

@girish thanks for that, I added one line to it, so the mails stay in the inbox in addition to the redirect, else they would not be saved:

require "editheader";
require "variables";
require "envelope";
require "fileinto";

# ... Any other rules
fileinto "INBOX";

# Obtain the user's full email address somehow
# It can be obtained from the recipient address (without full name)
# An alternative is to put the primary address into the script as a literal.
if envelope :matches "to" "*" { set "user_email" "${1}"; }
if envelope :matches "from" "*" { set "real_from" "${1}"; }

# This part of the script MUST be the final rule, otherwise other rules are
# affected since the message is modified.

# Drop the original "From:" header
deleteheader "from";
deleteheader "to";

# Add a new "From:" header
addheader "From" "${user_email}";
addheader "Reply-To" "${real_from}";
addheader "To" "test@cloudron.io";

redirect "test@cloudron.io";

where test@cloudron.io is the address that the emails should be forwarded to.

To activate this you have to edit the file /home/yellowtent/boxdata/mail/vmail/address_to_be_forwarded@example.com/sieve/rainloop.user.sieve and paste it inside the filter block.

@atridad you could run cloudron-support --enable-ssh - this should have the same effect

@girish I can tell you that it doesn't make much sense in German either

@girish thanks, lmk if you need testing, I tried some things with @nebulon already

@girish the only things that happened were the logo from the branding disappearing and the app-update icons were misplaced (top right corner ). After updating to 6.3.2 the arrows are back where they belong (although on the left side, but this is by design I reckon). The logo I just reuploaded. Other than that it all seemed fine

@carrabelloy-0 I guess it's an easy calculation, if 15$/month is too expensive for you, then I don't want to know how much your own time is worth. Depending on your rates, this is only a fraction of an hours work - which Cloudron takes off your shoulders in abundance. So if this is too much, then Cloudron is probably just not for you And of course there's VAT, they have a business, that's what needs to be paid. Just my two cents here...

@girish Sorry to hijack this topic, but this could be related to my issue as well. I was already talking to @nebulon on the chat but I couldn't get this to work even with the latest version of Cloudron (6.3.2).

What I'm trying to do (and please, tell me if there's another way to solve this): I'm hosting a website where different cities/locations get email addresses like location@example.com. Those that are new to the project don't get to use the address to send emails, they should only be on the receiving end, so they give me their address and I'll add a forwarding rule in Rainloop.

So a mail to location1@example.com should be delivered to non-cloudron-email@somehoster.com. I've added a filter in Rainloop and use Postmark as an email relay. The mails to location1@example.com (obviously) arrive with no problems, but the forwarding does not work due to a SMTP API Error on Postmark:

The 'From' address you supplied ("Name" mytest@email.com) is not a Sender Signature on your account. Please add and confirm this address in order to be able to use it in the 'From' field of your messages.

I can't add that address to the sender signatures, because this could be any email address out there. This also includes mailinglists, so every forward to a non-Cloudron address is being blocked.

So the important question is (and it's a rather urgent one, because I was hoping the last update fixed this): How can I forward mails to non-Cloudron addresses, any ideas?

@girish what if some eager user already updated to 6.3.1, will those issues be resolved or will they run into problems?

Ok so quick update here: I was following the mount procedure from the first link and it's looking good! However, I started with a fresh installation instead of moving my files around, but seeing as it worked out, migrating an existing installation should be no problem either.

So what I did:

• deployed a new Cloudron with Nextcloud installed on a fresh CPX21 on Hetzner Cloud (kept it at 40GB though, might scale down if performance allows it)
• mounted a 5TB Hetzner Storagebox via sshfs into /mnt/cloud and added it as Cloudron volume (/media/cloud)
• mounted that volume into the Nextcloud app (uncheck read-only)
• change the datadirectory in config/config.php from 'datadirectory' => '/app/data', to 'datadirectory' => '/media/cloud',
• cp -r /app/data/admin to the mounted volume and touch .ocdata in /media/cloud

That's pretty much it I reckon, if you log in now you have this extra storage available:

I have both, uploaded a few GB manually and the rest via sync client, no errors so far. A restart won't change the datadirectory, so this should continue working after reboots. Encryption is also enabled and working as intended, still waiting for something that doesn't work properly.

