Manifest
Overview
Every Cloudron Application contains a CloudronManifest.json
that contains
two broad categories of information:
-
Information for installing the app on the Cloudron. This includes fields like httpPort, tcpPorts, udpPorts.
-
Information about displaying the app on the Cloudron App Store. For example, the title, author information, description etc. When developing a custom app (i.e not part of the App Store), these fields are not required.
Here is an example manifest:
{
"id": "com.example.test",
"title": "Example Application",
"author": "Girish Ramakrishnan <girish@cloudron.io>",
"description": "This is an example app",
"tagline": "A great beginning",
"version": "0.0.1",
"healthCheckPath": "/",
"httpPort": 8000,
"addons": {
"localstorage": {}
},
"manifestVersion": 2,
"website": "https://www.example.com",
"contactEmail": "support@clourdon.io",
"icon": "file://icon.png",
"tags": [ "test", "collaboration" ],
"mediaLinks": [ "https://images.rapgenius.com/fd0175ef780e2feefb30055be9f2e022.520x343x1.jpg" ]
}
Fields
addons
Type: object
Required: no
Allowed keys
- ldap
- localstorage
- mongodb
- mysql
- oauth
- postgresql
- proxyauth
- recvmail
- redis
- sendmail
- scheduler
- tls
The addons
object lists all the addons and the addon configuration used by the application.
Example:
"addons": {
"localstorage": {},
"mongodb": {}
}
author
Type: string
Required: no
The author
field contains the name and email of the app developer (or company).
Example:
"author": "Cloudron UG <girish@cloudron.io>"
capabilities
Type: array of strings
Required: no
The capabilities
field can be used to request extra capabilities.
By default, Cloudron apps are unprivileged and cannot perform many operations including changing network configuration, launch docker containers etc.
Currently, the permitted capabilities are:
-
net_admin
- This capability can be used to perform various network related operations like:- Interface configuration
- Administration of IP firewall, masquerading, and accounting
- Modify routing tables
-
mlock
- This prevents memory from being swapped to disk (CAP_IPC_LOCK
). -
ping
- This providesNET_RAW
-
vaapi
- This provides the container access to the VAAPI devices under/dev/dri
. This capability was added in Cloudron 5.6.
Example:
"capabilities": [
"net_admin"
]
changelog
Type: markdown string
Required: no
The changelog
field contains the changes in this version of the application. This string
can be a markdown style bulleted list.
Example:
"changelog": "* Add support for IE8 \n* New logo"
checklist
Type: object
Required: no
Syntax: Each key is a checklist item that contains a message
. An optional sso
flag may be specified.
The checklist
is a list of items to be completed post installation. The items can be individually
tracked - completed or not, by whom and when.
To illustrate, the application lists the checklists below:
"checklist": {
"todo-for-admins": { "message": "Please do this and that after installation" },
"first-user": { "sso": true, "message": "SSO Example: First user becomes admin" },
"change-password": { "sso": false, "message": "NoSSO Example: Change admin password on first use" }
},
In the above example:
-
message
is a markdown string explaining the todo item -
sso
flag can be used to control when the checklist item is applicable depending on the authentication setup.- If
sso
istrue
, the checklist item is shown only when an app is installed with Cloudron authentication. - If
sso
isfalse
, the checklist item is shown only when an app is installed without Cloudron authentication. - If
sso
is missing, the checklist item is shown regardless of Cloudron authentication.
- If
checklist
items can be added or removed over the lifetime of a package. The platform tracks the package version
when a checklist
item was added (based on the key).
configurePath
Type: url path
Required: no
If this field is present, admins will see an additional link for an app in the dashboard. This url path will be prefixed with the app's domain and thus allows to put a direct link to an admin or settings panel in the app. This is useful for apps like WordPress or Ghost, which depending on the theme might not have admin login links visible on the page.
Example:
"configurePath": "/wp-admin/"
contactEmail
Type: email
Required: no
The contactEmail
field contains the email address that Cloudron users can contact for any
bug reports and suggestions.
Example:
"contactEmail": "support@testapp.com"
description
Type: markdown string
Required: no
The description
field contains a detailed description of the app. This information is shown
to the user when they install the app from the Cloudron App Store.
