Lock libretranslate to only users with api keys

Thank you! Do you know off hand what the code would be to remove a certain API key?

So, basically, these codes work:

Add a new key:

su - cloudron -c 'source /app/code/.venv/bin/activate; ltmanage keys --api-keys-db-path /app/data/db/api_keys.db add 120'

Show all created keys:
su - cloudron -c 'source /app/code/.venv/bin/activate; ltmanage keys --api-keys-db-path /app/data/db/api_keys.db'

But, the remove key doesn't seem to work for me (I don't understand the formatting) and it would be great to have a character set version as well such as from LibreTranslate: ltmanage keys add 120 --char-limit 5000

Okay, sorry for the rapid fire.

I used this code successfully to show my keys - maybe want to update the docs to show this code as the link to the libretranslate docs shows code that doesn't have the Cloudron layered on:

su - cloudron -c 'source /app/code/.venv/bin/activate; ltmanage keys --api-keys-db-path /app/data/db/api_keys.db'

Also, in the main dashboard of the app, this link is broken (misspelled https://)

When tried to setup the keys, as well, I ended up creating four, which is probably fine. But, I ran this command to try to remove the three extra keys for simplicity sake and failed. How do I amend this code to remove keys:

su - cloudron -c 'source /app/code/.venv/bin/activate; ltmanage keys remove <key-I-want-to-remove> --api-keys-db-path /app/data/db/api_keys.db'

The documentation from libretranslate really doesn't help all that much because of how Cloudron interacts with things. Please let me know where I went wrong with my attempt at hacking the code together above because it didn't work.

If I install a key, do I need to comment out the line below so that it is locked down to only users with api keys?

Thank you all so much. This is extremely helpful and will guide how I set up things. I appreciate better now that you can migrate very easily with Cloudron. So that part doesn't give me any reservations.

I didn't think of email and blacklists so thanks for pointing out a blindspot.

One more quick question. Do you recommend installing CrowdSec or not? Maybe it's overkill?

I'm excited to see this in production!

Hello,

I am new to this and wanted to ask a couple questions. I am planning on installing at Hetzner and using a domain I picked up through Cloudflare. There is no one-click install, but I am not sure that would be the best idea for me regardless to not know what's going on fully.

I understand this script is all I need to run on the latest version of Ubuntu LTS, which right now is 24.04.

wget https://cloudron.io/cloudron-setup
chmod +x ./cloudron-setup
./cloudron-setup

My question is twofold:

• Since my plan is to use Cloudron for my own company and in the future roll out to clients we have, is it wiser for me to go the route of a dedicated vCPU or a shared VCPU?
  
• Second, I want to make sure that I secure this as best as we can. Should I, or should I not, 1. disable the root user, 2. setup the non-root user and enable its keygen, 3. install Fail2Ban, and/or 4. install Crowdsec BEFORE I go through the installation as described with the wget command? Should I do this after I install Cloudron or does Cloudron do some of these items itself? Are any of these four steps here unnecessary?

Thank you for the help in advance. If there is anything that a NEW user should ask but I am missing here, please let me know where to look for insight. Cloudron seems like the best solution for me right now, but I just want to make sure I get the initial install done right so that I can focus on deploying the apps and not on the integrity of my initial installation.

Matt