check redirection and api request

We can now use MINIO_ROOT_USER  and MINIO_ROOT_PASSWORD env vars.
These default to minioadmin. When set, it will change/update the password.
When not set, it keeps the old password from the last run.

CHANGELOG

@@ -874,3 +874,146 @@ Add support for ListObject caching. See (#10814, #10648, #10784, #10844, #10836,
 * Fix redact LDAP password properly (#11762) (03/10/21) (Poorna Krishnamoorthy)
 * add release build-arg to docker multiarch builds (#11752) (03/10/21) (Harshavardhana)
 * Update S2 compression (#11753) (03/10/21) (Klaus Post)
+
+[1.159.8]
+* Update minio to 2021-03-17T02-33-02Z
+* This release fixes a MITM attack in aws-chunked signature v4 encoding
+* browser now supports QR code with presigned URLs.
+* Support DeleteMarker disable setting in replication configuration.
+* s3v4: read and verify S3 signature v4 chunks separately (#11801) (03/16/21) (Andreas Auernhammer)
+* Fix STANDARD defaults, point to new docs site. (#11800) (03/16/21) (Ravind Kumar)
+* erasure pools enable faster checks for file not found (#11799) (03/16/21) (Klaus Post)
+* policy: Add Merge API (#11793) (03/16/21) (Anis Elleuch)
+* fix: erasure index based reading based on actual ParityBlocks (#11792) (03/15/21) (Harshavardhana)
+* s3 select: fix date_diff behavior (#11786) (03/15/21) (Klaus Post)
+* fix: runtime issue on FreeBSD due to missing O_NOATIME/O_DSYNC support (#11790) (03/15/21) (Steve Wills)
+* fix: mips 32bit compilation issue (#11775) (03/15/21) (Harshavardhana)
+* add missing principalId in web notifications (#11777) (03/13/21) (Harshavardhana)
+* Replication: Enforce DeleteMarker disable setting (#11720) (03/13/21) (Poorna Krishnamoorthy)
+* Add consoleAdmin as a default canned policy (#11770) (03/13/21) (Nitish Tiwari)
+* cmd/os-readdir_other.go - return nil with err (#11772) (03/12/21) (Philip Brown)
+* update browser assets for react-qr-code (03/11/21) (Harshavardhana)
+
+[1.159.9]
+* Update minio to 2021-03-26T00-00-41Z
+* do not call LocalStorageInfo on gateways (#11903) (03/25/21) (Harshavardhana)
+* fix: reject duplicate keys in PostPolicyJSON document (#11902) (03/25/21) (Harshavardhana)
+* fix error could not read /proc ion windows. (#11868) (03/25/21) (Klaus Post)
+* highwayhash: update to latest version containing an arm64 fix (#11901) (03/25/21) (Andreas Auernhammer)
+* Converge PolicyDBGet functions in IAM (#11891) (03/25/21) (Aditya Manthramurthy)
+* xl: avoid sending Delete() remote call for fully successful runs (03/24/21) (Harshavardhana)
+* fix: LDAP policy application on user policy (#11887) (03/24/21) (Aditya Manthramurthy)
+* metrics: Add canceled requests (#11881) (03/24/21) (Klaus Post)
+* xl: add checks for minioTmpMetaBucket in CreateFile (03/24/21) (Harshavardhana)
+* xl: remove cleanupDir instead use Delete() (#11880) (03/24/21) (Harshavardhana)
+* metrics: Change type of minio_s3_requests_waiting_total to gauge (#11884) (03/24/21) (Anis Elleuch)
+* xl: CreateFile shouldn't prematurely timeout (#11878) (03/24/21) (Harshavardhana)
+* Revert "xl: CreateFile shouldn't prematurely timeout (#11854)" (03/23/21) (Harshavardhana)
+* simplify OS instrumentation remove functions for global variables (03/23/21) (Harshavardhana)
+* fix: optionally enable tracing posix calls (03/23/21) (Ritesh H Shukla)
+* fix: AccountInfo API for LDAP users (#11874) (03/23/21) (Aditya Manthramurthy)
+* fix: LDAP groups handling and group mapping (#11855) (03/23/21) (Harshavardhana)
+* avoid healObjects recursively healing at empty path (#11856) (03/23/21) (Harshavardhana)
+* xl: CreateFile shouldn't prematurely timeout (#11854) (03/22/21) (Harshavardhana)
+* fix: merge duplicate keys in post policy (#11843) (03/20/21) (Harshavardhana)
+* Add process uptime metric (#11844) (03/20/21) (Ritesh H Shukla)
+* crypto: simplify Context encoding (#11812) (03/20/21) (Andreas Auernhammer)
+* remove MINIO_IO_DEADLINE support (#11841) (03/20/21) (Harshavardhana)
+* fix: querying LDAP group/user policy (#11840) (03/20/21) (Aditya Manthramurthy)
+* xl: Reduce usage of isDirEmpty() (#11838) (03/19/21) (Anis Elleuch)
+* xl: Remove non needed check for empty dir (#11835) (03/19/21) (Anis Elleuch)
+* fix: sql cast function when converting to float (#11817) (03/19/21) (mailsmail)
+* Introduce metrics caching for performant metrics (#11831) (03/19/21) (Ritesh H Shukla)
+* lifecycle: Support old BucketLifecycleConfiguration tag (#11828) (03/19/21) (Anis Elleuch)
+* add missing java headless jdk in mint (03/18/21) (Harshavardhana)
