RE: guacamole remote desktop

@plusone-nick Wait - Will this work in an MSP setting? It's just an RDP Gateway, but it's not used like ScreenConnect, TeamViewer, etc (where you could generate a code, then use that code to connect.)

@girish Sounds about right to me.

@msbt said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

Today I had two compromised WordPress installations (one on Cloudron, one on an external webhoster). The webhoster sent me an email with the infected files and asked for removal. Would be a nice addition to cloudron if it scanned the files of certain apps for malware and notifies the admin.

Any thoughts on that?

Best regards

I agree, but change "certain apps" to "all apps"

@pratik No I meant that Nextcloud (Enable External Storage plugin in apps) can mount SFTP, WebDAV, Git, etc in user profiles (no need to have extra space)

Filestash is super cool and can be used standalone which is nice.

@pratik I believe Nextcloud can actually do a lot of these - maybe not the MySQL stuff but we use phpmyadmin for that anyway.

Has anyone figured out how to get Spectre working properly? Once I do the initial import (which works VERY well) it fails subsequent imports.

@why42 Go back to 22, reinstall fail2ban, then secure the port by using Private key authentication.

I suppose you can keep sshguard, but still configure for private key auth.

Also, Using a port so close to 22 like 202 will do nothing to people scanning your ports in ranges (IE 1 - 2000 which will find that port anyway). So just leave it on 22 and only allow logins with Private keys (this will prevent brute forcing and private keys will take millions of years to decipher with a VERY good password protected key.)

@will If you look at my thread history, you will find a tutorial on how to install this on the LAMP app for use right now in Cloudron

Edit: here is the tutorial: https://forum.cloudron.io/post/5246

@girish More so, it actually seems there are going to be a community and paid version of the product:

https://github.com/usefathom/fathom/issues/268#issuecomment-495797960

Edit: V1 will continue to be open source, maintained and such. Meaning security updates will be had. This is acceptable in my book for those that want it. V2 is the closed source version, but it's also likely we can change the developers mind if there was more incentive to stay open in V2 as well.

@jdaviescoates Oh PMs must have been disabled or something, you can find my contact info on https://urgero.org

Use whatever is comfortable for you. Many contact options to choose from.

@jdaviescoates If you would like, we can discuss this in a PM? I'd be more than happy to build a portal for your users to register at.

@girish Having it in unstable would be awesome.

@girish I do not see this app in unstable on my end, are we waiting until the next cloudron release?

@simon What are you trying to link in Markdown? it should automatically make a linke when you do something like:

[Link Name](zpl://someserver)

Is it not?

@moonmeister I found it somewhat easy to run nodejs using the "run.sh" method that is documented. Though I don't think this is the best way to do it. a way to configure this or a new app would be best tbh.

This is an exciting package to get rolling. I have been wanting this for a while but never got around to packaging it myself. Great work!

@moonmeister The LAMP app has NodeJS installed - it could be used in that.

In case you would like it, I just made a tutorial on installing Pixelfed to the LAMP app:
https://forum.cloudron.io/topic/2058/installing-pixelfed-in-the-lamp-app-properly-well-enough

Pixelfed is A free and ethical photo sharing platform, powered by ActivityPub federation. This means posts, comments, etc are feature-compatible with Mastodon, GNU/Social, Pleroma, and other ActivityPub servers!

Site: https://pixelfed.org/

This is a step by step guide getting PixelFed working in the LAMP app. This will be useful for those that want an ActivityPub server but don't want to use Nextcloud.

The following is a literal step by step guide. Please be mindful when copying & pasting terminal commands.

Step One

Install the LAMP app to the domain of choice. I recommend using the root of a domain (IE not using a subdomain) but subdomain installs are supported.

