Enable Ente CLI persistence and update docs
This commit is contained in:
@@ -21,14 +21,14 @@ cloudron install \
|
|||||||
|
|
||||||
## After Install
|
## After Install
|
||||||
1. **S3** – In Cloudron File Manager open `/app/data/config/s3.env`, fill in your endpoint/region/bucket/access/secret, then restart the app from the dashboard.
|
1. **S3** – In Cloudron File Manager open `/app/data/config/s3.env`, fill in your endpoint/region/bucket/access/secret, then restart the app from the dashboard.
|
||||||
2. **Subdomains** – In the app’s *Domains* tab add aliases for `accounts`, `auth`, `cast`, `albums`, `family`. Create matching DNS records pointing at the primary domain (e.g. if the app is `ente.due.ren`, add `accounts.due.ren → ente.due.ren`, etc.).
|
2. **Subdomains** – In the Cloudron *Domains* tab add aliases for `auth.<app-domain>`, `accounts.<app-domain>`, `cast.<app-domain>`, `albums.<app-domain>` and `family.<app-domain>`. Create matching DNS records pointing at the primary domain (for example, if the app is `ente.cloudron.io`, add `auth.ente.cloudron.io`, `accounts.ente.cloudron.io`, etc. → `ente.cloudron.io`).
|
||||||
|
|
||||||
Once DNS propagates, use the dedicated hosts:
|
Once DNS propagates, use the dedicated hosts:
|
||||||
- `https://<app-host>` (the hostname you chose during install, main UI & uploads)
|
- `https://<app-host>` (the hostname you chose during install, main UI & uploads)
|
||||||
- `https://accounts.<domain>`
|
- `https://accounts.<app-domain>`
|
||||||
- `https://auth.<domain>`
|
- `https://auth.<app-domain>`
|
||||||
- `https://cast.<domain>`
|
- `https://cast.<app-domain>`
|
||||||
- `https://albums.<domain>`
|
- `https://albums.<app-domain>`
|
||||||
- `https://family.<domain>`
|
- `https://family.<app-domain>`
|
||||||
|
|
||||||
Check `cloudron logs --app ente.due.ren -f` or `/app/data/logs/startup.log` if anything looks off.
|
Check `cloudron logs --app ente.due.ren -f` or `/app/data/logs/startup.log` if anything looks off.
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
## 0.4.5 (2025-10-30)
|
## 0.4.5 (2025-10-30)
|
||||||
|
|
||||||
* Serve photos UI on the primary hostname and mount other apps on `accounts/auth/cast/albums/family.<root-domain>`
|
* Serve photos UI on the primary hostname and mount other apps on `accounts/auth/cast/albums/family.<app-domain>`
|
||||||
* Enable multiDomain in the manifest so aliases can be set in Cloudron UI
|
* Enable multiDomain in the manifest so aliases can be set in Cloudron UI
|
||||||
* Simplified documentation for S3 setup and alias domains
|
* Simplified documentation for S3 setup and alias domains
|
||||||
* Fix CORS responses for auth subdomains and forward real client IPs from Cloudron proxy
|
* Fix CORS responses for auth subdomains and forward real client IPs from Cloudron proxy
|
||||||
|
|||||||
@@ -22,33 +22,24 @@ Supported variables:
|
|||||||
|
|
||||||
## Required: DNS Subdomains
|
## Required: DNS Subdomains
|
||||||
|
|
||||||
Ente now serves supporting apps on dedicated hosts. Create DNS records (CNAME or A) for:
|
Ente now serves supporting apps on dedicated hosts. Create DNS records (CNAME or A) and add matching alias domains in Cloudron for:
|
||||||
|
|
||||||
- `accounts.<root-domain>`
|
- `auth.<app-domain>`
|
||||||
- `auth.<root-domain>`
|
- `accounts.<app-domain>`
|
||||||
- `cast.<root-domain>`
|
- `cast.<app-domain>`
|
||||||
- `albums.<root-domain>`
|
- `albums.<app-domain>`
|
||||||
- `family.<root-domain>`
|
- `family.<app-domain>`
|
||||||
|
|
||||||
For example, if you installed the app at `ente.due.ren`, create records for `accounts.due.ren`, `auth.due.ren`, etc., all pointing to `ente.due.ren`. After adding the DNS records, open the Cloudron dashboard → Ente app → Domains tab and add each hostname as an alias. DNS propagation must complete before the `/accounts` and `/auth` apps will accept sessions.
|
For example, if you installed the app at `ente.cloudron.io`, create records for `auth.ente.cloudron.io`, `accounts.ente.cloudron.io`, etc., all pointing to `ente.cloudron.io`, then add each hostname as an alias in the Cloudron dashboard.