+* fix: handle weird drives sporadic read O_DIRECT behavior (#11832) (03/18/21) (Harshavardhana)
+* fix: bucket / object count and size returned as 0 (#11825) (03/19/21) (Shireesh Anjal)
+* [feat] Add configurable deadline for writers (#11822) (03/18/21) (Harshavardhana)
+* Add main_test.go to run system tests with coverage (#11783) (03/18/21) (iternity-dotcom)
+* mrf: Enhance behavior for better results (#11788) (03/18/21) (Anis Elleuch)
+* No retries if minio server is down/connection refused err (#11809) (03/18/21) (ebozduman)
+* dsync: use refresh timer properly to avoid leaks (#11820) (03/17/21) (Harshavardhana)
+* allow configuring delete cleanup interval from default 10minutes (#11818) (03/17/21) (Harshavardhana)
+* storage write call path optimizations (#11805) (03/17/21) (Harshavardhana)
+* add additional metrics per disk API latency, API call counts #11250) (03/17/21) (Anis Elleuch)
+
+[1.160.0]
+* Update minio to 2021-04-06T23-11-00Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-04-06T23-11-00Z)
+* Improve error message from SetRemoteTargetHandler (#11909) (03/26/21) (Poorna Krishnamoorthy)
+* unmarshal both LegalHold and ObjectLockLegalHold XML types (#11921) (03/29/21) (Harshavardhana)
+* crawling: Apply lifecycle then decide healing action (#11563) (03/31/21) (Anis Elleuch)
+* add policy conditions support for signatureVersion and authType (#11947) (04/02/21) (Harshavardhana)
+* fix: properly close leaking bandwidth monitor channel (#11967) (04/05/21) (Harshavardhana)
+
+[1.161.0]
+* Update minio to 2021-04-18T19-26-29Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-04-18T19-26-29Z)
+Improve replication performance. See (#12080, #12054, #12009) for more details.
+* Minor improvements in Lifecycle. See (#12077, #12039) for more details.
+* fix: calculate correct content range with partNumber query. See (#11992) for more details.
+* scanner: Shuffle disks to scan. See (#12036) for more details.
+* Add runtime mem stats to server info. See (#11995) for more details.
+
+[1.162.0]
+* Update minio to 2021-04-22T15-44-28Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-04-22T15-44-28Z)
+* fix: pick valid FileInfo additionally based on dataDir. See (#12116) for more details.
+* Service account related improvements. See (#12117) for more details.
+* fix: newMultipartUpload should go to same pool as existing object. See (#12106) for more details.
+* ignore more tokens in some mountinfo entries. See (#12104) for more details.
+* Grab read lock while reading usage cache. See (#12111) for more details.
+
+[1.163.0]
+* Update minio to 2021-05-11T23-27-41Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-05-11T23-27-41Z)
+
+[1.164.0]
+* Update minio to 2021-05-18T00-53-28Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-05-18T00-53-28Z)
+
+[1.164.1]
+* Update minio to 2021-05-20T22-31-44Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-05-20T22-31-44Z)
+
+[1.164.2]
+* Update minio to 2021-05-22T02-34-39Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-05-22T02-34-39Z)
+
+[1.164.3]
+* Update minio to 2021-05-27T22-06-31Z
+* [Full changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-05-27T22-06-31Z)
+
+[1.164.4]
+* Update minio to 2021-06-07T21-40-51Z
+* [Changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-06-07T21-40-51Z)
+
+[1.164.5]
+* Update minio to 2021-06-14T01-29-23Z
+* [Changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-06-14T01-29-23Z)
+
+[1.165.0]
+* Update minio to 2021-06-17T00-10-46Z
+* [Changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-06-17T00-10-46Z)
+
+[1.165.1]
+* Update minio to 2021-07-08T01-15-01Z
+* [Changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-07-08T01-15-01Z)
+
+[1.166.0]
+* Update minio to 2021-07-22T05-23-32Z
+* Use new minio dashboard 2021-06-13T17-48-22Z
+
+[1.167.0]
+* Update minio to 2021-09-15T04-54-25Z
+* Update minio dashboard to 2021-09-02T09-21-27Z
+* [Changelog](https://github.com/minio/minio/releases/tag/RELEASE.2021-09-15T04-54-25Z)
+* SSE-KMS support was not working with copyObject() refer #13206
+* Support UserInfo claims refer #12469
+
+[2.0.0]
+* **This is a major update. The changes below are required for the app to work. The newer version of the app has 2 domain names - one for the console (browser UI) and one of the API domain (API/S3 requests). **
+  * Be sure to take a backup before updating the app.
+  * Once updated, go to the `Location` view and set the API Domain.
+  * Update the various apps/servers/code to use the API domain as the backup destination.
+