@ccfu you should always consider people that have impaired vision (like color-blindness), not sure if screen readers can do colors

@girish good question, I'll try sshfs later, read a few tutorials of people that are using that (like https://juliane.alton.at/roland/rolog/mounting-storage-sshfs or https://www.d-photos.de/nextcloud-in-der-hetzner-cloud/), so I can rule out that part.

@msbt the Nextcloud package for Cloudron does not support changing the primary storage as such. You have to use the external storage plugin in Nextcloud. Maybe in the future we can integrate the volumes on Cloudron to be set as primary storage (ie /app/data) for apps, but we are not there yet.

I just poked around a little and added a storage box as a cloudron-volume and mounted it into the Nextcloud app. After changing 'datadirectory' => '/app/data', to point to the mount and cp'ed over my files, it said

Your data directory is invalid. Ensure there is a file called ".ocdata" in the root of the data directory.

Obviously I also created/touched the file but the message wouldn't go away, is that because the mount is added as the "cloudron" user and www-data can't access/write into it or is there some tougher apache/htaccess stuff that I would need to adjust? If it was only the permissions, is there a way to mount the directory as someone else?

@jdaviescoates it started happening again here as well and I've already sent a message to support with access to the corresponding servers. It also happened on one server which has 768MB reserved for the mail service with almost no traffic, so the problem is probably somewhere else.

@girish because the server is like 4-5y old and it's only a Raid1, I don't have too much confidence in that old thing

@marcusquinn the storage box CIFS mount (or the storage share if I get the usermanagement sorted) would be an option, this should work better than the remote webdav that I've tried back then, or maybe I'll try to make a custom package or something

@marcusquinn volumes aren't really an option either, I wouldn't want to pay ~100€ for 2TB of disk space. I do have one dedicated server left which would have plenty of space, but I would prefer a cloud server with SSDs, that specific server has only HDDs and they're rather slow. Maybe I'll opt with that storage share after all...

Thanks for the replies, probably easiest if I just stick with Contabo and hope for a miracle

@nebulon ah ok, I've tried using a storagebox as external storage quite a whole ago and the performance wasn't great, that's why I figured I could try to do that with primary storage

@jagan as @jdaviescoates suggested, LDAP and other apps are the reason for trying to accomplish that

@girish said in Has anyone set up Nextcloud with a Hetzner Storagebox cifs mount as primary storage?:

This won't work with CIFS because CIFS lacks permissions and things like symlinks (unlike ext4) right?

ah yes, that's probably the reason why it wasn't working on the last attempt

@girish said in Has anyone set up Nextcloud with a Hetzner Storagebox cifs mount as primary storage?:

Get large storage which is near the server

any suggestions?

@robi said in Has anyone set up Nextcloud with a Hetzner Storagebox cifs mount as primary storage?:

Or, it could be a standalone Nextcloud instance configured to run directly on the object store from Minio. (Cannot be done with current container config for Nextcloud in Cloudron as it's an install time thing.)

thanks for the suggestions, but this sounds a bit too hacky to work properly for a long period of time

I'm still looking for a decent way to have a lot of storage on a smaller/cheaper SSD cloud server (original issue). I've tried those 1400 VPS on Contabo, but the performance is terrible, that's why I'm looking to go back to Hetzner Cloud + Storagebox as primary storage. I remember trying to move the whole apps data on a Storagebox, but that didn't work out at all (probably because of the fs?). I was in contact with their support and they said it should be no problem to use it as CIFS mount, because this counts only as one connection (you're limited to 10 with the regular Storageboxes).

The question is how to properly do it. Should we create a cloudron volume containing the Storagebox, mount it into the Nextcloud app, copy over the /app/data folder and change it in the config or will that result in the same issue that I've had before? What's the proper way to go here, any suggestions?

