diff --git a/Dockerfile b/Dockerfile
index 2e8f969..3e1095a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -203,6 +203,22 @@ RUN apt-get update && \
curl nodejs sudo wget procps nano && \
rm -rf /var/lib/apt/lists/*
+# HaRP: download and install FRP client
+RUN set -ex; \
+ ARCH=$(uname -m); \
+ if [ "$ARCH" = "aarch64" ]; then \
+ FRP_URL="https://raw.githubusercontent.com/nextcloud/HaRP/main/exapps_dev/frp_0.61.1_linux_arm64.tar.gz"; \
+ else \
+ FRP_URL="https://raw.githubusercontent.com/nextcloud/HaRP/main/exapps_dev/frp_0.61.1_linux_amd64.tar.gz"; \
+ fi; \
+ echo "Downloading FRP client from $FRP_URL"; \
+ curl -L "$FRP_URL" -o /tmp/frp.tar.gz; \
+ tar -C /tmp -xzf /tmp/frp.tar.gz; \
+ mv /tmp/frp_0.61.1_linux_* /tmp/frp; \
+ cp /tmp/frp/frpc /usr/local/bin/frpc; \
+ chmod +x /usr/local/bin/frpc; \
+ rm -rf /tmp/frp /tmp/frp.tar.gz
+
COPY ex_app_scripts/common_pgsql.sh /ex_app_scripts/common_pgsql.sh
COPY ex_app_scripts/install_pgsql.sh /ex_app_scripts/install_pgsql.sh
COPY ex_app_scripts/init_pgsql.sh /ex_app_scripts/init_pgsql.sh
diff --git a/Makefile b/Makefile
index c0f87da..b0910ec 100644
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@
APP_ID := flow
APP_NAME := Flow
APP_VERSION := $$(xmlstarlet sel -t -v "//version" appinfo/info.xml)
-JSON_INFO := "{\"id\":\"$(APP_ID)\",\"name\":\"$(APP_NAME)\",\"daemon_config_name\":\"manual_install\",\"version\":\"$(APP_VERSION)\",\"secret\":\"12345\",\"port\":24000, \"routes\": [{\"url\":\"^api\\\/w\\\/nextcloud\\\/jobs\\\/.*\", \"verb\":\"GET, POST, PUT, DELETE\", \"access_level\":0, \"headers_to_exclude\":[], \"bruteforce_protection\":[401]}, {\"url\":\"^api\\\/w\\\/nextcloud\\\/jobs_u\\\/.*\", \"verb\":\"GET, POST, PUT, DELETE\", \"access_level\":0, \"headers_to_exclude\":[], \"bruteforce_protection\":[401]}, {\"url\":\".*\", \"verb\":\"GET, POST, PUT, DELETE\", \"access_level\":2, \"headers_to_exclude\":[]}]}"
+JSON_INFO := "{\"id\":\"$(APP_ID)\",\"name\":\"$(APP_NAME)\",\"daemon_config_name\":\"manual_install\",\"version\":\"$(APP_VERSION)\",\"secret\":\"12345\",\"port\":27100, \"routes\": [{\"url\":\"^api\\\/w\\\/nextcloud\\\/jobs\\\/.*\", \"verb\":\"GET, POST, PUT, DELETE\", \"access_level\":0, \"headers_to_exclude\":[], \"bruteforce_protection\":[401]}, {\"url\":\"^api\\\/w\\\/nextcloud\\\/jobs_u\\\/.*\", \"verb\":\"GET, POST, PUT, DELETE\", \"access_level\":0, \"headers_to_exclude\":[], \"bruteforce_protection\":[401]}, {\"url\":\".*\", \"verb\":\"GET, POST, PUT, DELETE\", \"access_level\":2, \"headers_to_exclude\":[]}]}"
.PHONY: help
diff --git a/appinfo/info.xml b/appinfo/info.xml
index 39003f5..57b5f2d 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -24,7 +24,7 @@ This app provides an easy way to install the Windmill based Business Process Aut
