4.0 KiB
Your Ente installation is almost ready!
Required: External Object Storage
Before using Ente, configure an S3-compatible object storage provider:
- Open the Cloudron dashboard and select your Ente app.
- Launch the file explorer.
- Open
/app/data/config/s3.envand provide values for all required keys. - Save the file and restart the app from the Cloudron dashboard.
- (Required for cast/slideshow) Configure your S3 bucket’s CORS policy to allow the Ente domains you serve from Cloudron (e.g.
https://ente.due.ren,https://accounts.due.ren,https://cast.due.ren, etc.). Without CORS, browsers will block the signed URLs that power the cast slideshow.- Backblaze B2 tip: B2 ships with “native” CORS rules that block S3-style updates. Install the Backblaze CLI
pip install 'b2<4', then:Verify with# Authorise once (replace with your key ID/secret) b2 authorize-account <KEY_ID> <APP_KEY> # Clear any native rules b2 bucket update --cors-rules '[]' ente-due-ren allPublic # Apply the S3-compatible rule (adjust origins as needed) cat >cors.json <<'EOF' [ { "corsRuleName": "ente-web", "allowedOrigins": [ "https://ente.due.ren", "https://accounts.due.ren", "https://auth.due.ren", "https://albums.due.ren", "https://cast.due.ren", "https://family.due.ren" ], "allowedHeaders": ["*"], "allowedOperations": [ "s3_get_object", "s3_head_object", "b2_download_file_by_name", "b2_download_file_by_id" ], "exposeHeaders": ["ETag","Content-Length","Content-Type"], "maxAgeSeconds": 86400 } ] EOF b2 bucket update --cors-rules "$(<cors.json)" ente-due-ren allPubliccurl -I -H 'Origin: https://ente.due.ren' <signed-url>; you should seeAccess-Control-Allow-Origin.
- Backblaze B2 tip: B2 ships with “native” CORS rules that block S3-style updates. Install the Backblaze CLI
Supported variables:
S3_ENDPOINT(e.g.https://<account>.r2.cloudflarestorage.com)S3_REGIONS3_BUCKETS3_ACCESS_KEYS3_SECRET_KEYS3_PREFIX(optional path prefix)
Required: Secondary Hostnames
The installer now asks for dedicated hostnames for the Auth/Accounts/Cast/Albums/Family web apps (via Cloudron httpPorts). If you manage DNS outside of Cloudron, create CNAME/A records such as accounts.<app-domain>, auth.<app-domain>, etc., pointing at the primary app domain. With Cloudron-managed DNS the records are created automatically.
Administration
- Use the bundled CLI from the Cloudron web terminal (CLI state lives in
/app/data/cli-data). On a new deployment initialise it once (this seeds the CLI config, whitelists an admin email, and resets the CLI DB):# from the Cloudron terminal, logged in as root cat <<'EOF' >/cli-data/config.yaml
endpoint: api: https:///api log: http: false EOF mkdir -p /cli-data/export chown cloudron:cloudron /cli-data /cli-data/config.yaml /cli-data/export cat <<'EOF' >/app/data/config/museum.override.yaml internal: super-admins: - admin@example.com EOF rm -f /cli-data/ente-cli.db chown cloudron:cloudron /app/data/config/museum.override.yaml
cloudron restart --app
store your account (enter the OTP emailed to you)
sudo -u cloudron ente account add
inspect available commands
sudo -u cloudron ente --help
Once the account is added you can follow the upstream admin docs for tasks like whitelisting and quota adjustments.
See the upstream admin guides for further context: [user administration](https://ente.io/help/self-hosting/administration/users) and [CLI reference](https://ente.io/help/self-hosting/administration/cli).
- To persist custom Museum settings (for example, seeding super-admin email addresses), create `/app/data/config/museum.override.yaml`. The file is appended to `museum/configurations/local.yaml` on each startup.
```yaml
internal:
super-admins:
- admin@example.com