Cloudron 1.7 released - rsync backup format, Google DNS, DO Spaces

By Girish on Monday, October 16th 2017

We are happy to announce the release of Cloudron 1.7

For those unaware, Cloudron is a platform that makes it easy to run apps on your server and keep them up-to-date.

rsync backup format

Previous versions of Cloudron uploaded tar.gz files as backups. While this approach works quite well, it does not handle large amount of data gracefully. Most cloud storage API require knowing the file length in advance before uploading. This meant that the tar.gz has to be buffered completely in disk (doubling the disk space requirement) or the backup has to be uploaded in chunks. Chunked (multi-part) uploads cannot be parallelized and also take up as much RAM as the chunk size. Finally, such backups cannot be incremental.

Cloudron 1.7 introduces a new rsync backup format. With this format, Cloudron uploads individual files to the backup storage. It keeps track of what it copied the last time around, detects what changed and incrementally uploads only the changed files on every backup. To switch to the format, simply select rsync format in the backup UI.



With the file system backend, the rsync format with the file system backend can optionally hardlink 'same' files across backups to conserve space. If you happen to use a file system that does not support hardlinks, just turn off hardlinks.

Note that the tar.gz format is still supported and there is no need to switch to this new format if backups are currently working fine. In fact, the tar.gz format is significantly faster when uploading a large number of small files like source code repositories to remote storage. In addition, encrpytion is currently only supported with the tar.gz format.

Google Cloud DNS

Cloudron programmatically configures the domain's DNS records using various DNS API backends like AWS Route53, Digital Ocean and Cloudflare. With 1.7, we have added support for domains hosted on Google Cloud DNS. To use this backend, create a service account key in JSON format in the Google Cloud console and set them in the Domains & Certs UI.

Thanks to @syn for this feature!



Improved Spam detection

Cloudron uses SpamAssassin to detect and fight email spam. We had a mis-configuration in the previous versions that led to SpamAssassin not learning spam correctly. We have now corrected this issue and also configured SpamAssassin to apply bayesian filtering after learning 50 spam emails.

Emails are now tagged with the X-Spam-Report header which give a detailed analysis of what went on during spam analysis. It looks like something like:

X-Spam-Report:
    *  1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist
    *      [URIs: qampa.com]
    *  1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
    *      [URIs: qampa.com]

RBL status indicator

A Real-time Blackhole List is a dynamic list of IP addresses that are known to send spam. These lists are maintained by organizations such as Spamhaus, Barracuda, UCEPROTECT Network.

Cloudron now checks over 11 RBLs and display the status in the the email status UI. If the check fails, it's probably a good idea to migrate to another server IP or use Cloudron's email relay feature.



DigitalOcean Spaces

DigitalOcean recently announced a S3 compatible object storage called Spaces. We have added support for backing up to Digital Ocean spaces.



A heads up about using DO Spaces. In our tests, we hit a few issues including missing implementation for copying large files (> 5GB), severe rate limits and very poor performance when deleting objects. If you plan on using this backend, keep an eye on your backups. In any case, Cloudron will notify the admins by email when backups fail.

Cloudscale.ch



Cloudscale is now a supported VPS provider. You can pass --provider cloudscale.ch to the setup script. We have also tested Cloudron backups against their recently announced object storage and it works great! Simply choose 'S3 Compatible' in the backup UI and key in the object storage credentials.

Other notable changes

  • Support uploading backups to Minio servers with a self-signed cert.

  • Preliminary IPv6 support. You can manually point your IPv6 address to the Cloudron server by adding an AAAA record.

  • Add auto-update pattern of Every wednesday night.

  • Haraka (email server) was updated to 2.8.15. This fixes the issue where emails were bounced with the message 'Send MAIL FROM first'.

  • Add button to send test email.

  • Fix a crash in the stats collector that made graphs sometimes disappear.

  • Fix issue where OAuth SSO did not work when alternate domain was used.