Tests:
- Running flake8 as in .gitlab-ci.yml works.
- Setting the domain name again to update /etc/hosts file after hostname change
works
- Setting the domain name from the text box works. New domain name is read back
and shown properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Running flake8 as in .gitlab-ci.yml works.
- Changes the hostname works and it is updated in /etc/hostname
- Avahi daemon is restarted
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup succeeds
- (not tested, functionality removed later) During initial setup, if
/etc/apache2/conf-available/freedombox.conf has home page other than /plinth,
it will be changed to /plinth.
- Setting the home page to Apache default, plinth, or an app works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Unit and functional tests work.
- Creating a library works.
- An error while creating library shows as proper message.
- Deleting a library works.
- An error while deleting library shows as proper messages.
- Creating/deleting library reflects properly in the list of libraries.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup:
- Creates zones directory
- Write default configuration
- named is restarted
- Forwarders
- Setting forwarders works as expected.
- Current list of forwarders is shown as expected
- List of served domains is shown properly
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests
- Initial setup
- Sets the domain to freedombox.local (SITENAME)
- Default permissions are set to read
- Three passwords with varying permissions are create by default
- Current configuration is retrieved properly (default permissions, passwords)
- Adding passwords works, they are list as expected
- With or without comment
- Removing password works
- Setting default permissions works
- Untested:
- Upgrade from version 1
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup works when a new container is created
- When transmission is enabled/disabled, the web configuration for it is
enabled/disabled.
- When radicale is enabled/disabled, the uwsgi configuration for it is
enabled/disabled.
- Sharing web configuration is disabled during backup and re-enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Currently, privileged actions are not allowed under top-level plinth module.
They are only allowed under each app module. Allow privileged actions under
plinth module.
- Currently, privileged actions are not allowed under a sub-module of
'privileged' package. They are allowed only in 'privileged' module. Allow
sub-modules under 'privileged' package.
Tests:
- Email app functional tests pass
- Functional tests for apps using package and service privileged methods pass
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Convert the PNG to SVG and use it for all sizes]S
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- I tested the changes with the VirtualBox image with a bridged network adapter.
After ten failed authentication attempts, my IP got blocked as expected.
- This setup uses apache's logs to filter the attempts. A wordpress
[plugin](https://wordpress.org/plugins/wp-fail2ban/) exists for redirecting the
logs to syslog, but that needs to be packaged.
Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Drop logpath as logs are expected to go to journald]
[sunil: Update regex to match only failures and not successful logins]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- So that the new configuration file to disable
readme.html/xmlrpc.php/wp-cron.php takes effect.
Tests:
- Install wordpress without the security changes. Notice that the three URLs are
accessible. Apply the patch, run ./setup install and restart FreedomBox service.
Wordpress app is updated and the security changes take effect. The three URLs
are return forbidden response without manually restarting apache2.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2244.
This patch disabled xmlrpc.php functionality entirely. For interacting with
WordPress using app, the new REST API functionality is recommended. However, for
the Pingback API XML-RPC is still a necessity. If this is an important feature
for FreedomBox users, we intend to re-enable XML-RPC functionality in WordPress.
Signed-off-by: nbenedek <contact@nbenedek.me>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2253
Tests:
- Build a package with this fix included for bullseye-backports
distribution.
- Install into FreedomBox stable system.
- Start dist-upgrade test.
- At the end of the test, wait for plinth to attempt upgrades, and
then confirm that firewalld was upgraded.
- Confirm that firewalld is running.
- Confirm that /etc/firewalld/firewalld.conf has DefaultZone=external.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2263
- matrix-synapse >= 1.65.0-1 requires python3-canonicaljson >= 1.6.2~
Tests:
- On a stable Vagrant Box, matrixsynapse app is not installable.
- With the changes, start FreedomBox service, setup will run on the upgrades
module and /etc/apt/preferences.d/51freedombox-apps.conf will be changed to
include the new entry. After this, matrix-synapse app is installable.
Signed-off-by: nbenedek <contact@nbenedek.me>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
In a testing container, checked that the mount point /run/host/os-release
is not listed on the Samba app page.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #1872.
Previously, JSXC can't be disabled and it's shortcut appears on the homepage
forever. Use the EnableState component which stores a flag in the sqlite
database to maintain the status of app being enabled.
Tests:
- Enable/disable button appears. Enabling/disabling the app updates the status
currently.
- Enabling the app shows icon on the homepage and disabling removes it.
- Enabling shows the menu item in the apps page as enabled. Disabling shows the
menu item in the apps page as disabled.
- It is possible the uninstall the app. When app is uninstall it is removed from
homepage and shows as disabled in the apps page.
- When app is disabled or uninstalled, trying to visit the
/plinth/apps/jsxc/jsxc/ throws a 404 error.
- Run functional tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
[jvalleroy: Enable JSXC for Ejabberd test]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Use AppView for app page.
- Handle post enable/disable activities within the App class.
- Use Operation class to perform configuration instead of custom mechanism. Drop
all the older code for it.
Tests:
- DONE: Run functional tests
- DONE: Enabling Tor
- DONE: Enables the service
- DONE: Updates the firewall ports
- DONE: Adds hidden service domain to names app
- DONE: Shows app enabled
- DONE: Firewall ports are opened
- DONE: Disabling Tor
- DONE: Disables apt transport over Tor
- DONE: Firewall ports are closed
- DONE: Shows app disabled
- DONE: Onion domain is removed from names app
- DONE: App page
- DONE: Running/not-running status is shown properly based on whether tor
daemon is running.
- DONE: Port forwarding information is shown properly.
- DONE: When hidden service is enabled, status of hidden services is shown
- DONE: Configuration update
- DONE: Form shown correct status of the option
- DONE: When configuration is being updated, operation progress is shown
- DONE: Page refreshes once in 3 seconds during operation. Refresh stops after
operation.
- Once the operation is complete, success or error message is shown
- DONE: Javascript to show/hide upstream bridges text box works
- DONE: Javascript to enable/disable relay checkboxes works
- DONE: Operation does not show notification.
- DONE: Enabling apt over Tor does not work when app is disabled
- DONE: When configuration is changed, the message 'Settings unchanged' is not
shown.
- DONE: If an error is thrown during configuration, an error message is shown
properly.
- DONE: Tor is restarted after configuration update and hidden service domains
is updated.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- List of certificates in the system is shown.
- Diagnostics menu item is shown and works.
- Certificate operations work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics menu item is shown and works.
- Both Configure and manage snapshots tabs are shown.
- Changing configuration works, updated configuration is shown.
- Deleting some snapshots works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics are shown and work.
- Initial status of the configuration is show properly.
- Enabling/disabling configuration options reflects correct status.
- Status of frequent features updates shows properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics menu item is not shown.
- If apt is busy a warning message is shown.
- Restart and Shutdown buttons are shown and work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics button is shown and works.
- Connections list, internet connection type and connectivity are shown
properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- App page shows properly. Status of the current domains is shown properly.
- App page does not show enable/disable button.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not present.
- Diagnostics menu item is not present.
- Page shows 'Running diagnostics' button when diagnostics are not running.
- Page shows progress bar and results when diagnostics are running/completed.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