@girish sure thing, will do when they pop up the next time. For whatever reason the OOMs stopped since Tuesday, I haven't changed anything on any machine...

@carbonbee at least for the first thing I've had a similar issue on a new cloudron and old LAMP, @girish suggested to just use another apps' terminal to connect to the db and do you alterations there.

@nebulon I could enable ssh on the cloudrons in question and you could take a look, should I do that and write down some timestamps of the restarts? maybe you see something that I don't, email is not my strongsuit and there is a lot happening that I don't know

@nebulon as I said, this happens without any emails being sent, it seems to be all attempts from spammers in a short period of time: https://paste.cloudron.io/okumavovil.coffeescript - eventually the mail service runs out of memory, restarts and a day later they try again. And this is on multiple cloudrons, happy to share more logs/access

@fbartels no fts, on some servers there aren't even any mailboxes

@girish I know that, but since I'm not using mail in most of those cases, I would rather want to find out what spam-methods create the memory spike instead of allowing more attempts

Since a few weeks I'm getting more and more random OOM notifications from the mail service. I ignored it at first, because one of the machines where it happened is a bit overprovisioned and doesn't have a lot of free memory. But lately also machines that have almost nothing on it and don't even use mail are affected. Any chance you can take a look at it? What logs and access can I offer?

Prior to the restart, a lot of these are happening (mail.log):

...
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<very@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":41}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <very@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<promise@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":42}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <promise@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<pocket@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":43}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <pocket@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [INFO] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core]  hook=rcpt plugin=cloudron function=translate_rcpt_to params=<receive@mydomain.com> retval=DENY msg="No such address"
2021-05-06T22:17:34.000Z [INFO] [-] [cloudron] skipped logging 5.188.206.171. {"time":"2021-05-06T22:17:33.494Z","count":44}
2021-05-06T22:17:34.000Z [NOTICE] [1B4E9486-C94C-4A6E-8AB0-6A5D0D61BD08.1] [core] recipient <receive@mydomain.com> code=DENY msg="No such address" sender=vvyevrdvjovq@marychapmanchildrensbooks.co.uk
2021-05-06T22:17:34.000Z [NOTICE] [-] [core] worker 2 killed by signal SIGKILL
2021-05-06T22:17:34.000Z [NOTICE] [-] [core] worker started worker=3 pid=469
2021-05-06T22:17:34.000Z loaded TLD files:
2021-05-06T22:17:34.000Z   1=1504
2021-05-06T22:17:34.000Z   2=8569
2021-05-06T22:17:34.000Z   3=2448
2021-05-06T22:17:34.000Z loaded 9105 Public Suffixes
2021-05-06T22:17:35.000Z loglevel: INFO
2021-05-06T22:17:35.000Z invalid log format: undefined defaulting to DEFAULT
2021-05-06T22:17:35.000Z [WARN] [-] [core] smtp.ini.nodes unset, using 1, see https://github.com/haraka/Haraka/wiki/Performance-Tuning
2021-05-06T22:17:35.000Z Starting up Haraka version 2.8.27
...

Thanks, M

@atrilahiji I tried Directus the other day and couldn't for the life of me figure out how to create a simple repeater for a textfield

Ok I just realized that strapi already has a built in slug-system, so that solution I was working on was already obsolete (there's a UID field available which can take any other field and slugify it properly). This means the only thing that's missing is email

@arnoldsigik probably the easiest way is to fire up another vultr instance and restore the backup to the new machine. if you install a fresh cloudron, you can choose to restore, that's where you enter the backup details and credentials.

When trying to delete a docker image in the web-ui it throws this error: {"errors":[{"code":"UNSUPPORTED","message":"The operation is unsupported."}]}

I've tried poking around in the config and giving the delete: option one indent to put it in the storage:-block and restarting the container seems to have fixed it.

before:

storage:
  cache:
    blobdescriptor: redis
  filesystem:
    rootdirectory: /app/data/storage
delete:
  enabled: true

after:

storage:
  cache:
    blobdescriptor: redis
  filesystem:
    rootdirectory: /app/data/storage
  delete:
    enabled: true

This is for reference

Cheers

@nebulon yep, ublock origin is installed, that's probably it!

