all the ops

Exploring possible trading desk solutions.

Cloudron/3dprintfarm.knownelement.com/3dprintfarm-info.md

@@ -0,0 +1,3 @@
+# 3d print farm
+
+- https://projects.knownelement.com/issues/280

Cloudron/CloudronPackagePrompt.md

@@ -0,0 +1,86 @@
+Cloudron Application Packaging Wizard
+
+# Cloudron Application Packaging Wizard
+
+You are a Cloudron packaging expert who will help me package any application for deployment on the Cloudron platform. Using your knowledge of Cloudron requirements, Docker, and application deployment best practices, you’ll guide me through creating all the necessary files for my custom Cloudron package.
+
+## Your Process
+
+1. First, ask me only for the name of the application I want to package for Cloudron.
+2. Research the application requirements, dependencies, and architecture on your own without asking me for these details unless absolutely necessary.
+3. Create all required files for packaging:
+   - CloudronManifest.json
+   - Dockerfile
+   - start.sh
+   - Any additional configuration files needed (NGINX configs, supervisor configs, etc.)
+4. Create a “[App-Name]-Build-Notes” artifact with concise instructions for building, testing, and deploying to my Cloudron instance.
+
+## Key Principles to Apply
+
+### CloudronManifest.json
+- Create an appropriate app ID following reverse-domain notation
+- Set memory limits based on the application requirements
+- Configure the proper httpPort which must match your NGINX setup
+- Include necessary addons (postgresql, mysql, mongodb, redis, localstorage, etc.)
+- Add appropriate metadata (icon, description, author)
+- Include a postInstallMessage with initial login credentials if applicable
+- Configure authentication options (OIDC or LDAP)
+
+### Authentication Configuration
+- Configure the app to use Cloudron’s OIDC provider (preferred method):
+  - Set up routing to `/api/v1/session/callback` in CloudronManifest.json
+  - Use environment variables like `CLOUDRON_OIDC_IDENTIFIER`, `CLOUDRON_OIDC_CLIENT_ID`, and `CLOUDRON_OIDC_CLIENT_SECRET`
+  - Properly handle user provisioning and group mapping
+- Alternative LDAP configuration:
+  - Use Cloudron’s LDAP server with environment variables like `CLOUDRON_LDAP_SERVER`, `CLOUDRON_LDAP_PORT`, etc.
+  - Configure proper LDAP bind credentials and user search base
+  - Map LDAP groups to application roles/permissions
+- For apps without native OIDC/LDAP support:
+  - Implement custom authentication adapters
+  - Use session management compatible with Cloudron’s proxy setup
+  - Consider implementing an authentication proxy if needed
+
+### Dockerfile
+- Use the latest Cloudron base image (cloudron/base:4.2.0)
+- Follow the Cloudron filesystem structure:
+  - `/app/code` for application code (read-only)
+  - `/app/data` for persistent data (backed up)
+  - `/tmp` for temporary files
+  - `/run` for runtime files
+- Install all dependencies in the Dockerfile
+- Place initialization files for `/app/data` in `/tmp/data`
+- Configure services to output logs to stdout/stderr
+- Set the entry point to the start.sh script
+
+### start.sh
+- Handle initialization of `/app/data` directories from `/tmp/data` if they don’t exist
+- Configure the application based on Cloudron environment variables (especially for addons)
+- Generate secrets/keys on first run
+- Set proper permissions (chown cloudron:cloudron)
+- Process database migrations or other initialization steps
+- Launch the application with supervisor or directly
+- Configure authentication providers during startup
+
+### Web Server Configuration
+- Configure NGINX to listen on the port specified in CloudronManifest.json
+- Properly handle proxy headers (X-Forwarded-For, X-Forwarded-Proto, etc.)
+- Configure the application to work behind Cloudron’s reverse proxy
+- Set up correct paths for static and media files
+- Ensure logs are sent to stdout/stderr
+- Configure proper authentication routing for OIDC callbacks
+
+### Process Management
+- Use supervisord for applications with multiple components
+- Configure proper signal handling
+- Ensure processes run with the cloudron user where possible
+- Set appropriate resource limits
+
+## Best Practices
+- Properly separate read-only and writable directories
+- Secure sensitive information using environment variables or files in /app/data
+- Generate passwords and secrets on first run
+- Handle database migrations and schema updates safely
+- Ensure the app can update cleanly
+- Make configurations adaptable through environment variables
+- Include health checks in the CloudronManifest.json
+- Implement single sign-on where possible using Cloudron’s authentication

Cloudron/Tradingdesk.thecampustradingco.com/tradingdesk-info.md

@@ -0,0 +1,3 @@
+# Trading Desk
+
+- https://projects.knownelement.com/issues/226

Cloudron/acme.knownelement.com/acme-info.md

@@ -0,0 +1,3 @@
+# Acme
+
+- https://projects.knownelement.com/issues/177

Cloudron/agency.merchantsofhope.org/agency-info,md

@@ -0,0 +1,3 @@
+# Agency
+
+https://projects.knownelement.com/issues/178

Cloudron/apigw.knownelement.com/apigw-info.md

@@ -0,0 +1,3 @@
+# APIGW
+
+https://projects.knownelement.com/issues/179

Cloudron/atak.knownelement.com/atak-info.md

@@ -0,0 +1,3 @@
+# ATAK Info
+
+- https://projects.knownelement.com/issues/180

Cloudron/autobom.knownelement.com/autobom-info.md

@@ -0,0 +1,3 @@
+# Autobom
+
+- https://projects.knownelement.com/issues/278

Cloudron/billing.knownelement.com/billing-info.md

@@ -0,0 +1,3 @@
+# Billing
+
+- https://projects.knownelement.com/issues/181

Cloudron/boinc.knownelement.com/boinc-info.md

@@ -0,0 +1,3 @@
+# Boinc
+
+- https://projects.knownelement.com/issues/182

Cloudron/canvaslms.knownelement.com/canvaslms-info.md

@@ -0,0 +1,3 @@
+# CanvasLMS
+
+- https://projects.knownelement.com/issues/296

Cloudron/cde.knownelement.com/cde-info.md

@@ -0,0 +1,3 @@
+# CDE
+
+https://projects.knownelement.com/issues/231

Cloudron/chirpstack.knownelement.com/chirpstack-info.md

@@ -0,0 +1,3 @@
+# chirpstack
+
+- https://projects.knownelement.com/issues/184

Cloudron/craig.knownelement.com/craig-info.md

@@ -0,0 +1,3 @@
+# Craig
+
+- https://projects.knownelement.com/issues/185

Cloudron/danswer.knownelement.com/danswer-info.md

@@ -0,0 +1,3 @@
+# Danswer
+
+- https://projects.knownelement.com/issues/186

Cloudron/dashboard.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,30 @@
+{
+  "id": "com.easygate.cloudron",
+  "title": "Easy-gate",
+  "author": "r7wx",
+  "description": "A simple web application designed to serve as the central hub for your self-hosted infrastructure. Easy-gate provides real-time parsing of services and notes from a configuration file.",
+  "tagline": "A gate to your self-hosted infrastructure",
+  "version": "1.0.0",
+  "healthCheckPath": "/",
+  "httpPort": 8080,
+  "addons": {
+    "localstorage": {}
+  },
+  "manifestVersion": 2,
+  "website": "https://github.com/r7wx/easy-gate",
+  "contactEmail": "support@cloudron.io",
+  "icon": "logo.png",
+  "tags": [
+    "dashboard", 
+    "infrastructure",
+    "services",
+    "homepage"
+  ],
+  "env": {
+    "EASY_GATE_CONFIG": "/app/data/easy-gate.json",
+    "EASY_GATE_ROOT_PATH": "/app/data"
+  },
+  "configurePath": "/",
+  "minBoxVersion": "7.0.0",
+  "postInstallMessage": "Easy-gate has been successfully installed. You can now configure your services in the /app/data/easy-gate.json file. By default, Easy-gate runs behind Cloudron's proxy (EASY_GATE_BEHIND_PROXY=true). More configuration options available at https://github.com/r7wx/easy-gate"
+}

Cloudron/dashboard.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,41 @@
+FROM cloudron/base:4.2.0
+
+# Adding non-free repo for any potential dependencies
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    wget \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set up directory structure
+RUN mkdir -p /app/code /app/data /tmp/data
+
+# Default config file
+COPY easy-gate.json /tmp/data/easy-gate.json
+
+# Download and install the latest Easy-gate release
+RUN mkdir -p /tmp/easy-gate && \
+    cd /tmp/easy-gate && \
+    LATEST_VERSION=$(wget -qO- https://api.github.com/repos/r7wx/easy-gate/releases/latest | grep tag_name | cut -d '"' -f 4) && \
+    wget -q https://github.com/r7wx/easy-gate/releases/download/${LATEST_VERSION}/easy-gate_${LATEST_VERSION#v}_linux_amd64.tar.gz && \
+    tar -xzf easy-gate_${LATEST_VERSION#v}_linux_amd64.tar.gz && \
+    mv easy-gate /app/code/ && \
+    chmod +x /app/code/easy-gate && \
+    rm -rf /tmp/easy-gate
+
+# Prepare start script
+COPY start.sh /app/code/
+RUN chmod +x /app/code/start.sh
+
+# Set proper permissions
+RUN chown -R cloudron:cloudron /app/code /app/data /tmp/data
+
+# Configure working directory and user
+WORKDIR /app/code
+USER cloudron
+
+# Expose the port the app runs on
+EXPOSE 8080
+
+# Start the application
+CMD ["/app/code/start.sh"]

Cloudron/dashboard.knownelement.com/CloudronPackage/EasyGate-BulldNotes.md

@@ -0,0 +1,147 @@
+# Easy-gate Build Notes for Cloudron
+
+This document provides instructions for building, testing, and deploying Easy-gate to your Cloudron instance.
+
+## Overview
+
+Easy-gate is a simple web application designed to serve as the central hub for your self-hosted infrastructure. It allows you to organize and access all your self-hosted services from a single dashboard.
+
+Key features:
+- Real-time parsing of services and notes from a configuration file (JSON/YAML)
+- Ability to assign items to specific user groups based on IP addresses
+- Organization of services into categories
+- Customizable theme and icons
+
+## Building the Package
+
+### Prerequisites
+
+- A Linux environment with Docker installed
+- Cloudron CLI tool installed (`npm install -g cloudron`)
+- Authenticated with your Cloudron instance (`cloudron login`)
+
+### Build Steps
+
+1. Create a directory for your build and copy all files into it:
+
+```bash
+mkdir easy-gate-build
+cd easy-gate-build
+# Copy CloudronManifest.json, Dockerfile, start.sh, and easy-gate.json
+```
+
+2. Create a logo.png file for the icon or download one from the Easy-gate repository.
+
+3. Build the package:
+
+```bash
+cloudron build
+```
+
+This command will create a package file (usually named `easy-gate-1.0.0.tar.gz`).
+
+## Testing Locally
+
+You can test the Docker container locally before deploying to Cloudron:
+
+```bash
+# Build the Docker image
+docker build -t easy-gate-local .
+
+# Run the container
+docker run -p 8080:8080 -e EASY_GATE_BEHIND_PROXY=true easy-gate-local
+```
+
+Access the dashboard at http://localhost:8080 to verify it works correctly.
+
+## Deploying to Cloudron
+
+1. Upload the built package to your Cloudron:
+
+```bash
+cloudron install —app easy-gate.example.com
+```
+
+2. Or, if you want to update an existing installation:
+
+```bash
+cloudron update —app easy-gate.example.com
+```
+
+3. Configure your Easy-gate instance:
+
+After installation, you’ll need to edit the configuration file to add your services. You can do this in two ways:
+
+### Option 1: Using Cloudron File Manager
+
+1. Go to your Cloudron dashboard
+2. Click on the Easy-gate application
+3. Go to “Files” tab
+4. Navigate to `/app/data/`
+5. Edit `easy-gate.json`
+
+### Option 2: SSH Access
+
+1. SSH into your Cloudron server
+2. Access the app’s data directory:
+```bash
+cloudron exec —app easy-gate.example.com
+```
+3. Edit the configuration file:
+```bash
+nano /app/data/easy-gate.json
+```
+
+## Configuration File Structure
+
+The configuration file uses the following structure:
+
+```json
+{
+  “title”: “My Dashboard”,
+  “theme”: {
+    “background”: “#f8f9fa”,
+    “foreground”: “#212529”,
+    “custom_css”: “”
+  },
+  “groups”: [
+    {
+      “name”: “group-name”,
+      “subnet”: “192.168.1.1/24”
+    }
+  ],
+  “categories”: [
+    {
+      “name”: “Category Name”,
+      “services”: [
+        {
+          “name”: “Service Name”,
+          “url”: “https://service.example.com”,
+          “description”: “Service Description”,
+          “icon”: “”,
+          “groups”: [“group-name”]
+        }
+      ]
+    }
+  ],
+  “notes”: [
+    {
+      “name”: “Note Title”,
+      “text”: “Note Content”,
+      “groups”: [“group-name”]
+    }
+  ],
+  “behind_proxy”: true
+}
+```
+
+## Troubleshooting
+
+- If you encounter “502 Bad Gateway” errors, check that the application is running inside the container: `cloudron logs -f —app easy-gate.example.com`
+- Make sure the `behind_proxy` setting is set to `true` in your configuration file
+- Verify that the user groups and subnets are configured correctly
+- Check the logs for any specific error messages
+
+## Maintenance
+
+Easy-gate is designed to be low-maintenance. To update to a newer version, simply rebuild the package with the latest release and update your Cloudron app.

