backups: Remove known_hosts file from config file

- There is no compelling reason to make the file configurable. Simplifies
  configuration file if we make it relative to FreedomBox data directory.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>

data/etc/plinth/plinth.config

@@ -7,7 +7,6 @@ server_dir = /plinth
 actions_dir = /usr/share/plinth/actions
 doc_dir = /usr/share/doc/freedombox
 custom_static_dir = /var/www/plinth/custom/static
-known_hosts = /var/lib/plinth/.ssh/known_hosts
 
 # file locations
 store_file = %(data_dir)s/plinth.sqlite3

plinth.config

@@ -7,7 +7,6 @@ server_dir = /plinth
 actions_dir = %(file_root)s/actions
 doc_dir = %(file_root)s/doc
 custom_static_dir = %(file_root)s/data/var/www/plinth/custom/static
-known_hosts = %(data_dir)s/.ssh/known_hosts
 
 # file locations
 store_file = %(data_dir)s/plinth.sqlite3

plinth/cfg.py

@@ -38,7 +38,6 @@ secure_proxy_ssl_header = None
 develop = False
 server_dir = '/'
 danube_edition = False
-known_hosts = None
 
 config_file = None
 
@@ -97,7 +96,6 @@ def read(config_path=None, root_directory=None):
         ('Path', 'actions_dir', 'string'),
         ('Path', 'doc_dir', 'string'),
         ('Path', 'server_dir', 'string'),
-        ('Path', 'known_hosts', 'string'),
         ('Network', 'host', 'string'),
         ('Network', 'port', 'int'),
         ('Network', 'secure_proxy_ssl_header', 'string'),

plinth/modules/backups/__init__.py

@@ -20,6 +20,7 @@ FreedomBox app to manage backup archives.
 
 import json
 import os
+import pathlib
 import re
 
 import paramiko
@@ -146,17 +147,22 @@ def restore_from_upload(path, apps=None):
                      create_subvolume=False, backup_file=path)
 
 
+def get_known_hosts_path():
+    """Return the path to the known hosts file."""
+    return pathlib.Path(cfg.data_dir) / '.ssh' / 'known_hosts'
+
+
 def is_ssh_hostkey_verified(hostname):
     """Check whether SSH Hostkey has already been verified.
 
     hostname: Domain name or IP address of the host
 
     """
-    known_hosts_path = cfg.known_hosts
-    if not os.path.exists(known_hosts_path):
+    known_hosts_path = get_known_hosts_path()
+    if not known_hosts_path.exists():
         return False
 
-    known_hosts = paramiko.hostkeys.HostKeys(known_hosts_path)
+    known_hosts = paramiko.hostkeys.HostKeys(str(known_hosts_path))
     host_keys = known_hosts.lookup(hostname)
     return host_keys is not None
 

plinth/modules/backups/repository.py

@@ -26,11 +26,11 @@ from uuid import uuid1
 
 from django.utils.translation import ugettext_lazy as _
 
-from plinth import actions, cfg
+from plinth import actions
 from plinth.errors import ActionError
 
 from . import (ROOT_REPOSITORY, ROOT_REPOSITORY_NAME, ROOT_REPOSITORY_UUID,
-               _backup_handler, api, is_ssh_hostkey_verified, network_storage,
+               _backup_handler, api, get_known_hosts_path, network_storage,
                restore_archive_handler)
 from .errors import BorgError, BorgRepositoryDoesNotExistError, SshfsError
 
@@ -326,9 +326,11 @@ class SshBorgRepository(BorgRepository):
     def mount(self):
         if self.is_mounted:
             return
+        known_hosts_path = get_known_hosts_path()
         arguments = [
             'mount', '--mountpoint', self.mountpoint, '--path', self._path,
-            '--user-known-hosts-file', cfg.known_hosts
+            '--user-known-hosts-file',
+            str(known_hosts_path)
         ]
         arguments, kwargs = self._append_sshfs_arguments(
             arguments, self.credentials)

plinth/modules/backups/views.py

@@ -43,7 +43,8 @@ from plinth.errors import PlinthError
 from plinth.modules import backups, storage
 
 from . import (ROOT_REPOSITORY, SESSION_PATH_VARIABLE, api, forms,
-               is_ssh_hostkey_verified, network_storage, split_path)
+               get_known_hosts_path, is_ssh_hostkey_verified, network_storage,
+               split_path)
 from .decorators import delete_tmp_backup_file
 from .errors import BorgRepositoryDoesNotExistError
 from .repository import (BorgRepository, SshBorgRepository, get_repository,
@@ -338,7 +339,7 @@ class VerifySshHostkeyView(SuccessMessageMixin, FormView):
     @staticmethod
     def _add_ssh_hostkey(hostname, key_type):
         """Add the given SSH key to known_hosts."""
-        known_hosts_path = pathlib.Path(cfg.known_hosts)
+        known_hosts_path = get_known_hosts_path()
         known_hosts_path.parent.mkdir(parents=True, exist_ok=True)
         known_hosts_path.touch()
 
@@ -449,7 +450,7 @@ def _create_remote_repository(repository, encryption, dir_contents):
 def _ssh_connection(hostname, username, password):
     """Context manager to create and close an SSH connection."""
     ssh_client = paramiko.SSHClient()
-    ssh_client.load_host_keys(cfg.known_hosts)
+    ssh_client.load_host_keys(str(get_known_hosts_path()))
 
     try:
         ssh_client.connect(hostname, username=username, password=password)

plinth/tests/data/etc/plinth/plinth.config

@@ -7,7 +7,6 @@ server_dir = /plinth
 actions_dir = %(file_root)s/actions
 doc_dir = %(file_root)s/doc
 custom_static_dir = %(file_root)s/data/var/www/plinth/custom/static
-known_hosts = %(data_dir)s/.ssh/known_hosts
 
 # file locations
 store_file = %(data_dir)s/plinth.sqlite3

plinth/tests/test_cfg.py

@@ -120,7 +120,7 @@ def compare_configurations(parser):
     """Compare two sets of configuration values."""
     # Note that the count of items within each section includes the number
     # of default items (1, for 'root').
-    assert len(parser.items('Path')) == 10
+    assert len(parser.items('Path')) == 9
     assert parser.get('Path', 'root') == cfg.root
     assert parser.get('Path', 'file_root') == cfg.file_root
     assert parser.get('Path', 'config_dir') == cfg.config_dir