Version 1.11.0

when importing an external traccar with on admin, this ends up
creating an admin

CHANGELOG

@@ -1,6 +0,0 @@
-[0.1.0]
-* Initial version
-
-[0.2.0]
-* Update manifest
-

CHANGELOG.md

@@ -0,0 +1,116 @@
+[0.1.0]
+* Initial version
+
+[0.2.0]
+* Update manifest
+
+[0.3.0]
+* Log to stdout
+
+[0.4.0]
+* Switch from postgres to mysql. This will break previous installations, please start afresh
+* Optional SSO
+
+[0.4.1]
+* Update traccar to 5.1
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.1)
+
+[0.5.0]
+* Update traccar to 5.2
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.2)
+
+[0.6.0]
+* Update traccar to 5.3
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.3)
+
+[1.0.0]
+* First stable release
+* Add support for gl200 protocol port 5004
+
+[1.0.1]
+* Add GPS103 port 5001
+
+[1.0.2]
+* Add TAIP port 5031
+
+[1.0.3]
+* Update traccar to 5.4
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.4)
+
+[1.1.0]
+* Update traccar to 5.5
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.5)
+
+[1.2.0]
+* Update base image to 4.0.0
+
+[1.2.1]
+* Add H02 port 5013
+
+[1.2.2]
+* Update traccar to 5.6
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.6)
+
+[1.3.0]
+* Update traccar to 5.7
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.7)
+
+[1.4.0]
+* Add support for Telefonika TMT250 Port 5027
+
+[1.5.0]
+* Update traccar to 5.8
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.8)
+
+[1.5.1]
+* Update traccar to 5.9
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.9)
+
+[1.6.0]
+* Update base image to 4.2.0
+
+[1.7.0]
+* Update traccar to 5.10
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.10)
+* [Release Announcement](https://www.traccar.org/blog/traccar-5-10/)
+* Two-factor authentication using TOTP
+* Event to notify about sent queued commands
+* Option to access last position in computed attributes
+* Unification of OBD speed units
+* Event buffer limit in the web app (should improve performance)
+* Automatic update check for the web app
+
+[1.7.1]
+* Update traccar to 5.11
+* [Full changelog](https://github.com/traccar/traccar/releases/tag/v5.11)
+* Update web submodule
+
+[1.7.2]
+* Update traccar to 5.12
+* [Full changelog](https://www.traccar.org/blog/traccar-5-12/)
+
+[1.7.3]
+* Only create admin account on fresh installation
+
+[1.8.0]
+* Update traccar to 6.0
+* [Full changelog](https://www.traccar.org/blog/traccar-6-0/)
+
+[1.9.0]
+* Update traccar to 6.1
+* [Full changelog](https://www.traccar.org/blog/traccar-6-1/)
+
+[1.10.0]
+* Update traccar to 6.2
+* [Full changelog](https://www.traccar.org/blog/traccar-6-2/)
+* Computed attributes can now be ordered using priority
+* Support token authentication for WebSocket
+* Allow regular users to edit hours and total distance
+* Support for right-to-left languages on map
+* Terms and privacy policy option
+* Engine hours are now calculated after computed attributes
+* Default configuration file is now removed to avoid confusion and misconfiguration
+
+[1.11.0]
+* Migrate to OIDC login
+

