nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
371 Commits 11 Branches 402 Tags 289 MiB
Commit Graph

371 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Daly
2b4e17e425 Fix Lintian error: unsafe symlinks exist only while testing. 
We only need these actions during test time, so create symlinks to
them before running the tests and remove them after testing:

- actions/echo: /bin/echo

- actions/id: /usr/bin/id
 2014-03-02 16:20:46 -06:00
Nick Daly
c5ceae5819 Properly use bcrypt: 
- Don't crypto: use a library provided time-independent comparison.

- Document details about max password length and other caveats.
 2014-03-02 15:36:22 -06:00
Nick Daly
8e2284a643 Added notes to the first connection design. 2014-02-04 21:13:07 -06:00
Nick Daly
cb9ca1b86c Finished first pass at LICENSES file. 2013-12-26 22:40:08 -06:00
Nick Daly
2f98202312 Added some module-level documentation. 
Of course, only stage 0 (#1: Hello!) is written.  The rest will come
next.
 2013-12-26 22:39:55 -06:00
Nick Daly
a00555e506 Added documentation on the first-connection process. 
This is a four-part process:

1. Hello!  Configure basic administrative information.

2. Configure identity information.

3. Configure network.

4. Box is running normally, user can interact with and add and remove
services per the normal processes.
 2013-12-22 20:55:14 -06:00
Nick Daly
278db809ab Removed compiled pyc file. 2013-12-22 20:49:26 -06:00
Nick Daly
883c08eb94 Removed logfiles. 2013-12-16 21:08:22 -06:00
Nick Daly
bb75e4285f Added whitespace. 2013-12-16 21:08:00 -06:00
Nick Daly
cdca585a98 Renamed COPYRIGHTS to LICENSES 2013-12-16 21:05:02 -06:00
Nick Daly
b4db64719a Added COPYRIGHTS file to track copyright status. 
This'll be handy for the Debian packaging.
 2013-12-15 19:00:22 -06:00
Nick Daly
468fc00330 Removed fixed links issue. 2013-12-15 18:58:50 -06:00
Nick Daly
68e186deff Finally fix firstboot redirect problems. 
This issue was easy to solve once I started using the Live HTTP
Headers Firefox extension to debug it:

https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/

With this particular InternalRedirect, CherryPy inexplicably responds
with a 301 ("Moved Permanently") unless we manually tell it to use a
307 ("Moved Temporarily") response code.  I don't know why CherryPy
does this, and it may be indicative of a deeper problem that I don't
currently have time to debug, as the request-response process for
redirecting from http://(server)/plinth to
https://(server)/plinth/firstboot is ridiculous and contains about
twice as many requests as I would've expected.
v0.3.1 		2013-12-08 11:46:33 -06:00
Nick Daly
4d5d93678b Require python-bcrypt as a build-from-source dependency. 2013-12-08 11:39:37 -06:00
Nick Daly
51e3af611b Moved Apache configuration to Plinth setup script. 
James added the Apache Headers module to the makefile, but not the
FreedomBox-Setup configuration script.  However, it's ridiculous to
have multiple locations for that same logic, so now the makefile uses
the setup script for the Apache configuration instead.

Also, the modules are now fancy and alphabetized.
 2013-12-08 11:37:15 -06:00
James Valleroy
96f4430513 Remove includeSubDomains option from HSTS header. 2013-11-28 02:27:08 +00:00
James Valleroy
96310b4366 Use HSTS in apache conf. Fixes #47. 2013-11-28 00:52:18 +00:00
Nick Daly
0ec794aaa7 Merge pull request #56 from jvalleroy/remove_old_user_db 
Remove old user stuff
 2013-11-24 20:43:35 -08:00
Nick Daly
16c994b787 Cleaned up missed references to privilegedactions. 2013-11-24 22:07:13 -06:00
Nick Daly
e23650232b Merged async actions. 2013-11-24 18:46:16 -06:00
Nick Daly
0349113e97 Commands can be executed asynchronously and as non-root. 
If commands are executed synchronously, they'll return output and
error strings.  If commands are executed asynchronously, nothing is
returned.  We assume you can communicate with asynchronous processes
out-of-band.