@humptydumpty I've had that as well, usually a hard refresh (ctrl + shift + r on windows or cmd + shift + r on osx) solves the issue

@robi I've put it in the corresponding thread here

@edapm I've pushed the latest version which has various updates (.ie. latest base image and such) and basically it works, the only 2 things that make problems are email and the slugify feature from node.js.

Here's the repo where you can check it out: https://git.cloudron.io/msbt/strapi-app

After you've built and installed it, you have to run /usr/local/bin/gosu cloudron:cloudron yarn build in the terminal to build the adminpanel, this step can be added to the start.sh as well, but I wanted to do it manually for the time being, because it takes quite a while on slower machines. Talking of which: this step requires 2,5GB+ RAM, so make sure your machine has plenty available. After that you can create an admin user.

Email:

• When I try to use SMTPS, it says error Error: Couldn't send test email: Greeting never received.
• When using SMTP: error Error: Couldn't send test email: Mail command failed: 550 Authenticated user strapi.app@example.com cannot send mail as .

As for the slugify issue: I followed the tutorial from here to dynamically create slugs for collections, but as soon as I edit the modelname.js in /api/collectionname/models/ and add const slugify = require('slugify');, strapi crashes with Error: Cannot find module 'slugify' even though it's in node_modules and referred to from other places - no idea why, if I build strapi on an empty machine with just a few commands, it works without any issues:

apt update
curl -sL https://deb.nodesource.com/setup_14.x | sudo bash -
apt-get install -y nodejs
npm install --global yarn
yarn create strapi-app cloudron --quickstart --no-run
cd cloudron/
yarn add pg slugify strapi-provider-email-smtp
yarn strapi install email documentation graphql
yarn build
yarn develop

So if you don't need email or slugs, you're good to go

@seeker the process is still ongoing, but I ended up using strapi.io to serve the data. The content itself is collected more or less manually, because the images and text need to be edited anyways.

I tried to package strapi for cloudron, but I ran into problems when adding node modules like slugify, for whatever reason they aren't recognized after adding them. When I have a bit more time, I might revisit the issues.

@seeker that looks like a desktop application, not sure what you could do with that on Cloudron

@robi indeed, the UI needs some fixing, the public status page doesn't look great as well.

I reckon it depends on your usecase: You could either add all customers websites as admin and link them to the corresponding users, so they can check their uptime or you install one instance per customer and give those users admin rights so they can monitor themselves.

@robi yes, default users only get to see the servers which they're allowed to see, when an admin adds a server, they have to choose which users can see the metrics.

@atrilahiji thanks, I know, that's what I meant with custom build

@andxclfor I'm facing a similar challenge with Discourse at the moment, only it is a hosted standard-edition, which makes the transfer to self-hosted a bit tricky.

The process in general would be straightforward, you create a backup on the current Discourse, set it read only, set up the new one and import that backup.

My problem (and yours, depending on what you're using): the live version is Discourse 2.7.0.beta5 and they won't allow migrating to a lower version (Cloudron is Discourse 2.6.3, so I either have to wait until 2.7.0 is stable and the Cloudron version gets updated or I'll have to do a custom build and wait for Cloudron to catch up.

As for WordPress, there are several posts in the forum (e.g. https://forum.cloudron.io/topic/2531/complete-wordpress-migration-without-reinstalling-plugins or https://forum.cloudron.io/topic/1854/how-to-move-wordpress) and also a blogpost from Cloudron here.

@scooke using the terminal of a different app to connect to the LAMP 1.4.0 database

@girish perfect, worked like a charm! Just to be on the safe side: Will the old LAMP continue working or are there any breaking changes coming up soon?