Example:
"description": "This is a detailed description of this app."
A large description
can be unweildy to manage and edit inside the CloudronManifest.json. For
this reason, the description
can also contain a file reference. The Cloudron CLI tool fills up
the description from this file when publishing your application.
Example:
"description:": "file://DESCRIPTION.md"
documentationUrl
Type: url
Required: no
The documentationUrl
field is a URL where the user can read docs about the application.
Example:
"website": "https://example.com/myapp/docs"
forumUrl
Type: url
Required: no
The forumUrl
field is a URL where the user can get forum support for the application.
Example:
"website": "https://example.com/myapp/forum"
healthCheckPath
Type: url path
Required: yes
The healthCheckPath
field is used by the Cloudron Runtime to determine if your app is running and
responsive. The app must return a 2xx HTTP status code as a response when this path is queried. In
most cases, the default "/" will suffice but there might be cases where periodically querying "/"
is an expensive operation. In addition, the app might want to use a specialized route should it
want to perform some specialized internal checks.
Example:
"healthCheckPath": "/"
httpPort
Type: positive integer
Required: yes
The httpPort
field contains the TCP port on which your app is listening for HTTP requests. This
is the HTTP port the Cloudron will use to access your app internally.
While not required, it is good practice to mark this port as EXPOSE
in the Dockerfile.
Cloudron Apps are containerized and thus two applications can listen on the same port. In reality, they are in different network namespaces and do not conflict with each other.
Note that this port has to be HTTP and not HTTPS or any other non-HTTP protocol. HTTPS proxying is handled by the Cloudron platform (since it owns the certificates).
Example:
"httpPort": 8080
httpPorts
Type: object
Required: no
Syntax: Each key is the environment variable. Each value is an object containing title
, description
, containerPort
and defaultValue
.
The httpPorts
field provides information on extra HTTP services that your application provides. During
installation, the user can provide location information for these services.
To illustrate, the application lists the ports as below:
"httpPorts": {
"API_SERVER_DOMAIN": {
"title": "API Server Domain",
"description": "The domain name for MinIO (S3) API requests",
"containerPort": 9000,
"defaultValue": "minio-api"
}
},
In the above example:
-
API_SERVER_DOMAIN
is an app specific environment variable. It is set to the domain chosen by the user. -
title
is a short one line information about this service. -
description
is a multi line description about this service. -
defaultValue
is the recommended subdomain value to be shown in the app installation UI. -
containerPort
is the HTTP port that the app is listening on for this service.
icon
Type: local image filename
Required: no
The icon
field is used to display the application icon/logo in the Cloudron App Store. Icons are expected
to be square of size 256x256.
"icon": "file://icon.png"
id
Type: reverse domain string
Required: no
The id
is a unique human friendly Cloudron App Store id. This is similar to reverse domain string names used
as java package names. The convention is to base the id
based on a domain that you own.
The Cloudron tooling allows you to build applications with any id
. However, you will be unable to publish
the application if the id is already in use by another application.
"id": "io.cloudron.testapp"
logPaths
Type: array of paths
Required: no
The logPaths
field contains an array of paths that contain the logs.
Whenever possible, apps must be configured to stream logs to stdout and stderr. Only use this field when the app or service is unable to do so.
"logPaths": [
"/run/app/app.log",
"/run/app/workhorse.log"
]
manifestVersion
Type: integer
Required: yes
manifestVersion
specifies the version of the manifest and is always set to 2.
"manifestVersion": 2
mediaLinks
Type: array of urls
Required: no
The mediaLinks
field contains an array of links that the Cloudron App Store uses to display a slide show of pictures of the application.
They have to be publicly reachable via https
and should have an aspect ratio of 3 to 1.
For example 600px by 200px
(with/height).
"mediaLinks": [
"https://s3.amazonaws.com/cloudron-app-screenshots/org.owncloud.cloudronapp/556f6a1d82d5e27a7c4fca427ebe6386d373304f/2.jpg",
"https://images.rapgenius.com/fd0175ef780e2feefb30055be9f2e022.520x343x1.jpg"
]
memoryLimit
Type: bytes (integer)
Required: no
The memoryLimit
field is the maximum amount of memory (including swap) in bytes an app is allowed to consume before it
gets killed and restarted.
