- Don't set log level explicitly. Fallback to value set in global Apache
configuration.
- Don't set directory options already set in global configuration.
- Remove /cgi-bin/. Only ikiwiki uses cgi and it is served from a different path
than /usr/lib/cgi-bin.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Merge backports functionality into upgrades module.
- No need to enable systemd timer as dh_installsystemd automatically enables
this during package installation and upgrade.
- Use https:// and deb.debian.org for repository checking. When using Tor for
package installations request the URL via Tor.
- Make daily checking service more generic for all kind of future apt repository
updates.
- Force removal of repository file during purge to avoid failures.
- Don't add contrib/non-free as backports is intended to be enabled for just the
freedombox package and it is free. When the need arises, we can introduce
contrib/non-free. This also eliminates an issue that adding these components
doesn't work without the usage of tor.
- Allow generate apt preferences file to avoid lintian complaining about its
presence. Remove on purge.
- Add unattended upgrades origin pattern to allow it to upgrade from backports
repositories.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Use the X-Forwarded-For header only if specified in the configuration. This
makes FreedomBox safe to use when not behind a reverse proxy server (although
we are unlikely to do this).
- When fetching the IP address to reset after successful login, use the
X-Forwarded-For header only if specified in the configuration.
- Minor flake8 refactorings.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Update description to simply and talk about multiple protocols supported.
- Don't diagnose on IPv6 as mldonkey does not listen there.
- Run yapf and isort.
- Minor styling fixes.
- Update functional tests to check for service running.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Easy to configure for separate services.
- Unique names ensure that system administrator FreedomBox configuration files
don't conflict with system administrator created ones.
- Set maximum attempts to 10 globally instead of 5.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Radicale 1 needs to have /radicale/.well-known/*dav to the URLs where as
Radicale 2 needs to have /radicale to be the URLs. Hence have two separate
apache configuration files.
- Use expr= when setting X-REMOTE-USER header to set the authenticated user name
properly. Without this all users are using a single user '(null)' data.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Remove access/error log references in configuration files and tests.
- Ensure that /var/log/plinth directory is not created anymore.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Makes it trivial to alter site configuration for all domains at once. Also
possible to easily switch to TLS modules other than mod_gnutls.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Avoid Satisfy and Allow which are deprecated.
- Make sure the redirection rule applies only to the URL intended.
- Fix issue with Proxy matching of URLs.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
While capturing stdout and stderr and automatically logging that to system
logging daemon provides basic information, a lot of information lost in the
process.
This change logs to systemd journal directly so that rich information such as
code file, code function, code line, etc, can be captured in a structured way.
To avoid double logging, discard stdout and stderr in the systemd unit file.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Also try to automatically work for future versions of PHP.
Fixes#1413Fixes#1258
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
In ejabberd 18.09-1, the default BOSH port is changed from 5280 to
5443. Update ejabberd diagnostics and the jwchat-plinth apache conf,
which is used by JSXC.
Fixes#1398.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Use the directory for service custom static files only if it exists.
- This fixes issue with lintian complaining of installing files in /var/www.
Closes#1399
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Static files are directly served by the CherryPy web server.
- .gitignore file placed as a placeholder to be able to commit the directory
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
udiskie is now an essential module that will be installed along with storage.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The unattended-upgrades package removes older kernel packages before
starting the upgrade process, so that the current kernel and the newly
installed kernel will be retained and all older kernel packages will
be removed.
The removal of older kernel packages requires "apt autoremove" to list
them. So, a setting to enable autoremoval of packages has been turned
on as well.
When tested on a vagrant box, the current kernel 4.17.0.1 and the new
kernel 4.17.0.3 have been retained. Older kernels were removed
preemptively before the installation of 4.17.0.3
Fixes#1372
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Changed configuration file FreedomBoxSettings.php to enable SVG extension.
- Added functional test for upload and viewing of svg file.
- Modified the existing functional test with image file name as parameter.
Closes#1354
Signed-off-by: Vignan Lavu <vignan.lavu@gmail.com>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Increment version number
- Functional test for uploading files
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Move the file editing code to actions/config since it must be executed by a
super user.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Avoiding manual edits to LocalSettings.php by overriding the configuration in
another file called FreedomBoxSettings.php and including it in
LocalSettings.php. This avoids bugs and makes configuration changes trivial.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Newer versions of Django axes have newly way to get the IP address of a client
using ipware library. This has multiple security issues
https://github.com/jazzband/django-axes/issues/286 . Workaround them by
controlling the X-FORWARDED-FOR header sent from Apache to FreedomBox and by
limiting the headers that ipware uses.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Adds the basic application framework
- Adds the sharing page for index and adding share
- Adds the action for sharing for adding and listing shares
Signed-off-by: Prachi Srivastava <prachisr@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