Cloudron/dashboard.knownelement.com/CloudronPackage/easy-gate.json

@@ -0,0 +1,69 @@
+{
+  "title": "My Self-Hosted Infrastructure",
+  "theme": {
+    "background": "#f8f9fa",
+    "foreground": "#212529",
+    "custom_css": ""
+  },
+  "groups": [
+    {
+      "name": "internal",
+      "subnet": "192.168.1.1/24"
+    },
+    {
+      "name": "admin",
+      "subnet": "10.8.0.1/24"
+    }
+  ],
+  "categories": [
+    {
+      "name": "Applications",
+      "services": [
+        {
+          "name": "Cloudron",
+          "url": "https://my.example.com",
+          "description": "My Cloudron Dashboard",
+          "icon": "",
+          "groups": []
+        }
+      ]
+    },
+    {
+      "name": "Media",
+      "services": [
+        {
+          "name": "Jellyfin",
+          "url": "https://jellyfin.example.com",
+          "description": "Media Server",
+          "icon": "",
+          "groups": []
+        }
+      ]
+    },
+    {
+      "name": "Monitoring",
+      "services": [
+        {
+          "name": "Grafana",
+          "url": "https://grafana.example.com",
+          "description": "Monitoring Dashboard",
+          "icon": "",
+          "groups": ["admin"]
+        }
+      ]
+    }
+  ],
+  "notes": [
+    {
+      "name": "Welcome to Easy-gate",
+      "text": "This is your new Easy-gate dashboard. Edit this configuration file to customize your services and notes.",
+      "groups": []
+    },
+    {
+      "name": "For Administrators",
+      "text": "Admin-only information can be seen here when connecting from the admin subnet.",
+      "groups": ["admin"]
+    }
+  ],
+  "behind_proxy": true
+}

Cloudron/dashboard.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+# Initialize data directory if it doesn't exist
+if [ ! -f /app/data/easy-gate.json ]; then
+    echo "Initializing Easy-gate with default configuration..."
+    cp /tmp/data/easy-gate.json /app/data/
+    chown cloudron:cloudron /app/data/easy-gate.json
+fi
+
+# Set environment variables
+export EASY_GATE_CONFIG="/app/data/easy-gate.json"
+export EASY_GATE_ROOT_PATH="/app/data"
+export EASY_GATE_BEHIND_PROXY="true"
+
+echo "Starting Easy-gate with configuration at ${EASY_GATE_CONFIG}..."
+echo "Easy-gate is configured to run behind a proxy (EASY_GATE_BEHIND_PROXY=true)"
+
+# Run the application
+exec /app/code/easy-gate

Cloudron/dashboard.knownelement.com/dashboard-info.md

@@ -0,0 +1,3 @@
+# Dashboard
+
+- https://projects.knownelement.com/issues/54

Cloudron/digital-assets-manager.knownelement.com/digital-assets-manager-info.md

@@ -0,0 +1,3 @@
+# Digital Assets Manager
+
+- https://projects.knownelement.com/issues/275

Cloudron/docassemble.knownelement.com/docassemble-info.md

@@ -0,0 +1,3 @@
+# Docassemble
+
+- https://projects.knownelement.com/issues/277

Cloudron/drawio.knownelement.com/drawio-info.md

@@ -0,0 +1,3 @@
+# Draw.io 
+
+- https://projects.knownelement.com/issues/272

Cloudron/elabftw.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,30 @@
+{
+  "id": "org.elabftw.cloudron",
+  "title": "eLabFTW",
+  "author": "Nicolas CARPi",
+  "description": "Electronic laboratory notebook to track experiments, manage protocols, store laboratory inventory, communicate with others and more. Your best lab companion.",
+  "tagline": "Electronic lab notebook for researchers",
+  "version": "1.0.0",
+  "healthCheckPath": "/",
+  "httpPort": 8000,
+  "addons": {
+    "mysql": {},
+    "localstorage": {}
+  },
+  "manifestVersion": 2,
+  "website": "https://www.elabftw.net",
+  "contactEmail": "support@example.com",
+  "icon": "file://logo.png",
+  "memoryLimit": 1024,
+  "tags": ["science", "lab", "research", "notebook", "eln"],
+  "minBoxVersion": "7.4.0",
+  "postInstallMessage": "eLabFTW has been successfully installed! You will need to create a Sysadmin account when you first access the application.",
+  "documentationUrl": "https://doc.elabftw.net/",
+  "forwardedHeaders": ["X-Forwarded-For", "X-Forwarded-Proto", "X-Forwarded-Host"],
+  "tcpPorts": {},
+  "optionalSso": {
+    "ldap": {
+      "enabled": true
+    }
+  }
+}

Cloudron/elabftw.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,59 @@
+FROM cloudron/base:4.2.0
+
+# Install required packages
+RUN apt-get update && \
+    apt-get install -y \
+    php-cli \
+    php-fpm \
+    php-mysql \
+    php-curl \
+    php-gd \
+    php-intl \
+    php-mbstring \
+    php-xml \
+    php-zip \
+    php-bcmath \
+    nginx \
+    supervisor \
+    curl \
+    zip \
+    unzip \
+    git \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Install Composer
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
+
+# Get the latest eLabFTW release
+WORKDIR /app/code
+RUN git clone https://github.com/elabftw/elabftw.git . && \
+    composer install --no-dev --optimize-autoloader
+
+# Configure NGINX
+COPY nginx.conf /etc/nginx/sites-available/default
+
+# Prepare directory structure
+RUN mkdir -p /app/data/uploads /app/data/config /app/data/logs /run/php && \
+    chown -R cloudron:cloudron /app/data /run/php
+
+# Copy initialization data
+RUN mkdir -p /tmp/data/config /tmp/data/uploads /tmp/data/logs && \
+    cp -r /app/code/config-example.yml /tmp/data/config/config.yml && \
+    chown -R cloudron:cloudron /tmp/data
+
+# Copy start script and supervisor config
+COPY start.sh /app/code/
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+RUN chmod +x /app/code/start.sh
+
+# Configure PHP-FPM
+RUN sed -i 's/www-data/cloudron/g' /etc/php/*/fpm/pool.d/www.conf && \
+    sed -i 's/listen = \/run\/php\/php[0-9]\.[0-9]-fpm.sock/listen = \/run\/php\/php-fpm.sock/g' /etc/php/*/fpm/pool.d/www.conf && \
+    echo 'catch_workers_output = yes' >> /etc/php/*/fpm/pool.d/www.conf
+
+# Create logo image
+RUN curl -o /app/code/logo.png https://raw.githubusercontent.com/elabftw/elabftw/master/src/ts/img/logo.png
+
+WORKDIR /app/code
+
+CMD ["/app/code/start.sh"]

Cloudron/elabftw.knownelement.com/CloudronPackage/elabftw-BuildNotes.md

@@ -0,0 +1,109 @@
+# eLabFTW Cloudron Package Build Notes
+
+This document provides instructions for building, testing, and deploying the eLabFTW Cloudron package.
+
+## Package Overview
+
+This package deploys eLabFTW, an open-source electronic laboratory notebook (ELN) for researchers, on Cloudron. The package:
+
+- Uses the MySQL addon for database storage
+- Uses the localstorage addon for file storage
+- Includes NGINX and PHP-FPM configuration
+- Supports optional LDAP authentication through Cloudron
+
+## Building the Package
+
+1. Create a new directory for your package:
+   ```bash
+   mkdir elabftw-cloudron
+   cd elabftw-cloudron
+   ```
+
+2. Save all the provided files to this directory:
+   - CloudronManifest.json
+   - Dockerfile
+   - start.sh
+   - nginx.conf
+   - supervisord.conf
+
+3. Make the start.sh file executable:
+   ```bash
+   chmod +x start.sh
+   ```
+
+4. Download the eLabFTW logo for the package icon:
+   ```bash
+   curl -o logo.png https://raw.githubusercontent.com/elabftw/elabftw/master/src/ts/img/logo.png
+   ```
+
+5. Build the package:
+   ```bash
+   cloudron build
+   ```
+
+## Testing the Package
+
+1. Install the package on your Cloudron for testing:
+   ```bash
+   cloudron install —location elabftw.example.com
+   ```
+
+2. After installation, visit the application URL and complete the initial setup:
+   - Create the Sysadmin account
+   - Configure your teams and user groups
+   - Set up any initial templates or protocols
+
+3. Test the following functionality:
+   - User authentication (local accounts)
+   - File uploads (should be stored in /app/data/uploads)
+   - Database connection (should be using Cloudron MySQL)
+   - LDAP authentication (if enabled)
+   - General application functionality
+
+## Deploying to Production
+
+1. Once testing is complete, you can deploy to production:
+   ```bash
+   cloudron install —location elabftw.yourdomain.com
+   ```
+
+2. For production use, consider:
+   - Setting up regular backups of the Cloudron app
+   - Configuring LDAP authentication if needed (via Cloudron UI)
+   - Adjusting memory limits in CloudronManifest.json if necessary based on usage
+
+## Post-Installation
+
+After installation, you’ll need to:
+
+1. Create a Sysadmin account when first accessing the application
+2. Configure teams and user groups
+3. Set up experiment templates and protocols as needed
+4. Consider enabling and configuring LDAP authentication for easier user management
+
+## Troubleshooting
+
+- Check logs with `cloudron logs -f elabftw`
+- If database issues occur, verify the MySQL addon is properly configured
+- For file storage issues, check permissions on /app/data directories
+- For authentication issues, verify LDAP configuration (if using LDAP)
+
+## Updates
+
+When a new version of eLabFTW is released:
+
+1. Update the git clone command in the Dockerfile to point to the latest release (or specific tag)
+2. Rebuild and update your package:
+   ```bash
+   cloudron build
+   cloudron update —app elabftw.yourdomain.com
+   ```
+
+## Customization
+
+You can customize the package by:
+
+1. Modifying the config.yml template in /tmp/data/config to set default values
+2. Adjusting PHP settings in the Dockerfile or php.ini
+3. Modifying NGINX configuration for special requirements
+4. Adjusting memory limits in CloudronManifest.json based on usage patterns

Cloudron/elabftw.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,38 @@
+server {
+    listen 8000;
+    server_name _;
+    root /app/code/web;
+    index index.php;
+
+    client_max_body_size 100M;
+
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    location / {
+        try_files $uri /index.php$is_args$args;
+    }
+
+    location ~ ^/index\.php(/|$) {
+        fastcgi_pass unix:/run/php/php-fpm.sock;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTPS on;
+        
+        # Forward Cloudron proxy headers
+        fastcgi_param HTTP_X_FORWARDED_FOR $http_x_forwarded_for;
+        fastcgi_param HTTP_X_FORWARDED_PROTO $http_x_forwarded_proto;
+        fastcgi_param HTTP_X_FORWARDED_HOST $http_x_forwarded_host;
+    }
+
+    # Deny access to other PHP files
+    location ~ \.php$ {
+        return 404;
+    }
+
+    # Rewrite app routes
+    location @rewriteapp {
+        rewrite ^(.*)$ /index.php/$1 last;
+    }
+}

Cloudron/elabftw.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+set -e
+
+# Create directory structure if it doesn't exist
+if [ ! -d /app/data/uploads ]; then
+    mkdir -p /app/data/uploads
+    cp -r /tmp/data/uploads/* /app/data/uploads/ 2>/dev/null || true
+    chown -R cloudron:cloudron /app/data/uploads
+fi
+
+if [ ! -d /app/data/logs ]; then
+    mkdir -p /app/data/logs
+    cp -r /tmp/data/logs/* /app/data/logs/ 2>/dev/null || true
+    chown -R cloudron:cloudron /app/data/logs
+fi
+
+if [ ! -f /app/data/config/config.yml ]; then
+    mkdir -p /app/data/config
+    cp -r /tmp/data/config/* /app/data/config/ 2>/dev/null || true
+    
+    # Configure database connection
+    sed -i "s/host: .*/host: ${CLOUDRON_MYSQL_HOST}/" /app/data/config/config.yml
+    sed -i "s/port: .*/port: ${CLOUDRON_MYSQL_PORT}/" /app/data/config/config.yml
+    sed -i "s/database: .*/database: ${CLOUDRON_MYSQL_DATABASE}/" /app/data/config/config.yml
+    sed -i "s/username: .*/username: ${CLOUDRON_MYSQL_USERNAME}/" /app/data/config/config.yml
+    sed -i "s/password: .*/password: ${CLOUDRON_MYSQL_PASSWORD}/" /app/data/config/config.yml
+    
+    # Configure paths
+    sed -i "s|uploads: .*|uploads: /app/data/uploads|" /app/data/config/config.yml
+    sed -i "s|logs: .*|logs: /app/data/logs|" /app/data/config/config.yml
+    
+    # Configure LDAP if enabled
+    if [ "${CLOUDRON_LDAP_ENABLED}" == "true" ]; then
+        # Update LDAP settings in config
+        sed -i "s/ldap_enabled: .*/ldap_enabled: true/" /app/data/config/config.yml
+        sed -i "s/ldap_host: .*/ldap_host: ${CLOUDRON_LDAP_SERVER}/" /app/data/config/config.yml
+        sed -i "s/ldap_port: .*/ldap_port: ${CLOUDRON_LDAP_PORT}/" /app/data/config/config.yml
+        sed -i "s/ldap_username: .*/ldap_username: ${CLOUDRON_LDAP_BIND_DN}/" /app/data/config/config.yml
+        sed -i "s/ldap_password: .*/ldap_password: ${CLOUDRON_LDAP_BIND_PASSWORD}/" /app/data/config/config.yml
+        sed -i "s/ldap_base_dn: .*/ldap_base_dn: ${CLOUDRON_LDAP_USERS_BASE_DN}/" /app/data/config/config.yml
+    fi
+    
+    chown -R cloudron:cloudron /app/data/config
+fi
+
+# Create a symlink to the config file
+ln -sf /app/data/config/config.yml /app/code/config.yml
+
+# Set proper permissions
+chown -R cloudron:cloudron /app/data
+
+# Start the supervisord
+exec /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf

