Cloudron 5 released

By Girish on Thursday, March 26th 2020

We are happy to announce the release of Cloudron 5!

For those unaware, Cloudron is a platform that makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server and keep them up-to-date and secure.

Cloudron 5 adds User roles, App passwords, Mail Eventlog & usage, Import UI for apps, Linode integrations, Branding UI & more.

User Roles

In Cloudron 4, there were only two kinds of users - admin & normal user. In Cloudron 5, we have added roles to restrict the permissions of a user.

There are four roles: Owner, Admin, User Manager & User.

An Owner is the person who set up the Cloudron and is in charge of server administration and subscription management. An Owner has the sole permission to configure backups, and the branding.

An Admin can install apps and invite users.

A User Manager can add & remove users and groups.

Finally, a normal user can login to the dashboard and use the apps that they have access to.

The role can be assigned from the Users page.

Important: This release marks the first created admin user as the sole owner. This owner can grant owner permissions to other users. Please see this forum post for more information.

Branding UI

An Owner can configure the look and feel of the Cloudron dashboard. For a start, the following bits can be customized from the new Branding view.

We will add support for providing a custom color scheme/css in a future release.

App Passwords

Cloudron Apps are packaged and maintained by the Cloudron team & community. We ensure that the apps are packaged securely and do not leak sensitive information.

However, many of the apps are accessed using Mobile & desktop clients that require a password to login. Using the password in a 3rd party app is a potential security risk. A password leak by the client will end up compromising Cloudron because other apps use the same password as well.

We have implemented the App Passwords functionality for this reason. If you are trying out a new mobile or desktop app from an untrusted vendor, you can generate a password that provides access to a specific app. This way your main password does not get compromised.

Another use case for App Passwords is to create SFTP credentials for non-cloudron users (this requires Cloudron 5.0.6).

App passwords can be managed in the Profile view.

Linode

Linode is a popular VPS provider for installing Cloudron. You can now store backups on Linode’s Object Storage.

We have also integrated Linode DNS Manager for automated domain setup.

As of this writing, Linode DNS average propagation time is 30 minutes. Installing apps & getting a Let's Encrypt certificate will thus take a while. We are working with the Linode team to get this sorted out.

Import UI

It is now incredibly simple to move an app from one Cloudron to another. First, take an app snapshot in the source Cloudron. Make note of the backup id (click the copy to clipboard icon). Then, install a new app in the target Cloudron. Make sure the package version matches with the original one. After installation, go to it's Backup section and use the Import button.

Mail Eventlog

Mail server activity can now be monitored using the Eventlog UI in the Email page.

Mailbox Usage

Per domain disk usage information is now available in the Email UI.

Per mailbox disk usage information is also available.

Spam Training

Cloudron mail server maintains a per-user spam database. It automatically trains this database when user marks an email as spam (or not). However, an important component that was missing was re-inforced learning where the spam filter is periodically (re)fed spam and ham emails from the user's mailbox. There is now a daily cron job that trains the spam filter using emails from the user's mailbox. No configuration is required, it's completely automatic.

Other notable changes

  • Show backup disk usage in graphs
  • Display timestamps in browser timezone in the UI
  • mail: Add X-Envelope-To and X-Envelope-From headers for incoming mails
  • Fix potential previlige escalation because of ghost file (thanks to @iamthefij for reporting this)
  • Add app start/stop/restart events in event log
  • Use the primary email for LE account

Install or update Cloudron

New to Cloudron? Get started for free by running with 3 simple commands on your server.

To update an existing installation, simply click on the 'Update now' button on your dashboard.

Comments?

Comments/Suggestions/Feedback? Use our Forum or email us.