|
||||||
|
|
||||||
## Next Steps
|
## Administration
|
||||||
|
|
||||||
- Visit the app URL and create the first administrator account.
|
- Use the bundled CLI from the Cloudron web terminal:
|
||||||
- Configure the Ente mobile apps to use your custom server (`Settings → Advanced → Custom Server`).
|
|
||||||
- Optional: set the environment variables `CLOUDRON_OIDC_IDENTIFIER`, `CLOUDRON_OIDC_CLIENT_ID`, and `CLOUDRON_OIDC_CLIENT_SECRET` to enable Cloudron SSO in the generated Museum config.
|
|
||||||
- Administrative CLI tooling is available inside the container. Open a terminal and run:
|
|
||||||
```bash
|
```bash
|
||||||
cloudron exec --app ente.due.ren -- sudo -u cloudron ente --help
|
cloudron exec --app ente.cloudron.io -- sudo -u cloudron ente --help
|
||||||
cloudron exec --app ente.due.ren -- sudo -u cloudron ente admin --help
|
|
||||||
```
|
```
|
||||||
The CLI stores its state at `/app/data/cli-data` (inside the container it is available at `/cli-data`). Consult the upstream CLI guide for per-command usage, including storage quota adjustments.
|
CLI state lives at `/app/data/cli-data` (available inside the container at `/cli-data`).
|
||||||
|
- Follow Ente’s upstream guides to [whitelist administrative accounts](https://ente.io/help/self-hosting/administration/users#whitelist-admins) and to [adjust user storage quotas](https://ente.io/help/self-hosting/administration/cli).
|
||||||
## Administration Helpers
|
|
||||||
|
|
||||||
- The Ente CLI binary is shipped at `/app/code/ente`. Run it via the Cloudron web terminal.
|
|
||||||
- CLI configuration lives at `/app/data/home/.ente/config.yaml` and already points to `https://<your-domain>/api`.
|
|
||||||
- The main Museum configuration is generated at `/app/data/museum/configurations/local.yaml`. Delete this file to regenerate it with updated environment variables.
|
|
||||||
|
|
||||||
Logs are streamed to the Cloudron dashboard. For deeper inspection use:
|
Logs are streamed to the Cloudron dashboard. For deeper inspection use:
|
||||||
```bash
|
```bash
|
||||||
|
|||||||
@@ -86,8 +86,8 @@ The package includes several enhancements to ensure proper functionality:
|
|||||||
After installing on Cloudron remember to:
|
After installing on Cloudron remember to:
|
||||||
|
|
||||||
1. Open the File Manager for the app, edit `/app/data/config/s3.env` with your object storage endpoint/keys, and restart the app.
|
1. Open the File Manager for the app, edit `/app/data/config/s3.env` with your object storage endpoint/keys, and restart the app.
|
||||||
2. Add alias domains for `accounts`, `auth`, `cast`, `albums`, and `family` in the app’s **Domains** tab (create matching DNS records pointing to the primary hostname).
|
2. Add alias domains for `auth.<app-domain>`, `accounts.<app-domain>`, `cast.<app-domain>`, `albums.<app-domain>` and `family.<app-domain>` in the Cloudron **Domains** tab. Create matching DNS records pointing to the primary hostname (for example, if you installed at `ente.cloudron.io`, add `auth.ente.cloudron.io`, `accounts.ente.cloudron.io`, etc.).
|
||||||
3. Use the bundled Ente CLI for admin tasks via `cloudron exec --app <location> -- sudo -u cloudron ente --help`. The CLI stores its state in `/app/data/cli-data` (exposed inside the container at `/cli-data`) and already trusts your app’s API endpoint.
|
3. Use the bundled Ente CLI for admin tasks via `cloudron exec --app <location> -- sudo -u cloudron ente --help`. The CLI stores its state in `/app/data/cli-data` (exposed inside the container at `/cli-data`) and already trusts your app’s API endpoint. Follow the upstream admin guides to [whitelist administrators](https://ente.io/help/self-hosting/administration/users#whitelist-admins) and [adjust user quotas](https://ente.io/help/self-hosting/administration/cli).
|
||||||
|
|
||||||
The main photos UI continues to live on the hostname you selected during installation.
|
The main photos UI continues to live on the hostname you selected during installation.
