matrixsynapse, upgrades: Install select packages from unstable

Tests: - On stable, testing distributions applying the patches and restarting the services causes two files to be created on the system. /etc/apt/sources.list.d/freedombox-unstable.list and /etc/apt/preferences.d/50freedombox-dist.pref. In unstable distributions the files are not created. - Installing Matrix Synapse on all three distributions works. Initial domain configuration works. All diagnostic tests pass. - On stable and testing distributions, running 'apt policy matrix-synapse' shows that priority for package from unstable is 200 higher than installed package priority of 100. Same for the package python3-pympler. Running 'apt policy freedombox' shows that package from -backports has a priority of 500 that is same as the priority of non-backports package. Tests: - During re-run of setup, unstable sources are setup. - Matrix synapse app shows updated description. - Upgrades app shows updated description about frequent feature updates. - On oldstable, stable, and testing distributions unstable sources are setup. But not on unstable. - On stable, testing distributions applying the patches and restarting the services causes two files to be created on the system. /etc/apt/sources.list.d/freedombox-unstable.list and /etc/apt/preferences.d/50freedombox-unstable.pref. In unstable distributions the files are not created. - Installing Matrix Synapse on all four distributions works. Initial domain configuration works. All diagnostic tests pass. - On oldstable, stable, and testing distributions, running 'apt policy python3-pympler matrix-synapse python3-python-multipart' shows that priority for package from unstable is 200 higher than installed package priority of 100. Running 'apt policy freedombox' shows that package from -backports has a priority of 500 that is same as the priority of non-backports package. - When frequent feature updates is not enabled, the app can't be installed. "This application is currently not available in your distribution." message is shown. After enabling frequent feature updates, the apps can be installed. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-03-11 09:04:54 +00:00 · 2025-08-06 22:50:45 -07:00 · 2025-08-06 22:50:45 -07:00 · b7df34d175
commit b7df34d175
parent d8c727a109
5 changed files with 99 additions and 13 deletions
--- a/plinth/modules/matrixsynapse/init.py
+++ b/plinth/modules/matrixsynapse/init.py
@ -33,7 +33,12 @@ _description = [
    format_lazy(
        _('Matrix Synapse needs a STUN/TURN server for audio/video calls. '
          'Install the <a href={coturn_url}>Coturn</a> app or configure '
-          'an external server.'), coturn_url=reverse_lazy('coturn:index'))
+          'an external server.'), coturn_url=reverse_lazy('coturn:index')),
+    format_lazy(
+        _('<strong>Note:</strong> This app receives frequent feature updates. '
+          'It can only be installed if frequent feature updates is enabled in '
+          'the <a href="{upgrades_url}">Software Update</a> app.'),
+        upgrades_url=reverse_lazy('upgrades:index')),
 ]

 logger = logging.getLogger(__name__)
--- a/plinth/modules/upgrades/init.py
+++ b/plinth/modules/upgrades/init.py
@ -55,7 +55,7 @@ class UpgradesApp(app_module.App):

    app_id = 'upgrades'

-    _version = 19
+    _version = 20

    can_be_disabled = False

@ -212,6 +212,7 @@ def setup_repositories(_):
    """Setup apt repositories for backports."""
    if is_backports_requested():
        privileged.activate_backports(cfg.develop)
+        privileged.activate_unstable()


 def check_dist_upgrade(_):
@ -370,7 +371,7 @@ def can_activate_backports():
    if cfg.develop:
        return True

-    return not utils.is_distribution_rolling()
+    return not utils.is_distribution_unstable()


 def can_enable_dist_upgrade():
--- a/plinth/modules/upgrades/privileged.py
+++ b/plinth/modules/upgrades/privileged.py
@ -17,6 +17,11 @@ from . import distupgrade, utils
 logger = logging.getLogger(__name__)

 BACKPORTS_SOURCES_LIST = '/etc/apt/sources.list.d/freedombox2.list'
+UNSTABLE_SOURCES_LIST = pathlib.Path(
+    '/etc/apt/sources.list.d/freedombox-unstable.list')
+
+UNSTABLE_PREFERENCES = pathlib.Path(
+    '/etc/apt/preferences.d/50freedombox-unstable.pref')