CloudronManifest.json

@@ -3,26 +3,66 @@
   "title": "Traccar",
   "author": "Traccar developers",
   "description": "file://DESCRIPTION.md",
-  "changelog": "file://CHANGELOG",
+  "changelog": "file://CHANGELOG.md",
   "tagline": "Modern GPS Tracking Platform",
-  "version": "0.2.0",
-  "upstreamVersion": "5.0",
+  "version": "1.11.0",
+  "upstreamVersion": "6.2",
   "minBoxVersion": "7.1.0",
   "memoryLimit": 1073741824,
   "healthCheckPath": "/",
   "httpPort": 8082,
+  "httpPorts": {
+    "OSMAND_DOMAIN": {
+      "title": "OsmAnd Domain",
+      "description": "Port over which OsmAnd clients can connect",
+      "containerPort": 5055,
+      "defaultValue": "osmand"
+    }
+  },
   "addons": {
-    "ldap": {},
     "sendmail": { "supportsDisplayName": false },
     "localstorage": {},
-    "postgresql": {}
+    "mysql": {},
+    "oidc": { "loginRedirectUri": "/api/session/openid/callback" }
   },
+  "optionalSso": true,
   "manifestVersion": 2,
   "tcpPorts": {
     "OSMAND_PORT": {
       "title": "OsmAnd Port",
       "description": "Port over which OsmAnd clients can connect",
-      "defaultValue": 5055
+      "defaultValue": 5055,
+      "containerPort": 5055
+    },
+    "GL200_PORT": {
+      "title": "GL200 Protocol Port",
+      "description": "Port over which GL200 clients can connect",
+      "defaultValue": 5004,
+      "containerPort": 5004
+    },
+    "GPS103_PORT": {
+      "title": "GPS103 Protocol Port",
+      "description": "Port over which GPS103 clients can connect",
+      "defaultValue": 5001,
+      "containerPort": 5001
+    },
+    "TAIP_PORT": {
+      "title": "TAIP Protocol Port",
+      "description": "Port over which TAIP clients can connect",
+      "defaultValue": 5031,
+      "containerPort": 5031
+    },
+    "H02_PORT": {
+      "title": "H02 Protocol Port",
+      "description": "Port over which H02 clients can connect",
+      "defaultValue": 5013,
+      "containerPort": 5013
+    },
+    "TELTOKIA_PORT": {
+      "title": "Teltonika Protocol Port",
+      "description": "Port over which Teltonika clients can connect",
+      "defaultValue": 5027,
+      "containerPort": 5027
     }
   },
   "website": "https://www.traccar.org",

Dockerfile

@@ -1,9 +1,9 @@
-FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
+FROM cloudron/base:4.2.0@sha256:46da2fffb36353ef714f97ae8e962bd2c212ca091108d768ba473078319a47f4
 
 RUN mkdir -p /app/code
 WORKDIR /app/code
 
-ARG VERSION=5.0
+ARG VERSION=6.2
 
 RUN wget https://github.com/traccar/traccar/releases/download/v${VERSION}/traccar-linux-64-${VERSION}.zip -O traccar.zip && \
     unzip traccar.zip && \

LICENSE

@@ -0,0 +1,9 @@
+MIT License (MIT)
+Copyright (c) 2016 Cloudron UG
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+

POSTINSTALL.md

@@ -0,0 +1,10 @@
+This app is pre-setup with an admin account. The initial credentials are:
+
+**Username**: admin@cloudron.local<br/>
+**Password**: admin<br/>
+
+Please change the admin email and password credentials immediately.
+
+<sso>
+By default, Cloudron users have regular users permissions. Permissions can be updated on the user profile page in the admin back-end.
+</sso>

README.md

@@ -0,0 +1,45 @@
+# Traccar Cloudron App
+
+This repository contains the Cloudron app package source for [Traccar](https://traccar.org/).
+
+## Installation
+
+[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=org.traccar.cloudronapp)
+
+or using the [Cloudron command line tooling](https://cloudron.io/references/cli.html)
+
+```
+cloudron install --appstore-id org.traccar.cloudronapp
+```
+
+## Building
+
+The app package can be built using the [Cloudron command line tooling](https://cloudron.io/references/cli.html).
+
+```
+cd traccar-app
+
+cloudron build
+cloudron install
+```
+
+## Testing
+
+The e2e tests are located in the `test/` folder and require [nodejs](http://nodejs.org/). They are creating a fresh build, install the app on your Cloudron, perform tests, backup, restore and test if the repos are still ok. The tests expect port 29418 to be available.
+
+```
+cd traccar-app/test
+
+npm install
+USERNAME=<cloudron username> PASSWORD=<cloudron password> mocha --bail test.js
+```
+
+
+## Devices
+
+https://www.traccar.org/devices/
+
+Traccar client | osmand | port 5055 (http)
+Tracker for Traccar | t55 | port 5005 | sends odb2 data
+Owntracks | owntracks | port 5144 | https://owntracks.org/booklet/features/traccar/
+

