- RSA to ECC migration was introduced in October 2020 is available to
Buster (via backports) and to Bullseye users. Dropping the code will make it
easy to test regular maintenance code updates.
- A two step setup process of first installing and then setting up the
certificates is no longer necessary. (New installs already don't use this). The
certificate generation process does not take hours but minutes. We also have a
good progress indication during install+setup process.
Tests:
- Functional tests pass.
- Initial setup completes successfully and does not take very long time.
- Profiles can be downloaded successfully and imported.
- A client an use them to connect.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests pass.
- Initial setup completes successfully and does not take very long time.
- Profiles can be downloaded successfully and imported.
- A client an use them to connect.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
module.app property usage is greatly reduced because setup() and force_upgrade()
method are now part of App class instead of at the module level. Remove the
remaining minor cases of usage and drop the property altogether.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Setup is now run as a post installation step.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Start showing port ranges properly.
- Fixes issue with Coturn TURN relay ports not being shown.
Closes: #1851.
Tests:
- Visit each of affected apps and see the port forwarding information. The
information is same as before.
- HTTP and HTTPS ports are not shown.
- Coturn app shows additional port ranges for TURN relay ports.
- Shadowsocks app does not show port forwarding information as it is internal
only.
- Visit one of the apps not effected by the patch. There is no section related
to port forwarding.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Implement ability to refresh page at the framework level so that every page
does not need to handle it.
- Refresh after number of seconds specified in context of the view.
Tests performed:
- Trigger the following functions and ensure that page reload after 3 seconds
during the running operation while it does refresh before and after the
operation.
- Diagnostics tests from the module.
- Gitweb repository cloning.
- Monkeysphere publish key to server.
- OpenVPN setup.
- Tor configuration update.
- Manual software update.
- App installation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests performed:
- When app is not setup, app toggle button is not shown. Running status of the
app is also not present in the page. Profile download is not shown. Setup button
is shown.
- When app is being setup, app toggle button is not shown. Running status of the
app is also not present in the page. Page keeps refreshing every 3 seconds
during setup. Profile download is not shown. A progress spinner is shown that
setup is currently running.
- When app setup has completed, app toggle button is shown. Running status is
shown. When daemon is stopped, a message that daemon is not running is show.
Profile download is shown.
- Transition from being setup into setup completed is done with a single page
refresh. Message that setup is completed is shown.
- Port forwarding information is always shown (before, during and after setup).
- Run functional tests for OpenVPN.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
If at least one related service/daemon is not running, show the alert if app
is enabled, otherwise set alert as hidden (for functional tests).
Closes#1752
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Minor code simplification in app template, status section]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Remove the need to pass all the individual information elements to the AppView
separately. This eliminates many issues with elements that were mistakenly not
sent to AppView. Also reduces a lot of code duplication.
- Create App classes for power and sso for consistency.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Reuse the app_id already available to the view.
- Implement automatically detecting if an app has implemented diagnostics.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- move header section to it's own file so that it can be imported across
the app (app.html, simple_app.html, setup.html)
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Place status section above download profile section for coding convenience.
- Reuse diagnostics button and port forwarding information from app.html
- Reuse status section instead of custom one.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Turn frontpage shortcut into an App component. Add tests and full
documentation.
- Overridden implementations for tahoe, diaspora, mediawiki shortcuts to handle
special cases. Special handling for ikiwiki.
- Extend App API for removing and retrieving a component.
- Add clients information into shortcuts to avoid hacks when presenting
shortcuts to Mobile devices via API.
- Fixed unnecessary stripping and adding of '/' when setting home page redirect
URLs. This fixes problem with setting Cockpit as home page.
- Replaced the use of term 'app' in favor of 'shortcut' as the term when setting
frontpage shortcuts as home page.
- JSXC shortcut does not require login.
- Don't show shadowsocks for anonymous users.
- Simplify showing selected shortcut details.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes#930
- Make targets to download wiki pages of each service
- Add post-processor script for DocBook file processing
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
async is a reserved keyword in Python 3.7. It can no longer be used as method
parameter. Change the name so that we are ready for Python 3.7.
See: https://www.python.org/dev/peps/pep-0492/#deprecation-plans
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This adds OpenVPN icon
- This enables the OpenVPN app on the index page.
- This allows only admins to create the certs for OpenVPN and admins and
non admins can not download their own profiles via the app icon.
The Service object now offers handling services on a system level,
and gathering information whether it's enabled or running.
New methods: enable, disable, is_enabled, is_running;
For this it needs the correct (system-level) service name.
All of the methods can be overridden/customized.
This changes all modules to the new Service object and deletes
action scripts that are not required anymore.
- Authentication using client certificates. Extra password based
authentication for later.
- Auto setup of CA, server and client certificates.
- Provides a .ovpn profile for each user for easy setup.
- Use 4096 bit Diffie-Hellman parameters for better security. If this
takes to much time, reduce it to 2048 or 1024, at least during
debugging.