Cloudron/elabftw.knownelement.com/CloudronPackage/supervisord.conf

@@ -0,0 +1,24 @@
+[supervisord]
+nodaemon=true
+logfile=/dev/stdout
+logfile_maxbytes=0
+
+[program:nginx]
+command=/usr/sbin/nginx -g "daemon off;"
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autostart=true
+autorestart=true
+priority=10
+
+[program:php-fpm]
+command=/usr/sbin/php-fpm8.1 -F
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autostart=true
+autorestart=true
+priority=5

Cloudron/elabftw.knownelement.com/elabftw-info.md

@@ -0,0 +1,3 @@
+# ElabFTW
+
+- https://projects.knownelement.com/issues/188

Cloudron/errortrack.knownelement.com/errortrack-info,md

@@ -0,0 +1,3 @@
+# Errortrack
+
+- https://projects.knownelement.com/issues/220

Cloudron/etl.knownelement.com/info-etl.md

@@ -0,0 +1,3 @@
+# ETL
+
+- https://projects.knownelement.com/issues/301

Cloudron/functions.knownelement.com/functions-info.md

@@ -0,0 +1,3 @@
+# Functions
+
+- https://projects.knownelement.com/issues/232

Cloudron/fuzz.knownelement.com/fuzz-info.md

@@ -0,0 +1,3 @@
+# Fuzz
+
+- https://projects.knownelement.com/issues/281

Cloudron/governance.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,44 @@
+{
+  "id": "net.consuldemocracy.cloudron",
+  "title": "Consul Democracy",
+  "author": "Consul Democracy Community",
+  "description": "Open Government and E-Participation Web Software",
+  "tagline": "The most comprehensive citizen participation platform",
+  "version": "1.0.0",
+  "healthCheckPath": "/",
+  "httpPort": 8000,
+  "addons": {
+    "localstorage": {},
+    "postgresql": {
+      "version": "14"
+    },
+    "ldap": {},
+    "sendmail": {}
+  },
+  "manifestVersion": 2,
+  "website": "https://consuldemocracy.org",
+  "contactEmail": "info@consuldemocracy.org",
+  "icon": "file://logo.png",
+  "tags": [
+    "democracy",
+    "participation",
+    "open-government",
+    "rails"
+  ],
+  "dockerImage": "{origin}/consuldemocracy",
+  "memoryLimit": 1024,
+  "documentationUrl": "https://docs.consuldemocracy.org/",
+  "forumUrl": "https://github.com/consuldemocracy/consuldemocracy/discussions",
+  "minBoxVersion": "7.0.0",
+  "mediaLinks": [],
+  "changelog": "Initial version",
+  "postInstallMessage": "Consul Democracy has been successfully installed! The default administrator credentials are:\n\nUsername: admin@example.org\nPassword: password\n\nPlease login and change these immediately.",
+  "configurePath": "/admin",
+  "backup": {
+    "backupScriptPath": "/app/code/backup.sh"
+  },
+  "sso": {
+    "loginPath": "/users/sign_in",
+    "callbackPath": "/oauth/callback"
+  }
+}

Cloudron/governance.knownelement.com/CloudronPackage/CounslDemocracyBulldNotes.md

@@ -0,0 +1,114 @@
+# Consul Democracy - Cloudron Build Notes
+
+## Overview
+
+Consul Democracy is an open-source citizen participation and open government platform, originally developed for the Madrid City government. This package enables easy deployment on the Cloudron platform with full integration of Cloudron’s authentication, database, and email systems.
+
+## Prerequisites
+
+- A running Cloudron instance (version 7.0.0 or later)
+- Basic familiarity with Cloudron’s CLI for package development
+- Git installed on your local machine
+
+## Building the Package
+
+1. Clone this repository:
+   ```bash
+   git clone https://github.com/your-username/cloudron-consuldemocracy.git
+   cd cloudron-consuldemocracy
+   ```
+
+2. Install the Cloudron CLI if you haven’t already:
+   ```bash
+   npm install -g cloudron
+   ```
+
+3. Login to your Cloudron:
+   ```bash
+   cloudron login https://my.example.com
+   ```
+
+4. Build and install the package:
+   ```bash
+   cloudron build
+   cloudron install —image consuldemocracy
+   ```
+
+## Configuration
+
+### Post-Installation
+
+After installation, the app will be available at your configured domain. The initial admin credentials are:
+
+- Username: admin@example.org
+- Password: password
+
+**Important:** Change these credentials immediately after logging in.
+
+### LDAP Integration
+
+The package is configured to use Cloudron’s LDAP server for authentication. Users who have access to the app through Cloudron’s access control panel will be able to log in using their Cloudron credentials.
+
+### OIDC Integration
+
+For enhanced security, the package also supports Cloudron’s OIDC provider. This is automatically configured during installation.
+
+### Email Configuration
+
+The package is configured to use Cloudron’s SMTP server for sending emails. No additional configuration is needed.
+
+## Customization
+
+### Environment Variables
+
+You can customize the app by setting environment variables in the Cloudron app configuration:
+
+- `CONSUL_CUSTOM_LOGO`: URL to a custom logo
+- `CONSUL_ORGANIZATION_NAME`: Name of your organization
+- `CONSUL_THEME_COLOR`: Primary theme color (hex code)
+
+### Filesystem Structure
+
+- `/app/data/files`: Persistent storage for uploaded files
+- `/app/data/images`: Persistent storage for uploaded images
+- `/app/data/log`: Application logs
+- `/app/data/tmp`: Temporary files
+
+## Troubleshooting
+
+### Common Issues
+
+1. **Database Migration Errors**:
+   Check the app logs for specific error messages:
+   ```bash
+   cloudron logs -f
+   ```
+
+2. **Authentication Issues**:
+   Ensure that the LDAP configuration is correct and that users have been granted access to the app in Cloudron’s access control panel.
+
+3. **Email Delivery Problems**:
+   Verify that the Cloudron mail addon is properly configured.
+
+### Support
+
+For issues specific to this package:
+- Create an issue in the GitHub repository
+- Contact the maintainer at: your-email@example.com
+
+For issues with Consul Democracy itself:
+- Visit the [Consul Democracy documentation](https://docs.consuldemocracy.org/)
+- Check the [GitHub issues](https://github.com/consuldemocracy/consuldemocracy/issues)
+
+## Updates and Maintenance
+
+To update the app:
+
+1. Pull the latest changes from the repository
+2. Rebuild the package:
+   ```bash
+   cloudron build
+   cloudron update —app consuldemocracy
+   ```
+
+Regular database backups are automatically handled by Cloudron’s backup system.

Cloudron/governance.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,93 @@
+FROM cloudron/base:4.2.0
+
+# Install dependencies
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    cmake \
+    pkg-config \
+    git \
+    curl \
+    ruby-full \
+    nodejs \
+    npm \
+    imagemagick \
+    libpq-dev \
+    libxml2-dev \
+    libxslt1-dev \
+    zlib1g-dev \
+    libyaml-dev \
+    libssl-dev \
+    libreadline-dev \
+    supervisor \
+    nginx \
+    && rm -rf /var/lib/apt/lists/*
+
+# Update npm and install yarn
+RUN npm install -g yarn
+
+# Set Ruby and NodeJS versions
+ENV RUBY_VERSION=3.2.8
+ENV NODE_VERSION=18.20.3
+
+# Ensure correct nodejs version (Node.js is already installed in base image)
+RUN n ${NODE_VERSION}
+
+# Create app directory structure
+RUN mkdir -p /app/code /app/data /tmp/data
+
+# Clone the app
+RUN git clone https://github.com/consuldemocracy/consuldemocracy.git /app/code
+WORKDIR /app/code
+
+# Install bundler
+RUN gem install bundler
+
+# Install gems
+RUN bundle install --deployment --without development test
+
+# Install JavaScript dependencies
+RUN yarn install
+
+# Precompile assets
+RUN SECRET_KEY_BASE=precompilation_key RAILS_ENV=production bundle exec rake assets:precompile
+
+# Configure Nginx
+RUN rm -f /etc/nginx/sites-enabled/default
+COPY nginx.conf /etc/nginx/sites-enabled/consuldemocracy.conf
+
+# Configure Supervisor
+COPY supervisord.conf /etc/supervisor/conf.d/consuldemocracy.conf
+
+# Add initialization script for /app/data
+COPY init-data.sh /app/code/
+RUN chmod +x /app/code/init-data.sh
+
+# Copy backup script
+COPY backup.sh /app/code/
+RUN chmod +x /app/code/backup.sh
+
+# Copy database configuration
+COPY database.yml /app/code/config/database.yml
+
+# Copy secrets configuration template
+COPY secrets.yml /app/code/config/secrets.yml
+
+# Add LDAP configuration
+COPY ldap.yml /app/code/config/ldap.yml
+
+# Copy oauth integration config
+COPY oauth.rb /app/code/config/initializers/oauth.rb
+
+# Copy the startup script
+COPY start.sh /app/code/
+RUN chmod +x /app/code/start.sh
+
+# Set appropriate permissions
+RUN chown -R cloudron:cloudron /app/code
+
+# Configure app for production
+ENV RAILS_ENV=production
+ENV RAILS_SERVE_STATIC_FILES=true
+
+# Entrypoint
+CMD ["/app/code/start.sh"]

Cloudron/governance.knownelement.com/CloudronPackage/backup.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+set -e
+
+echo "Performing Consul Democracy backup..."
+
+# The Cloudron backup system will automatically handle:
+# 1. /app/data
+# 2. PostgreSQL database
+
+# We don't need any custom backup logic as Cloudron handles 
+# both the database and the data directory.
+
+# In case of any application-specific backup needs:
+
+# 1. Run any pre-backup tasks
+cd /app/code
+RAILS_ENV=production bundle exec rake tmp:clear
+
+# 2. Ensure all user uploads are synced
+sync
+
+echo "Backup preparation complete"
+exit 0

Cloudron/governance.knownelement.com/CloudronPackage/database.yaml

@@ -0,0 +1,18 @@
+default: &default
+  adapter: postgresql
+  encoding: unicode
+  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+  timeout: 5000
+
+development:
+  <<: *default
+  database: consuldemocracy_development
+
+test:
+  <<: *default
+  database: consuldemocracy_test
+
+production:
+  <<: *default
+  url: <%= ENV['DATABASE_URL'] %>
+  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 20 } %>

Cloudron/governance.knownelement.com/CloudronPackage/int-data.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+set -e
+
+echo "Initializing data directory..."
+
+# Check if data directories exist, if not create them
+mkdir -p /app/data/files
+mkdir -p /app/data/images
+mkdir -p /app/data/log
+mkdir -p /app/data/tmp
+
+# Generate a secret key base if it doesn't exist
+if [ ! -f /app/data/secret_key_base ]; then
+    echo "Generating secret key base..."
+    openssl rand -hex 64 > /app/data/secret_key_base
+    chmod 600 /app/data/secret_key_base
+fi
+
+# Create symlinks from app to data directory
+if [ ! -L /app/code/storage ]; then
+    ln -sf /app/data/files /app/code/storage
+fi
+
+if [ ! -L /app/code/public/uploads ]; then
+    ln -sf /app/data/images /app/code/public/uploads
+fi
+
+if [ ! -L /app/code/log ]; then
+    ln -sf /app/data/log /app/code/log
+fi
+
+if [ ! -L /app/code/tmp ]; then
+    ln -sf /app/data/tmp /app/code/tmp
+fi
+
+# Set proper permissions
+chown -R cloudron:cloudron /app/data
+
+echo "Data directory initialized."

