authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols, implement sign-up/recovery/etc. in your application so you don't have to deal with it, and many other things.
Best posts made by nj
Authentik - Making authentication simple.
RE: Odoo - distributed business apps
I have packaged Odoo successfully.
Please check out http://github.com/njsubedi/cloudron-odoo
I had to patch the default Database connection function to prevent Odoo from connecting to the database named “postgres” from different places.
Otherwise, everything is working as expected. Simply clone the repo, and then from inside the repo, run
cloudoron build cloudron install -l <subdomain.yourcloudron.tld>
Please post any error logs or problems here so I can continue to improve it.
Update: somehow LDAP login is failing; need to look into it.
RE: Keycloak & Cloudron
@ianhyzy I finally managed to run Keycloak on Cloudron after a few days of trying. Most of the code is from this repository. The author seemed to have used a heavily modified configuration file, tailored to fit their needs. Also they had a two-step build system, where they pushed a customized Keycloak image to the hub, then the actual Cloudron app made use of the previously pushed image. That didn't seem necessary.
So, I wrote a simple build script that would:
- spawn a fresh installation of Keycloak
- export the default master realm configuration
- adds LDAP and SMTP configuration for Cloudron to the exported file
The app I put together is based on
cloudron/base:3.2and makes use of the freshly exported and customized configuration file, which IMO is more compatible with Keycloak updates.
I'll publish the code on Github this weekend. I'm planning to use this instance to install Outline because it now supports a custom OIDC auth provider.
RE: Keycloak & Cloudron
@girish Please check this out. I previously packaged Keycloak but suddenly the Keycloak team decided to deprecate the Wildfly version and started supporting Quarkus runtime. So I had to re-package it again. Took a while during the weekdays.
RE: Outline - a Notion-like open source app
I have also packaged Outline: https://github.com/njsubedi/cloudron-outline, thanks to the work @klawitterb started. Still no success with
passport-ldapauthbut since I've also packaged Keycloak, LDAP auth is no longer a blocker for Outline. I also added some more details on the manifest/POSTINSTALL.md file if anyone is interested. It would be awesome if
miniowas available as an addon.
I recommend someone with more knowledge of
passport-ldapauthto try adding support for authenticating cloudron users.
RE: Keycloak & Cloudron
@girish That worked. By the way, is there a plan to package Keycloak? I managed to run Keycloak and Outline on Cloudron. Keycloak needed some patching to make it work on the read-only system without mounting everything to /app/data. Outline wiki app can be easily set up to authenticate using Keycloak. Both apps seem to be working as they should. Do you think we can publish those apps to the Cloudron App Store? That would be my first experience publishing an app.
Currently, I am packaging the Outline app to directly authenticate with the Cloudron user directory without the need to install Keycloak. If anyone is interested, I published a little more details in my blog. I'm doing another write-up describing the issues I solved while packaging Keylcloak.
Swagger Editor, Swagger Codegen & Swagger UI
I have been using Postman with my team for developing and publishing APIs for our services, but the costs are adding up pretty quickly ($15/user/month), and still no support for SSO.
I noticed that your documentation makes use of Swagger, so I am sure it would be fairly easy to add support for the same.
Please don't forget to upvote if you think it's a good idea.
RE: Sponsoring: Odoo
I have packaged Odoo, and posted about it here.
Filter user by Active status
As our team is growing, people start moving out, and sometimes we need to add temporary staff, so there are 2x many users that are marked as not active. The "Users" list is quite hard to navigate. There's a pagination of 20-100 results per page, which is somewhat helpful, but still no way to only show active users.
If there was a way to only show Active users like the screenshot above, that would be much helpful.
Latest posts made by nj
RE: Log visitor IP Correctly instead of 172.18.0.1
@nebulon Thanks for the quick fix. I can confirm it works. No ipv6 on my cloudron yet.
Support PowerDNS Provider
I would love it if Cloudron supported PowerDNS as a DNS backend. I want wildcard certificate from Let’s Encrypt but it required a programmable backend.