start.sh

@@ -4,34 +4,81 @@ set -eu -o pipefail
 
 mkdir -p /run/traccar/logs /app/data/media
 
+echo -e "[client]\npassword=${CLOUDRON_MYSQL_PASSWORD}" > /run/traccar/mysql-extra
+readonly mysql="mysql --defaults-file=/run/traccar/mysql-extra --user=${CLOUDRON_MYSQL_USERNAME} --host=${CLOUDRON_MYSQL_HOST} -P ${CLOUDRON_MYSQL_PORT} ${CLOUDRON_MYSQL_DATABASE}"
+
+wait_for_table() {
+    ret=`$mysql --skip-column-names -s -e "SHOW TABLES LIKE '$1';"`
+    while [ "$ret" != "$1" ]; do
+        echo "=> Table $1 not yet created, waiting ..."
+        sleep 1;
+        ret=`$mysql --skip-column-names -s -e "SHOW TABLES LIKE '$1';"`
+        echo "ret was ${ret}"
+    done
+}
+
 disable_registration() {
-    echo "==> disabling registration"
-    PGPASSWORD=${CLOUDRON_POSTGRESQL_PASSWORD} psql -h ${CLOUDRON_POSTGRESQL_HOST} -p ${CLOUDRON_POSTGRESQL_PORT} -U ${CLOUDRON_POSTGRESQL_USERNAME} -d ${CLOUDRON_POSTGRESQL_DATABASE} -c "UPDATE tc_servers SET registration=false WHERE id=1"
+    wait_for_table tc_servers;
+
+    echo "==> Disabling registration"
+    $mysql -e "UPDATE tc_servers SET registration=0 WHERE id=1"
+}
+
+ensure_admin_account() {
+    wait_for_table tc_users;
+
+    echo "==> Ensure admin account"
+    count=`$mysql --skip-column-names -s -e "SELECT COUNT(*) FROM tc_users;"`
+    if [[ "$count" = "0" ]]; then
+        echo "==> Create initial admin account"
+        # Values are from https://github.com/traccar/traccar/blob/master/schema/changelog-3.3.xml#L179 which is not used anymore, but we still want the admin account
+        $mysql -e "INSERT INTO tc_users (name, email, hashedpassword, salt, administrator) VALUES ('admin', 'admin@cloudron.local', 'D33DCA55ABD4CC5BC76F2BC0B4E603FE2C6F61F4C1EF2D47', '000000000000000000000000000000000000000000000000', TRUE)"
+    fi
 }
 
 echo "=> Ensure traccar.xml config"
 if [[ ! -f /app/data/traccar.xml ]]; then
     cp /app/pkg/traccar.xml.template /app/data/traccar.xml
-    (sleep 10000; disable_registration) &
 fi
 
+echo "=> Ensure database settings"
+# database (https://www.traccar.org/mysql/)
 xmlstarlet ed --inplace \
-    --update '//properties/entry[@key="database.url"]' -v "jdbc:postgresql://${CLOUDRON_POSTGRESQL_HOST}:${CLOUDRON_POSTGRESQL_PORT}/${CLOUDRON_POSTGRESQL_DATABASE}" \
-    --update '//properties/entry[@key="database.user"]' -v "${CLOUDRON_POSTGRESQL_USERNAME}" \
-    --update '//properties/entry[@key="database.password"]' -v "${CLOUDRON_POSTGRESQL_PASSWORD}" \
+    --update '//properties/entry[@key="database.url"]' -v "jdbc:mysql://${CLOUDRON_MYSQL_HOST}:${CLOUDRON_MYSQL_PORT}/${CLOUDRON_MYSQL_DATABASE}?serverTimezone=UTC&allowPublicKeyRetrieval=true&useSSL=false&allowMultiQueries=true&autoReconnect=true&useUnicode=yes&characterEncoding=UTF-8&sessionVariables=sql_mode=''" \
+    --update '//properties/entry[@key="database.user"]' -v "${CLOUDRON_MYSQL_USERNAME}" \
+    --update '//properties/entry[@key="database.password"]' -v "${CLOUDRON_MYSQL_PASSWORD}" \
     /app/data/traccar.xml
 