Cloudron/governance.knownelement.com/CloudronPackage/ldap.yaml

@@ -0,0 +1,15 @@
+production:
+  enabled: true
+  host: <%= ENV['LDAP_HOST'] %>
+  port: <%= ENV['LDAP_PORT'] %>
+  ssl: true
+  admin_user: <%= ENV['LDAP_ADMIN_USER'] %>
+  admin_password: <%= ENV['LDAP_ADMIN_PASSWORD'] %>
+  base: <%= ENV['LDAP_BASE'] %>
+  user_filter: "(uid=%{username})"
+  group_base: <%= ENV['CLOUDRON_LDAP_GROUPS_BASE_DN'] %>
+  required_groups:
+    - <%= ENV['CLOUDRON_LDAP_GROUPS_BASE_DN'] %>
+  attribute_mapping:
+    email: mail
+    name: displayName

Cloudron/governance.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,47 @@
+server {
+    listen 8000;
+    server_name _;
+
+    root /app/code/public;
+    client_max_body_size 100M;
+
+    # Handle asset requests
+    location ~ ^/(assets|packs)/ {
+        expires max;
+        add_header Cache-Control public;
+    }
+
+    # Proxy requests to the Rails application
+    location / {
+        try_files $uri @passenger;
+    }
+
+    location @passenger {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        
+        # Forward the original request scheme (http or https)
+        proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
+        
+        # Needed for Cloudron authentication
+        proxy_set_header X-Cloudron-Proxy-Port 8000;
+        
+        # Proxy to the Rails application served by Puma
+        proxy_pass http://unix:/run/consuldemocracy.sock;
+        proxy_redirect off;
+    }
+
+    # Error pages
+    error_page 500 502 503 504 /500.html;
+    error_page 404 /404.html;
+    error_page 422 /422.html;
+
+    # Logging
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+}

Cloudron/governance.knownelement.com/CloudronPackage/oauth.rb

@@ -0,0 +1,29 @@
+# Configure OAuth integration with Cloudron
+if ENV['CLOUDRON_OIDC_IDENTIFIER'] && Rails.env.production?
+  Rails.application.config.middleware.use OmniAuth::Builder do
+    provider :openid_connect, {
+      name: :cloudron,
+      scope: [:openid, :email, :profile],
+      response_type: :code,
+      uid_field: 'sub',
+      discovery: true,
+      client_options: {
+        identifier: ENV['CLOUDRON_OIDC_CLIENT_ID'],
+        secret: ENV['CLOUDRON_OIDC_CLIENT_SECRET'],
+        redirect_uri: "https://#{ENV['CLOUDRON_APP_DOMAIN']}/oauth/callback",
+        port: 443,
+        scheme: 'https',
+        host: "#{ENV['CLOUDRON_APP_DOMAIN']}",
+        discovery_document: ENV['CLOUDRON_OIDC_IDENTIFIER']
+      },
+      client_auth_method: 'secret_basic'
+    }
+  end
+
+  # Map additional user attributes from Cloudron OIDC
+  OmniAuth::Strategies::OAuth2.class_eval do
+    def callback_url
+      full_host + script_name + callback_path
+    end
+  end
+end

Cloudron/governance.knownelement.com/CloudronPackage/secrets.yaml

@@ -0,0 +1,21 @@
+default: &default
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
+  server_name: <%= ENV["CLOUDRON_APP_DOMAIN"] %>
+  smtp_settings:
+    address: <%= ENV["SMTP_ADDRESS"] %>
+    port: <%= ENV["SMTP_PORT"] %>
+    domain: <%= ENV["SMTP_DOMAIN"] %>
+    user_name: <%= ENV["SMTP_USER_NAME"] %>
+    password: <%= ENV["SMTP_PASSWORD"] %>
+    authentication: "login"
+    enable_starttls_auto: true
+  mailer_sender: <%= "noreply@#{ENV['CLOUDRON_APP_DOMAIN']}" %>
+
+development:
+  <<: *default
+
+test:
+  <<: *default
+
+production:
+  <<: *default

Cloudron/governance.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+set -e
+
+echo "Starting Consul Democracy..."
+
+# Initialize the data directory if it doesn't exist
+/app/code/init-data.sh
+
+cd /app/code
+
+# Setup environment variables
+export DATABASE_URL="postgresql://${CLOUDRON_POSTGRESQL_USERNAME}:${CLOUDRON_POSTGRESQL_PASSWORD}@${CLOUDRON_POSTGRESQL_HOST}:${CLOUDRON_POSTGRESQL_PORT}/${CLOUDRON_POSTGRESQL_DATABASE}"
+export SECRET_KEY_BASE=$(cat /app/data/secret_key_base)
+export RAILS_ENV=production
+export RAILS_SERVE_STATIC_FILES=true
+export RAILS_LOG_TO_STDOUT=true
+
+# Configure email settings
+export SMTP_ADDRESS=${CLOUDRON_MAIL_SMTP_SERVER}
+export SMTP_PORT=${CLOUDRON_MAIL_SMTP_PORT}
+export SMTP_DOMAIN=${CLOUDRON_APP_DOMAIN}
+export SMTP_USER_NAME=${CLOUDRON_MAIL_SMTP_USERNAME}
+export SMTP_PASSWORD=${CLOUDRON_MAIL_SMTP_PASSWORD}
+
+# LDAP Setup for Cloudron integration
+export LDAP_HOST=${CLOUDRON_LDAP_SERVER}
+export LDAP_PORT=${CLOUDRON_LDAP_PORT}
+export LDAP_ADMIN_USER=${CLOUDRON_LDAP_BIND_DN}
+export LDAP_ADMIN_PASSWORD=${CLOUDRON_LDAP_BIND_PASSWORD}
+export LDAP_BASE=${CLOUDRON_LDAP_USERS_BASE_DN}
+
+# Run db migrations if needed
+echo "Running database migrations..."
+bundle exec rake db:migrate
+
+# Seed the database if it's the first run
+if [ ! -f /app/data/.initialized ]; then
+  echo "First run detected, seeding the database..."
+  bundle exec rake db:seed
+  touch /app/data/.initialized
+fi
+
+# Start the application server via supervisord
+echo "Starting supervisord..."
+exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

Cloudron/governance.knownelement.com/CloudronPackage/supervisord.conf

@@ -0,0 +1,32 @@
+[program:nginx]
+command=/usr/sbin/nginx -g "daemon off;"
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+
+[program:rails]
+directory=/app/code
+command=bundle exec puma -e production -b unix:///run/consuldemocracy.sock
+user=cloudron
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+environment=RAILS_ENV=production,RAILS_LOG_TO_STDOUT=true,RAILS_SERVE_STATIC_FILES=true
+
+[program:sidekiq]
+directory=/app/code
+command=bundle exec sidekiq -e production
+user=cloudron
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+environment=RAILS_ENV=production,RAILS_LOG_TO_STDOUT=true

Cloudron/governance.knownelement.com/governance-info.md

@@ -0,0 +1,3 @@
+# Governance
+
+- https://projects.knownelement.com/issues/189

Cloudron/grist.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,46 @@
+{
+  "id": "com.getgrist.cloudron",
+  "title": "Grist",
+  "author": "Grist Labs",
+  "description": "A modern, open source spreadsheet that goes beyond the grid. Grist combines the flexibility of a spreadsheet with the robustness of a database to organize your data your way.",
+  "tagline": "Modern relational spreadsheet with Python formulas",
+  "version": "1.0.0",
+  "healthCheckPath": "/healthz",
+  "httpPort": 8080,
+  "addons": {
+    "localstorage": {},
+    "postgresql": {
+      "userName": "grist",
+      "databaseName": "grist"
+    }
+  },
+  "manifestVersion": 2,
+  "website": "https://www.getgrist.com/",
+  "documentationUrl": "https://support.getgrist.com/",
+  "contactEmail": "support@getgrist.com",
+  "icon": "file://logo.png",
+  "memoryLimit": 1024,
+  "tags": ["spreadsheet", "database", "python", "dashboard"],
+  "minBoxVersion": "7.0.0",
+  "installationNotes": {
+    "en": "The default administrator account is set to your Cloudron email. Access Grist at the configured subdomain."
+  },
+  "postInstallationNotes": {
+    "en": "Grist has been successfully installed. The administrator account is set to your Cloudron email. Sign in using your Cloudron account credentials."
+  },
+  "forumUrl": "https://community.getgrist.com/",
+  "mediaLinks": [
+    "https://www.getgrist.com/assets/images/grist-demo.png"
+  ],
+  "authentication": {
+    "loginPath": "/auth/login",
+    "logoutPath": "/auth/logout",
+    "impl": "oauth",
+    "oauth": {
+      "clientId": "{{cloudronOAuthClientId}}",
+      "clientSecret": "{{cloudronOAuthClientSecret}}",
+      "callbackPath": "/oauth2/callback",
+      "scope": "profile email"
+    }
+  }
+}

Cloudron/grist.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,79 @@
+FROM cloudron/base:4.2.0
+
+# Add Cloudron specific environment
+ENV CLOUDRON=1 \
+    HOME=/app/data \
+    LC_ALL=C.UTF-8 \
+    LANG=C.UTF-8 \
+    USER=cloudron \
+    PORT=8080 \
+    PYTHON_VERSION=3 \
+    PYTHON_VERSION_ON_CREATION=3 \
+    DEBUG=0
+
+# Install required dependencies
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        wget \
+        gnupg \
+        supervisor \
+        python3 \
+        python3-pip \
+        python3-setuptools \
+        python3-wheel \
+        python3-venv \
+        build-essential \
+        pkg-config \
+        xvfb \
+        xauth \
+        libcairo2-dev \
+        libpango1.0-dev \
+        libglib2.0-dev \
+        nodejs \
+        npm \
+        git \
+        sqlite3 \
+        curl \
+        ca-certificates && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Create required directories
+RUN mkdir -p /app/code /app/data /app/pkg /app/log && \
+    mkdir -p /app/data/docs
+
+# Clone Grist
+WORKDIR /app/pkg
+RUN git clone --depth 1 https://github.com/gristlabs/grist-core.git && \
+    cd grist-core && \
+    npm install && \
+    npm run build && \
+    cd /app/pkg
+
+# Set up supervisor config
+COPY supervisor.conf /etc/supervisor/conf.d/grist.conf
+COPY nginx.conf /app/pkg/nginx.conf
+
+# Nginx site configuration
+COPY nginx-app.conf /etc/nginx/sites-available/grist
+RUN ln -sf /etc/nginx/sites-available/grist /etc/nginx/sites-enabled/grist && \
+    rm -f /etc/nginx/sites-enabled/default
+
+# Add scripts
+COPY start.sh /app/pkg/
+RUN chmod +x /app/pkg/start.sh
+
+# Set up initialization data
+COPY --chown=cloudron:cloudron init_data/ /app/pkg/init_data/
+
+# Set ownership
+RUN chown -R cloudron:cloudron /app/code /app/data /app/pkg /app/log
+
+# Set working directory
+WORKDIR /app/pkg
+
+# Run as cloudron user
+USER cloudron
+
+# Start application
+CMD ["/app/pkg/start.sh"]

Cloudron/grist.knownelement.com/CloudronPackage/GristBuildNotes.md

@@ -0,0 +1,131 @@
+# Grist Cloudron Package Build Notes
+
+## Overview
+
+This document provides instructions for building, testing, and deploying the Grist Cloudron package. Grist is a modern, open-source spreadsheet application with database capabilities, Python formulas, and collaborative features.
+
+## Package Components
+
+The package includes the following files:
+
+1. `CloudronManifest.json` - Configuration file for Cloudron
+2. `Dockerfile` - Instructions for building the Docker image
+3. `start.sh` - Initialization and startup script
+4. `supervisor.conf` - Process management configuration
+5. `nginx-app.conf` - NGINX site configuration
+6. `nginx.conf` - NGINX main configuration
+7. `logo.png` - Grist logo for Cloudron (needs to be added)
+
+## Prerequisites
+
+- Cloudron server (v7.0.0 or newer)
+- Docker installed on your build machine
+- Cloudron CLI installed on your build machine
+
+## Build Instructions
+
+1. **Prepare the package directory**
+
+   Create a directory for your package and place all the files in it:
+
+   ```bash
+   mkdir -p grist-cloudron
+   cd grist-cloudron
+   # Copy all files into this directory
+   ```
+
+2. **Add the Grist logo**
+
+   Download the Grist logo and save it as `logo.png` in the package directory:
+
+   ```bash
+   curl -o logo.png https://raw.githubusercontent.com/gristlabs/grist-core/main/static/favicon.png
+   ```
+
+3. **Create an initialization data directory**
+
+   ```bash
+   mkdir -p init_data
+   ```
+
+4. **Build the Docker image**
+
+   ```bash
+   cloudron build
+   ```
+
+## Testing the Package
+
+1. **Install the package on your Cloudron for testing**
+
+   ```bash
+   cloudron install —image your-docker-image-name
+   ```
+
+2. **Verify the installation**
+
+   Once installed, navigate to the app’s URL and verify that:
+   - The login page appears correctly
+   - You can log in using your Cloudron credentials
+   - You can create and edit documents
+   - Document imports and exports work properly
+   - Python formulas are functioning correctly
+
+3. **Test authentication**
+
+   Verify that:
+   - Authentication with Cloudron accounts works
+   - User permissions are applied correctly
+   - Logging out works properly
+
+## Common Issues and Troubleshooting
+
+1. **Authentication Issues**
+   - Check that the OAuth configuration is correct in `CloudronManifest.json`
+   - Verify environment variables in `start.sh` related to OIDC
+
+2. **Database Connection Problems**
+   - Verify PostgreSQL addon configuration
+   - Check logs for database connection errors
+
+3. **Grist Not Starting**
+   - Check supervisord logs: `cloudron logs -f`
+   - Verify that the required directories exist and have proper permissions
+
+4. **File Upload Issues**
+   - Verify the `client_max_body_size` setting in the NGINX configuration
+
+## Deployment
+
+1. **Prepare the package for production**
+
+   ```bash
+   cloudron build
+   cloudron upload
+   ```
+
+2. **Install from the Cloudron App Store**
+
+   After submission and approval, users can install directly from the Cloudron App Store.
+
+## Maintenance
+
+1. **Updating Grist**
+
+   To update Grist to a newer version:
+   - Update the git clone command in the `Dockerfile`
+   - Update the version in `CloudronManifest.json`
+   - Rebuild and redeploy
+
+2. **Backing Up**
+
+   Cloudron automatically backs up:
+   - The PostgreSQL database
+   - The `/app/data` directory containing all Grist documents
+
+## Additional Resources
+
+- [Grist Documentation](https://support.getgrist.com/)
+- [Grist GitHub Repository](https://github.com/gristlabs/grist-core)
+- [Cloudron Documentation](https://docs.cloudron.io/)
+- [Grist Community Forum](https://community.getgrist.com/)