CloudronManifest.json

@@ -5,15 +5,23 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG",
   "tagline": "Distributed object storage",
-  "version": "1.159.7",
+  "version": "2.0.0",
   "healthCheckPath": "/minio/login",
   "httpPort": 8000,
+  "httpPorts": {
+    "API_SERVER_DOMAIN": {
+      "title": "API Server Domain",
+      "description": "The domain name for MinIO (S3) API requests",
+      "containerPort": 9000,
+      "defaultValue": "minio-api"
+    }
+  },
   "addons": {
     "localstorage": {}
   },
   "manifestVersion": 2,
   "website": "http://www.minio.io",
-  "minBoxVersion": "5.3.0",
+  "minBoxVersion": "7.1.0",
   "forumUrl": "https://forum.cloudron.io/category/69/minio",
   "documentationUrl": "https://docs.cloudron.io/apps/minio/",
   "contactEmail": "support@cloudron.io",

DESCRIPTION.md

@@ -1,4 +1,4 @@
-This app packages Minio <upstream>2021-03-12T00-00-47Z</upstream>.
+This app packages Minio <upstream>2021-09-15T04-54-25Z</upstream>.
 
 Minio is a distributed object storage server built for cloud applications and devops.
 

Dockerfile

@@ -1,14 +1,14 @@
-FROM cloudron/base:3.0.0@sha256:455c70428723e3a823198c57472785437eb6eab082e79b3ff04ea584faf46e92
-
-ARG VERSION=RELEASE.2021-03-12T00-00-47Z
-
-RUN mkdir -p /app/code \
-    && wget https://dl.min.io/server/minio/release/linux-amd64/minio.${VERSION} -O /app/code/minio \
-    && chmod +x /app/code/minio
+FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
 
+RUN mkdir -p /app/code
 WORKDIR /app/code
 
-ADD start.sh /app/code/start.sh
-ADD minio-credentials /app/code/minio-credentials
+ARG VERSION=RELEASE.2022-01-08T03-11-54Z
+ARG MC_VERSION=RELEASE.2022-01-07T06-01-38Z
+
+RUN wget https://dl.min.io/server/minio/release/linux-amd64/minio.${VERSION} -O /app/code/minio && chmod +x /app/code/minio && \
+    wget https://dl.min.io/client/mc/release/linux-amd64/mc.${MC_VERSION} -O /app/code/mc && chmod +x /app/code/mc
+
+COPY env.sh minio-credentials start.sh /app/code/
 
