How can I setup Group Folders?

Got it! Might be worth to increase UX by putting a hint to this in the empty Group Folders view. Maybe just an addon sentence after "not part of any group folder yet"

I guess Komga is not for the casual "upload a comic here and there" use case, but bigger, pre-existing libraries. I personally have my comics on a storage share, which I mounted through Cloudron and imported in Komga. Works well enough.

Thx @nebulon ! This could be part of the First Time Usage hints or docs at https://docs.cloudron.io/apps/postiz/ - just not a very obvious behaviour by Postiz

@joseph the immich.json does not expose a config setting for the file upload/storage path [1]. Looks like the way to go is the env var UPLOAD_LOCATION [2]

[1] https://immich.app/docs/install/config-file/
[2] https://immich.app/docs/install/environment-variables/#docker-compose

For our side I can say that we followed all steps at https://docs.postiz.com/providers/instagram and put the resulting credentials in the env.sh file and reloaded the app. When we want to add Instagram as a channel we are linked out to an error page on meta/facebook that says "App ID invalid"

Looking at the linkout URL it seems the client_id is not set.

If I set the client_id parameter manually to our FACEBOOK_APP_ID from env.sh the authorisation process starts. At first it looks to go through, but after redirecting to Postiz I get this error:

Log file at this time:

Apr 24 09:36:34 13:M 24 Apr 2025 07:36:34.012 * 10 changes in 300 seconds. Saving...
Apr 24 09:36:34 13:M 24 Apr 2025 07:36:34.013 * Background saving started by pid 3078
Apr 24 09:36:34 13:M 24 Apr 2025 07:36:34.114 * Background saving terminated with success
Apr 24 09:36:34 3078:C 24 Apr 2025 07:36:34.020 * DB saved on disk
Apr 24 09:36:34 3078:C 24 Apr 2025 07:36:34.021 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
Apr 24 09:38:29 2025-04-24T07:38:29Z
Apr 24 09:38:29 2025-04-24T07:38:29Z
Apr 24 09:38:29 [Nest] 130 - 04/24/2025, 7:38:29 AM WARN OpenAI API key not set, chat functionality will not work
Apr 24 09:38:29 Node.js v20.18.2
Apr 24 09:38:29 UnhandledPromiseRejection: This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). The promise rejected with the reason "#<RefreshToken>".
Apr 24 09:38:29 ^
Apr 24 09:38:29 at process.processTicksAndRejections (node:internal/process/task_queues:96:32) {
Apr 24 09:38:29 at processPromiseRejections (node:internal/process/promises:470:17)
Apr 24 09:38:29 at throwUnhandledRejectionsMode (node:internal/process/promises:389:7)
Apr 24 09:38:29 code: 'ERR_UNHANDLED_REJECTION'
Apr 24 09:38:29 new UnhandledPromiseRejection(reason);
Apr 24 09:38:29 node:internal/process/promises:389
Apr 24 09:38:29 {"error":{"message":"Missing or invalid client id.","type":"OAuthException","code":101,"fbtrace_id":"AQjOzXIs8yqUOOGZn6sXIys"}}
Apr 24 09:38:29 }
Apr 24 09:38:30 TypeError: fetch failed
Apr 24 09:38:30 [cause]: SocketError: other side closed
Apr 24 09:38:30 at Socket.<anonymous> (node:internal/deps/undici/undici:6294:28)
Apr 24 09:38:30 at Socket.emit (node:events:530:35)
Apr 24 09:38:30 at async /app/code/dist/apps/frontend/.next/server/app/(site)/integrations/social/[provider]/continue/page.js:3:28297
Apr 24 09:38:30 at async ic (/app/code/dist/apps/frontend/.next/server/app/(site)/integrations/social/[provider]/continue/page.js:3:26983) {