Cloudron/grist.knownelement.com/CloudronPackage/nginx-app.conf

@@ -0,0 +1,53 @@
+server {
+    listen 8080;
+    server_name localhost;
+
+    # Set maximum upload size
+    client_max_body_size 300M;
+
+    # Add security headers
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Frame-Options SAMEORIGIN;
+    add_header Referrer-Policy strict-origin-when-cross-origin;
+
+    # Main location for Grist
+    location / {
+        proxy_pass http://127.0.0.1:8484;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_read_timeout 90;
+        proxy_buffering off;
+    }
+
+    # Health check endpoint
+    location = /healthz {
+        access_log off;
+        add_header Content-Type text/plain;
+        return 200 'OK';
+    }
+
+    # Static file caching
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
+        proxy_pass http://127.0.0.1:8484;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        expires 30d;
+        add_header Cache-Control "public, no-transform";
+    }
+
+    # Error pages
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+    }
+}

Cloudron/grist.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,43 @@
+user cloudron;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+    worker_connections 768;
+    # multi_accept on;
+}
+
+http {
+    # Basic Settings
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    # SSL Settings
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+
+    # Logging Settings
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    # Gzip Settings
+    gzip on;
+    gzip_disable "msie6";
+    gzip_vary on;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_buffers 16 8k;
+    gzip_http_version 1.1;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+    # Virtual Host Configs
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}

Cloudron/grist.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,63 @@
+#!/bin/bash
+set -e
+
+# Cloudron environment variables
+export GRIST_APP_ROOT="/app/pkg/grist-core"
+export GRIST_DATA_DIR="/app/data/docs"
+export GRIST_SESSION_SECRET="${CLOUDRON_SESSION_SECRET}"
+export APP_HOME_URL="${CLOUDRON_APP_URL}"
+export GRIST_DOMAIN="${CLOUDRON_APP_DOMAIN}"
+export GRIST_SINGLE_ORG="cloudron"
+export GRIST_HIDE_UI_ELEMENTS="billing"
+export GRIST_MAX_UPLOAD_ATTACHMENT_MB=100
+export GRIST_MAX_UPLOAD_IMPORT_MB=300
+export GRIST_SANDBOX_FLAVOR="gvisor"
+export GRIST_USER_ROOT="/app/data"
+export GRIST_THROTTLE_CPU="true"
+export GRIST_DEFAULT_EMAIL="${CLOUDRON_ADMIN_EMAIL}"
+export GRIST_FORCE_LOGIN="true"
+export GRIST_SUPPORT_ANON="false"
+export COOKIE_MAX_AGE=2592000000 # 30 days in milliseconds
+
+# Setup OpenID Connect for Cloudron authentication
+export GRIST_OIDC_IDP_ISSUER="${CLOUDRON_APP_ORIGIN}"
+export GRIST_OIDC_IDP_CLIENT_ID="${CLOUDRON_OAUTH_CLIENT_ID}"
+export GRIST_OIDC_IDP_CLIENT_SECRET="${CLOUDRON_OAUTH_CLIENT_SECRET}"
+export GRIST_OIDC_IDP_SCOPES="openid profile email"
+export GRIST_OIDC_SP_HOST="${CLOUDRON_APP_URL}"
+export GRIST_OIDC_SP_PROFILE_EMAIL_ATTR="email"
+export GRIST_OIDC_SP_PROFILE_NAME_ATTR="name"
+export GRIST_OIDC_IDP_ENABLED_PROTECTIONS="PKCE,STATE"
+
+# Database configuration using Cloudron PostgreSQL addon
+export TYPEORM_TYPE="postgres"
+export TYPEORM_DATABASE="${CLOUDRON_POSTGRESQL_DATABASE}"
+export TYPEORM_USERNAME="${CLOUDRON_POSTGRESQL_USERNAME}"
+export TYPEORM_PASSWORD="${CLOUDRON_POSTGRESQL_PASSWORD}"
+export TYPEORM_HOST="${CLOUDRON_POSTGRESQL_HOST}"
+export TYPEORM_PORT="${CLOUDRON_POSTGRESQL_PORT}"
+export TYPEORM_LOGGING="false"
+
+# Initialize or update data directories if they don't exist
+if [ ! -d "/app/data/docs" ]; then
+    mkdir -p /app/data/docs
+    echo "Created docs directory"
+fi
+
+if [ ! -d "/app/data/home" ]; then
+    mkdir -p /app/data/home
+    echo "Created home directory"
+fi
+
+# Copy initialization data if needed
+if [ -d "/app/pkg/init_data" ] && [ ! -f "/app/data/.initialized" ]; then
+    cp -R /app/pkg/init_data/* /app/data/
+    touch /app/data/.initialized
+    echo "Copied initialization data"
+fi
+
+# Ensure proper permissions
+chown -R cloudron:cloudron /app/data
+
+# Start supervisor to manage Grist and Nginx
+exec /usr/bin/supervisord --nodaemon -c /etc/supervisor/supervisord.conf

Cloudron/grist.knownelement.com/CloudronPackage/supervisor.conf

@@ -0,0 +1,32 @@
+[supervisord]
+nodaemon=true
+logfile=/app/log/supervisord.log
+logfile_maxbytes=10MB
+logfile_backups=3
+loglevel=info
+pidfile=/run/supervisord.pid
+user=cloudron
+
+[program:nginx]
+command=/usr/sbin/nginx -g "daemon off;"
+priority=10
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autostart=true
+autorestart=true
+
+[program:grist]
+command=bash -c "cd /app/pkg/grist-core && node sandbox/pyodide.js"
+user=cloudron
+environment=HOME=/app/data
+directory=/app/pkg/grist-core
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autostart=true
+autorestart=true
+startretries=3
+priority=20

Cloudron/grist.knownelement.com/grist-info.md

@@ -0,0 +1,3 @@
+# Grist
+
+- https://projects.knownelement.com/issues/191

Cloudron/grocy.knownelement.com/grocy-info.md

@@ -0,0 +1,3 @@
+# Grocy
+
+- https://projects.knownelement.com/issues/193

Cloudron/healthcheck.knownelement.com/healthcheck-info.md

@@ -0,0 +1,3 @@
+# Healthcheck
+
+- https://projects.knownelement.com/issues/192

Cloudron/homebox.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,38 @@
+{
+  "id": "software.homebox.cloudronapp",
+  "title": "Homebox",
+  "author": "CloudronApp",
+  "description": "Homebox is an inventory and organization system built for home users. Manage your home inventory with a simple, fast, and lightweight application.",
+  "tagline": "Simple home inventory management",
+  "version": "1.0.0",
+  "healthCheckPath": "/",
+  "httpPort": 7745,
+  "addons": {
+    "localstorage": {
+      "description": "Data directory for Homebox"
+    }
+  },
+  "manifestVersion": 2,
+  "website": "https://homebox.software/",
+  "contactEmail": "support@homebox.software",
+  "icon": "file://logo.png",
+  "tags": [
+    "inventory",
+    "organization",
+    "asset-management",
+    "home"
+  ],
+  "minBoxVersion": "7.5.0",
+  "documentationUrl": "https://homebox.software/en/",
+  "forumUrl": "https://github.com/sysadminsmedia/homebox/discussions",
+  "postInstallMessage": "Homebox has been successfully installed! The first user to register will be the administrator. You can disable registration after creating the first account.",
+  "memoryLimit": 256000000,
+  "targetBoxVersion": "7.5.0",
+  "changelog": "Initial Cloudron package",
+  "mediaLinks": [],
+  "containerOptions": {
+    "securityContext": {
+      "allowPrivilegeEscalation": false
+    }
+  }
+}

Cloudron/homebox.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,46 @@
+FROM cloudron/base:4.2.0
+
+# Add version specifics
+ARG VERSION=latest
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Update the system and install dependencies
+RUN apt-get update && \
+    apt-get install -y \
+    curl \
+    ca-certificates \
+    wget \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# Set up directory structure following Cloudron filesystem layout
+RUN mkdir -p /app/code /app/data /tmp/data
+
+# Set working directory
+WORKDIR /app/code
+
+# Download and install the latest Homebox release
+RUN if [ "$VERSION" = "latest" ]; then \
+        DOWNLOAD_URL=$(curl -s https://api.github.com/repos/sysadminsmedia/homebox/releases/latest | grep "browser_download_url.*linux_amd64" | cut -d '"' -f 4); \
+    else \
+        DOWNLOAD_URL="https://github.com/sysadminsmedia/homebox/releases/download/v${VERSION}/homebox_${VERSION}_linux_amd64.tar.gz"; \
+    fi && \
+    wget -O /tmp/homebox.tar.gz ${DOWNLOAD_URL} && \
+    tar -xzf /tmp/homebox.tar.gz -C /app/code && \
+    rm /tmp/homebox.tar.gz && \
+    chmod +x /app/code/homebox
+
+# Copy initialization template for /app/data
+COPY data_init /tmp/data/
+
+# Copy application scripts
+COPY start.sh /app/code/
+RUN chmod +x /app/code/start.sh
+
+# Copy NGINX configuration
+COPY nginx.conf /app/code/
+
+# Set ownership to cloudron user
+RUN chown -R cloudron:cloudron /app/code /tmp/data
+
+# Set entrypoint
+ENTRYPOINT ["/app/code/start.sh"]

Cloudron/homebox.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,67 @@
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+    worker_connections 768;
+    multi_accept on;
+}
+
+http {
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    server_tokens off;
+    
+    # Mime types
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    
+    # Logging
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+    
+    # Gzip settings
+    gzip on;
+    gzip_disable "msie6";
+    gzip_vary on;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_buffers 16 8k;
+    gzip_http_version 1.1;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+    
+    # Virtual Host Configs
+    server {
+        listen 8000 default_server;
+        listen [::]:8000 default_server;
+        
+        server_name _;
+        
+        # Maximum upload size
+        client_max_body_size 100M;
+        
+        # Proxy settings
+        proxy_buffers 16 16k;
+        proxy_buffer_size 16k;
+        
+        location / {
+            proxy_pass http://127.0.0.1:7745;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header X-Forwarded-Port $server_port;
+            
+            # Set timeouts
+            proxy_connect_timeout 60s;
+            proxy_send_timeout 60s;
+            proxy_read_timeout 300s;
+        }
+    }
+}

Cloudron/homebox.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,108 @@
+#!/bin/bash
+set -e
+
+# Ensure proper directory structure in /app/data
+if [ ! -d "/app/data/.database" ]; then
+    echo "Initializing data directory structure..."
+    mkdir -p /app/data/.database
+    mkdir -p /app/data/uploads
+    
+    # Copy initialization files if provided
+    if [ -d "/tmp/data" ]; then
+        cp -r /tmp/data/* /app/data/
+    fi
+    
+    # Fix permissions
+    chown -R cloudron:cloudron /app/data
+    chmod -R 750 /app/data
+fi
+
+# Set environment variables for Homebox
+export HBOX_MODE=production
+export HBOX_STORAGE_DATA=/app/data
+export HBOX_DATABASE_DRIVER=sqlite3
+export HBOX_DATABASE_SQLITE_PATH="/app/data/.database/homebox.db"
+export HBOX_WEB_PORT=7745
+export HBOX_WEB_HOST=127.0.0.1
+export HBOX_LOG_LEVEL=info
+export HBOX_LOG_FORMAT=text
+export HBOX_WEB_MAX_FILE_UPLOAD=50
+
+# Check if registration should be disabled by default
+# If this is a fresh install, we'll allow registration for first user
+if [ ! -f "/app/data/.database/homebox.db" ]; then
+    export HBOX_OPTIONS_ALLOW_REGISTRATION=true
+else
+    export HBOX_OPTIONS_ALLOW_REGISTRATION=false
+fi
+
+# Configure NGINX
+echo "Configuring NGINX..."
+mkdir -p /run/nginx
+cat > /app/data/nginx.conf <<EOF
+worker_processes auto;
+daemon off;
+pid /run/nginx/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    client_max_body_size 50M;
+    
+    # Logging to stdout for Cloudron to capture
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    server {
+        listen 8000;
+        server_name localhost;
+
+        location / {
+            proxy_pass http://127.0.0.1:7745;
+            proxy_set_header Host \$host;
+            proxy_set_header X-Real-IP \$remote_addr;
+            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto \$scheme;
+        }
+    }
+}
+EOF
+
+# Start Supervisor which will manage our processes
+echo "Starting supervisor..."
+cat > /etc/supervisor/conf.d/homebox.conf <<EOF
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+
+[program:homebox]
+command=/app/code/homebox
+directory=/app/code
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+user=cloudron
+autostart=true
+autorestart=true
+priority=10
+
+[program:nginx]
+command=nginx -c /app/data/nginx.conf
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autostart=true
+autorestart=true
+priority=20
+EOF
+
+# Start supervisor
+exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