 CMD [ "/app/code/start.sh" ]

README.md

@@ -34,3 +34,6 @@ npm install
 PATH=$PATH:node_modules/.bin mocha --bail test.js
 ```
 
+## Notes
+
+MinIO Console is an embedded web-based object browser built into MinIO Server

env.sh

@@ -0,0 +1,9 @@
+# Add custom minio configuration to this file. Restart the app for changes to take effect.
+
+export CLOUDRON_MINIO_STARTUP_ARGS='server /app/data/data'
+
+# See https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_ROOT_USER
+# You can use pwgen -1s 64 to generate usernames and passwords
+export MINIO_ROOT_USER=minioadmin
+export MINIO_ROOT_PASSWORD=minioadmin
+

start.sh

@@ -4,16 +4,23 @@ set -eu
 
 mkdir -p /app/data/data /run/minio/config /run/minio/certs
 
-# minio is used for backups at times and has a large number of files. optimize by checking if files
-# are actually in correct chown state
+[[ ! -f /app/data/env.sh ]] && cp /app/code/env.sh /app/data/env.sh
+source /app/data/env.sh
+
+# https://docs.min.io/minio/baremetal/reference/minio-server/minio-server.html#envvar.MINIO_SERVER_URL
+[[ -n "${API_SERVER_DOMAIN:-}" ]] && export MINIO_SERVER_URL="https://${API_SERVER_DOMAIN}"
+export MINIO_BROWSER_REDIRECT_URL="https://${CLOUDRON_APP_DOMAIN}"
+
+if [[ ! -d /app/data/mc_config ]]; then
+    mkdir -p /app/data/mc_config
+    /app/code/mc --config-dir /app/data/mc_config &> /dev/null || true
+fi
+
+# minio is used for backups at times and has a large number of files. optimize by checking if files are actually in correct chown state
 echo "==> Changing ownership"
 [[ $(stat --format '%U' /app/data/data) != "cloudron" ]] && chown -R cloudron:cloudron /app/data
 
-[[ ! -f /app/data/env.sh ]] && echo -e "# Add custom minio configuration to this file. Restart the app for changes to take effect.\n\nexport CLOUDRON_MINIO_STARTUP_ARGS='server /app/data/data'" > /app/data/env.sh
-
-source /app/data/env.sh
-
 # the --config-dir is deprecated and not used. but without it, minio will try to create $HOME/.minio :/ same for --certs-dir
 echo "==> Starting minio"
-exec /usr/local/bin/gosu cloudron:cloudron /app/code/minio --certs-dir /run/minio/certs --config-dir /run/minio/config --quiet ${CLOUDRON_MINIO_STARTUP_ARGS} --address :8000 
+exec /usr/local/bin/gosu cloudron:cloudron /app/code/minio --certs-dir /run/minio/certs --config-dir /run/minio/config --quiet ${CLOUDRON_MINIO_STARTUP_ARGS} --address :9000 --console-address :8000
 

test/package.json

@@ -9,9 +9,10 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^89.0.0",
+    "chromedriver": "^97.0.0",
     "expect.js": "^0.3.1",
-    "mocha": "^8.3.2",
-    "selenium-webdriver": "^3.6.0"
+    "mocha": "^9.1.4",
+    "selenium-webdriver": "^4.1.1",
+    "superagent": "^7.1.1"
   }
 }

test/test.js

@@ -1,31 +1,33 @@
 #!/usr/bin/env node
 
+/* jshint esversion: 8 */
 /* global describe */
 /* global before */
 /* global after */
 /* global it */
+/* global xit */
 
 'use strict';
 
 require('chromedriver');
 
-var execSync = require('child_process').execSync,
+const execSync = require('child_process').execSync,
     expect = require('expect.js'),
+    fs = require('fs'),
     path = require('path'),
-    { Builder, By, Key, until } = require('selenium-webdriver'),
+    superagent = require('superagent'),
+    { Builder, By, until } = require('selenium-webdriver'),
     { Options } = require('selenium-webdriver/chrome');
 
-
 describe('Application life cycle test', function () {
     this.timeout(0);
 
     const LOCATION = 'test';
     const TEST_TIMEOUT = 10000;
-    const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
     const BUCKET = 'cloudrontestbucket';
+    const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
 
-    var app;
-    var browser;
+    let browser, app;
 
     before(function () {
         browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
@@ -35,132 +37,108 @@ describe('Application life cycle test', function () {
         browser.quit();
     });
 
+    async function waitForElement(elem) {
+        await browser.wait(until.elementLocated(elem), TEST_TIMEOUT);