Apr 24 09:38:30 at endReadableNT (node:internal/streams/readable:1698:12)
Apr 24 09:38:30 at node:internal/deps/undici/undici:13502:13
Apr 24 09:38:30 at process.processTicksAndRejections (node:internal/process/task_queues:82:21) {
Apr 24 09:38:30 bytesRead: 0
Apr 24 09:38:30 bytesWritten: 1844,
Apr 24 09:38:30 code: 'UND_ERR_SOCKET',
Apr 24 09:38:30 digest: '1372167340',
Apr 24 09:38:30 localAddress: '::1',
Apr 24 09:38:30 localPort: 55620,
Apr 24 09:38:30 npm notice
Apr 24 09:38:30 npm notice
Apr 24 09:38:30 npm notice Changelog: https://github.com/npm/cli/releases/tag/v11.3.0
Apr 24 09:38:30 npm notice New major version of npm available! 10.8.2 -> 11.3.0
Apr 24 09:38:30 npm notice To update run: npm install -g npm@11.3.0
Apr 24 09:38:30 remoteAddress: '::1',
Apr 24 09:38:30 remoteFamily: 'IPv6',
Apr 24 09:38:30 remotePort: 3000,
Apr 24 09:38:30 socket: {
Apr 24 09:38:30 timeout: undefined,
Apr 24 09:38:30 {"level":"error","ts":1745480310.3278437,"logger":"http.log.error","msg":"EOF","request":{"remote_ip":"172.18.0.1","remote_port":"35770","client_ip":"172.18.0.1","proto":"HTTP/1.1","method":"POST","host":"postiz.claudron.OURSERVER.de","uri":"/api/copilot/chat","headers":{"Origin":["https://postiz.claudron.OURSERVER.de"],"X-Forwarded-Host":["postiz.claudron.OURSERVER.de"],"X-Forwarded-Port":["443"],"Accept-Encoding":["gzip, deflate, br, zstd"],"Sec-Fetch-Mode":["cors"],"Priority":["u=1, i"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"],"Sec-Ch-Ua-Platform":["\"macOS\""],"Accept":["application/graphql-response+json, application/graphql+json, application/json, text/event-stream, multipart/mixed"],"X-Forwarded-Proto":["https"],"Sec-Fetch-Site":["same-origin"],"Sec-Fetch-Dest":["empty"],"X-Real-Ip":["46.223.213.127"],"Connection":["close"],"Referer":["https://postiz.claudron.OURSERVER.de/integrations/social/instagram?code=AQBnG8A4zYRd27Sa7_7BS78Igi0DyhPcl3jdoC75v7nu9SXxTlRoih2h3SwYMXLe0RY2IShhTSyfrEWsdYPimvWBdacLR-fGJy1Pwz3nHj8DsxPnrgJT-2ymi0oXZy-gxkfBc5Fqiw9hGD3OnXWnFwnw-3QwFeWDLm3-uu5uoro2tO9PxQPPFftrCpHlwz26p86UiNkkJWrDY2VE9b04esMKejCKrWRtU7R8yBt3gz4tcGr1V97KFQASK-K7bsKBuSaIJZi8mpc-aiWLSBhvHc5pUux4g7gqKSGeM9kbvFnFy3F1PH7nxKWQLeIlARyRvGbi4-3nEPm8Rfw_ABah-GdN21sO-mWp3iqfhcSlHiHT0PwAVYhUHnZ59J-X_B9Zr41j0L3lbiDfVFdJqag0OOR_a9oWDKc7XCzT0FIAOCGvdg&state=zlLtoo"],"Sec-Ch-Ua":["\"Chromium\";v=\"135\", \"Not-A.Brand\";v=\"8\""],"Dnt":["1"],"X-Copilotkit-Runtime-Client-Gql-Version":["1.8.5"],"X-Forwarded-For":["46.223.213.127"],"X-Forwarded-Ssl":["on"],"Content-Length":["209"],"Cookie":["REDACTED"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Content-Type":["application/json"],"Sec-Ch-Ua-Mobile":["?0"]}},"duration":0.829163942,"status":502,"err_id":"nxr9zs32h","err_trace":"reverseproxy.statusError (reverseproxy.go:1373)"}
Apr 24 09:38:30 }
Apr 24 09:38:30 }
Apr 24 09:38:30 }
Apr 24 09:38:31 2025-04-24 07:38:31,012 WARN exited: backend (exit status 1; not expected)
Apr 24 09:38:32 2025-04-24 07:38:32,146 INFO spawned: 'backend' with pid 192
Apr 24 09:38:33 2025-04-24T07:38:33Z
Apr 24 09:38:33 2025-04-24T07:38:33Z
Apr 24 09:38:33 2025-04-24 07:38:33,120 INFO success: backend entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
Apr 24 09:38:33 > gitroom@0.0.0 start:prod
Apr 24 09:38:33 > node dist/apps/backend/main.js