I have this ancient LAMP app with a shop in it that is finally going to be upgraded (I know I know, but it wouldn't work on >PHP7.2). After cloning the production image to test imports and exports, I wanted to jump on the mysql console to change the urls of the shop. But when I tried to connect, this is what happened:

mysql --user=${MYSQL_USERNAME} --password=${MYSQL_PASSWORD} --host=${MYSQL_HOST} ${MYSQL_DATABASE} 
ERROR 2026 (HY000): SSL connection error: unknown error number

I reckon this is because of the new MYSQL version you installed, do you know of a trick to connect either way? Couldn't find a real solution...

Cloudron 1: Use minio on Cloudron 2 as backup
Cloudron 2: Backup minio to a different datacenter/location

@girish so the "check for updates" button in settings has the same behaviour as the one in apps/config? I remember updating an ancient LAMP app several times in a row by clicking the button in the apps config, wasn't taking long at all, only received an email for every update that was available after checking.

just got the same error the first time on 2 different cloudrons (one is still a v6.0.0, the other a v6.2.4)

@atrilahiji I think that's one of the reasons why the exception flags were added to proxyauth, but you'd need to stick to default naming to not break the thing, @jimcavoli suggested that here.

@robi I reckon that's what the schedule in Settings / Updates is for, if you're missing many updates, you can manually check, update and repeat until there are no more updates available

@jdaviescoates thanks, gonna check it out soon!

Also thanks @navin and @scooke, I'll gather more information on how and what I have to collect, some ideas might not work because there's a max lenght of text and such (which I'm not yet sure if there is, but there are some limitations I reckon).

@robi nice, a forum is indeed in interesting approach, but maybe a bit tricky to filter textblocks from images, videolinks and such, because there's no given format. But I'll explore that possibility (here's the api link to this topic)

@marcusquinn said in How would you collect data (text, images, links) from 50+ people?:

Maybe consider LimeSurvey or a Nextcloud dropbox for gathering the data

that is true, we probably have to do some editing on the content anyways, but since we're planning to make this a recurring thing, it would be nice to create something reusable that works and scales.

@girish I've already packaged it, but I'm not quite sure if it's the way to go and some things are quite hacky. The old repo is here, I'll push an update of the app to the latest version in the next days, did some changes and small improvements, but node stuff isn't my specialty

@girish I haven't touched the app since I've built it, it was only training back then, probably one of my firsts, so the quality might be bad Never installed on a production server and used it as such, so not sure

@murgero not really, Lychee is just a photo management tool, right?

@girish ah cool, seems that Directus does pretty much the same as strapi, gonna check that out as well, although, strapi seems to be a bit more popular, but I'll keep this updated.

Hi there!

I got asked if I could build something for an event and did a bit of research, but couldn't find an out-of-the-box solution. Since this is the only online community that I'm active, I thought I would try and ask if someone already has done something and/or can point me in the right direction.

The inquiry was about a virtual art installation (due to covid) where 50+ countries are supposed to present at least one (and up to five(!)) projects - probably ~100 in total, which will be presented on an external platform. This means I have to collect and store various information about the projects, like images, text and links to videos (vimeo, youtube) which then will be implemented in an external platform. They should be able to edit their submissions at least until one week prior to the event.

The questions are

• How would you set up the user management? I still don't have all the details, if there is one person managing all projects for each country or if there are multiple, but there will probably be 50+ accounts. Would you create one account per country which manages everything, or no accounts at all, but tokens or pin-codes or something like that to identify? It should be as painless as possible for people to submit data, but also robust.
• Do you know of a CMS/platform that can easily be modified to take care of that and also has an API to query and use the collected data? I mean, technically it's just an uploadform that stores images and links to it and text, related to a project, which is related to a country.

I did play around a bit with strapi, a headless cms which has a nice GraphQL API, but I would need to build a frontend for that and figure out the user registration process.

Thanks in advance for any pointers!
Cheers, M

@jimcavoli I've installed that thing the other day and boy, this is a monster compared to my current ITIL solution. Not quite happy with some of the userflow (took me a while to figure out how to make my cloudron user an admin), but I'll play around with it some more.