the noop backend is migrated into 0 sites config.
when the updater code sees that there is no site to backup, it will
just fail. user has to manually update with skipBackup flag.
OCSP is getting deprecated in favor CRLs. Lets Encrypt has already
removed the OCSP URL in the certs and the OCSP validation server
is being decommissioned .
https://letsencrypt.org/2024/12/05/ending-ocsp/
https://forum.cloudron.io/topic/13408/update-to-cloudron-8.3-error
We get a Task xx crashed with code null in the notification.
The crux of the issue is that we use KillMode=control-group. This ends
up sending SIGTERM signal to box code and all the sudo in parallel. The box
code then sees the sudo die and records the task as failed.
To fix, we switch to KillMode=mixed. This gives box code a chance to handle SIGTERM
first. It cleans out its task list and kills all the sudo.
stopped apps stop the container and the services. a good reason to
not delete them is to keep the image around and it's quick to start up again.
only update is not allowed during the app is stopped (because the start.sh
cannot be run).
all other operations like cpu/memory/device/service changes/data dir/location change
are all allowed.
collectd (with the python plugin) seems semi-abandoned. replace
with our own. we have more control over how to collect things instead
of relying on random plugins.
some apps really want a valid certificate to send mail and upstream
authors won't add support to skip self-signed certs or skip host name
check in cert. In our case, the issue is that we use 'mail' as the
server name despite having valid certs.
this flag will set the server name to the full mail server fqdn and
also reconfigure the app as needed when the mail server name changes.
we also set up the mail server name to resolve to internal IP because
no mail port is exposed when we are not receiving emails!