I like to run my own DNS server- a hidden primary that isn’t published (eg. no hostname) and multiple secondary servers across different geolocations. This gives a lot of freedom, and most importantly gives me as little TTL as I want.
Unfortunately, I’ve not been able to use it for my Cloudron.
Jitsi Meet Error: CLOUDRON_LDAP_URL: unbound variable
After updating to
firstname.lastname@example.org app won't restart because of the error.
Mar 16 12:58:38 JVB 2022-03-16 07:13:38.869 INFO:  HealthChecker.run#171: Performed a successful health check in PT0.000002S. Sticky failure: false Mar 16 12:58:45 2022-03-16 07:13:45,876 WARN received SIGTERM indicating exit request Mar 16 12:58:45 2022-03-16 07:13:45,877 INFO waiting for jicofo, nginx, prosody, videobridge to die Mar 16 12:58:46 2022-03-16 07:13:46,879 INFO stopped: videobridge (terminated by SIGTERM) Mar 16 12:58:47 2022-03-16 07:13:47,174 INFO stopped: prosody (exit status 0) Mar 16 12:58:47 2022-03-16 07:13:47,178 INFO stopped: nginx (exit status 0) Mar 16 12:58:47 Jicofo 2022-03-16 07:13:47.178 WARNING:  org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListener: Connection XMPPTCPConnection[email@example.com/focus] (0) closed with error Mar 16 12:58:47 org.jivesoftware.smack.XMPPException$StreamErrorException: system-shutdown You can read more about the meaning of this stream error at http://xmpp.org/rfcs/rfc6120.html#streams-error-conditions Mar 16 12:58:47 <stream:error><system-shutdown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/><text>Received SIGTERM</text></stream:error> Mar 16 12:58:47 at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:981) Mar 16 12:58:47 at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$700(XMPPTCPConnection.java:913) Mar 16 12:58:47 at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:936) Mar 16 12:58:47 at java.base/java.lang.Thread.run(Thread.java:829) Mar 16 12:58:47 2022-03-16 07:13:47,180 INFO stopped: jicofo (terminated by SIGTERM) Mar 16 12:58:50 => Ensure directories Mar 16 12:58:50 => Create configs Mar 16 12:58:50 ==> Configuring static assets Mar 16 12:58:50 ==> Configuring SASLauthd for LDAP Mar 16 12:58:50 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable Mar 16 12:58:51 => Ensure directories Mar 16 12:58:51 => Create configs Mar 16 12:58:51 ==> Configuring static assets Mar 16 12:58:51 ==> Configuring SASLauthd for LDAP Mar 16 12:58:51 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable Mar 16 12:58:52 => Ensure directories Mar 16 12:58:52 => Create configs Mar 16 12:58:52 ==> Configuring static assets Mar 16 12:58:52 ==> Configuring SASLauthd for LDAP Mar 16 12:58:52 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable Mar 16 12:58:53 => Ensure directories Mar 16 12:58:53 => Create configs Mar 16 12:58:53 ==> Configuring static assets Mar 16 12:58:53 ==> Configuring SASLauthd for LDAP Mar 16 12:58:53 /app/code/start.sh: line 17: CLOUDRON_LDAP_URL: unbound variable
Cannot enforce 2FA on 7.1.3
Previously I had enforced 2FA for all users. Today, I saw that the checkbox was turned off. I turned it on. Then clicked "Save". The following error is shown, without any network request.
Note: My account has 2FA enabled. I don't know why the message is shown when I have enabled 2FA in my admin account. I disabled and re-enabled 2FA to see if this error goes away, but it doesn't.
After refreshing the page, the "Require users to set up 2FA" is automatically turned off.
RE: Odoo - distributed business apps
@girish I'd say it is ready to be released as an unstable app. I tried restarting, reinstalling, updating, etc, and everything is working fine. I'm still unsure whether to keep the IMAP settings or remove it, because
recvmailis mostly deprecated.
As other members said, there will be missing out on a lot of community addons but sooner or later they will be updated to support the latest Odoo version.