+# origin
 xmlstarlet ed --inplace --update '//properties/entry[@key="web.url"]' -v "${CLOUDRON_APP_ORIGIN}" /app/data/traccar.xml
- 
-xmlstarlet ed --inplace \
-    --update '//properties/entry[@key="ldap.url"]' -v "${CLOUDRON_LDAP_URL}" \
-    --update '//properties/entry[@key="ldap.base"]' -v "${CLOUDRON_LDAP_USERS_BASE_DN}" \
-    --update '//properties/entry[@key="ldap.idAttribute"]' -v "username" \
-    --update '//properties/entry[@key="ldap.searchFilter"]' -v 'username=:login' \
-    --update '//properties/entry[@key="ldap.user"]' -v "${CLOUDRON_LDAP_BIND_DN}" \
-    --update '//properties/entry[@key="ldap.password"]' -v "${CLOUDRON_LDAP_BIND_PASSWORD}" \
-    /app/data/traccar.xml
 
+# get rid of ldap, can be removed in the next release
+sed -e 's/ldap.url/openid.clientId/g' \
+    -e 's/ldap.base/openid.clientSecret/g' \
+    -e 's/ldap.idAttribute/openid.issuerUrl/g' \
+    -e 's/ldap.searchFilter/openid.authUrl/g' \
+    -e 's/ldap.user/openid.tokenUrl/g' \
+    -e 's/ldap.password/openid.userInfoUrl/g' \
+    -e 's/^.*ldap\..*$//g' \
+    -i /app/data/traccar.xml
+
+# OIDC
+if [[ -n "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
+    echo "=> Ensure OIDC settings"
+    xmlstarlet ed --inplace \
+        --update '//properties/entry[@key="openid.clientId"]' -v "${CLOUDRON_OIDC_CLIENT_ID}" \
+        --update '//properties/entry[@key="openid.clientSecret"]' -v "${CLOUDRON_OIDC_CLIENT_SECRET}" \
+        --update '//properties/entry[@key="openid.issuerUrl"]' -v "${CLOUDRON_OIDC_ISSUER}" \
+        --update '//properties/entry[@key="openid.authUrl"]' -v "${CLOUDRON_OIDC_AUTH_ENDPOINT}" \
+        --update '//properties/entry[@key="openid.tokenUrl"]' -v "${CLOUDRON_OIDC_TOKEN_ENDPOINT}" \
+        --update '//properties/entry[@key="openid.userInfoUrl"]' -v "${CLOUDRON_OIDC_PROFILE_ENDPOINT}" \
+        /app/data/traccar.xml
+else
+    sed -e 's/^.*openid\..*$//g' -i /app/data/traccar.xml
+fi
+
+# email
+echo "=> Ensure mail settings"
 xmlstarlet ed --inplace \
     --update '//properties/entry[@key="mail.smtp.host"]' -v "${CLOUDRON_MAIL_SMTP_SERVER}" \
     --update '//properties/entry[@key="mail.smtp.port"]' -v "${CLOUDRON_MAIL_SMTP_PORT}" \
@@ -42,6 +89,8 @@ xmlstarlet ed --inplace \
     --update '//properties/entry[@key="mail.smtp.password"]' -v "${CLOUDRON_MAIL_SMTP_PASSWORD}" \
     /app/data/traccar.xml
 
+(disable_registration; ensure_admin_account) &
+
 chown -R cloudron /run/traccar /app/data
 
