Ensure that plinth is fully started so that it can detect the apt
update, and perform force_upgrades.
Test: Perform dist upgrade. At the end, all packages have been
upgraded.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Remove the percentage check, which was incorrectly checking used
percent, not free percent.
Closes: #2046.
Tests:
- Fill up disk space so that 4.5G is free. Dist upgrade does not start
due to not enough free space.
- Fill up disk space so that 5.5G is free. Dist upgrade can be
started.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Identify Freedbombox admin who installed the app to be zoph admin.
- Implement backup and restore.
- Photos directory should remain at /var/lib/zoph, for proper operation of
backups.
- There remains an issue that the App is enabled before it is configured but
will not work correctly until configuration.
- OpenStreetMap mapping is enabled. These should be configurable before
installation.
- Add initial forms.py and views.py to Zoph app, however these are currently
unused as urls.py does not invoke the view. When the view is not invoked the
Zoph App installs, with single signon, currently as the first LDAP user, rather
than the plinth user.
- The first user's preferences are not set, and need to be manually set to avoid
other errors.
* Sunil's changes
- Squash commits and re-split them.
- Drop documentation as it will be auto populated from wiki later.
- Remove outdated validation code from manifest.
- Drop some dead code.
- Don't send MySQL password over command line for improved security. Instead
rely on Unix authentication of root user similar to backup/restore process.
- Use JSON for exchanging configuration dump to avoid encoding errors.
- Add username validation to avoid a potential SQL injection.
- Update description for neural tone and brevity. Add information about how user
accounts work in FreedomBox
- Fix functional tests.
- Drop all code related to changing photos path until it is ready.
- Update URL from /zoph to /zoph/ to avoid another redirect.
- Fix disabling the app.
- Use icon that Zoph uses for favicon as logo. Update copyright file.
- Fix spelling unzip.
- Minor refactors. Run yapf and isort.
- Use subprocess.run() instead of os.popen() everywhere for better security with
argument parsing.
- Enable OpenStreetMap by default. User have a choice to disable it before using
the app. Add label to explain privacy concerns.
- Fix dropping database by using --force argument.
- Cleanup enabling the app to not enable the app when updating configuration.
- Use AppView's default template instead of overriding.
- Update functional tests to just check if the app is enabled/disabled as
expected. Checking that Zoph site is available will require reliable handling of
admin user.
Signed-off-by: John Lines <john@paladyn.org>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
matrix-synapse 1.26 fails to start on FreedomBox stable if it doesn't
find the right version of python3-psycopg2. Version 2.8 of this library
is currently not available in Debian stable and has to be installed from
the buster-backports repository.
Tested the upgrade on a FreedomBox stable virtual machine.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Separate checking for dist upgrade from other setup. We don't want to
start a dist upgrade during the module's setup.
Tests: Checked logs for the following:
- Up to date.
- Updates not enabled.
- Dist upgrade started.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
With default logging settings, only print the result.
Tests: Checked output for following cases:
- Dist upgrade flag exists.
- System is Debian testing.
- Latest stable release without --test.
- Automatic updates not enabled.
- Not enough free space.
- Dist upgrade started.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
With all apps installed, the used space increases by 4.9 GB.
Helps: #1644.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests performed:
- Schedules are able to store and retrieve comments properly. Information about
schedule backups stored in comments is extracted properly.
- Unit tests run.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Hide the warning 'The Syncthing admin interface is configured to allow
remote access without a password. ... '. This warning is unnecessary because
we are using authentication through Apache.
- Hide the usage reporting notification by declining reporting, if the user
has not made a choice yet.
- Call add_user_to_share_group() in setup() before starting syncthing to
avoid another syncthing daemon restart.
- Add a functional test for hidden notification messages.
- Functional tests: Improve the method to check if the javascript
loading process is complete.
Closes#1581
Tests performed:
- The syncthing app is installed successfully on Debian testing
- All syncthing tests pass on Debian stable and testing
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
When installing the syncthing app, create a LDAP group named "syncthing-access"
instead of "syncthing", because the app creates the "syncthing" system group
to run the syncthing daemon. Duplicate group names can cause some ambiguity as
described in #2008.