By default, all apps have a memoryLimit of 256MB. For example, to have a limit of 500MB,
"memoryLimit": 524288000
maxBoxVersion
Type: semver string
Required: no
The maxBoxVersion
field is the maximum box version that the app can possibly run on. Attempting to install the app on
a box greater than maxBoxVersion
will fail.
This is useful when a new box release introduces features which are incompatible with the app. This situation is quite unlikely and it is recommended to leave this unset.
Cloudron updates are blocked, if the Cloudron has an app with a maxBoxVersion
less than the upcoming Cloudron version.
minBoxVersion
Type: semver string
Required: no
The minBoxVersion
field is the minimum box version that the app can possibly run on. Attempting to install the app on
a box lesser than minBoxVersion
will fail.
This is useful when the app relies on features that are only available from a certain version of the box. If unset, the
default value is 0.0.1
.
multiDomain
Type: boolean
Required: no
When set, this app can be assigned additional domains as aliases to the primary domain of the app.
postInstallMessage
Type: markdown string
Required: no
The postInstallMessageField
is a message that is displayed to the user after an app is installed.
The intended use of this field is to display some post installation steps that the user has to carry out to complete the installation. For example, displaying the default admin credentials and informing the user to to change it.
The message can have the following special tags:
* <sso> ... </sso>
- Content in sso
blocks are shown if SSO enabled.
* <nosso> ... </nosso>
- Content in nosso
blocks are shows when SSO is disabled.
optionalSso
Type: boolean
Required: no
The optionalSso
field can be set to true for apps that can be installed optionally without using the Cloudron user management.
This only applies if any Cloudron auth related addons are used. When set, the Cloudron will not inject the auth related addon environment variables. Any app startup scripts have to be able to deal with missing env variables in this case.
runtimeDirs
Type: array of paths
Required: no
The runtimeDirs
field contains an array of paths that are writable at run time.
On startup, the contents of these directories in the docker image are carried over to the container. Please note that these paths are not backed up. Only subdirectories of /app/code
are allowed to be specified.
These directories are also not persisted across updates.
"runtimeDirs": [
"/app/code/node_modules",
"/app/code/public"
]
tagline
Type: one-line string
Required: no
The tagline
is used by the Cloudron App Store to display a single line short description of the application.
"tagline": "The very best note keeper"
tags
Type: Array of strings
Required: no
The tags
are used by the Cloudron App Store for filtering searches by keyword.
"tags": [ "git", "version control", "scm" ]
Available tags: * blog * chat * git * email * sync * gallery * notes * project * hosting * wiki
targetBoxVersion
Type: semver string
Required: no
The targetBoxVersion
field is the box version that the app was tested on. By definition, this version has to be greater
than the minBoxVersion
.
The box uses this value to enable compatibility behavior of APIs. For example, an app sets the targetBoxVersion to 0.0.5 and is published on the store. Later, box version 0.0.10 introduces a new feature that conflicts with how apps used to run in 0.0.5 (say SELinux was enabled for apps). When the box runs such an app, it ensures compatible behavior and will disable the SELinux feature for the app.
If unspecified, this value defaults to minBoxVersion
.
tcpPorts
Type: object
Required: no
Syntax: Each key is the environment variable. Each value is an object containing title
, description
and defaultValue
.
An optional containerPort
may be specified.
The tcpPorts
field provides information on the non-http TCP ports/services that your application is listening on. During
installation, the user can decide how these ports are exposed from their Cloudron.
For example, if the application runs an SSH server at port 29418, this information is listed here. At installation time,
the user can decide any of the following:
* Expose the port with the suggested defaultValue
to the outside world. This will only work if no other app is being exposed at same port.
* Provide an alternate value on which the port is to be exposed to outside world.
* Disable the port/service.
