We are happy to announce the release of Cloudron 3.0!
For those unaware, Cloudron is a platform that makes it easy to run web apps on your server and keep them up-to-date and secure. Think SaaS for self-hosted apps.
Cloudron 3.0 brings many new security enhancements and implements often requested features.
Cloudron installations pull updates from the Cloudron Appstore. The Cloudron Appstore is hosted by the Cloudron team on AWS. There is a small (but valid) security concern that if our cloud infrastructure is compromised then an attacker can push a malicious update.
To mitigate this security risk, Cloudron releases are now signed using GPG. With the new release signing infrastructure in place, Cloudron verifies two things before installing an update:
Ensure that the release package was created by the Cloudron team.
Ensure that the release was staged by the Cloudron team. This check is required for situations where an old signed release can get re-staged as a new update.
If the verification fails, an error like below will be displayed and the Cloudron will not update.
See our documentation to read more about the security benefits of using Cloudron.
You can now setup a redirection from one or more domains to any application installed on the Cloudron using the configure dialog. Currently, the UI only allows a single domain but you can setup more domains using the REST API.
Cloudron stores backups in one of the two formats -
simply makes a zipped tar ball of the application's data, optionally encrypts it and
uploads it to the configured Cloud storage provider. The
rsync format uploads individual
files and unlike the
tgz format supports uploading files incrementally (i.e only what
changed since the last backup) and does server side copies. You can read more about
In Cloudron 3, we have added support for encrypted
rsync backups. With this feature,
all files are encrypted (
aes-256-cbc) before upload. For maximum security, both the
file names and contents are encrypted.
The backup key can be set in the backup settings:
A common workflow on Cloudron is to start out testing an app in a staging environment and then
move it to production. Apps are initially installed at a temporary domain like
and then moved to a production domain like
blog.domain.com. On the Cloudron, moving an existing
app installation to another domain is easy - all you have to do is change the location field in the app's configure UI.
Now, if you wanted to use
blog.staging.domain.com instead (notice the
. instead of
had to first add a new domain named
staging.domain.com and then install
the app under the subdomain
blog of that domain.
In Cloudron 3, you can directly install apps into any level deep subdomain:
Cloudron User management allows users to single sign-on across (supported) Cloudron apps. Cloudron Groups can be used to group users and control access to apps.
In Cloudron 3, we have reworked the
Users view so that you can easily set the groups
of a user when creating a new user:
-. This allows one to create mailboxes like
New to Cloudron? Get started for free by running with 3 simple commands on your server.
To update an existing installation, simply click on the 'Update now' button on your dashboard.