From c6bbc847b466ae1f5509df6b4323d47476fd517b Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Mon, 24 Jun 2019 11:23:42 -0700 Subject: [PATCH] syncthing: Open firewall ports for listening and discovery - Closes #1592. - Use firewall service definition 'syncthing' already available. - Open externally also, helps in syncing with peers on the Internet. Open discovery port also externally and syncthing deal with the traffic. - Based on https://docs.syncthing.net/users/firewall.html Test: - Install version 2, syncthing firewall service is enabled in internal and external zones. - Disable app, syncthing firewall service is removed. Enable app, syncthing firewall service is added. - Install version 1, upgrade to version 2, syncthing firewall service is added. - Install version 1, disable syncthing, upgrade to version 2, syncthing firewall service is not added. Enable syncthing, firewall service is added. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- plinth/modules/syncthing/__init__.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/plinth/modules/syncthing/__init__.py b/plinth/modules/syncthing/__init__.py index da5d3609e..0e6fc7038 100644 --- a/plinth/modules/syncthing/__init__.py +++ b/plinth/modules/syncthing/__init__.py @@ -31,7 +31,7 @@ from plinth.utils import format_lazy from .manifest import backup, clients -version = 1 +version = 2 managed_services = ['syncthing@syncthing'] @@ -87,10 +87,14 @@ class SyncthingApp(app_module.App): login_required=True, allowed_groups=[group[0]]) self.add(shortcut) - firewall = Firewall('firewall-syncthing', name, + firewall = Firewall('firewall-syncthing-web', name, ports=['http', 'https'], is_external=True) self.add(firewall) + firewall = Firewall('firewall-syncthing-ports', name, + ports=['syncthing'], is_external=True) + self.add(firewall) + webserver = Webserver('webserver-syncthing', 'syncthing-plinth') self.add(webserver) @@ -113,7 +117,11 @@ def setup(helper, old_version=None): """Install and configure the module.""" helper.install(managed_packages) helper.call('post', actions.superuser_run, 'syncthing', ['setup']) - helper.call('post', app.enable) + if not old_version: + helper.call('post', app.enable) + + if old_version == 1 and app.is_enabled(): + app.get_component('firewall-syncthing-ports').enable() def diagnose():