 # https://www.traccar.org/optimization/

test/package.json

@@ -0,0 +1,19 @@
+{
+  "name": "test",
+  "version": "1.0.0",
+  "description": "",
+  "main": "test.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "devDependencies": {
+    "expect.js": "^0.3.1",
+    "mocha": "^10.4.0",
+    "selenium-webdriver": "^4.21.0"
+  },
+  "dependencies": {
+    "chromedriver": "^125.0.3"
+  }
+}

test/test.js

@@ -0,0 +1,220 @@
+#!/usr/bin/env node
+
+/* jshint esversion: 8 */
+/* global describe */
+/* global before */
+/* global after */
+/* global it */
+
+'use strict';
+
+require('chromedriver');
+
+const execSync = require('child_process').execSync,
+    expect = require('expect.js'),
+    path = require('path'),
+    { Builder, By, Key, until } = require('selenium-webdriver'),
+    { Options } = require('selenium-webdriver/chrome');
+
+if (!process.env.USERNAME || !process.env.EMAIL || !process.env.PASSWORD) {
+    console.log('USERNAME, EMAIL and PASSWORD env vars need to be set');
+    process.exit(1);
+}
+
+describe('Application life cycle test', function () {
+    this.timeout(0);
+
+    const LOCATION = 'test';
+    const TEST_TIMEOUT = 20000;
+    const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
+    const DEVICE_NAME = 'FancyDevice';
+    const DEVICE_IDENTIFIER = 'device1';
+    const ADMIN_USERNAME = 'admin@cloudron.local';
+    const ADMIN_PASSWORD = 'admin';
+    const USERNAME = process.env.USERNAME;
+    const EMAIL = process.env.EMAIL;
+    const PASSWORD = process.env.PASSWORD;
+
+    let browser, app;
+    let athenticated_by_oidc = false;
+
+    before(function () {
+        const options = new Options().windowSize({ width: 1280, height: 1024 });
+        if (process.env.HEADLESS) options.addArguments('headless');
+
+        browser = new Builder().forBrowser('chrome').setChromeOptions(options).build();
+    });
+
+    after(function () {
+        browser.quit();
+    });
+
+    async function waitForElement(elem) {
+        await browser.wait(until.elementLocated(elem), TEST_TIMEOUT);
+        await browser.wait(until.elementIsVisible(browser.findElement(elem)), TEST_TIMEOUT);
+    }
+
+    function getAppInfo() {
+        var inspect = JSON.parse(execSync('cloudron inspect'));
+        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
+        expect(app).to.be.an('object');
+    }
+
+    async function login(emailOrUsername, password) {
+        await browser.get(`https://${app.fqdn}/login`);
+        await waitForElement(By.xpath('//input[@name="email"]'));
+        await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys(Key.CONTROL + 'a' + Key.BACK_SPACE + Key.COMMAND + 'a' + Key.BACK_SPACE);
+        await browser.findElement(By.xpath('//input[@name="email"]')).sendKeys(emailOrUsername);
+        await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
+        await browser.findElement(By.xpath('//button[text()="Login"]')).click();
+        await browser.sleep(3000);
+        await waitForElement(By.xpath('//span[text()="Account"]'));
+    }
+
+    async function loginOIDC(username, password) {
+        browser.manage().deleteAllCookies();
+        await browser.get(`https://${app.fqdn}/login`);
+        await browser.sleep(2000);
+
+        await waitForElement(By.xpath('//button[contains(., "Login with OpenID")]'));
+        await browser.findElement(By.xpath('//button[contains(., "Login with OpenID")]')).click();
+        await browser.sleep(2000);
+
+        if (!athenticated_by_oidc) {
+            await waitForElement(By.xpath('//input[@name="username"]'));
+            await browser.findElement(By.xpath('//input[@name="username"]')).sendKeys(username);
+            await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
+            await browser.sleep(2000);
+            await browser.findElement(By.xpath('//button[@type="submit" and contains(text(), "Sign in")]')).click();
+            await browser.sleep(2000);
+
+            athenticated_by_oidc = true;
+        }
+
+        await browser.sleep(3000);
+        await waitForElement(By.xpath('//span[text()="Account"]'));
+    }
+
+    async function logout() {
+        await browser.get(`https://${app.fqdn}`);
+        await waitForElement(By.xpath('//span[text()="Account"]'));
+        await browser.findElement(By.xpath('//span[text()="Account"]')).click();
+        await browser.sleep(1000);
+        await waitForElement(By.xpath('//p[text()="Logout"]'));