+        await browser.wait(until.elementIsVisible(browser.findElement(elem)), TEST_TIMEOUT);
+    }
+
     function getAppInfo() {
         var inspect = JSON.parse(execSync('cloudron inspect'));
         app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
         expect(app).to.be.an('object');
     }
 
-    function pageLoaded() {
-        return browser.wait(until.elementLocated(By.className('page-load pl-0 pl-1')), TEST_TIMEOUT);
+    async function login(accessKey='minioadmin', secretKey='minioadmin') {
+        await browser.get(`https://${app.fqdn}/login`);
+        await waitForElement(By.id('accessKey'));
+        await browser.findElement(By.id('accessKey')).sendKeys(accessKey);
+        await browser.findElement(By.id('secretKey')).sendKeys(secretKey);
+        await browser.findElement(By.xpath('//button[contains(text(), "Login")]')).click();
+        await waitForElement(By.xpath('//h4[contains(text(), "Dashboard")]'));
     }
 
-    function visible(selector) {
-        return browser.wait(until.elementLocated(selector), TEST_TIMEOUT).then(function () {
-            return browser.wait(until.elementIsVisible(browser.findElement(selector)), TEST_TIMEOUT);
-        });
+    async function old_login(accessKey='minioadmin', secretKey='minioadmin') {
+        await browser.get(`https://${app.fqdn}/minio/login`);
+        await waitForElement(By.id('accessKey'));
+        await browser.findElement(By.id('accessKey')).sendKeys(accessKey);
+        await browser.findElement(By.id('secretKey')).sendKeys(secretKey);
+        await browser.findElement(By.xpath('//button[@type="submit"]')).click();
+        await waitForElement(By.xpath('//input[@placeholder="Search Buckets..."]'));
     }
 
-    function login(accessKey, secretKey, callback) {
-        browser.manage().deleteAllCookies();
-        browser.get('https://' + app.fqdn).then(function () {
-            return visible(By.id('accessKey'));
-        }).then(function () {
-            return browser.findElement(By.id('accessKey')).sendKeys(accessKey);
-        }).then(function () {
-            return browser.findElement(By.id('secretKey')).sendKeys(secretKey);
-        }).then(function () {
-            // return browser.findElement(By.className('lw-btn')).click();
-            return browser.findElement(By.tagName('form')).submit();
-        }).then(function () {
-            return browser.wait(until.elementLocated(By.id('top-right-menu')), TEST_TIMEOUT);
-        }).then(function () {
-            callback();
-        });
+    async function logout() {
+        await browser.get(`https://${app.fqdn}/`);
+        await waitForElement(By.xpath('//div/span[contains(text(), "Dashboard")]'));
+        await browser.findElement(By.xpath('//div/span[contains(text(), "Logout")]')).click();
+        await waitForElement(By.id('accessKey'));
     }
 
-    function logout(callback) {
-        browser.get('https://' + app.fqdn);
-
-        pageLoaded().then(function () {
-            return visible(By.id('top-right-menu'));
-        }).then(function () {
-            return browser.findElement(By.id('top-right-menu')).click();
-        }).then(function () {
-            if (app.manifest.version === '1.137.0') {
-                return visible(By.xpath('//*[text()="Sign Out "]'));
-            } else {
-                return visible(By.xpath('//*[contains(text(), "Logout")]'));
-            }
-        }).then(function () {
-            if (app.manifest.version === '1.137.0') {
-                return browser.findElement(By.xpath('//*[text()="Sign Out "]')).click();
-            } else {
-                return browser.findElement(By.xpath('//*[contains(text(),"Logout")]')).click();
-            }
-        }).then(function () {
-            return browser.wait(until.elementLocated(By.id('accessKey')), TEST_TIMEOUT);
-        }).then(function () {
-            callback();
-        });
+    async function old_logout() {
+        await browser.get(`https://${app.fqdn}/`);
+        await waitForElement(By.xpath('//input[@placeholder="Search Buckets..."]'));
+        await browser.findElement(By.xpath('//div/button[@id="top-right-menu"]')).click();