- Rename the existing "syncthing" LDAP and Django group to "syncthing-access".
- Update existing web shares to be accessible with new group name
- Functional tests: Add tests to check access to the syncthing site with a user
in the syncthing-access group and no group.
- Functional tests: Scroll to the edit button before clicking. Fixes some test
failures on a smaller browser window.
Fixes#2008
Tests performed on Debian stable and testing:
- Check that the existing "syncthing" group is renamed after upgrade:
1) Without patch applied, install syncthing, create a user in group "syncthing".
2) Apply patch, update Apache2 config file /etc/apache2/conf-available/syncthing-plinth.conf,
reload Apache2, restart plinth.
3) Check that the created user is now in the "syncthing-access" group and can
access /syncthing site.
- Check that the app upgrade succeeds when there are no users in the syncthing group.
- Create a web share accessible by the 'syncthing' group. Check that after the upgrade,
the share is accessible to a member of syncthing-access group.
- All the syncthing app tests pass.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Performs this hold separately from the others, and ignore errors only
for tt-rss.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This was removed in an earlier change, so restore it.
Avoids a transient "IndexError: list index out of range" error caused
by django when visiting a page.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Fixes#2000
Tests performed:
- All the users module tests pass
- Create a user, add the user to the freedombox-share group,
check that the user can connect to the Samba Group share.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When FreedomBox package is installed on a fresh Debian machine where a
snakeoil certificate doesn't exist, generate a new one.
Fixes#1923Fixes#1999
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[Veiko: Made added code comment more precise]
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Minor refactor to reuse list of packages with prompts]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Check apt sources list regardless of whether we are upgrading to
stable or testing.
- Replace stable code name with new stable code name.
- When testing, also replace "stable" with code name to be tested.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Provide the correct client configuration based on whether the server is
using RSA or ECC.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Debian Buster has easyrsa 3. Since we're nearing Bullseye now, it is
safe to asssume that most users are already using easyrsa 3.
The code to do the upgrade is 2 years old already. Removing it.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Set domain name during app setup
- Improve tests for settings. Prefer to call functions in plinth which invoke
actions than test actions directly.
- Also, '$wgServer' is not a domain name since it also includes the protocol.
- Add domain selection form. Make server url a text input field.
- Added a functional test to set the value of server url to the value provided
by FREEDOMBOX_URL before doing running any other tests.
- Make server url setting a pre-requisite.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Squash commits as they were fixing themselves]
[sunil: Simplify configuration reading]
[sunil: Use 'server_url' terminology consistently]
[sunil: cosmetic: Minor styling]
[sunil: Update test_settings.py to use fixture pattern]
[sunil: Remove seemingly incorrectly used aria-describedby attribute]
[sunil: Don't rely solely on env variable value in functional tests]
[sunil: Fix issue with http/https mismatch when checking site availability]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The temporary file is sometimes not flushed to disk by the time the PHP
command is called. This makes the password file empty and breaks the
installation.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
- Setting is stored in kvstore.
- Enable for new installs, and once when upgrading from version
without flag.
- Split action subcommands for activating backports and for performing
dist upgrade.
Tests:
- Dist upgrade is enabled by default in stable container.
- Dist upgrade is disabled by default in testing container.
- Enable dist upgrade. Dist upgrade is attempted periodically.
- Disable dist upgrade. Dist upgrade is no longer attempted.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: kvstore need to be locally imported anymore, import as usual]
[sunil: Minor changes to comments for PEP compliance]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Process can be tested by upgrading to testing:
$ sudo ./actions/upgrades --develop --test-upgrade
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: cosmetic: isort fixes]
[sunil: Restore BACKPORTS_REQUESTED_KEY that was accidentally removed]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This change prevents the plinth user to become a superuser without
knowing an admin password.
Users module and action script:
- User credentials are now required for the subcommands: create-user,
set-user-password, add-user-to-group (if the group is admin),
remove-user-from-group (if the group is admin), set-user-status,
remove-user (if the removed user is the last admin user.
Note: the web UI doesn't allow to delete last admin user).
- subcommand remove-users requires authentication if the user is last
admin user. Password must be provided through standard input.
- subcommand remove-group: do not allow to remove group 'admin'
- User credentials must be provided using the argument
--auth-user and a passsword must be provided through standard input.
