jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
18,821 Commits 33 Branches 583 Tags
adee5fa25f583de09e12cd6a3cca9ce3b664e565
Commit Graph

191 Commits

Author SHA1 Message Date
Girish Ramakrishnan 45d68c4da8 shell: set utf8 encoding explicity for spawn and as the default for sudo 2025-10-13 13:14:50 +02:00
Girish Ramakrishnan e45af9b611 sqlite: disable docker logging when backing up 
The redirection > ${outputFile} applies to the docker run client process, not to the container itself.
The Docker daemon is still collecting the container’s stdout and logging it.

https://forum.cloudron.io/topic/13361/after-ubuntu-22-24-upgrade-syslog-getting-spammed-and-grows-way-to-much-clogging-up-the-diskspace/
 2025-09-15 15:46:27 +02:00
Girish Ramakrishnan 12e073e8cf use node: prefix for requires 
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
 2025-08-14 12:55:35 +05:30
Girish Ramakrishnan 989d843fcb shell: make shell.sudo promise based and waitable 2025-07-16 22:04:24 +02:00
Girish Ramakrishnan b42a51cc56 typo 2025-07-13 17:02:35 +02:00
Girish Ramakrishnan bf8a5e6a11 oidc: separate clients for oidc and proxyAuth 
in e2e, our test app has both. in such cases, the auth fails because
the redirect URI does not match
 2025-07-13 15:51:39 +02:00
Girish Ramakrishnan a7e507a137 oidc: some comments 2025-07-13 15:28:47 +02:00
Girish Ramakrishnan 6ac0cd421a use the @cloudron/superagent module 2025-07-10 10:56:05 +02:00
Girish Ramakrishnan 9f35801f64 docker: add options to getStats 2025-07-03 23:56:03 +02:00
Girish Ramakrishnan 6b8b69d324 metrics: rename functions 2025-07-01 11:10:21 +02:00
Girish Ramakrishnan 227da8dce4 test: remove double uninit of db 2025-06-19 10:24:17 +02:00
Girish Ramakrishnan 39cbfb84ae refactor: move moveDataDir into services 2025-06-14 21:18:56 +02:00
Girish Ramakrishnan 73a56830b0 apps: do not start redis when app is stopped 
stopped apps stop the container and the services. a good reason to
not delete them is to keep the image around and it's quick to start up again.

only update is not allowed during the app is stopped (because the start.sh
cannot be run).

all other operations like cpu/memory/device/service changes/data dir/location change
are all allowed.
 2025-06-14 21:03:10 +02:00
Girish Ramakrishnan d924f73ceb services: change restart policy to unless-stopped 
when we stop an app, the service containers are stopped. they
start running again on reboot.

correct restart policy is "unless-stopped" for all the containers.
 2025-06-14 17:51:35 +02:00
Girish Ramakrishnan 5d42439bf4 proxyauth: fix install 2025-06-13 02:05:04 +02:00
Johannes Zellner afd19a7307 Optionally take id from data when adding an oidcClient 
clients for apps use the app.id as the client id
 2025-06-12 22:29:11 +02:00
Girish Ramakrishnan 1ca8eeeb50 split oidc into server and clients 2025-06-11 22:26:23 +02:00
Girish Ramakrishnan f14fbfe087 turn: verbose logs in debug mode 2025-06-04 13:22:25 +02:00
Girish Ramakrishnan 446099b1f9 turn: add note on why we still use host mode 2025-06-04 13:11:12 +02:00
Girish Ramakrishnan 3770f07720 docker: rename function 2025-05-21 15:37:31 +02:00
Girish Ramakrishnan 8cdae41051 update container for auth free healthcheck 
this allows us to check status from cloudron-support script more easily
 2025-04-08 13:25:29 +02:00
Girish Ramakrishnan 5d88e86462 sendmail: add requiresValidCertificate 
some apps really want a valid certificate to send mail and upstream
authors won't add support to skip self-signed certs or skip host name
check in cert. In our case, the issue is that we use 'mail' as the
server name despite having valid certs.

this flag will set the server name to the full mail server fqdn and
also reconfigure the app as needed when the mail server name changes.