After Postiz has restarted and I retry the redirect URL I get this error:

This is the redirect URL:

https://postiz.claudron.OURSERVER.de/integrations/social/instagram?code=AQDvNogLUgbQ-BA....

Not sure what to try next.

Not sure why, but the /r/selfhosted crowd is not big on Cloudron it seems. Got multiple downvotes and critical reply.

https://www.reddit.com/r/selfhosted/comments/1kcyqpg/what_optionsideas_for_personal_server/

I noticed that only my superadmin can change the role of other users. Is this correct? I would expect that also regular admins can demote/elevate other users up until their pay grade.

It also not reflected in the docs: https://docs.cloudron.io/user-management/#roles

Thanks!

Hey,

I recently started to give colleagues access to Cloudron apps. Did initial training on what Cloudron is, and how it relates to the actual apps. But more than once I got feedback like: "I dont know how log in to this app, I dont have credentials, or do I?"

In some login journeys (eg Penpot) its not immediately obvious that the users now need their Cloudron credentials.

I think it would be an easy UX win to make it more obvious that this is the Cloudron login form and an app managed login.

Cheers, Sebastian

Just packaged it for myself. In case anyone wants to do this:

Basically follow the packaging Tutorial: https://docs.cloudron.io/packaging/tutorial/

CloudronManifest.json

{
    "title": "Postgrest",
    "version": "0.0.1",
    "healthCheckPath": "/",
    "httpPort": 3000,
    "manifestVersion": 2
}

install image directly from postgrest Docker Hub https://hub.docker.com/r/postgrest/postgrest

cloudron install --image postgrest/postgrest

And then configure by setting env vars on the app via Cloudron CLI
https://postgrest.org/en/stable/references/configuration.html

eg

cloudron env set --app YourAppName "PGRST_DB_URI=postgresql://user:pwd@host:port/db"

Feeling a bit stupid, but I dont see any way to setup group folders. Where should I look?

In the Group Folders Section the NEW and UPLOAD buttons a inactive.

I put the Cubby data folder on a WebDav volume, but permissions should be fine. In "My Files" I can CRUD files and folders without issues.

Any idea?

Same use case here: would like to manage my photos with Immich, but want/need to store them on a Hetzner Storage Box (or any other external storage). My library is just to big to put it on the actual Cloudron Server. How can this be achieved? Did not find any clear path to this. Storage Templates maybe?

@hakunamatata For simple stuff Im always happy with United-Domains. But if you need IaC, automation and APIs Hetzner, etc might be the better bet.

Off-topic as well, but we shape our modern society partly with our wallets. Funding contexts that we want to strengthen and defunding ones we (for whatever reason) do not want to support is part of modern live as conscious buyers and participants of our economies. From a company point of view political/compliance/risk reasons can very well be drivers for technical decisions, even if they steer away from the subjectively "best" solution. So I understand your approach very well. My company will not immediately switch established vendors we are already using. Migration cost is not 0. But for new investments we will also evaluate the current geo political situation (and risk) and probably lean towards european vendors in the future.

