Cloudron 7.4 released
We are happy to announce the release of Cloudron 7.4!
For those unaware, Cloudron is a platform that makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server and keep them up-to-date and secure.
Cloudron 7.4 has many new features including a new base image, Database upgrades, OpenID Connect support, Bunny.net DNS, Porkbun DNS, Easier internal services connectivity, HSTS preloading, Cloudflare proxying, Danish translation, IDrive e2 storage provider, DoT ClientID support & much more.
Ubuntu 22.04 Base image
Cloudron apps use a shared base image across all apps and internal services. This is done not just to conserve space but also to have a consistent deployment and debugging environment.
We have upgraded the base image to Ubuntu 22.04 (Jammy). All services and apps have been updated to use this base image. If you deploy custom apps, please use the base image cloudron/base:4.0.0@sha256:31b195ed0662bdb06a6e8a5ddbedb6f191ce92e8bee04c03fb02dd4e9d0286df
Database upgrades
Database services have been upgraded. This was no easy feat - in fact this took us 3 months! We had to test hundreds of apps in the App Store for compatibility before upgrading. On top of this, we had to implement automatic database migrations from their previous version. Unfortunately, one app (Taiga) has to be left behind since it does not support PostgreSQL 14.
- Mongodb 4.4 (unchanged)
- PostgreSQL 14.5 (upgraded from 12.12)
- MySQL 8.0.31 (upgraded from 8.0.27)
- Redis 6.0 (upgraded from 5.0.7)
Going forward, please note that MongoDB 5.0 requires AVX support . For this reason, we will stop supporting servers without AVX support from Cloudron 7.6.
OpenID Connect
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. Starting 7.4, in addition to being a LDAP server, Cloudron is an OIDC provider.
The main advantages of OIDC support are:
- True single sign-on across apps
- Manage app sessions from the Dashboard
- 2FA support across apps
- More secure since apps never see the user's password
Apps integrate automatically with the OIDC server using the oidc addon. Over the coming months, we will gradually migrate apps using the LDAP addon to use the OIDC addon.
You can also integrate external apps by adding OIDC clients:
Bunny DNS
bunny.net is a powerfully simple CDN that delivers content at lightning speeds across the globe. Cloudron now supports Bunny DNS automation using the new Bunny provider.
Porkbun DNS
Porkbun is an ICANN-accredited domain registrar based out of Portland, Oregon. Cloudron now supports Porkbun DNS automation using the new Porkbun provider.
IDrive e2
IDrive e2 Hot Storage provides S3 compatible object storage with no egress fees and has 15 locations across the US, Canada, Europe and Asia.
You can setup Cloudron to backup there using the IDrive e2 provider.
HSTS Preloading
HSTS Preload is a list of sites that are hardcoded into Chrome as being HTTPS only. Most major browsers (Chrome, Firefox, Opera, Safari, IE 11 and Edge) also have HSTS preload lists based on the Chrome list.
To enable HSTS Preload, enable it in the Security section of the app:
Cloudflare proxying
In previous releases, Cloudron added a new subdomain to Cloudflare with the proxying flag disabled. This could potentially be a security issue because the IP of the server could be exposed during the time you logon to the Cloudflare dashboard and turn the flag on.
In 7.4, you can set the value of proxying flag for newly added subdomains in the Domains view. New DNS records are configured for proxying HTTP requests based on the Enable proxying for new DNS records checkbox.
Danish translation
Dansk 🇩🇰 oversættelse er tilføjet. Mange tak til @jayonrails!
DoT ClientID
ClientIDs are identifiers that can be used with the following DNS protocols: DNS-over-HTTPS, DNS-over-TLS, and DNS-over-QUIC. Each client can be configured and monitored individually.
Cloudron now supports ClientID in apps like AdGuard Home using wildcard aliases.
See the docs for more information.
Disk speed
Disk speed is now shown for each disk in the Graphs.
Internal databases
Cloudron users an internal private network for the databases used by apps. Often, one needs to connect to the internal databases from the outside for migration/analysis/configuration. We have assigned static internal IPs to database services to make it easier to connect to them via SSH tunnel. See the Connect to MySQL and Connect to PostgreSQL guides for more information.
Misc
- Vultr object storage: add bangalore and silicon valley regions
- Exoscale object storage: add sofia and munich regions
- AWS S3: add Asia Pacific and Africa regions
- DigitalOcean spaces: add sydney and singapore regions
- Scaleway: add warsaw region
- Eventlog: now preserved for 3 months
- Log viewer: order existing logs by date across all services
- Dynamic DNS: update IP of secondary, redirect & alias domains
- Domains: add pagination and search filter
- Add authentication for Proxy Apps
What's coming next
Head over to our forum to learn more about what's coming in our next release - 7.5.
Install or update Cloudron
New to Cloudron? Get started for free by running with 3 simple commands on your server.
To update an existing installation, simply click on the 'Update now' button on your dashboard.