Step Two
2. Let's clone the PixelFed repo into the app, open up the Debug -> Terminal settings for the LAMP app you just installed. Some of the following wont make much sense, but trust me when I say the way we are installing is probably the best way without making a whole new app for this.

cd /app/data
git clone -b dev https://github.com/pixelfed/pixelfed.git pixelfed

Now we need to move the current public folder, then copy the data from pixelfed into the /app/data folder (just copy and paste these bits, it's easier that way)

cd /app/data
mv public public-original

## These two commands just move the contents of the pixelfed folder up one directory.
cd /app/data/pixelfed
find . -maxdepth 1 -exec mv {} .. \;
cd /app/data
rmdir pixelfed

Step Three
Time to install the PHP dependencies. This will likely take a few minutes. If you are using a smaller VPS please allow at least 15 minutes before killing the process.

composer install --no-ansi --no-interaction --optimize-autoloader

Step Four
Let's make sure permissions are good.

chown -R www-data:www-data /app/data
find . -type d -exec chmod 755 {} \; # set all directories to rwx by user/group
find . -type f -exec chmod 644 {} \;

Step Five
Let's copy the generic config, and modify it:

cp .env.example .env

Once you copied the .env file, open it up and modify the following bits to match your environment, note: Only change these bits unless you know what you are doing! The "..." signifies some scrolling between variables.

APP_NAME="Pixelfed Prod"
...
APP_URL=http://localhost
APP_DOMAIN="localhost"
ADMIN_DOMAIN="localhost"
SESSION_DOMAIN="localhost"
...
DB_HOST=127.0.0.1
DB_DATABASE=pixelfed
DB_USERNAME=pixelfed
DB_PASSWORD=pixelfed
...
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
...
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS="pixelfed@example.com"
MAIL_FROM_NAME="Pixelfed"
...
## Change these to 'true' (no quotes)
## If you want to activate ActivityPub
## (The Mastodon, Pleroma, etc protocol)
ACTIVITY_PUB=false
AP_REMOTE_FOLLOW=false
AP_INBOX=false

Note:
After you register your account(s) you can disable registration by making OPEN_REGISTRATION=true equal to OPEN_REGISTRATION=false

Step Six
Now we need to initialize the Database, cache, and routes:

cd /app/data

## Generate the security key:
php artisan key:generate

## Cache configuration variables (run this command everytime you change the .env file!)
php artisan config:cache

## Link storage folder:
php artisan storage:link

## Only really needs to be ran once, but may need to be ran on updates:
## This sets up the database
php artisan migrate --force

## Setup Horizon dashboard for Admins (to see the PHP queue)
php artisan horizon:install
php artisan horizon:assets

## Cache routes
php artisan route:cache

Step Seven
Let's configure run.sh to start the Horizon service in the background as a job (since we can't really use systemd here)
Edit /app/data/run.sh and add to it at the bottom:

cd /app/data

php artisan config:cache
## php artisan migrate --force
php artisan route:cache
php artisan horizon &

This will start the horizon service after caching routes and configs. Restart the app after you change the .env file, or if the Horizon service stops for some reason.

Step Eight (Finale!)
Now, go to the URL for your app and you should see:

Note: your /app/data folder should look like this (give or take)(cd /app/data && ls -a) :

Let's make your admin account! (Used for moderation, and configuration of the server once it is live.)

1. Register an account in your new Pixelfed server. Make sure to verify the email (If you did not get an email, we cna change that manually in the DB!)

2. Login to https://APP_URL/phpmyadmin using the phpmyadmin_login.txt file for the credentials.

3. Go into the database and then select the Users table. Find your user (should be EASY) and copy the created date to the email verified column if needed, then change the is_admin from 0 to 1:
   

4. Logout of Pixelfed and log back in and you will be an admin with a verified email!

---

This should cover the whole installation of Pixelfed. Let me know if I missed anything or if there are issues with any of the above. Thanks!!

@roru2k20 The only way to do this is to clone the Confluence cloudron app source code (found on git.cloudron.io) and make the changes needed fro 7.2.0. Otherwise, you will need to wait for the Cloudron devs to update the package.