+        await browser.findElement(By.xpath('//p[text()="Logout"]')).click();
+        await waitForElement(By.xpath('//input[@name="email"]'));
+    }
+
+    async function addDevice() {
+        await browser.get(`https://${app.fqdn}/settings/device`);
+        await waitForElement(By.id(':r3:'));
+        await browser.findElement(By.id(':r3:')).sendKeys(DEVICE_NAME);
+        await browser.findElement(By.id(':r4:')).sendKeys(DEVICE_IDENTIFIER);
+        await browser.findElement(By.xpath('//button[text()="Save"]')).click();
+        await waitForElement(By.xpath(`//span[text()="${DEVICE_NAME}"]`));
+    }
+
+    async function deviceExists() {
+        await browser.get(`https://${app.fqdn}`);
+        await waitForElement(By.xpath(`//span[text()="${DEVICE_NAME}"]`));
+    }
+
+    xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
+    // no sso
+    it('install app (no sso)', function () { execSync(`cloudron install --no-sso --location ${LOCATION}`, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
+    it('can login as admin', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('can add device', addDevice);
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    it('uninstall app', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync(`cloudron uninstall --app ${app.id}`, EXEC_ARGS);
+    });
+
+    // sso
+    it('install app (sso)', function () { execSync(`cloudron install --location ${LOCATION}`, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
+    it('can login as admin', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('can add device', addDevice);
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    it('can login as normal user via OIDC', loginOIDC.bind(null, process.env.USERNAME, process.env.PASSWORD));
+    it('can logout', logout);
+
+    it('can restart app', function () { execSync(`cloudron restart --app ${app.id}`); });
+
+    it('can login', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    it('backup app', function () { execSync(`cloudron backup create --app ${app.id}`, EXEC_ARGS); });
+    it('restore app', function () {
+        const backups = JSON.parse(execSync(`cloudron backup list --raw --app ${app.id}`));
+        execSync(`cloudron uninstall --app ${app.id}`, EXEC_ARGS);
+        execSync(`cloudron install --location ${LOCATION}`, EXEC_ARGS);
+        getAppInfo();
+        execSync(`cloudron restore --backup ${backups[0].id} --app ${app.id}`, EXEC_ARGS);
+    });
+
+    it('can login', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    it('can login as normal user via OIDC', loginOIDC.bind(null, process.env.USERNAME, process.env.PASSWORD));
+    it('can logout', logout);
+
+    it('move to different location', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync(`cloudron configure --location ${LOCATION}2 --app ${app.id}`, EXEC_ARGS);
+    });
+
+    it('can get app information', getAppInfo);
+    it('can login', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    it('can login as normal user via OIDC', loginOIDC.bind(null, process.env.USERNAME, process.env.PASSWORD));
+    it('can logout', logout);
+
+    it('uninstall app', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync(`cloudron uninstall --app ${app.id}`, EXEC_ARGS);
+    });
+
+    // test update
+    it('can install app for update', function () { execSync(`cloudron install --appstore-id org.traccar.cloudronapp --location ${LOCATION}`, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
+    it('can login', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('can add device', addDevice);
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    // LDAP login
+    it('can login as normal user with email', login.bind(null, process.env.EMAIL, process.env.PASSWORD));
+    it('can logout', logout);
+
+    it('can update', function () { execSync(`cloudron update --app ${app.id}`, EXEC_ARGS); });
+
+    it('can login', login.bind(null, ADMIN_USERNAME, ADMIN_PASSWORD));
+    it('device exists', deviceExists);
+    it('can logout', logout);
+
+    // OIDC login
+    it('can login as normal user via OIDC', loginOIDC.bind(null, process.env.USERNAME, process.env.PASSWORD));
+    it('can logout', logout);
+
+    it('uninstall app', async function () {
+        // ensure we don't hit NXDOMAIN in the mean time
+        await browser.get('about:blank');
+        execSync(`cloudron uninstall --app ${app.id}`, EXEC_ARGS);
+    });
+});