Cloudron/homebox.knownelement.com/homebox-info.md

@@ -0,0 +1,3 @@
+# Homebox
+
+- https://projects.knownelement.com/issues/233

Cloudron/homechart.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,40 @@
+{
+  "id": "app.homechart.cloudron",
+  "title": "HomeChart",
+  "author": "HomeChart Package Maintainer",
+  "description": "Your all-in-one household management platform. Organize calendars, budgets, shopping lists, and more in one place. Enjoy features like shared calendars, meal planning, task management, and multilingual support. Secure, private, and ad-free.",
+  "tagline": "Your Family's Mission Control",
+  "version": "1.0.0",
+  "upstreamVersion": "2024.09.0",
+  "healthCheckPath": "/",
+  "httpPort": 3000,
+  "memoryLimit": 512,
+  "addons": {
+    "localstorage": {},
+    "postgresql": {
+      "version": "16"
+    }
+  },
+  "tags": [
+    "household",
+    "family",
+    "organization",
+    "calendar",
+    "budget",
+    "tasks"
+  ],
+  "postInstallMessage": "HomeChart has been installed successfully! You can now access your family's mission control panel.\n\nThe default administrator credentials are:\nUsername: admin@example.com\nPassword: changeme\n\nPlease login and change these credentials immediately.",
+  "manifestVersion": 2,
+  "website": "https://homechart.app/",
+  "contactEmail": "support@example.com",
+  "icon": "file://logo.png",
+  "minBoxVersion": "5.4.0",
+  "forumUrl": "https://forum.cloudron.io/",
+  "documentationUrl": "https://homechart.app/docs/",
+  "changelog": "Initial Cloudron package for HomeChart",
+  "configurePath": "/settings",
+  "oauth": {
+    "loginRedirectUri": "/oidc",
+    "scope": "openid email profile"
+  }
+}

Cloudron/homechart.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,45 @@
+FROM cloudron/base:4.2.0
+
+# Install required dependencies
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    ca-certificates \
+    curl \
+    supervisor \
+    nginx \
+    tzdata \
+    gosu && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Create the application directory structure
+RUN mkdir -p /app/code /app/data /run/nginx
+
+# Create homechart data directories structure
+RUN mkdir -p /tmp/data
+
+# Download the latest HomeChart release
+RUN curl -L -o /app/code/homechart.tar.gz https://github.com/candiddev/homechart/releases/latest/download/homechart_linux_amd64.tar.gz && \
+    tar -xzf /app/code/homechart.tar.gz -C /app/code && \
+    rm /app/code/homechart.tar.gz && \
+    mv /app/code/homechart_linux_amd64 /app/code/homechart && \
+    chmod +x /app/code/homechart
+
+# Add NGINX configuration
+COPY nginx.conf /etc/nginx/sites-enabled/homechart.conf
+RUN rm -f /etc/nginx/sites-enabled/default
+
+# Add Supervisor configuration
+COPY supervisor.conf /etc/supervisor/conf.d/homechart.conf
+
+# Add the startup script
+COPY start.sh /app/code/
+RUN chmod +x /app/code/start.sh
+
+# Set permissions
+RUN chown -R cloudron:cloudron /app/code /app/data /run/nginx
+
+# Expose the port (should match the httpPort in the CloudronManifest.json)
+EXPOSE 3000
+
+CMD ["/app/code/start.sh"]

Cloudron/homechart.knownelement.com/CloudronPackage/HomeChart-BuildNotes.md

@@ -0,0 +1,107 @@
+# HomeChart Cloudron Package - Build Notes
+
+This document provides instructions for building, testing, and deploying the HomeChart Cloudron package.
+
+## Prerequisites
+
+1. A running Cloudron instance
+2. Docker installed on your local machine
+3. Cloudron CLI tool installed (`npm install -g cloudron`)
+4. Git for cloning the repository
+
+## Files Overview
+
+- **CloudronManifest.json**: Contains metadata and configuration for the Cloudron app
+- **Dockerfile**: Defines how to build the Docker image for HomeChart
+- **start.sh**: Startup script that handles initialization and configuration
+- **nginx.conf**: NGINX configuration for proxying requests
+- **supervisor.conf**: Supervisor configuration for process management
+
+## Building and Deploying
+
+### Step 1: Clone the repository
+
+```bash
+git clone https://github.com/yourusername/homechart-cloudron.git
+cd homechart-cloudron
+```
+
+### Step 2: Build the Docker image
+
+```bash
+# Login to Docker Hub if not already logged in
+docker login
+
+# Build the image
+cloudron build
+```
+
+When prompted, enter a repository name in the format `username/homechart` where `username` is your Docker Hub username.
+
+### Step 3: Install on your Cloudron
+
+```bash
+# Install the app
+cloudron install —image username/homechart:latest
+```
+
+You’ll be prompted to select a subdomain for the app.
+
+### Step 4: Configure the app
+
+After installation, you’ll need to:
+
+1. Log in using the default credentials provided in the post-install message
+2. Change the default administrator password
+3. Set up your household and invite family members
+
+## Updating the App
+
+To update the app after making changes:
+
+```bash
+# Rebuild the Docker image
+cloudron build
+
+# Update the installed app
+cloudron update —app homechart
+```
+
+## Authentication
+
+HomeChart is configured to use Cloudron’s OIDC provider for authentication. Users from your Cloudron instance can log in to HomeChart using their Cloudron credentials.
+
+## Data Persistence
+
+All HomeChart data is stored in:
+- PostgreSQL database (managed by Cloudron)
+- `/app/data` directory (backed up by Cloudron)
+
+## Troubleshooting
+
+### View logs
+
+```bash
+cloudron logs -f —app homechart
+```
+
+### Database access
+
+To access the PostgreSQL database directly:
+
+```bash
+cloudron exec —app homechart
+psql -U “$CLOUDRON_POSTGRESQL_USERNAME” -h “$CLOUDRON_POSTGRESQL_HOST” “$CLOUDRON_POSTGRESQL_DATABASE”
+```
+
+### Common Issues
+
+- **OIDC configuration issues**: Ensure the Cloudron environment variables are correctly passed to the app
+- **Database connection errors**: Check PostgreSQL connection details in the app config
+- **Memory limits**: If the app crashes due to memory issues, increase the memory limit in the CloudronManifest.json
+
+## Resources
+
+- [HomeChart Documentation](https://homechart.app/docs/)
+- [Cloudron Documentation](https://docs.cloudron.io/)
+- [HomeChart GitHub Repository](https://github.com/candiddev/homechart)

Cloudron/homechart.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,42 @@
+server {
+    listen 3000;
+    server_name localhost;
+
+    # Add proper headers for running behind Cloudron's proxy
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    client_max_body_size 100M;
+
+    # Custom Cloudron error pages
+    error_page 403 /error/403.html;
+    error_page 404 /error/404.html;
+    error_page 50x /error/50x.html;
+    location ^~ /error/ {
+        alias /app/code/public/error/;
+        internal;
+    }
+
+    # Use Cloudron's runtime directory for nginx (read-only filesystem)
+    client_body_temp_path /run/nginx/body;
+    proxy_temp_path /run/nginx/proxy;
+    fastcgi_temp_path /run/nginx/fastcgi;
+    uwsgi_temp_path /run/nginx/uwsgi;
+    scgi_temp_path /run/nginx/scgi;
+
+    location / {
+        proxy_pass http://127.0.0.1:8000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 86400;
+    }
+
+    # Needed for Cloudron's health checks
+    location = /healthcheck {
+        access_log off;
+        return 200;
+    }
+}

Cloudron/homechart.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+set -e
+
+# Create required runtime directories
+mkdir -p /run/nginx/body /run/nginx/proxy /run/nginx/fastcgi /run/nginx/uwsgi /run/nginx/scgi
+chown -R cloudron:cloudron /run/nginx
+
+# Initialize data directory if not existing
+if [ ! -d "/app/data/config" ]; then
+    mkdir -p /app/data/config
+    chown -R cloudron:cloudron /app/data
+fi
+
+# Configuration
+CONFIG_FILE="/app/data/config/homechart.json"
+if [ ! -f "$CONFIG_FILE" ]; then
+    echo "Creating initial configuration file..."
+    cat > "$CONFIG_FILE" <<EOL
+{
+  "app": {
+    "baseURL": "${CLOUDRON_APP_ORIGIN}",
+    "proxyAddr": "127.0.0.1, 172.18.0.1"
+  },
+  "postgresql": {
+    "hostname": "${CLOUDRON_POSTGRESQL_HOST}",
+    "username": "${CLOUDRON_POSTGRESQL_USERNAME}",
+    "password": "${CLOUDRON_POSTGRESQL_PASSWORD}",
+    "database": "${CLOUDRON_POSTGRESQL_DATABASE}"
+  },
+  "oidc": {
+    "cloudron": {
+      "clientID": "${CLOUDRON_OIDC_CLIENT_ID}",
+      "clientSecret": "${CLOUDRON_OIDC_CLIENT_SECRET}",
+      "displayName": "Cloudron",
+      "oidcIssuerURL": "${CLOUDRON_OIDC_ISSUER}"
+    }
+  },
+  "logging": {
+    "level": "info"
+  }
+}
+EOL
+    chown cloudron:cloudron "$CONFIG_FILE"
+fi
+
+# Link HomeChart configuration
+export HOMECHART_CONFIG_FILE="$CONFIG_FILE"
+
+# Set the port for HomeChart to run on (internal port)
+export HOMECHART_APP_PORT=8000
+
+# Start supervisor which manages nginx and homechart
+exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf

Cloudron/homechart.knownelement.com/CloudronPackage/supervisord.conf

@@ -0,0 +1,28 @@
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+pidfile=/var/run/supervisord.pid
+
+[program:nginx]
+priority=10
+command=nginx -g "daemon off;"
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+
+[program:homechart]
+priority=20
+directory=/app/code
+command=/app/code/homechart
+user=cloudron
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+environment=HOME="/app/data"

Cloudron/homechart.knownelement.com/homechart-info.md

@@ -0,0 +1,3 @@
+# Homechart
+
+- https://projects.knownelement.com/issues/284

Cloudron/huginn.knownelement.com/huginn-info.md

@@ -0,0 +1,3 @@
+# Huginn
+
+- https://projects.knownelement.com/issues/194

Cloudron/inventree.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,24 @@
+{
+  "id": "org.inventree.cloudronapp",
+  "title": "InvenTree",
+  "author": "Your Name",
+  "description": "InvenTree is an open-source inventory management system which provides intuitive parts management and stock control.",
+  "tagline": "Open Source Inventory Management System",
+  "version": "1.0.0",
+  "healthCheckPath": "/",
+  "httpPort": 8000,
+  "manifestVersion": 2,
+  "website": "https://inventree.org",
+  "contactEmail": "your.email@example.com",
+  "icon": "logo.png",
+  "documentationUrl": "https://docs.inventree.org",
+  "memoryLimit": 1024000000,
+  "configurePath": "/admin",
+  "minBoxVersion": "7.0.0",
+  "changelog": "Initial version",
+  "addons": {
+    "localstorage": {},
+    "postgresql": {}
+  },
+  "postInstallMessage": "InvenTree has been installed. The default admin credentials are:\n\nUsername: admin\nPassword: admin\n\nPlease change the admin password after your first login."
+}

Cloudron/inventree.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,74 @@
+FROM cloudron/base:4.2.0
+
+# Set environment variables
+ENV PYTHONUNBUFFERED=1 \
+    DEBIAN_FRONTEND=noninteractive \
+    INVENTREE_HOME=/app/data \
+    INVENTREE_MEDIA_ROOT=/app/data/media \
+    INVENTREE_STATIC_ROOT=/app/data/static \
+    INVENTREE_SECRET_KEY_FILE=/app/data/secret_key.txt \
+    INVENTREE_PLUGINS_ENABLED=true \
+    INVENTREE_PLUGINS_DIR=/app/data/plugins \
+    INVENTREE_ADMIN_USER=admin \
+    INVENTREE_ADMIN_PASSWORD=admin \
+    INVENTREE_ADMIN_EMAIL=admin@example.com
+
+# Install required packages
+RUN apt-get update && apt-get install -y \
+    python3 \
+    python3-pip \
+    python3-dev \
+    python3-venv \
+    build-essential \
+    libpq-dev \
+    git \
+    nginx \
+    supervisor \
+    && rm -rf /var/lib/apt/lists/*
+
+# Setup nginx for Cloudron
+RUN rm /etc/nginx/sites-enabled/* \
+    && sed -e 's,^ErrorLog.*,ErrorLog "/dev/stderr",' -i /etc/nginx/nginx.conf \
+    && echo "daemon off;" >> /etc/nginx/nginx.conf
+
+# Create InvenTree directories
+RUN mkdir -p /app/code \
+    && mkdir -p /tmp/data/media \
+    && mkdir -p /tmp/data/static \
+    && mkdir -p /tmp/data/plugins \
+    && mkdir -p /tmp/data/env \
+    && mkdir -p /tmp/data/config
+
+# Create Python virtual environment
+RUN python3 -m venv /app/code/env
+
+# Clone InvenTree source code
+RUN git clone --depth 1 https://github.com/inventree/InvenTree.git /app/code/inventree
+
+# Install InvenTree requirements
+WORKDIR /app/code/inventree
+RUN /app/code/env/bin/pip install --upgrade pip \
+    && /app/code/env/bin/pip install wheel \
+    && /app/code/env/bin/pip install --no-cache-dir -r requirements.txt \
+    && /app/code/env/bin/pip install psycopg2 gunicorn
+
+# Create default configuration files
+COPY config.yaml /tmp/data/config/config.yaml
+COPY nginx.conf /etc/nginx/sites-available/inventree
+RUN ln -s /etc/nginx/sites-available/inventree /etc/nginx/sites-enabled/
+
+# Copy supervisor configuration
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+# Add startup script
+COPY start.sh /app/code/start.sh
+RUN chmod +x /app/code/start.sh
+
+# Setup NGINX runtime directory
+RUN mkdir -p /run/nginx \
+    && chown -R cloudron:cloudron /run/nginx
+
+# Expose port
+EXPOSE 8000
+
+CMD ["/app/code/start.sh"]

