The latest version of radicale calendar server's configuration file does not
parse with augeas. This is because it contains the following entry in [headers]
section:
Content-Security-Policy = default-src 'self'; object-src 'none'
The semicolon is treated as comment by the lens which is not correct. Fix this
by overriding comment_re in the lens.
Tests:
- Updated test case works when using augparse.
- With the patch, latest upstream configuration file parses without errors.
- Functional tests work for radicale in testing distribution. Without patch
radicale fails to install.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
[Sunil]:
- Drop Uwsgi component entirely. After the changes, it mostly looks like Daemon
component minus some features. One change that Uwsgi component does is when
component is disabled, it also stops and disables the .service unit. Stopping
the service is useful and we can add this to Daemon component.
- Use /run instead of /var/run/ as 1) /var/run is a symlink to /run 2) /run/
path is what is listed in uwsgi-app@.socket unit file.
- Implement upgrade for apps from older version. Disable and mask uwsgi init.d
script. Enable the daemon component if the webserver component is enabled.
- Update manifest files to deal with .socket units instead of 'uwsgi' service.
Backup the /var/lib/private directories as that is actual directory to backup
with DynamicUser=yes.
- For bepasty load the configuration as a systemd provided credential since
DynamicUser=yes.
- Remove the /var/lib/private directories during uninstall.
- Don't create user/group for bepasty as it is not needed with DynamicUser=yes.
Tests:
- Radicale
- Functional tests pass
- Freshly install radicale.
- Web interface works.
- Create and edit calendars
- Path of the storage directory is in /var/lib/private/radicale (after
accessing web interface)
- Permissions on the storage folder and files inside are set to nobody:nobody.
- Uninstall removes the /var/lib/private/radicale directory.
- Create a calender and backup the app. Uninstall the app. Re-install the app.
The calendar is not available. After restoring the backup, the calendar is
available.
- Install radicale without patch and create a calendar. Apply patches and
start plinth.service. Setup is run. UWSGI is disabled and masked. Service is
running. Old calender is visible.
- Install radicale without patch. Disable and apply patches and start
plinth.service. Setup is run. UWSGI is disabled and masked. Service is not
running. Enabling the service works.
- After upgrade, data storage path got migrated to /var/lib/private/radicale.
Old data is accessible.
- After upgrade the directory is still owned by radicale:radicale.
- Freshly install radicale with patch and restore an old backup. The data is
available in the web interface and data was migrated to
/var/lib/private/radicale.
- Bepasty
- Functional tests pass
- Freshly install bepasy.
- Enabling and disabling rapidly works.
- Uploading files works.
- Path of the storage directory is /var/lib/private/bepasty.
- Permissions on the storage folder are as expect 755 but on the parent are
700.
- Permissions on the stored files are 644 and owned by nobody:nobody.
- Uninstall removes the /var/lib/private/bepasty directory.
- Upload a picture and backup the app. Uninstall the app. Re-install the app.
The uploaded file is not available. After restoring the backup, the uploaded
file is available.
- Install bepasty without patch and upload a file. Apply patches and start
plinth.service. Setup is run. UWSGI is disabled and masked. Service is
running. Old uploaded picture is visible.
- Install bepasty without patch. Disable app. Apply patches and start
plinth.service. Setup is run. UWSGI is disabled and masked. Service is not
running. Enabling the service works.
- After upgrade, data storage path got migrated to /var/lib/private/bepasty.
Old data is accessible.
- After upgrade the directory is still owned by bepasty:bepasty.
- Freshly install bepasty with patch and restore an old backup. The uploaded
file is available in the web interface and data was migrated to
/var/lib/private/bepasty.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Config files are all symlinks in /etc/
- Web interface works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This will leave /etc/{plinth,freedombox} empty by default making service more
robust to run across various environments and situations. See systemd's
explanation for more details.
- Use Debian maintainer scripts remove all the existing files in
/etc/plinth/modules-enabled.
- Read from /usr/share/freedombox/modules-enabled then from
/etc/plinth/modules-enabled and finally from /etc/freedombox/modules-enabled.
Later read ones override previously read files. Any file pointing to /dev/null
will mean the module must be ignored.
Tests:
- Clean up /etc/plinth, /etc/freedombox and
/usr/share/freedombox/modules-enabled. Run service and notice that files are
getting loaded from development folder using a debug message.
- Run setup.py and notice that files get installed in
/usr/share/freedombox/modules-enabled/ and in the next run they get loaded from
there.
- Create a override file in /etc/plinth/modules-enabled/transmission and notice
that overriden file gets priority over the one in
/usr/share/freedombox/modules-enabled.
- Link the file /etc/plinth/modules-enabled/transmission to /dev/null and notice
that is not loaded.
- Create another file in /etc/freedombox/modules-enabled/transmission and notice
that it overrides the previous two files.
- All affected modules are loaded.
- Build a new Debian package and ensure that upgrading 23.8 to new version
removes are all configuration files.
- Build developer documentation and test that Tutorial -> Full Code and Tutorial
-> Skeleton sections have been updated with references to
-.../modules-enabled/... paths.
- Install quassel and notice that certificates were copied to /var/lib/quassel
directory. Change domain to another domain and notice that certificates were
copied again to that directory.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Since radicale 1.x is only in Stretch (oldstable), remove code that
was added to support that version and migration from 1.x to newer
versions.
Keep the fix for missing log path as the fix is not available in Buster yet.
Tests:
- Ran functional tests in testing container. Manually tested logging
in to web interface and creating a calendar.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Add back the fix for missing log path]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