traccar.xml.template

@@ -4,7 +4,7 @@
 
 <properties>
 
-    <entry key='config.default'>./conf/default.xml</entry>
+    <entry key='config.default'>/app/code/conf/default.xml</entry>
 
     <!--
 
@@ -18,20 +18,19 @@
 
     -->
 
-    <entry key='database.driver'>org.postgresql.Driver</entry>
-    <entry key='database.url'>jdbc:postgresql://##CLOUDRON_POSTGRESQL_HOST##:##CLOUDRON_POSTGRESQL_PORT##/##CLOUDRON_POSTGRESQL_DATABASE##</entry>
-    <entry key='database.user'>##CLOUDRON_POSTGRESQL_USERNAME##</entry>
-    <entry key='database.password'>##CLOUDRON_POSTGRESQL_PASSWORD##</entry>
+    <entry key='database.driver'>com.mysql.cj.jdbc.Driver</entry>
+    <entry key='database.url'>jdbc:mysql://##CLOUDRON_MYSQL_HOST##:##CLOUDRON_MYSQL_PORT##/##CLOUDRON_MYSQL_DATABASE##</entry>
+    <entry key='database.user'>##CLOUDRON_MYSQL_USERNAME##</entry>
+    <entry key='database.password'>##CLOUDRON_MYSQL_PASSWORD##</entry>
 
     <entry key='web.url'>##CLOUDRON_APP_ORIGIN##</entry>
 
-    <entry key='ldap.enable'>true</entry>
-    <entry key='ldap.url'>##CLOUDRON_LDAP_URL##</entry>
-    <entry key='ldap.base'>##CLOUDRON_LDAP_USERS_BASE_DN##</entry>
-    <entry key='ldap.idAttribute'>username</entry>
-    <entry key='ldap.searchFilter'>username=:login</entry>
-    <entry key='ldap.user'>##CLOUDRON_LDAP_BIND_DN##</entry>
-    <entry key='ldap.password'>##CLOUDRON_LDAP_BIND_PASSWORD##</entry>
+    <entry key='openid.clientId'>##CLOUDRON_OIDC_CLIENT_ID##</entry>
+    <entry key='openid.clientSecret'>##CLOUDRON_OIDC_CLIENT_SECRET##</entry>
+    <entry key='openid.issuerUrl'>##CLOUDRON_OIDC_ISSUER##</entry>
+    <entry key='openid.authUrl'>##CLOUDRON_OIDC_AUTH_ENDPOINT##</entry>
+    <entry key='openid.tokenUrl'>##CLOUDRON_OIDC_TOKEN_ENDPOINT##</entry>
+    <entry key='openid.userInfoUrl'>##CLOUDRON_OIDC_PROFILE_ENDPOINT##</entry>
 
     <entry key='mail.smtp.host'>smtp.gmail.com</entry>
     <entry key='mail.smtp.port'>587</entry>
@@ -41,6 +40,11 @@
     <entry key='mail.smtp.username'>YourAddress@gmail.com</entry>
     <entry key='mail.smtp.password'>YourPassword</entry>
 
+    <entry key='logger.console'>true</entry>
+    <entry key='logger.queries'>false</entry>
+    <entry key='logger.level'>config</entry>
+    <entry key='logger.fullStackTraces'>true</entry>
+
     <!-- https://github.com/traccar/traccar/blob/8eecfdcf5c59f92158a6c339d1622e0e9d67968c/src/main/java/org/traccar/config/Keys.java -->
     <entry key='users.defaultDeviceLimit'>-1</entry>
     <entry key='media.path'>/app/data/media</entry>