Closes: #2074
sunil's changes:
- Ensure that secret is not asked for a second time after creating admin user
and logging in (this happens due to discarding of old session and creating new
one).
- Ensure that this logic is not applied to user using FreedomBox images who are
not required to input the first wizard secret.
- Change the name of the session variable for readability.
Tests performed:
- Without the patch, start first boot wizard on the first browser on a
FreedomBox image (or run the file `base64 < /dev/urandom | head -c 16 | sed -e
's+$+\n+' > /var/lib/plinth/firstboot-wizard-secret`). Finish the welcome step
with first wizard secret. Then open a second browser or from another computer
visit the web interface. The first wizard secret is not asked and user can
create an admin account.
- Repeat with fresh image again with the patch. To mimic fresh image, one may
run `sudo rm -f /var/lib/plinth/plinth.sqlite3` and `echo "password" | | sudo
/freedombox/actions/users remove-user tester`. This time when a different
browser other than the one that provided the first wizard secret try to access
the account creation page, a redirection will occur to welcome page. Providing
the first wizard secret takes the user to account creation page.
- Accessing network first wizard page or internal pages on second browser also
takes one back to the welcome page.
- Accessing help pages from second browser requires login.
- Accessing account login page from second browser is allowed. After creating
the account from first browser, second browser can login and continue the
wizard.
- Clearing cookies in the middle of the wizard takes the user back to welcome
page.
- Clear cookies in the middles of the wizard. Visit the wizard, go to first boot
welcome page. Provide secret and the wizard will continue where it was left
off.
- Clear cookies in the middles of the wizard. Visit the wizard, go to first boot
welcome page. Access login page, login as admin. Then first wizard secret is
not asked. First wizard can be continued.
- On a fresh image, simply complete the first wizard. No change to earlier flow
is noticed. First wizard secret is only asked once at the beginning.
- On a fresh image, remove the file /var/lib/plinth/firstboot-wizard-secret.
First wizard can be completed without the secret.
[sunil: improvements to original patch by Kirill Schmidt]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
If a valid certificate is available but not yet setup, the earlier code assumes
there is a valid certificate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Matrix requires valid certificates for federation with other servers from
version 1.0 onward. If the FreedomBox server already has LE cert and private
key, copy them into /etc/matrix-synapse
- Add certificate renewal hooks for Matrix Synapse. Reusing the certificate
renewal mechanism built for ejabberd with matrix-synapse as well. One notable
difference is that Matrix Synapse doesn't support switching the domain name or
dropping the Let's Encrypt certificate.
- Use self-signed certificate if there is no LE certificate. Matrix Synapse
server startup fails if the files homeserver.tls.crt and homeserver.tls.key
are missing.
- Copy Apache's snakeoil certificates to /etc/matrix-synapse when LE
certificates are not available. Prefer LE certificates if available.
- Display warning if no valid LE certificate is found.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Avoid raising errors which could cause endless loop of setup process
failing.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Previously, we switched from ntp to chrony. However, since chrony
conflicts with ntp, this change in dependency causes
unattended-upgrades to skip upgrading freedombox.
Switch to systemd-timesyncd, which does not conflict with either
package. We can switch back to chrony after all users have upgraded to
the most recent release.
Closes#1486
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Make it conditional such that when the disk space information is not available
due to errors, we don't display the warning.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Like most other pages in the interface, use 'Cancel' buttons instead of 'Abort'
buttons.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Disable checkboxes using HTML attribute instead of CSS class
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Merge backports functionality into upgrades module.
- No need to enable systemd timer as dh_installsystemd automatically enables
this during package installation and upgrade.
- Use https:// and deb.debian.org for repository checking. When using Tor for
package installations request the URL via Tor.
- Make daily checking service more generic for all kind of future apt repository
updates.
- Force removal of repository file during purge to avoid failures.
- Don't add contrib/non-free as backports is intended to be enabled for just the
freedombox package and it is free. When the need arises, we can introduce
contrib/non-free. This also eliminates an issue that adding these components
doesn't work without the usage of tor.
- Allow generate apt preferences file to avoid lintian complaining about its
presence. Remove on purge.
- Add unattended upgrades origin pattern to allow it to upgrade from backports
repositories.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Downloaded archives can't be fully extracted as tar.gz is incomplete at the
end and corrupt. This is due to complete gzip streaming implementation that is
does not flush the final bytes of gzip stream. Remove custom implementation
and get gzipped stream directly from borg.
- Fix mimetype for .tar.gz to application/gzip.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Don't set bufsize to 1 while streaming backup download. This is only effective
with text streams with universal_newline flag set. An actual buffer size of 1
is very inefficient and plain wrong. Leave the python default of
io.DEFAULT_BUFFER_SIZE.
- Minor simplification to argument passing.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When radicale 2.x is available in testing, the migration can be
triggered by bumping the module's version.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The link is hidden but not removed. librejs will still parse it. Ideally we
would want to do this from <link data-jslicense='1' href=''> but that seems to
cause problems for librejs.
Librejs users can still find out about the license of Javscript script file
using Librejs menu.
We already have a link to FreedomBox source code in the home page.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Use the X-Forwarded-For header only if specified in the configuration. This
makes FreedomBox safe to use when not behind a reverse proxy server (although
we are unlikely to do this).
- When fetching the IP address to reset after successful login, use the
X-Forwarded-For header only if specified in the configuration.
- Minor flake8 refactorings.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The status log file had been removed previously.
Closes#1461
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
When visiting homepage as a non-admin user, don't throw an error into the
console about not being able to get root partition information. This is a
regression from refactoring during backups change.
Fixes: #1468.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The default rights file shipped in radicale 2.x package is equivalent
to owner_only. By setting this as our default, we can avoid any change
to the default config.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