@girish fair points. And I agree "Recommended/Popular" is difficult for all the reasons you mentioned. Something like GH stars imo just gives a datapoint for exploration to the users and still leaves the choice to them. (A bit like IMDB ratings on movies sites :)) In my experience they are a strong indicator of what to expect from a project in terms of maturity, usability and support.

@girish said in Add a"Staff Choice" badge/filter to App Store apps:

I don't want to be part of the decision-making of our end user.

First off: im new here. Just discovered Cloudron a few weeks ago. Super impressed! And quite a nice community. And here goes my point: You are already part of the decision making. Or at least together with the community that votes for packages to get included. The App Store is already a curated selection But I can see the direction you are coming from. I mean in the end a feature like GH Stars would safe me 2 clicks, so I would say its definitely a nice-to-have and nothing more.

Thanks for the good work!

I know the information is available when one knows where to look. Its just not obvious. Keywords being "tiny icon"

Also often users do not bookmark Cloudron itself, but the actual app url. Which I think is totally fine. Users should not need to think about Cloudron. Its just SSO for them.

And this only affects some login flows. Often apps have a "Login with Cloudron" button on their login page. Eg FreeScout

This does make it more obvious whats going on.

But some apps dont, which can lead to confusion for users. Eg Penpot has this login page:

Which leads directly to the Cloudron SSO page

A very short text addition like "Login with your Cloudron credentials" would already make things much clearer for users here.

@BrutalBirdie yes! I dont think it needs much more than this. In the end its an SSO login page. It should tell you what credentials to put in (eg Facebook, Microsoft, Twitter, Cloudron, etc).

@BrutalBirdie thanks for the effort. Please tell if you need some debuging infos from our side.

To understand the issue: when I restore a backup there might possibly be

a) new photos in the external store that are not in the restored db because they were added to Immich in inbetween backup and restore time

and/or

b) photos missing in the external store that are still in the restored db because they have been deleted from Immich inbetween backup and restore time

Both sound like states that Immich should address at some point in their ongoing development. Either re-index the storage path or clean db of file entries no longer available. But I have not checked if they have discussions ongoing about such features.

I generally would opt for letting users shoot themselves in the foot, given enough red, bold disclaimers

Same issue with Instagram. Credentials are set in the .env file as descibed in the docs.

So, after some exchanges in the Immich Discord I managed to switch my existing Immich Photo Library to an external volume on a Hetzner Storage Box by copying the files (./upload/*) and setting the IMMICH_MEDIA_LOCATION to a mounted storage volume in /media/
Immich started up again and displayed all my photos.
BUT: it seems I cant upload new photos Not sure why, the /media/ mounted volume (Hetzner Storage Box) seems to have full permissions. Here is the Immich log when trying to upload a file:

May 20 09:21:41 [Nest] 61 - 05/20/2025, 7:21:41 AM ERROR [Api:ErrorInterceptor~7wmg4ktf] Unknown error: Error: EPERM: operation not permitted, utime '/media/FSN1-BX1401/photos/immich/upload/bf2f33b8-b8b4-4f5d-9619-62e462afa3fd/a7/d2/a7d2dc05-0b07-4aca-977f-193026f26430.HEIC'
May 20 09:21:41 Error: EPERM: operation not permitted, utime '/media/FSN1-BX1401/photos/immich/upload/bf2f33b8-b8b4-4f5d-9619-62e462afa3fd/a7/d2/a7d2dc05-0b07-4aca-977f-193026f26430.HEIC'
May 20 09:21:41 at async Object.utimes (node:internal/fs/promises:1127:10)
May 20 09:21:41 at async AssetMediaService.create (/usr/src/app/dist/services/asset-media.service.js:293:9)
May 20 09:21:41 at async AssetMediaService.uploadAsset (/usr/src/app/dist/services/asset-media.service.js27)
May 20 09:21:41 at async AssetMediaController.uploadAsset (/usr/src/app/dist/controllers/asset-media.controller.js:40:29)

Any ideas how to debug this?