we also set up the mail server name to resolve to internal IP because
no mail port is exposed when we are not receiving emails!
 2025-03-08 13:15:53 +01:00
Girish Ramakrishnan a669144d16 graphite: static IP 
this allows some predictible connectivity from apps to play around
 2025-03-03 17:06:20 +01:00
Girish Ramakrishnan d3b10a6711 async not needed, they already return a promise 2025-02-18 14:03:09 +01:00
Girish Ramakrishnan 8e58349bfa replace with custom superagent based on fetch API 2025-02-15 15:14:09 +01:00
Girish Ramakrishnan e34e479c33 services: separate volume clear and rm 2025-01-12 18:08:53 +01:00
Girish Ramakrishnan bd961025f6 platform: get shell output as utf8 2024-12-19 16:59:28 +01:00
Girish Ramakrishnan 83adcd73a9 sqlite3: images.base is gone 2024-12-14 21:40:47 +01:00
Girish Ramakrishnan 8e6890b4d6 docker: rework image pruning 
with our new retagging approach, the Digest ID remains <null> because
this is only set by docker if truly fetched from the registry.

this means that redis container always gets removed...
 2024-12-14 20:47:35 +01:00
Girish Ramakrishnan 5893f53b43 typo 2024-12-14 19:05:32 +01:00
Girish Ramakrishnan 5ce82d6794 docker: parseImageRef 2024-12-14 14:00:05 +01:00
Girish Ramakrishnan 872705d58d oidc: use the cloudron name as provider name 2024-12-02 12:01:19 +01:00
Girish Ramakrishnan ca5776e6f3 services: fix oidc usage 2024-12-02 11:00:12 +01:00
Girish Ramakrishnan 22be1f1b72 sqlite: create dumps based on the basename 2024-11-21 12:34:06 +05:30
Girish Ramakrishnan 7095862601 sqlite: add some comments 2024-11-21 12:24:27 +05:30
Girish Ramakrishnan fa98e0570f sqlite: change path to paths 2024-11-21 10:02:26 +05:30
Girish Ramakrishnan 4316d3eade add sqlite3 addon take 2 
- there is no container id during the addon lifecycle
- sqlite3 requires the localstorage addon to be inited. so this has to
  become like the ftp option
- remove all that child_process streaming stuff. too complicated
 2024-11-21 00:13:17 +05:30
Girish Ramakrishnan f8cd0b5f52 add sqlite3 addon 2024-11-21 00:13:17 +05:30
Girish Ramakrishnan df5ba25010 shell: add explicit bash() function 2024-10-16 10:40:17 +02:00
Girish Ramakrishnan 6c3ca9c364 shell: rework code to use shell.spawn 
spawn gives out streams and we have more control over the stdout/stderr
buffers. otherwise, we have to provide a max buffer capture size to exec
 2024-10-15 12:13:46 +02:00
Girish Ramakrishnan a9e1d7641d shell: make require take a tag 2024-10-14 21:08:32 +02:00
Johannes Zellner 6056ba6475 Another missing check for manifest.addons 2024-07-27 11:56:36 +02:00
Johannes Zellner 01945675ed Check if addons exists in database import 2024-07-22 16:45:13 +02:00
Girish Ramakrishnan a99a8ef382 services: fix crash because of missing safe() 2024-07-08 10:30:10 +02:00
Girish Ramakrishnan 345f9541fe mongodb: do not apply memory limit when no avx 2024-06-23 21:06:30 +02:00
Girish Ramakrishnan e98a1a9767 docker container can use system dns 
only mail container needs unbound for dnsbl
 2024-04-29 15:48:30 +02:00
Girish Ramakrishnan cd5cae33ce dns: switch over to systemd for the host 
this changes unbound to listen to 127.0.0.150 (150 is roman CL)

we cannot only bind on docker bridge because unbound is relied
upon for the initial domain setup. docker itself is only initialized
when the platform initializes
 2024-04-29 11:06:03 +02:00
Johannes Zellner daa8a60da2 oidc: Inject currently hardcoded CLOUDRON_OIDC_PROVIDER_NAME env var 
This is designed to be used in the packages for the login button:
"Login with ${CLOUDRON_OIDC_PROVIDER_NAME}"
 2024-04-17 15:06:22 +02:00
Johannes Zellner 21d7438bbe proxyauth: user OpenID instead of basic auth 2024-04-15 15:59:16 +02:00
Girish Ramakrishnan 0a748ac78a better AVX error message 2024-04-15 10:10:13 +02:00