 AUTO_CONF_FILE = '/etc/apt/apt.conf.d/20auto-upgrades'
 LOG_FILE = '/var/log/unattended-upgrades/unattended-upgrades.log'
@ -52,6 +57,52 @@ Explanation: bug report 1099755.
 Package: samba-ad-dc
 Pin: release *
 Pin-Priority: -1
+
+Explanation: Make matrix-synapse package and its dependencies installable from
+Explanation: Debian 'unstable' distribution.
+Package: matrix-synapse
+Pin: release n=sid
+Pin-Priority: 200
+
+Explanation: matrix-synapse depends on python3-python-multipart
+Package: python3-python-multipart
+Pin: release n=sid
+Pin-Priority: 200
+
+Explanation: matrix-synapse recommends python3-pympler
+Package: python3-pympler
+Pin: release n=sid
+Pin-Priority: 200
+'''
+
+APT_PREFERENCES_UNSTABLE = \
+    '''Explanation: This file is managed by FreedomBox, do not edit.
+Explanation: De-prioritize all the packages from Unstable distribution.
+Explanation: The priority of packages in *-backports will be set to 300.
+Explanation: Prioritize unstable lower than packages in backports.
+Package: *
+Pin: release n=sid
+Pin-Priority: -100
+
+Explanation: The priority of packages in *-backports will be 100 by default.
+Explanation: Prioritize them higher than unstable packages.
+Package: *
+Pin: release n=trixie-backports
+Pin-Priority: 300
+
+Explanation: The priority of packages in *-backports will be 100 by default.
+Explanation: Prioritize them higher than unstable packages.
+Package: *
+Pin: release n=bookworm-backports
+Pin-Priority: 300
+'''
+
+APT_UNSTABLE_SOURCES = \
+    '''# This file is managed by FreedomBox, do not edit.
+# Allow carefully selected updates to 'freedombox' from unstable.
+
+deb {protocol}://deb.debian.org/debian unstable main
+deb-src {protocol}://deb.debian.org/debian unstable main
 '''


@ -243,6 +294,35 @@ def activate_backports(develop: bool = False):
    _check_and_backports_sources(develop)


+@privileged
+def activate_unstable():
+    """Setup apt sources for unstable distribution and de-prioritize it.
+
+    Select packages will be made installable from unstable.
+    """
+    # Operation already performed, don't write to files unnecessarily.
+    if UNSTABLE_SOURCES_LIST.exists() and UNSTABLE_PREFERENCES.exists():
+        logging.info('Skipping already added unstable sources.')
+        return
+
+    # If the distribution is already 'unstable', default sources.list already
+    # contains sources for 'unstable'. Also, don't de-prioritize the primary
+    # set of packages.
+    if utils.is_distribution_unstable():
+        logging.info(
+            'Skipping adding unstable sources for unstable distribution.')
+        return
+
+    protocol = utils.get_http_protocol()
+    if protocol == 'tor+http':
+        logging.info('Package download over Tor is enabled.')
+
+    logger.info('Adding unstable sources to apt.')
+    sources = APT_UNSTABLE_SOURCES.format(protocol=protocol)
+    UNSTABLE_SOURCES_LIST.write_text(sources)
+    UNSTABLE_PREFERENCES.write_text(APT_PREFERENCES_UNSTABLE)
+
+
@privileged
 def start_dist_upgrade():
    """Start dist upgrade process.
--- a/plinth/modules/upgrades/templates/backports-firstboot.html
+++ b/plinth/modules/upgrades/templates/backports-firstboot.html
@ -14,11 +14,11 @@
    {% blocktrans trimmed %}
      Frequent feature updates allow the {{box_name}} Service, plus a very
      limited set of software, to receive new features more frequently (from the
-      backports repository). This results in receiving some new features within
-      weeks, instead of only once every 2 years or so. Note that software with
-      frequent feature updates does not have support from the Debian Security
-      Team. Instead, they are maintained by contributors to Debian and the
-      {{box_name}} community.
+      backports or unstable repository). This results in receiving some new
+      features within weeks, instead of only once every 2 years or so. Note that
+      software with frequent feature updates does not have support from the
+      Debian Security Team. Instead, they are maintained by contributors to
+      Debian and the {{box_name}} community.
    {% endblocktrans %}
  </p>

--- a/plinth/modules/upgrades/templates/upgrades_configure.html
+++ b/plinth/modules/upgrades/templates/upgrades_configure.html
@ -68,11 +68,11 @@
      {% blocktrans trimmed %}
        Frequent feature updates allow the {{box_name}} Service, plus a very
        limited set of software, to receive new features more frequently (from
-        the backports repository). This results in receiving some new features
-        within weeks, instead of only once every 2 years or so. Note that
-        software with frequent feature updates does not have support from the
-        Debian Security Team. Instead, they are maintained by contributors to
-        Debian and the {{box_name}} community.
+        the backports or unstable repository). This results in receiving some
+        new features within weeks, instead of only once every 2 years or so.
+        Note that software with frequent feature updates does not have support
+        from the Debian Security Team. Instead, they are maintained by
+        contributors to Debian and the {{box_name}} community.
      {% endblocktrans %}
    {% endif %}
  </p>