- Merge backports functionality into upgrades module.
- No need to enable systemd timer as dh_installsystemd automatically enables
this during package installation and upgrade.
- Use https:// and deb.debian.org for repository checking. When using Tor for
package installations request the URL via Tor.
- Make daily checking service more generic for all kind of future apt repository
updates.
- Force removal of repository file during purge to avoid failures.
- Don't add contrib/non-free as backports is intended to be enabled for just the
freedombox package and it is free. When the need arises, we can introduce
contrib/non-free. This also eliminates an issue that adding these components
doesn't work without the usage of tor.
- Allow generate apt preferences file to avoid lintian complaining about its
presence. Remove on purge.
- Add unattended upgrades origin pattern to allow it to upgrade from backports
repositories.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Downloaded archives can't be fully extracted as tar.gz is incomplete at the
end and corrupt. This is due to complete gzip streaming implementation that is
does not flush the final bytes of gzip stream. Remove custom implementation
and get gzipped stream directly from borg.
- Fix mimetype for .tar.gz to application/gzip.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When radicale 2.x is available in testing, the migration can be
triggered by bumping the module's version.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes#1442.
When disk is very busy, sending KILL signal to the process may not kill it
immediately. So wait upto 5 minutes for it. This does not increase the time in a
regular case if the kill works immediately.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Make command line arguments more readable.
- Don't collect and reprint the logs. Let them be printed directly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
With newer version of radicale (>2.1), when configuration is changed, it is not
applied until the application is disabled and re-enabled.
Also make sure that configuration changes don't start a daemon when it is
disabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
The default rights file shipped in radicale 2.x package is equivalent
to owner_only. By setting this as our default, we can avoid any change
to the default config.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The default, remote_user, works ok when using uwsgi.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Not used with uwsgi, which is enabled for radicale 2.x.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Update description to simply and talk about multiple protocols supported.
- Don't diagnose on IPv6 as mldonkey does not listen there.
- Run yapf and isort.
- Minor styling fixes.
- Update functional tests to check for service running.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Drop the `bind_address` key during upgrade
- Use the new `bind_addresses` key instead
Fixes#1420
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- uwsgi service is sufficient to handle radicale2. Disable radicale service for
radicale2.
- Use action utils to deal with uwsgi configuration management.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is a workaround for the problem that when restarting firewalld with
iptables backend, flushing fails and starting with nftables also fails requiring
a restart to recover the problem.
Fixes#1440.
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Only do the configuration based on version run the remaining setup code
without considering version.
- Don't force upgrade/setup configuration when doing from version 4 and above.
- Force set cleanup=yes values during migration too.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Added a command-line argument called --old-version to the setup command based
on which it can decide whether to do a new setup or a migration.
- Removed the migrate command.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The free space limit value is allowed to a maximum of 60%, since setting the
it to a value higher than possible will effectively disable snapshotting.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org
- Snapper's cleanup algorithms don't apply limits unless they are specified in
the form of ranges. Changed all limit values in the configuration to ranges.
- Also, all MIN_AGE values have been set to 0 to avoid the disk space filling up
in case of a large number of snapshots generated in a very short amount of time.
- FREE_LIMIT has been increased to 30% from the default 20% since backup
archives also take up disk space on the root partition.
Fixes#1435
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Radicale 1 needs to have /radicale/.well-known/*dav to the URLs where as
Radicale 2 needs to have /radicale to be the URLs. Hence have two separate
apache configuration files.
- Use expr= when setting X-REMOTE-USER header to set the authenticated user name
properly. Without this all users are using a single user '(null)' data.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Makes it trivial to alter site configuration for all domains at once. Also
possible to easily switch to TLS modules other than mod_gnutls.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- adapt action and write tests for accessing a borg repo directly
via borg+ssh, without mounting it
- some docstring updates
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- fixes issues as supposed by jvalleroy
- new repositories always get a UUID so they can immediately be fully
used (mounted, queried etc) also before saving them
- remove test connection page -- errors are shown on form submission
- improved error handling when creating remote repositories
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- introduce env_vars in backups script and access_params for more
uniform handling of access parameters
- added tests for creating and deleting an archive
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Also try to automatically work for future versions of PHP.
Fixes#1413Fixes#1258
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
restart service after setting the firewall backend
Fixes#1400Fixes#1430
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The latest snapper returns the currently active snapshot like "4*", which
interferes with both the urls and the templates. Stripping off the unnecessary
asterisk since we have better ways of detecting what the currently active
snapshot is.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is the default for new installs of ejabberd, starting with
version 18.09-1. For existing installs from previous versions, the
config must be upgraded to use the new port.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
This takes care of the case where a user has tried the "setup" step and
failed. The new configuration will overwrite the old one.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