Cloudron/inventree.knownelement.com/CloudronPackage/InventreeBuildNotes.txt

@@ -0,0 +1,74 @@
+# InvenTree Cloudron Build Notes
+
+## Package Contents
+- CloudronManifest.json - App metadata and resource configuration
+- Dockerfile - Container build instructions
+- start.sh - App initialization and startup script
+- config.yaml - InvenTree configuration template
+- nginx.conf - Web server configuration
+- supervisord.conf - Process management configuration
+
+## Build & Deploy Steps
+
+### 1. Prepare Local Directory
+```bash
+mkdir -p inventree-cloudron
+cd inventree-cloudron
+# Copy all files into this directory
+```
+
+### 2. Build & Push to Gitea Registry
+```bash
+# Login to your Gitea Docker registry
+docker login gitea.yourdomain.com
+
+# Build the Docker image
+docker build -t gitea.yourdomain.com/yourusername/inventree:1.0.0 .
+
+# Push the image to your registry
+docker push gitea.yourdomain.com/yourusername/inventree:1.0.0
+```
+
+### 3. Install on Cloudron
+```bash
+# Login to your Cloudron
+cloudron login my.cloudron.example
+
+# Install the app
+cloudron install --image gitea.yourdomain.com/yourusername/inventree:1.0.0
+```
+
+### 4. Update Process
+```bash
+# Build with new version tag
+docker build -t gitea.yourdomain.com/yourusername/inventree:1.0.1 .
+docker push gitea.yourdomain.com/yourusername/inventree:1.0.1
+
+# Update existing installation
+cloudron update --app inventree.my.cloudron.example --image gitea.yourdomain.com/yourusername/inventree:1.0.1
+```
+
+## Troubleshooting
+
+### Database Issues
+If database migrations fail:
+```bash
+cloudron exec --app inventree.my.cloudron.example -- /app/code/env/bin/python /app/code/inventree/manage.py migrate
+```
+
+### Inspect Logs
+```bash
+cloudron logs --app inventree.my.cloudron.example
+```
+
+### Debug Mode
+```bash
+cloudron debug --app inventree.my.cloudron.example
+```
+
+## Initial Access
+After installation, access InvenTree at your configured domain with:
+- Username: admin
+- Password: admin
+
+**Important**: Change this password immediately after first login!

Cloudron/inventree.knownelement.com/CloudronPackage/config.yaml

@@ -0,0 +1,49 @@
+# InvenTree configuration file for Cloudron
+# Refer to InvenTree documentation for detailed configuration options
+
+# Database connection settings will be provided via environment variables
+
+# General settings
+debug: False
+log_level: WARNING
+
+# Secret key will be stored in a file
+secret_key_file: /app/data/secret_key.txt
+
+# Plugin settings
+plugins:
+  enabled: True
+  plugin_dir: /app/data/plugins
+
+# File storage locations
+media_root: /app/data/media
+static_root: /app/data/static
+
+# Email settings - adjust with your Cloudron email settings if needed
+email:
+  host: localhost
+  port: 25
+  tls: false
+  ssl: false
+  sender: inventree@localhost
+
+# Login settings
+login:
+  default_protocol: https
+  allow_unverified_signup: False
+  allow_signup: True
+  signup_email_verification: False
+  login_confirm_days: 3
+  password_reset_timeout_days: 3
+
+# Display settings
+customization:
+  instance_name: InvenTree
+  default_currency: USD
+  base_url: ""  # Will be set by environment variable in start.sh
+
+# Server settings
+server:
+  workers: 2
+  allowed_hosts:
+    - '*'  # Cloudron handles this

Cloudron/inventree.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,35 @@
+server {
+    listen 8000;  # This should match the httpPort in CloudronManifest.json
+    
+    client_max_body_size 100M;
+    
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    # Serve static files
+    location /static/ {
+        alias /app/data/static/;
+        expires 30d;
+        add_header Pragma public;
+        add_header Cache-Control "public";
+    }
+
+    # Serve media files
+    location /media/ {
+        alias /app/data/media/;
+        expires 30d;
+        add_header Pragma public;
+        add_header Cache-Control "public";
+    }
+
+    # Proxy requests to gunicorn
+    location / {
+        proxy_pass http://127.0.0.1:8001;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_redirect off;
+        proxy_buffering off;
+    }
+}

Cloudron/inventree.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,72 @@
+#!/bin/bash
+set -e
+
+# PostgreSQL configuration from Cloudron environment variables
+if [ -n "${CLOUDRON_POSTGRESQL_HOST}" ]; then
+    export INVENTREE_DB_ENGINE="postgresql"
+    export INVENTREE_DB_NAME="${CLOUDRON_POSTGRESQL_DATABASE}"
+    export INVENTREE_DB_USER="${CLOUDRON_POSTGRESQL_USERNAME}"
+    export INVENTREE_DB_PASSWORD="${CLOUDRON_POSTGRESQL_PASSWORD}"
+    export INVENTREE_DB_HOST="${CLOUDRON_POSTGRESQL_HOST}"
+    export INVENTREE_DB_PORT="${CLOUDRON_POSTGRESQL_PORT}"
+else
+    echo "PostgreSQL addon not configured!"
+    exit 1
+fi
+
+# Ensure data directories exist
+if [ ! -d "${INVENTREE_HOME}/media" ]; then
+    echo "Creating media directory..."
+    mkdir -p "${INVENTREE_HOME}/media"
+    cp -rn /tmp/data/media/* "${INVENTREE_HOME}/media/" || true
+fi
+
+if [ ! -d "${INVENTREE_HOME}/static" ]; then
+    echo "Creating static directory..."
+    mkdir -p "${INVENTREE_HOME}/static"
+    cp -rn /tmp/data/static/* "${INVENTREE_HOME}/static/" || true
+fi
+
+if [ ! -d "${INVENTREE_HOME}/plugins" ]; then
+    echo "Creating plugins directory..."
+    mkdir -p "${INVENTREE_HOME}/plugins"
+    cp -rn /tmp/data/plugins/* "${INVENTREE_HOME}/plugins/" || true
+fi
+
+if [ ! -d "${INVENTREE_HOME}/config" ]; then
+    echo "Creating config directory..."
+    mkdir -p "${INVENTREE_HOME}/config"
+    cp -rn /tmp/data/config/* "${INVENTREE_HOME}/config/" || true
+fi
+
+# Generate secret key if it doesn't exist
+if [ ! -f "${INVENTREE_SECRET_KEY_FILE}" ]; then
+    echo "Generating secret key..."
+    python3 -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())" > "${INVENTREE_SECRET_KEY_FILE}"
+fi
+
+cd /app/code/inventree
+
+# Set InvenTree base URL (from Cloudron environment)
+export INVENTREE_BASE_URL="https://${CLOUDRON_APP_DOMAIN}"
+
+# Apply database migrations and collect static files
+echo "Applying database migrations..."
+/app/code/env/bin/python manage.py migrate --noinput
+
+echo "Collecting static files..."
+/app/code/env/bin/python manage.py collectstatic --noinput
+
+# Create superuser if not exists
+echo "Checking for superuser..."
+DJANGO_SUPERUSER_PASSWORD="${INVENTREE_ADMIN_PASSWORD}" \
+/app/code/env/bin/python manage.py createsuperuser --noinput \
+    --username "${INVENTREE_ADMIN_USER}" \
+    --email "${INVENTREE_ADMIN_EMAIL}" || true
+
+# Set proper permissions
+chown -R cloudron:cloudron "${INVENTREE_HOME}"
+
+# Start supervisor to manage processes
+echo "Starting supervisor..."
+exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf

Cloudron/inventree.knownelement.com/CloudronPackage/supervisord.conf

@@ -0,0 +1,26 @@
+[supervisord]
+nodaemon=true
+user=root
+logfile=/dev/stdout
+logfile_maxbytes=0
+
+[program:gunicorn]
+command=/app/code/env/bin/gunicorn InvenTree.wsgi --bind 127.0.0.1:8001 --workers 2 --timeout 60 --preload --forwarded-allow-ips='*'
+directory=/app/code/inventree
+user=cloudron
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+environment=PYTHONUNBUFFERED=1,INVENTREE_CONFIG_FILE=/app/data/config/config.yaml
+
+[program:nginx]
+command=/usr/sbin/nginx
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0

Cloudron/inventree.knownelement.com/inventree-info.md

@@ -0,0 +1,3 @@
+# Inventree
+
+- https://projects.knownelement.com/issues/173

Cloudron/it-fleet.knownelement.com/it-fleet-info.md

@@ -0,0 +1,3 @@
+# IT-fleet
+
+- https://projects.knownelement.com/issues/195

Cloudron/jamovi.knownelement.com/jamovi-info.md

@@ -0,0 +1,3 @@
+# Jamovi
+
+- https://projects.knownelement.com/issues/196

Cloudron/jenkins.knownelement.com/CloudronPackage/CloudronManifest.json

@@ -0,0 +1,40 @@
+{
+  "id": "io.jenkins.cloudron",
+  "title": "Jenkins",
+  "author": "Cloudron Packager",
+  "description": "Jenkins is an open source automation server which enables developers to reliably build, test, and deploy their software.",
+  "tagline": "The leading open source automation server",
+  "version": "1.0.0",
+  "healthCheckPath": "/login",
+  "httpPort": 8080,
+  "manifestVersion": 2,
+  "website": "https://jenkins.io/",
+  "contactEmail": "support@cloudron.io",
+  "icon": "file://logo.png",
+  "dockerImage": "cloudron/jenkins",
+  "memoryLimit": 2048000000,
+  "addons": {
+    "localstorage": {
+      "title": "Jenkins Data"
+    }
+  },
+  "optionalAddons": {
+    "ldap": {
+      "title": "LDAP Integration",
+      "description": "Allow users to login with LDAP credentials"
+    },
+    "oauth": {
+      "title": "OAuth Integration", 
+      "description": "Allow users to login with Cloudron credentials"
+    }
+  },
+  "tags": [
+    "ci",
+    "cd",
+    "devops",
+    "automation"
+  ],
+  "postInstallMessage": "Jenkins is now installed. The initial admin password is shown in the logs. You can view it by running 'cloudron logs -f'. The password is displayed after 'Jenkins initial setup is required.' in the logs.",
+  "minBoxVersion": "5.4.0",
+  "documentationUrl": "https://jenkins.io/doc/"
+}

Cloudron/jenkins.knownelement.com/CloudronPackage/Dockerfile

@@ -0,0 +1,49 @@
+FROM cloudron/base:4.2.0
+
+# Add Jenkins repository key and repository
+RUN apt-get update && \
+    apt-get install -y gnupg curl software-properties-common && \
+    curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | gpg --dearmor -o /usr/share/keyrings/jenkins-keyring.gpg && \
+    echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.gpg] https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list
+
+# Install Jenkins and required dependencies
+RUN apt-get update && \
+    apt-get install -y openjdk-17-jdk jenkins fontconfig && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Install required plugins for Cloudron integration
+RUN mkdir -p /tmp/data/plugins && \
+    cd /tmp/data/plugins && \
+    curl -L -o ldap.hpi https://updates.jenkins.io/latest/ldap.hpi && \
+    curl -L -o oic-auth.hpi https://updates.jenkins.io/latest/oic-auth.hpi && \
+    curl -L -o configuration-as-code.hpi https://updates.jenkins.io/latest/configuration-as-code.hpi && \
+    curl -L -o credentials.hpi https://updates.jenkins.io/latest/credentials.hpi && \
+    chmod 644 *.hpi
+
+# Create template for casc.yaml
+RUN mkdir -p /tmp/data/casc_configs
+COPY casc_templates/ /tmp/data/casc_configs/
+
+# Set up directory structure for Cloudron
+RUN mkdir -p /app/data && \
+    mkdir -p /tmp/data/jenkins_home 
+
+# Copy startup script
+COPY start.sh /app/code/
+RUN chmod +x /app/code/start.sh
+
+# Copy NGINX configuration
+COPY nginx.conf /app/code/
+
+# Copy supervisor configuration
+COPY supervisor.conf /etc/supervisor/conf.d/
+
+# Use the cloudron user for Jenkins
+RUN usermod -a -G jenkins cloudron && \
+    chown -R cloudron:cloudron /tmp/data
+
+WORKDIR /app/data
+
+# Entry point
+CMD ["/app/code/start.sh"]

