Girish Ramakrishnan
ca83deb761
Docker's initial IPv6 support is based on allocating public IPv6 to containers. This approach has many issues: * The server may not get a block of IPv6 assigned to it * It's complicated to allocate a block of IPv6 to cloudron server on home setups * It's unclear how dynamic IPv6 is. If it's dynamic, then should containers be recreated? * DNS setup is complicated * Not a issue for Cloudron itself, but with -P, it just exposed the full container into the world Given these issues, IPv6 NAT is being considered. Even though NAT is not a security mechanism as such, it does offer benefits that we care about: * We can allocate some private IPv6 to containers * Have docker NAT66 the exposed ports * Works similar to IPv4 Currently, the IPv6 ports are always mapped and exposed. The "Enable IPv6" config option is only whether to automate AAAA records or not. This way, user can enable it and 'sync' dns and we don't need to re-create containers etc. There is no inherent benefit is not exposing IPv6 at all everywhere unless we find it unstable. Fixes #264
Cloudron
Cloudron is the best way to run apps on your server.
Web applications like email, contacts, blog, chat are the backbone of the modern internet. Yet, we live in a world where hosting these essential applications is a complex task.
We are building the ultimate platform for self-hosting web apps. The Cloudron allows anyone to effortlessly host web applications on their server on their own terms.
Features
-
Single click install for apps. Check out the App Store.
-
Per-app encrypted backups and restores.
-
App updates delivered via the App Store.
-
Secure - Cloudron manages the firewall. All apps are secured with HTTPS. Certificates are installed and renewed automatically.
-
Centralized User & Group management. Control who can access which app.
-
Single Sign On. Use same credentials across all apps.
-
Automatic updates for the Cloudron platform.
-
Trivially migrate to another server keeping your apps and data (for example, switch your infrastructure provider or move to a bigger server).
-
Comprehensive REST API.
-
CLI to configure apps.
-
Alerts, audit logs, graphs, dns management ... and much more
Demo
Try our demo at https://my.demo.cloudron.io (username: cloudron password: cloudron).
Installing
Note: This repo is a small part of what gets installed on your server - there is the dashboard, database addons, graph container, base image etc. Cloudron also relies on external services such as the App Store for apps to be installed. As such, don't clone this repo and npm install and expect something to work.
Development
This is the backend code of Cloudron. The frontend code is here.
The way to develop is to first install a full instance of Cloudron in a VM. Then you can use the hotfix tool to patch the VM with the latest code.
SSH_PASSPHRASE=sshkeypassword cloudron-machine hotfix --cloudron my.example.com --release 6.0.0 --ssh-key keyname
License
Please note that the Cloudron code is under a source-available license. This is not the same as an open source license but ensures the code is available for introspection (and hacking!).
Contributions
Just to give some heads up, we are a bit restrictive in merging changes. We are a small team and would like to keep our maintenance burden low. It might be best to discuss features first in the forum, to also figure out how many other people will use it to justify maintenance for a feature.
Localization