- If there are no users in the admin group, no admin password is
required and if the --auth-user argument is required, it can be an
empty string.
Users web UI:
- An admin needs to enter current password to create and edit a user
and to change user's password.
- Show more detailed error text on exceptions when submitting forms.
- Show page title on the edit and create user pages.
Users unit and functional tests:
- Added a configuration parameters to the pytest configuration file
to set current admin user/password.
- Added a configuration parameter 'ssh_port' to the functional tests.
You can overwrite this with the FREEDOMBOX_SSH_PORT environment
variable. Modified HACKING.md accordingly.
- Added an unit test:
- test changing the password as a non-admin user.
- test invalid admin password input.
- test that removing the admin group fails.
- Capture stdout and stderr in the unit tests when calling an action
script to be able to see more info on exceptions.
- Added functional tests for setting ssh keys and changing passwords
for admin and non-admin users.
- Added a functional test for setting a user as active/inactive.
Changes during review [sunil]:
- Move uncommon functional step definitions to users module from global. This is
keep the common functional step definitions to minimal level and promote when
needed.
- Minor styling changes, flake8 fixes.
- Don't require pampy module when running non-admin tests. This allows tests to
be run from outside the container on the host machine without python3-pam
installed.
- Call the confirm password field 'Authorization Password'. This avoid confusion
with a very common field 'Confirm Password' which essentially means retype
your password to ensure you didn't get it wrong. Add label explaining why the
field exists.
- Don't hard-code /tmp path in test_actions.py. Use tmp_path_factory fixture
provided by pytest.
- Remove unused _get_password_hash() from actions/users.
- Undo splitting ldapgid output before parsing. It does not seem correct and
could introduce problems when field values contain spaces.
Tests performed:
- No failed unit tests (run with and without sudo).
- All 'users' functional tests pass.
- Creating an admin user during the first boot wizard succeeds.
- Creating a user using the web UI with an empty or wrong admin
password fails and with the correct admin password succeeds.
- Editing a user using the web UI with an empty or wrong admin
password fails and with the correct admin password succeeds.
- Changing user's password using the web UI with an empty or wrong
admin password fails and with the correct admin password succeeds.
- Above mentioned user action script commands can't be run without
correct credentials.
- Adding the daemon user to the freedombox-share group succeeds when
installing certain apps (deluge, mldonkey, syncthing, transmission).
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Move uncommon functional step definitions to users module from global]
[sunil: Minor styling changes, flake8 fixes]
[sunil: Don't require pampy module when running non-admin tests]
[sunil: Call the confirm password field 'Authorization Password']
[sunil: Don't hard-code /tmp path in test_actions.py]
[sunil: Remove unused _get_password_hash() from actions/users]
[sunil: Undo splitting ldapgid output before parsing]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This change prevents the plinth user to set the ssh-keys without
knowing the user password.
- Debian: added new dependency python3-pampy to authenticate users.
- Added additional required parameter --auth-user to the
'actions/ssh set-keys' command. A password should be
provided through STDIN.
Tests performed:
- running 'actions/ssh set-keys' with empty or wrong admin credentials
fails.
- running 'actions/ssh set-keys' with correct admin credentials
succeeds.
- running 'actions/ssh set-keys' with correct non-admin credentials
succeeds if the --username is the same user.
- running 'actions/ssh set-keys' with correct non-admin credentials
fails if the --username is a different user.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Certificate can be setup for a single domain at a time in Mumble. So, allow the
user to choose the domain purely for this propose even though Mumble can work
with multiple domains. Tell Let's Encrypt to work with this domain.
Tests:
- Without Mumble installed, change the domain name. Notice the mumble related
certificate events are ignored.
- Install Mumble, a TLS domain is automatically selected. Certificate is setup
for that domain.
- Ensure at least two domains are setup in the system. See the list in the
Mumble app page. Choose a non-default domain. Domain should change and cert
should be setup for that domain.
- Go to config app and change the domain. Mumble domain should get set to a
different domain and cert should get updated.
- Install mumble without these changes. Apply the changes and start FreedomBox.
Mumble app should get upgraded and certificate should get setup for a domain.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