**Requires [`AppAPI`](https://github.com/nextcloud/app_api) and `webhook_listeners` to be enabled to work.**
]]>
- 1.1.0
+ 1.2.0
agpl
Julien Veyssier
Marcel Klehr
@@ -44,7 +44,7 @@ This app provides an easy way to install the Windmill based Business Process Aut
ghcr.io
nextcloud/flow
- 1.1.0
+ 1.2.0
diff --git a/ex_app/lib/main.py b/ex_app/lib/main.py
index 4eca93d..0904b9f 100644
--- a/ex_app/lib/main.py
+++ b/ex_app/lib/main.py
@@ -33,7 +33,7 @@
# os.environ["NEXTCLOUD_URL"] = "http://nextcloud.local/index.php"
# os.environ["APP_HOST"] = "0.0.0.0"
-# os.environ["APP_PORT"] = "24000"
+# os.environ["APP_PORT"] = "27100"
# os.environ["APP_ID"] = "flow"
# os.environ["APP_SECRET"] = "12345" # noqa
# os.environ["AA_VERSION"] = "4.0.0" # value but should not be greater than minimal required AppAPI version
diff --git a/ex_app_scripts/entrypoint.sh b/ex_app_scripts/entrypoint.sh
index ae91c07..77b1b5b 100644
--- a/ex_app_scripts/entrypoint.sh
+++ b/ex_app_scripts/entrypoint.sh
@@ -2,6 +2,64 @@
# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
# SPDX-License-Identifier: MIT
+set -e
+
+# Only create a config file if HP_SHARED_KEY is set.
+if [ -n "$HP_SHARED_KEY" ]; then
+ echo "HP_SHARED_KEY is set, creating /frpc.toml configuration file..."
+ if [ -d "/certs/frp" ]; then
+ echo "Found /certs/frp directory. Creating configuration with TLS certificates."
+ cat < /frpc.toml
+serverAddr = "$HP_FRP_ADDRESS"
+serverPort = $HP_FRP_PORT
+loginFailExit = false
+
+transport.tls.enable = true
+transport.tls.certFile = "/certs/frp/client.crt"
+transport.tls.keyFile = "/certs/frp/client.key"
+transport.tls.trustedCaFile = "/certs/frp/ca.crt"
+transport.tls.serverName = "harp.nc"
+
+metadatas.token = "$HP_SHARED_KEY"
+
+[[proxies]]
+remotePort = $APP_PORT
+type = "tcp"
+name = "$APP_ID"
+[proxies.plugin]
+type = "unix_domain_socket"
+unixPath = "/tmp/exapp.sock"
+EOF
+ else
+ echo "Directory /certs/frp not found. Creating configuration without TLS certificates."
+ cat < /frpc.toml
+serverAddr = "$HP_FRP_ADDRESS"
+serverPort = $HP_FRP_PORT
+loginFailExit = false
+
+transport.tls.enable = false
+
+metadatas.token = "$HP_SHARED_KEY"
+
+[[proxies]]
+remotePort = $APP_PORT
+type = "tcp"
+name = "$APP_ID"
+[proxies.plugin]
+type = "unix_domain_socket"
+unixPath = "/tmp/exapp.sock"
+EOF
+ fi
+else
+ echo "HP_SHARED_KEY is not set. Skipping FRP configuration."
+fi
+
+# If we have a configuration file and the shared key is present, start the FRP client
+if [ -f /frpc.toml ] && [ -n "$HP_SHARED_KEY" ]; then
+ echo "Starting frpc in the background..."
+ frpc -c /frpc.toml &
+fi
+
# Read environment variables
. /etc/environment
diff --git a/requirements.txt b/requirements.txt
index 3cd8d60..ccef928 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1 @@
-nc_py_api[app]>=0.18.0
+nc_py_api[app]>=0.19.2