|
||||||
|
|
||||||
|
|||||||
33
start.sh
33
start.sh
@@ -54,11 +54,6 @@ APP_FQDN="${CLOUDRON_APP_DOMAIN:-${CLOUDRON_APP_FQDN:-localhost}}"
|
|||||||
BASE_URL="${CLOUDRON_APP_ORIGIN:-https://$APP_FQDN}"
|
BASE_URL="${CLOUDRON_APP_ORIGIN:-https://$APP_FQDN}"
|
||||||
BASE_URL="${BASE_URL%/}"
|
BASE_URL="${BASE_URL%/}"
|
||||||
|
|
||||||
ROOT_DOMAIN="$APP_FQDN"
|
|
||||||
if [ "$APP_FQDN" != "localhost" ] && expr "$APP_FQDN" : '.*\..*' >/dev/null; then
|
|
||||||
ROOT_DOMAIN="${APP_FQDN#*.}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
PHOTOS_HOST="$APP_FQDN"
|
PHOTOS_HOST="$APP_FQDN"
|
||||||
ACCOUNTS_HOST="$APP_FQDN"
|
ACCOUNTS_HOST="$APP_FQDN"
|
||||||
AUTH_HOST="$APP_FQDN"
|
AUTH_HOST="$APP_FQDN"
|
||||||
@@ -67,12 +62,12 @@ ALBUMS_HOST="$APP_FQDN"
|
|||||||
FAMILY_HOST="$APP_FQDN"
|
FAMILY_HOST="$APP_FQDN"
|
||||||
|
|
||||||
USE_SUBDOMAIN_ROUTING=false
|
USE_SUBDOMAIN_ROUTING=false
|
||||||
if [ "$APP_FQDN" != "localhost" ] && [ "$ROOT_DOMAIN" != "$APP_FQDN" ]; then
|
if [ "$APP_FQDN" != "localhost" ]; then
|
||||||
ACCOUNTS_HOST="accounts.${ROOT_DOMAIN}"
|
ACCOUNTS_HOST="accounts.${APP_FQDN}"
|
||||||
AUTH_HOST="auth.${ROOT_DOMAIN}"
|
AUTH_HOST="auth.${APP_FQDN}"
|
||||||
CAST_HOST="cast.${ROOT_DOMAIN}"
|
CAST_HOST="cast.${APP_FQDN}"
|
||||||
ALBUMS_HOST="albums.${ROOT_DOMAIN}"
|
ALBUMS_HOST="albums.${APP_FQDN}"
|
||||||
FAMILY_HOST="family.${ROOT_DOMAIN}"
|
FAMILY_HOST="family.${APP_FQDN}"
|
||||||
USE_SUBDOMAIN_ROUTING=true
|
USE_SUBDOMAIN_ROUTING=true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@@ -546,6 +541,13 @@ cat > "$CADDY_CONFIG" <<EOF_CADDY
|
|||||||
log {
|
log {
|
||||||
level INFO
|
level INFO
|
||||||
output stdout
|
output stdout
|
||||||
|
format filter {
|
||||||
|
wrap json
|
||||||
|
fields {
|
||||||
|
request>remote_ip replace {http.request.header.X-Real-Ip}
|
||||||
|
request>headers>X-Real-Ip delete
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
encode gzip
|
encode gzip
|
||||||
@@ -575,6 +577,7 @@ cat > "$CADDY_CONFIG" <<EOF_CADDY
|
|||||||
defer
|
defer
|
||||||
}
|
}
|
||||||
reverse_proxy localhost:8080 {
|
reverse_proxy localhost:8080 {
|
||||||
|
trusted_proxies private_ranges
|
||||||
header_up Host {http.request.host}
|
header_up Host {http.request.host}
|
||||||
header_up X-Real-IP {http.request.header.X-Forwarded-For}
|
header_up X-Real-IP {http.request.header.X-Forwarded-For}
|
||||||
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
|
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
|
||||||
@@ -663,6 +666,13 @@ cat > "$CADDY_CONFIG" <<EOF_CADDY
|
|||||||
log {
|
log {
|
||||||
level INFO
|
level INFO
|
||||||
output stdout
|
output stdout
|
||||||
|
format filter {
|
||||||
|
wrap json
|
||||||
|
fields {
|
||||||
|
request>remote_ip replace {http.request.header.X-Real-Ip}
|
||||||
|
request>headers>X-Real-Ip delete
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
encode gzip
|
encode gzip
|
||||||
@@ -692,6 +702,7 @@ cat > "$CADDY_CONFIG" <<EOF_CADDY
|
|||||||
defer
|
defer
|
||||||
}
|
}
|
||||||
reverse_proxy localhost:8080 {
|
reverse_proxy localhost:8080 {
|
||||||
|
trusted_proxies private_ranges
|
||||||
header_up Host {http.request.host}
|
header_up Host {http.request.host}
|
||||||
header_up X-Real-IP {http.request.header.X-Forwarded-For}
|
header_up X-Real-IP {http.request.header.X-Forwarded-For}
|
||||||
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
|
header_up X-Forwarded-For {http.request.header.X-Forwarded-For}
|
||||||
|
|||||||
Reference in New Issue
Block a user