+        await browser.findElement(By.xpath('//ul/li/a[@id="logout"]')).click();
+        await waitForElement(By.id('accessKey'));
     }
 
-    function addBucket(callback) {
-        browser.get('https://' + app.fqdn);
-
-        pageLoaded().then(function () {
-            return visible(By.className('fa-plus'));
-        }).then(function () {
-            return browser.findElement(By.className('fa-plus')).click();
-        }).then(function () {
-            const c = 'fa-hdd';
-            return visible(By.className(c));
-        }).then(function () {
-            const c = 'fa-hdd';
-            return browser.findElement(By.className(c)).click();
-        }).then(function () {
-            return visible(By.xpath('//*[@class="modal-body"]/form/div/input'));
-        }).then(function () {
-            return browser.findElement(By.xpath('//*[@class="modal-body"]/form/div/input')).sendKeys(BUCKET);
-        }).then(function () {
-            return browser.findElement(By.xpath('//*[@class="modal-body"]/form')).submit();
-        }).then(function () {
-            return visible(By.xpath('//*[@class="main"]/a[text()="' + BUCKET + '"]'));
-        }).then(function () {
-            callback();
-        });
+    async function addBucket() {
+        await browser.get(`https://${app.fqdn}/`);
+        await waitForElement(By.xpath('//div/span[contains(text(), "Bucket")]'));
+        await browser.findElement(By.xpath('//div/span[contains(text(), "Bucket")]')).click();
+        await waitForElement(By.xpath('//button[text()="Create Bucket"]'));
+        await browser.findElement(By.xpath('//button[text()="Create Bucket"]')).click();
+        await browser.sleep(2000);
+        await browser.findElement(By.xpath('//input[@id="bucket-name"]')).sendKeys(BUCKET);
+        await browser.findElement(By.xpath('//button[text()="Create Bucket"]')).click();
+        await waitForElement(By.xpath(`//a[contains(text(), "${BUCKET}")]`));
     }
 
-    function checkBucket(callback) {
-        browser.get('https://' + app.fqdn);
-
-        pageLoaded().then(function () {
-            return browser.findElement(By.xpath(`//a[contains(text(), ${BUCKET})]`));
-        }).then(function () {
-            callback();
-        });
+    async function old_addBucket() {
+        await browser.get(`https://${app.fqdn}/`);
+        await waitForElement(By.xpath('//input[@placeholder="Search Buckets..."]'));
+        await browser.findElement(By.xpath('//div/button[@id="fe-action-toggle"]')).click();
+        await browser.findElement(By.xpath('//ul/a[@id="show-make-bucket"]')).click();
+        await browser.findElement(By.xpath('//input[@placeholder="Bucket Name"]')).sendKeys(BUCKET);
+        await browser.findElement(By.xpath('//*[@class="modal-body"]/form')).submit();
+        await waitForElement(By.xpath(`//*[@class="main"]/a[text()="${BUCKET}"]`));
     }
 
-    function openSettings(callback) {
-        browser.get('https://' + app.fqdn);
+    async function checkBucket() {
+        await browser.get(`https://${app.fqdn}/buckets`);
+        await waitForElement(By.xpath(`//h1[contains(text(), "${BUCKET}")]`));
+    }
 
-        pageLoaded().then(function () {
-            return visible(By.id('top-right-menu'));
-        }).then(function () {
-            return browser.findElement(By.id('top-right-menu')).click();
-        }).then(function () {
-            return visible(By.xpath('//*[contains(text(), "Change Password")]'));
-        }).then(function () {
-            return browser.findElement(By.xpath('//*[contains(text(),"Change Password")]')).click();
-        }).then(function () {
-            return browser.wait(until.elementLocated(By.xpath('//*[contains(text(), "Change Password")]')), TEST_TIMEOUT);
-        }).then(function () {
-            callback();
-        });
+    async function checkRedirect() {
+        const response = await superagent.get(`https://${app.secondaryDomains[0].fqdn}`).set('User-Agent', 'Mozilla/5.0').redirects(0).ok(() => true);
+        expect(response.status).to.be(307);
