Prevent leaking private info through Tor onion service or Pagekite.
Based on 822c322d20d12f81c6cfca47b66f900542a5aac2.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
If a valid certificate is available but not yet setup, the earlier code assumes
there is a valid certificate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Immediately after the installation, a self-signed certificate is used because
domain name is not available. However, after domain name becomes available,
setup a Let's Encrypt certificate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Setting permissions after copying the file will lead to momentary exposure of
the private key to other users on the system. Use umask instead.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Don't match the hook's domain against domain set in configuration. We already
check if the domain matches the Matrix Synapse configured domain.
- Fix un-checking letsencrypt option for matrixsynapse. Keep the old certificate
but don't throw error. This means future certificates are not renewed.
- Use utility get_configured_domain_name()
- Style function names without uppercase.
- Style multi-line docstrings correctly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Matrix requires valid certificates for federation with other servers from
version 1.0 onward. If the FreedomBox server already has LE cert and private
key, copy them into /etc/matrix-synapse
- Add certificate renewal hooks for Matrix Synapse. Reusing the certificate
renewal mechanism built for ejabberd with matrix-synapse as well. One notable
difference is that Matrix Synapse doesn't support switching the domain name or
dropping the Let's Encrypt certificate.
- Use self-signed certificate if there is no LE certificate. Matrix Synapse
server startup fails if the files homeserver.tls.crt and homeserver.tls.key
are missing.
- Copy Apache's snakeoil certificates to /etc/matrix-synapse when LE
certificates are not available. Prefer LE certificates if available.
- Display warning if no valid LE certificate is found.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
This is optional and does not affect normal installations. However, when
performing configuration migration in FreedomBox (due to unattended-upgrades
refusing it), it is useful as a part of strategy to read configuration, force
install new configuration files and apply configuration again. This option can
be used on such cases.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
It is incorrect to check for backports availability, FreedomBox systems got
added buster-backports sources prematurely. This will lead to apt update
failures resulting in FreedomBox becoming unable to install new apps.
Fix this by removing old sources and adding new sources only after
performing (this time correct) backports URL check.
Closes: #1496.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
If we release version 50 into testing and version 49 into buster-backports and
assuming version 45 is in stable, then for stable users, version 49 is selected
properly and upgraded due non-availability of 50 for them and high
prioritization of buster-backports over buster/stable. This is as expected.
For the case of testing user, this does not work as expected, however.
buster-backports will be given 800 priority, testing will be given 500
priority (default) and version 49 will be picked instead of the expected 50.
Setting priority to 500 fixes the problem. It will equate the buster-backports
to all other repositories and will let the system pick the highest version
available.
Closes: #1498.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
It is easy to run into cases where SSH mounting takes more than 5 seconds.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Merge backports functionality into upgrades module.
- No need to enable systemd timer as dh_installsystemd automatically enables
this during package installation and upgrade.
- Use https:// and deb.debian.org for repository checking. When using Tor for
package installations request the URL via Tor.
- Make daily checking service more generic for all kind of future apt repository
updates.
- Force removal of repository file during purge to avoid failures.
- Don't add contrib/non-free as backports is intended to be enabled for just the
freedombox package and it is free. When the need arises, we can introduce
contrib/non-free. This also eliminates an issue that adding these components
doesn't work without the usage of tor.
- Allow generate apt preferences file to avoid lintian complaining about its
presence. Remove on purge.
- Add unattended upgrades origin pattern to allow it to upgrade from backports
repositories.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Downloaded archives can't be fully extracted as tar.gz is incomplete at the
end and corrupt. This is due to complete gzip streaming implementation that is
does not flush the final bytes of gzip stream. Remove custom implementation
and get gzipped stream directly from borg.
- Fix mimetype for .tar.gz to application/gzip.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When radicale 2.x is available in testing, the migration can be
triggered by bumping the module's version.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes#1442.
When disk is very busy, sending KILL signal to the process may not kill it
immediately. So wait upto 5 minutes for it. This does not increase the time in a
regular case if the kill works immediately.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Make command line arguments more readable.
- Don't collect and reprint the logs. Let them be printed directly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
With newer version of radicale (>2.1), when configuration is changed, it is not
applied until the application is disabled and re-enabled.
Also make sure that configuration changes don't start a daemon when it is
disabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
The default rights file shipped in radicale 2.x package is equivalent
to owner_only. By setting this as our default, we can avoid any change
to the default config.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The default, remote_user, works ok when using uwsgi.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Not used with uwsgi, which is enabled for radicale 2.x.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Update description to simply and talk about multiple protocols supported.
- Don't diagnose on IPv6 as mldonkey does not listen there.
- Run yapf and isort.
- Minor styling fixes.
- Update functional tests to check for service running.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Drop the `bind_address` key during upgrade
- Use the new `bind_addresses` key instead
Fixes#1420
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- uwsgi service is sufficient to handle radicale2. Disable radicale service for
radicale2.
- Use action utils to deal with uwsgi configuration management.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is a workaround for the problem that when restarting firewalld with
iptables backend, flushing fails and starting with nftables also fails requiring
a restart to recover the problem.
Fixes#1440.
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Only do the configuration based on version run the remaining setup code
without considering version.
- Don't force upgrade/setup configuration when doing from version 4 and above.
- Force set cleanup=yes values during migration too.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Added a command-line argument called --old-version to the setup command based
on which it can decide whether to do a new setup or a migration.
- Removed the migrate command.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The free space limit value is allowed to a maximum of 60%, since setting the
it to a value higher than possible will effectively disable snapshotting.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org
- Snapper's cleanup algorithms don't apply limits unless they are specified in
the form of ranges. Changed all limit values in the configuration to ranges.
- Also, all MIN_AGE values have been set to 0 to avoid the disk space filling up
in case of a large number of snapshots generated in a very short amount of time.
- FREE_LIMIT has been increased to 30% from the default 20% since backup
archives also take up disk space on the root partition.
Fixes#1435
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Radicale 1 needs to have /radicale/.well-known/*dav to the URLs where as
Radicale 2 needs to have /radicale to be the URLs. Hence have two separate
apache configuration files.
- Use expr= when setting X-REMOTE-USER header to set the authenticated user name
properly. Without this all users are using a single user '(null)' data.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Makes it trivial to alter site configuration for all domains at once. Also
possible to easily switch to TLS modules other than mod_gnutls.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- adapt action and write tests for accessing a borg repo directly
via borg+ssh, without mounting it
- some docstring updates
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- fixes issues as supposed by jvalleroy
- new repositories always get a UUID so they can immediately be fully
used (mounted, queried etc) also before saving them
- remove test connection page -- errors are shown on form submission
- improved error handling when creating remote repositories
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