To illustrate, the application lists the ports as below:
"tcpPorts": {
"SSH_PORT": {
"title": "SSH Port",
"description": "SSH Port over which repos can be pushed & pulled",
"defaultValue": 29418,
"containerPort": 22,
"portCount": 1
}
},
In the above example:
-
SSH_PORT
is an app specific environment variable. Only strings, numbers and _ (underscore) are allowed. The author has to ensure that they don't clash with platform provided variable names. -
title
is a short one line information about this port/service. -
description
is a multi line description about this port/service. -
defaultValue
is the recommended port value to be shown in the app installation UI. -
containerPort
is the port that the app is listening on (recall that each app has it's own networking namespace). -
readOnly
flag indicates the port cannot be changed. -
portCount
number of ports to allocate in sequence starting with the set port value.
In more detail:
-
If the user decides to disable the SSH service, this environment variable
SSH_PORT
is absent. Applications must detect this on start up and disable these services. -
SSH_PORT
is set to the value of the exposed port. Should the user choose to expose the SSH server on port 6000, then the value ofSSH_PORT
is 6000. -
defaultValue
is only used for display purposes in the app installation UI. This value is independent of the value that the app is listening on. For example, the app can run an SSH server at port 22 but still recommend a value of 29418 to the user. -
containerPort
is the port that the app is listening on. The Cloudron runtime will bridge the user chosen external port with the app specificcontainerPort
. Cloudron Apps are containerized and each app has it's own networking namespace. As a result, different apps can have the samecontainerPort
value because these values are namespaced. -
The environment variable
SSH_PORT
may be used by the app to display external URLs. For example, the app might want to display the SSH URL. In such a case, it would be incorrect to use thecontainerPort
22 or thedefaultValue
29418 since this is not the value chosen by the user. -
containerPort
is optional. When omitted, the bridged port numbers are the same internally and externally. Some apps use the same variable (in their code) for listen port and user visible display strings. When packaging these apps, it might be simpler to listen onSSH_PORT
internally. In such cases, the app can omit thecontainerPort
value and should instead reconfigure itself to listen internally onSSH_PORT
on each start up. -
portCount
is optional. When omitted, the count defaults to 1 and starts with thedefaultValue
or what the user has configured. The maximum count is 1000 ports. For resource and performance reasons, the number should be as low as possible and cannot overlap with existing ports used by other apps on the system. The port count is exposed as a environment variable with the_COUNT
suffix. For example,SSH_PORT_COUNT
above.
title
Type: string
Required: no
The title
is the primary application title displayed on the Cloudron App Store.
Example:
"title": "Gitlab"
udpPorts
Type: object
Required: no
Syntax: Each key is the environment variable. Each value is an object containing title
, description
and defaultValue
.
An optional containerPort
may be specified.
The udpPorts
field provides information on the non-http TCP ports/services that your application is listening on. During
installation, the user can decide how these ports are exposed from their Cloudron.
For example, if the application runs an SSH server at port 29418, this information is listed here. At installation time,
the user can decide any of the following:
* Expose the port with the suggested defaultValue
to the outside world. This will only work if no other app is being exposed at same port.
* Provide an alternate value on which the port is to be exposed to outside world.
* Disable the port/service.
To illustrate, the application lists the ports as below:
"udpPorts": {
"VPN_PORT": {
"title": "VPN Port",
"description": "Port over which OpenVPN server listens",
"defaultValue": 11194,
"containerPort": 1194,
"portCount": 1
}
},
In the above example:
-
VPN_PORT
is an app specific environment variable. Only strings, numbers and _ (underscore) are allowed. The author has to ensure that they don't clash with platform profided variable names. -
title
is a short one line information about this port/service. -
description
is a multi line description about this port/service. -
defaultValue
is the recommended port value to be shown in the app installation UI. -
containerPort
is the port that the app is listening on (recall that each app has it's own networking namespace). -
readOnly
flag indicates the port cannot be changed. -
portCount
number of ports to allocate in sequence starting with the set port value. When missing, this value defaults to 1.
upstreamVersion
Type: string
Required: no
The upstreamVersion
field specifies the version of the app. This field is only used for display and information purpose.
Example:
"upsteamVersion": "1.0"
version
Type: semver string
Required: yes
The version
field is a semver string that specifies the packages version. The version is used by the Cloudron to compare versions and to determine if an update is available.
Example:
"version": "1.1.0"
website
Type: url
Required: no
The website
field is a URL where the user can read more about the application.
Example:
"website": "https://example.com/myapp"