+        expect(response.headers.location).to.be(`https://${app.fqdn}`);
+    }
+
+    async function checkApi() {
+        const response = await superagent.get(`https://${app.secondaryDomains[0].fqdn}`).ok(() => true);
+        expect(response.status).to.be(403);
+        expect(response.body.toString('utf8')).to.contain('<Code>AccessDenied</Code>');
     }
 
     xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
-    it('install app', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
+    it('install app', function () { execSync(`cloudron install --location ${LOCATION} --secondary-domains API_SERVER_DOMAIN=${LOCATION}-api`, EXEC_ARGS); });
 
     it('can get app information', getAppInfo);
 
     it('can login', login.bind(null, 'minioadmin', 'minioadmin'));
     it('can add bucket', addBucket);
-    it('can open settings', openSettings);
     it('can logout', logout);
+    it('does redirect', checkRedirect);
+    it('check api', checkApi);
 
     it('can change credentials', function () {
-        execSync(`cloudron exec --app ${app.id} -- /app/code/minio-credentials set minioakey minioskey`, EXEC_ARGS);
+        let data = fs.readFileSync(path.join(__dirname, '../env.sh'), 'utf8');
+        data = data
+            .replace(/MINIO_ROOT_USER=.*/, 'MINIO_ROOT_USER=minioakey')
+            .replace(/MINIO_ROOT_PASSWORD=.*/, 'MINIO_ROOT_PASSWORD=minioskey');
+        fs.writeFileSync('/tmp/env.sh', data);
+        execSync(`cloudron push --app ${app.id} /tmp/env.sh /app/data/env.sh`, EXEC_ARGS);
+        execSync(`cloudron restart --app ${app.id}`, EXEC_ARGS);
     });
 
     it('can restart app', function () { execSync(`cloudron restart --app ${app.id}`, EXEC_ARGS); });
@@ -168,6 +146,8 @@ describe('Application life cycle test', function () {
     it('can login', login.bind(null, 'minioakey', 'minioskey'));
     it('has bucket', checkBucket);
     it('can logout', logout);
+    it('does redirect', checkRedirect);
+    it('check api', checkApi);
 
     it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
     it('restore app', function () {
@@ -180,8 +160,9 @@ describe('Application life cycle test', function () {
 
     it('can login', login.bind(null, 'minioakey', 'minioskey'));
     it('has bucket', checkBucket);
-    it('can open settings', openSettings);
     it('can logout', logout);
+    it('does redirect', checkRedirect);
+    it('check api', checkApi);
 
     it('move to different location', function () {
         browser.manage().deleteAllCookies();
@@ -192,6 +173,8 @@ describe('Application life cycle test', function () {
     it('can login', login.bind(null, 'minioakey', 'minioskey'));
     it('has bucket', checkBucket);
     it('can logout', logout);
+    it('does redirect', checkRedirect);
+    it('check api', checkApi);
 
     it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
@@ -199,15 +182,18 @@ describe('Application life cycle test', function () {
     it('can install app', function () { execSync('cloudron install --appstore-id io.minio.cloudronapp --location ' + LOCATION, EXEC_ARGS); });
     it('can get app information', getAppInfo);
 
-    it('can login', login.bind(null, 'minioadmin', 'minioadmin'));
-    it('can add buckets', addBucket);
-    it('can logout', logout);
-    it('can update', function () { execSync('cloudron update --app ' + LOCATION, EXEC_ARGS); });
+    it('can login', old_login.bind(null, 'minioadmin', 'minioadmin'));
+    it('can add buckets', old_addBucket);
+    it('can logout', old_logout);
+    it('can update', function () { execSync(`cloudron update --app ${LOCATION}`, EXEC_ARGS); });
+    it('can configure', function () { execSync(`cloudron configure --app ${LOCATION} --secondary-domains API_SERVER_DOMAIN=${LOCATION}-api`, EXEC_ARGS); });
     it('can get app information', getAppInfo);
 
     it('can login', login.bind(null, 'minioadmin', 'minioadmin'));
     it('has bucket', checkBucket);
     it('can logout', logout);
+    it('does redirect', checkRedirect);
+    it('check api', checkApi);
 
     it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 });