Tests:
- Visit the add static domain page. Notice that additional form description is
visible.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
As reported in discussion forum[1], when clients connected via 'shared' network
connection try to resolve the a static domain name configured in FreedomBox,
they resolve to 127.0.1.1. Since this refers to client's own IP address, they
fail to connect.
In the previous version, this was not a problem because the entry was stored as
<hostname>.<domainname>. To resolve this, store domain names in kvstore instead
of /etc/hosts.
Links:
1)
https://discuss.freedombox.org/t/freedombox-resolves-its-own-external-name-as-127-0-1-1/3660
Tests:
- Adding/removing static domains from Names app works. The order of added
domains is preserved in the stored configuration. When adding a existing domain,
a proper error message is shown.
- Without the patch, configure multiple domains. They show up in /etc/hosts.
Apply the patches and restart the service. Names app setup will run. Entries
from /etc/hosts are removed and will be added to kvstore. The list of domains
shows properly in Names app. After restarting the services, domains are show
properly.
- Without the patch on a version of FreedomBox without support for multiple
static domains, configure a static domain. Switch to latest version FreedomBox
with the patches. Restart the service. Names app setup will run. Entry from
/etc/hosts will be removed and will be added to kvstore. The list of domains
shows properly in Names app. After restarting the services, domains are show
properly.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- First of the list is the most important one and may be used as "primary"
domain in apps.
- Change the return type of DomainName.list() from set to list so that order can
be preserved. Update all users of the API accordingly. Add type hints to all the
methods using this API to catch any errors.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Change the mechanism for storing domain names in /etc/hosts. Don't write
hostname to /etc/hosts. Don't prepend hostname to domain name. This means that
when hostname changes, set_domain_name need not be called.
- This means that domain names such as example.fbx.one were not resolvable using
/etc/hosts but these will now resolve to 127.0.1.1. This is a minor concern to
becoming a breaking change.
- Don't use socket.getfqdn() for finding the domain name of the machine. Instead
read from /etc/hosts. There does not seem to a glibc/python API for querying
domain names from /etc/hosts with all variations it allows. Forward resolution
properly works no matter the library.
- Drop a pre-Python 3 conversion from unicode to ascii string for hostname. This
is no longer relevant.
- Domain name form is now domain add form. Passing domain name is mandatory.
Domain delete form and view have been introduced.
- Use augeas to edit hosts file. Add privileged methods to add/delete/get
domains. Add method to migration from old format to new. Support reading old
format too in get_domains.
Tests:
- Without hostname written in /etc/hosts, 'resolvectl query <hostname>' and
'ping <hostname>' work.
- With old /etc/hosts format apply patches and restart service. It will be
converted to new format.
- Adding a domain adds a new line to /etc/hosts file. The domain is shown in
domains list in Names app. Applications get reconfigured with the new domain
name.
- Deleting a domain adds a new line to /etc/hosts file. The domain is shown in
domains list in Names app. Applications get reconfigured with the new domain
name.
- Restarting app triggers domain added signal for all domains and all the
domains are shown in the Names app.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- In the main domains list, only show currently configured domains. Allow
operations such as edit/delete/configure on them. Actions are determined by the
domain type.
- Show domain types that can be added in a separate table. If an domain is
present and only of that type can exist, it will not be shown in this table.
Show add/configure action based on whether multiple domains can exist.
Tests:
- Configuring a singleton domain type puts it in the domains tables and removes
it from the add domains table. De-configuring it or disabling it does the
opposite.
- For domain types with multiple domains (static/dynamic), entries are shown in
domains if such domains exist. Entry in add domains tables always shows up.
- All action buttons for all five domain types work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Ensure that systemd-resolved package is not installed.
- Resolver status table is now shown.
- Instead a message is shown with button to re-run setup. Clicking the button
re-runs setup of the names app.
- Configuration form is also now shown.
- If systemd-resolved package is installed during re-run of setup, then status
table is shown.
- Message to install systemd-resolved is not shown.
- Configuration form is shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Config app description is as expected.
- Config form does not show domain name field anymore.
- Submitting the form with changes works.
- Names app has correct link for configuring static domain name. Clicking it
takes to page for setting domain name.
- On startup, static domian name signal is sent properly if set. Otherwise no
signal is send.
- Change domain name form shows correct value for current domain name.
- Change domain name form sets the value for domain name properly.
- Page title is correct.
- Validations works.