Cloudron/jenkins.knownelement.com/CloudronPackage/JenkinsBulldNotes.md

@@ -0,0 +1,97 @@
+# Jenkins for Cloudron - Build Notes
+
+This document provides instructions for building, testing, and deploying the Jenkins package to Cloudron.
+
+## Prerequisites
+
+- Cloudron server (version 5.4.0 or higher)
+- Docker installed on your build machine
+- Cloudron CLI tool installed (`npm install -g cloudron`)
+
+## File Structure
+
+```
+jenkins-cloudron/
+├── CloudronManifest.json     # Package definition
+├── Dockerfile                # Docker image build instructions
+├── start.sh                  # Initialization script
+├── nginx.conf                # NGINX configuration
+├── supervisor.conf           # Supervisor configuration for process management
+├── logo.png                  # App icon (128x128 PNG)
+├── casc_templates/           # Jenkins Configuration as Code templates
+│   ├── default.yaml          # Default authentication config
+│   ├── ldap.yaml             # LDAP authentication config
+│   └── oauth.yaml            # OAuth/OIDC authentication config
+```
+
+## Building the Package
+
+1. Create a directory for your package and place all files in the appropriate structure.
+
+2. Download a Jenkins logo (128x128 PNG) and save it as `logo.png`
+
+3. Build the Docker image:
+   ```bash
+   cloudron build
+   ```
+
+4. Test the package locally:
+   ```bash
+   cloudron install —image cloudron/jenkins
+   ```
+
+## Authentication Configuration
+
+The package supports three authentication methods:
+
+1. **Default (Local)**: Uses Jenkins’ built-in user database
+2. **LDAP**: Uses Cloudron’s LDAP server for authentication
+3. **OAuth/OIDC**: Uses Cloudron’s OAuth service for single sign-on
+
+The authentication method is automatically configured based on the presence of environment variables provided by Cloudron.
+
+## Testing
+
+After installation, test the following:
+
+1. **Basic functionality**:
+   - Access Jenkins through your Cloudron dashboard
+   - Verify the initial admin password works
+   - Create a simple pipeline job
+
+2. **Authentication**:
+   - Test LDAP integration by enabling the LDAP addon
+   - Test OAuth/OIDC integration by enabling the OAuth addon
+   - Verify user permissions are correctly applied
+
+3. **Persistence**:
+   - Install plugins through the Jenkins UI
+   - Restart the app to verify plugins persist
+   - Check that job configurations are maintained
+
+## Troubleshooting
+
+- **Jenkins doesn’t start**: Check logs using `cloudron logs -f`
+- **Authentication issues**: Verify the correct addons are enabled and configuration is applied
+- **Permission problems**: Check the ownership and permissions of files in `/app/data`
+
+## Updating Jenkins
+
+When a new version of Jenkins is released, update the Dockerfile to pull the latest version and rebuild the package.
+
+## Additional Notes
+
+- The package uses Jenkins Configuration as Code (JCasC) to automate the setup process
+- Jenkins runs as the `cloudron` user for proper permissions
+- Files in `/app/data/jenkins_home` are persisted across restarts and updates
+- Initial admin password is set to ‘adminpass’ for local authentication
+
+## Deployment to Cloudron App Store
+
+If you wish to publish your app to the Cloudron App Store:
+
+1. Update the CloudronManifest.json with your details
+2. Test thoroughly on your own Cloudron instance
+3. Follow the Cloudron App Publishing guidelines
+
+Happy CI/CD with Jenkins on Cloudron!

Cloudron/jenkins.knownelement.com/CloudronPackage/casc_templates/default.yaml

@@ -0,0 +1,26 @@
+jenkins:
+  systemMessage: "Jenkins configured with local authentication"
+  securityRealm:
+    local:
+      allowsSignup: false
+      enableCaptcha: false
+      users:
+        - id: "admin"
+          password: "adminpass"
+          
+  authorizationStrategy:
+    globalMatrix:
+      permissions:
+        - "Overall/Administer:admin"
+        - "Overall/Read:authenticated"
+        - "Job/Read:authenticated"
+        - "Job/Build:authenticated"
+        - "Job/Create:authenticated"
+        - "Job/Configure:authenticated"
+        - "View/Read:authenticated"
+        - "View/Create:authenticated"
+        - "View/Configure:authenticated"
+
+unclassified:
+  location:
+    url: "${JENKINS_URL}"

Cloudron/jenkins.knownelement.com/CloudronPackage/casc_templates/ldap.yaml

@@ -0,0 +1,32 @@
+jenkins:
+  systemMessage: "Jenkins configured with Cloudron LDAP authentication"
+  securityRealm:
+    ldap:
+      configurations:
+        - server: "${CLOUDRON_LDAP_SERVER}"
+          rootDN: "${CLOUDRON_LDAP_USERS_BASE_DN}"
+          managerDN: "${CLOUDRON_LDAP_BIND_DN}"
+          managerPasswordSecret: "${CLOUDRON_LDAP_BIND_PASSWORD}"
+          userSearchBase: ""
+          userSearch: "uid={0}"
+          groupSearchBase: "${CLOUDRON_LDAP_GROUPS_BASE_DN}"
+          groupSearchFilter: "memberUid={0}"
+          displayNameAttributeName: "displayName"
+          mailAddressAttributeName: "mail"
+          
+  authorizationStrategy:
+    globalMatrix:
+      permissions:
+        - "Overall/Administer:admin"
+        - "Overall/Read:authenticated"
+        - "Job/Read:authenticated"
+        - "Job/Build:authenticated"
+        - "Job/Create:authenticated"
+        - "Job/Configure:authenticated"
+        - "View/Read:authenticated"
+        - "View/Create:authenticated"
+        - "View/Configure:authenticated"
+
+unclassified:
+  location:
+    url: "${JENKINS_URL}"

Cloudron/jenkins.knownelement.com/CloudronPackage/casc_templates/oauth.yaml

@@ -0,0 +1,35 @@
+jenkins:
+  systemMessage: "Jenkins configured with Cloudron OpenID Connect authentication"
+  securityRealm:
+    oic:
+      clientId: "${CLOUDRON_OAUTH_CLIENT_ID}"
+      clientSecret: "${CLOUDRON_OAUTH_CLIENT_SECRET}"
+      wellKnownOpenIDConfigurationUrl: "${CLOUDRON_OAUTH_ORIGIN}/.well-known/openid-configuration"
+      userNameField: "preferred_username"
+      tokenAuthMethod: "client_secret_basic"
+      scopes: "openid email profile groups"
+      fullNameFieldName: "name"
+      emailFieldName: "email"
+      groupsFieldName: "groups"
+      pkceEnabled: true
+      escapeHatchEnabled: true
+      escapeHatchUsername: "admin"
+      escapeHatchSecret: "adminpass"
+      escapeHatchGroup: "admin"
+  
+  authorizationStrategy:
+    globalMatrix:
+      permissions:
+        - "Overall/Administer:admin"
+        - "Overall/Read:authenticated"
+        - "Job/Read:authenticated"
+        - "Job/Build:authenticated"
+        - "Job/Create:authenticated"
+        - "Job/Configure:authenticated"
+        - "View/Read:authenticated"
+        - "View/Create:authenticated"
+        - "View/Configure:authenticated"
+
+unclassified:
+  location:
+    url: "${JENKINS_URL}"

Cloudron/jenkins.knownelement.com/CloudronPackage/nginx.conf

@@ -0,0 +1,55 @@
+worker_processes 1;
+error_log stderr;
+pid /run/nginx.pid;
+daemon off;
+
+events {
+    worker_connections 768;
+}
+
+http {
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    # Disable access logs to stdout - Cloudron handles these
+    access_log off;
+
+    server {
+        listen 8000;
+        
+        client_max_body_size 50M;
+        
+        location / {
+            proxy_pass http://127.0.0.1:8080;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            
+            # Required for Jenkins websocket connections
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            
+            proxy_read_timeout 90;
+            proxy_redirect http://127.0.0.1:8080 $scheme://$host;
+            
+            # Fix potential security issues
+            proxy_cookie_path / "/; HTTPOnly; Secure";
+        }
+        
+        # Special config for OIDC callback
+        location /securityRealm/finishLogin {
+            proxy_pass http://127.0.0.1:8080;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}

Cloudron/jenkins.knownelement.com/CloudronPackage/start.sh

@@ -0,0 +1,50 @@
+#!/bin/bash
+set -e
+
+# Jenkins home directory
+JENKINS_HOME=/app/data/jenkins_home
+
+# Create necessary directories if they don't exist
+if [[ ! -d "${JENKINS_HOME}" ]]; then
+    echo "Initializing Jenkins home directory"
+    mkdir -p "${JENKINS_HOME}"
+    cp -r /tmp/data/jenkins_home/* "${JENKINS_HOME}/" || true
+    # Copy plugins
+    mkdir -p "${JENKINS_HOME}/plugins"
+    cp -r /tmp/data/plugins/* "${JENKINS_HOME}/plugins/" || true
+    # Create directory for JCasC
+    mkdir -p "${JENKINS_HOME}/casc_configs"
+fi
+
+# Apply proper permissions
+chown -R cloudron:cloudron "${JENKINS_HOME}"
+
+# Set up Jenkins environment variables
+export JENKINS_HOME
+export JENKINS_OPTS="--httpPort=8080"
+
+# Disable setup wizard
+export JAVA_OPTS="-Djenkins.install.runSetupWizard=false"
+
+# Setup JCasC configuration based on environment
+if [[ -n "${CLOUDRON_OAUTH_CLIENT_ID}" ]]; then
+    echo "Setting up OAuth authentication"
+    envsubst < /tmp/data/casc_configs/oauth.yaml > "${JENKINS_HOME}/casc_configs/oauth.yaml"
+    export CASC_JENKINS_CONFIG="${JENKINS_HOME}/casc_configs/oauth.yaml"
+elif [[ -n "${CLOUDRON_LDAP_SERVER}" ]]; then
+    echo "Setting up LDAP authentication"
+    envsubst < /tmp/data/casc_configs/ldap.yaml > "${JENKINS_HOME}/casc_configs/ldap.yaml"
+    export CASC_JENKINS_CONFIG="${JENKINS_HOME}/casc_configs/ldap.yaml"
+else
+    echo "Using default authentication"
+    envsubst < /tmp/data/casc_configs/default.yaml > "${JENKINS_HOME}/casc_configs/default.yaml"
+    export CASC_JENKINS_CONFIG="${JENKINS_HOME}/casc_configs/default.yaml"
+fi
+
+# Configure Jenkins URL
+JENKINS_URL="${CLOUDRON_APP_ORIGIN}"
+echo "Setting Jenkins URL to ${JENKINS_URL}"
+export JENKINS_URL
+
+# Start supervisord, which will start NGINX and Jenkins
+exec /usr/bin/supervisord --nodaemon -c /etc/supervisor/supervisord.conf

Cloudron/jenkins.knownelement.com/CloudronPackage/supervisor.conf

@@ -0,0 +1,18 @@
+[program:nginx]
+command=nginx -c /app/code/nginx.conf
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autorestart=true
+
+[program:jenkins]
+command=java -Djava.awt.headless=true -Djenkins.model.Jenkins.slaveAgentPort=50000 -Dhudson.model.UsageStatistics.disabled=true %(ENV_JAVA_OPTS)s -jar /usr/share/java/jenkins.war --httpPort=8080 --webroot=/var/cache/jenkins/war %(ENV_JENKINS_OPTS)s
+directory=/app/data/jenkins_home
+user=cloudron
+environment=HOME="/app/data/jenkins_home",USER="cloudron"
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+autorestart=true

Cloudron/jenkins.knownelement.com/jenkins-info.md

@@ -0,0 +1,3 @@
+# Jenkins
+
+- https://projects.knownelement.com/issues/234

Cloudron/kicad-ci.knownelement.com/kicad-ci-info.md

@@ -0,0 +1,3 @@
+# Kicad CI
+
+- https://projects.knownelement.com/issues/197

Cloudron/langfuse.knownelement.com/langfuse-info.md

@@ -0,0 +1,3 @@
+# Langfuse
+
+- https://projects.knownelement.com/issues/198

Cloudron/lists.knownelement.com/lists-info.md

@@ -0,0 +1,3 @@
+# Lists
+
+- https://projects.knownelement.com/issues/199

Cloudron/llmops.knownelement.com/llm-ops-info.md

@@ -0,0 +1,3 @@
+# llm-ops
+
+- https://projects.knownelement.com/issues/304

Cloudron/logportal.knownelement.com/logportal-info.md

@@ -0,0 +1,3 @@
+# Graylog
+
+- https://projects.knownelement.com/issues/190

Cloudron/mailpiler.knownelement.com/mailpiler-info.md

@@ -0,0 +1,3 @@
+# Mailpiler
+
+- https://projects.knownelement.com/issues/200

Cloudron/maker.knownelement.com/maker-info.md

@@ -0,0 +1,3 @@
+# Maker
+
+- https://projects.knownelement.com/issues/282

Cloudron/mlops.knownelement.com/mlops-info.md

@@ -0,0 +1,3 @@
+# MLOPS
+
+- https://projects.knownelement.com/issues/305

Cloudron/netbox.knownelement.com/netbox-info.md

@@ -0,0 +1,3 @@
+# Netbox
+
+- https://projects.knownelement.com/issues/201