Not every command needs to be executed as root, so there's a new
entry-point, *actions.run*, which executes actions as the current
user.
 2013-11-24 18:42:15 -06:00
Nick Daly
6567dc1758 Renamed privilegedactions to actions. 2013-11-24 18:29:27 -06:00
James Valleroy
2eb4f8bf1a Fix add/edit links in users module. 2013-11-20 21:37:03 -05:00
James Valleroy
030675b900 Remove old cfg.users_dir. Remove old UserStore class. 2013-11-20 21:29:28 -05:00
James Valleroy
31ffed9323 Remove users database and folder. The user db will be generated in firstboot. 2013-11-20 20:45:17 -05:00
Nick Daly
83b4425a5a Merge pull request #54 from jvalleroy/bugfixes 
Bugfixes
 2013-11-18 20:18:38 -08:00
Nick Daly
8343946de9 Merged jvalleroy's bcrypt. 2013-11-17 16:45:35 -06:00
Nick Daly
a0a9e96a29 Remove the /plinth/static location. 
Otherwise, Apache 500s on the static files.
 2013-11-17 16:22:21 -06:00
Nick Daly
33c2cec0ae Merged with upstream. 2013-11-17 16:06:41 -06:00
Nick Daly
0539dfb28a Privileged Actions can take option lists again. 2013-11-17 16:01:12 -06:00
Nick Daly
0426284ecf Merge pull request #55 from petterreinholdtsen/correct-issue-tracker 
Correct URL to current upstream github project.
 2013-11-17 09:41:03 -08:00
Petter Reinholdtsen
9274ccd814 Correct URL to current upstream github project. 2013-11-17 13:14:43 +01:00
James Valleroy
880e9bd76a Set default paths in auth_page module to begin with server_dir. 2013-11-16 13:21:27 -05:00
James Valleroy
42ab442930 Cosmetic changes to owncloud page. 2013-11-16 07:14:00 -05:00
James Valleroy
ea0f5b8102 Earlier I removed some flexibility from XMPP/Owncloud config forms to get things working. Restoring code that will make it easier to add new parameters in the future. 2013-11-16 07:05:27 -05:00
James Valleroy
6c15728426 Change Owncloud config form to use FormPlugin methods. 2013-11-16 00:10:06 -05:00
James Valleroy
ee8ee9f41f Merge branch 'improve-apps-page' into bugfixes 2013-11-15 23:37:36 -05:00
James Valleroy
579ae89477 Change XMPP server config form to use FormPlugin methods. This works with POST form method. 2013-11-15 23:36:45 -05:00
James Valleroy
4111fca8eb Move owncloud into its own module. 2013-11-14 22:21:17 -05:00
James Valleroy
63508b6bba Fix some bugs in xmpp module. 2013-11-14 19:15:45 -05:00
James Valleroy
a7decf383e Check user db permissions when we redirect to firstboot, instead of trying to check if the file exists. 2013-11-14 18:28:47 -05:00
James Valleroy
3f36781fdf If creating a new user db, make sure it's permission is 640. 2013-11-13 23:45:40 -05:00
James Valleroy
d48ecb6722 Use server_dir as replacement for base_href. 2013-11-13 20:47:33 -05:00
James Valleroy
1127ff4f99 Prepend server_dir to menu items. 2013-11-13 20:38:39 -05:00
James Valleroy
b5591cb008 Fix typo in base template. 2013-11-13 20:05:44 -05:00
Nick Daly
7f3b1a62c8 Added fixme. 2013-11-12 22:05:03 -06:00
Nick Daly
22cce897bc Made security.mdwn a little more explicit wrt bcrypt. 2013-11-12 21:13:02 -06:00
James Valleroy
2f7b56e6a9 No need to have avoid timing side-channel attack in user_add. We're just going to tell you if the user already exists anyway. 2013-11-11 07:34:27 -06:00
James Valleroy
96edae33ed Remove time.clock line in auth module. It wasn't being used. 2013-11-11 07:34:27 -06:00
James Valleroy
292bedebe6 Use POST instead of GET for forms. It seems like it's working now. 2013-11-11 07:34:27 -06:00