- Add/remove domain name signals are sent properly.
- Success message as shown expected
- /etc/hosts is updated as expected.
- Unit tests work.
- Functional tests on ejabberd, letsencrypt, matrix, email, jsxc, openvpn
- After freshly starting the service. Visiting names app shows correct list of
domains.
- ejabberd:
- Installs works as expected. Currently set domain_name is setup properly.
Copy certificate happens on proper domain.
- Changing the domain sets the domain properly in ejabberd configuration.
- Ejabberd app page shows link to name services instead of config app.
Clicking works as expected.
- letsencrypt:
- When no domains are configured, the link to 'Configure domains' is to the
names app.
- matrix-synapse:
- Domain name is properly shown in the status.
- email:
- Primary domain name is shows properly in the app page.
- Setting new primary domain works.
- When installing, domain set as static domain name is prioritized as primary
domain.
- jsxc:
- Show the current static domain name in the domain field. BOSH server is
available.
- openvpn:
- Show the current static domain in profile is set otherwise show the current
hostname.
- If domain name is not set, downloaded OpenVPN profile shows hostname.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Config app description is as expected.
- Config form does not show hostname anymore.
- Submitting the form with changes works.
- Names app has correct link for configuring Local Domain Name. Clicking it
takes to page for setting hostname.
- Avahi shows the current .local domain correctly in Names app.
- Change hostname form shows correct value for current hostname.
- Change hostname form sets the value for hostname properly.
- Page title is correct.
- Validations works.
- Pre/post hostname change signals are sent properly
- Success message as shown expected
- hostnamectl shows the set domain
- If domain name is not set, downloaded OpenVPN profile shows hostname.
- Unit tests work.
- Functional tests on names/config/avahi apps work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This improves the user experience in many ways:
- Help user understand if DNSSEC is being used on the current DNS server in case
'allow-fallback' is supported.
- Nudges the user to explore enabling DNS-over-TLS and DNSSEC.
- Help user understand how global vs. link specific configuration works. Help
user understand if a global DNS is being used.
- Show the list of fallback DNS servers being used (as this poses privacy
concerns).
Also helps with debugging in problematic situations:
- Find out which DNS server is being used (and leading to problems) and show the
cycling mechanism.
Tests:
- Enable/disable fallback DNS server in privacy app. See that fallback servers
line is only shown when enabled.
- Set various global values of DNS-over-TLS and DNSSEC and see the status
changes.
- Set various values of DNS-over-TLS in the network connection settings and see
the changes in status.
- Set DNSSEC to allow-fallback. Perform a query and see that the value of
supported/unsupported changes.
- Set DNS servers with special configuration file in
/etc/systemd/resolved.conf.d/test.conf and restart systemd-resolved. See change
in status page. Notice that if connection specific DNS server is set to an
invalid server, global section has a current DNS server.
- Set SNI domain name and port for the an IPv4 DNS and an IPv6 DNS. See that the
display is as expected.
- Raise an exception in get_status() and notice that an error alert is show
properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewd-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Visit the names app. New 'Domains' heading and configuration section appear.
- DNS-over-TLS configuration option is as expected.
- When the configuration file does not exist, the option selected is 'no'.
- When the configuration option is changed, 'resolvectl' shows the newly set
configuration. Using 'resolvectl query {domain}' does not work when DoT is on
and server does not support DoT. 'opportunistic' and 'no' work on those cases.
- When a DNS server supporting DoT (such as 1.1.1.1) is manually set, resolution
with all three settings works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- App page shows properly. Status of the current domains is shown properly.
- App page does not show enable/disable button.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
module.app property usage is greatly reduced because setup() and force_upgrade()
method are now part of App class instead of at the module level. Remove the
remaining minor cases of usage and drop the property altogether.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Remove the need to pass all the individual information elements to the AppView
separately. This eliminates many issues with elements that were mistakenly not
sent to AppView. Also reduces a lot of code duplication.
- Create App classes for power and sso for consistency.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- move header section to it's own file so that it can be imported across
the app (app.html, simple_app.html, setup.html)
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes#930
- Make targets to download wiki pages of each service
- Add post-processor script for DocBook file processing
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
monkeysphere: Run publish as background task, allow user to cancel.
Small fixes to names module:
- Remove unused ugettext import.
- Change SERVICES to tuple.
- If a domain is not available for a service type, return None instead
of (translated) "Not Available".
- Rename get_services -> get_enabled_services.
