Don't explicitly enable module php7.0. Rely on the package libapache2-mod-php
installing the current version of the package and enabling. This ensures that
when PHP version changes, the code is not broken.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
/etc/matrix-synapse/homeserver.yaml file has several complex cases of inline
comments which are introducing bugs when parsed with ruamel.yaml
Eliminated the problem by discarding comments altogether since the YAML data is
only read by Plinth and not by a human.
Closes#1214
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Earlier only openvpn@.service file was available. Currently, Debian is using
openvpn-server@.service and openvpn-client@.service. Start using this and
upgrade our current users to this approach. This fixes the problem with
incorrect enabling/disabling of OpenVPN app in Plinth.
Tested primarily three cases:
- Install version 2 of the app directly. Make sure daemon runs,
enabling/disabling the app works.
- Install version 1 of the app. Disable it. Upgrade to version 2 make sure
everything is upgraded but disabled. Enabling make the app work properly.
- Install version 1 of the app. Enable it. Upgrade to version 2 make sure
everything is upgraded, app is enabled and running.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Installs and configures MediaWiki. SSO integration is not included yet.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Instead of a separate action that is conditionally called for a version number,
we can check if the domain currently configured is what we want and then based
on the value do a reconfiguration. This approach will work better when Plinth
state is reset etc.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Increment users module version so existing users will get FreedomBox
copy of ldapscripts config file.
Avoid reconfiguration of slapd during module upgrade, because this
will move the existing database.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
After a user enables/disables MAM, use ejabberd's reload_config instead
of restarting ejabberd.
Please let me know how this looks? Could reload_config also be of use
when adding/dropping a Let's Encrypt certificate?
Fixes#1010
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Edit user form fails because a 'wiki' group entry exists in the database
though the ikiwiki app hasn't been installed yet.
- Register group when a user group is created by an application, so that a
plinth restart can be avoided.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- More user-friendly treatment of groups and their permissions
Closes#690
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Change sso refresh url to refresh-pubtkt since refresh was conflicting with
captcha's image refresh url.
- Fix datetime.timedelta calculation for refresh interval. Now validity of
ticket is 30 seconds as it was intended to be. It was wrongly set to 30 days
earlier.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
All users can login. Only admin users can see logs and make changes.
LIMITATION: Only certain functions such as service management is possible.
Functions such as networking and user management is read-only. This problem does
not occur for user belonging to the 'sudo' group.
- Move to system section from applications section.
- Rename action script to cockpit instead of cockpit.
- Deal with .socket/.service correctly.
- Implement hooks on domain name changes and update configuration correctly.
- Host the application under /_cockpit instead of /cockpit because it is
reserved.
- Update description.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Apply the patch present in Debian packaging:
James Valleroy: When testing new image builds, I found users created through
plinth could not login through console or SSH. The reason is that slapd and
nslcd services were not enabled and not running. I don't know what is causing
this situation, so this is just a workaround.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This does not effect the first install but is necessary when upgrading to newer
Plinth module version.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Also wrote unit tests in users/tests/test_actions
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
API access is required to use tt-rss from the official Android app
Closes#1060
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Only add a connection for a device if a connection with that name is not already
associated with that device.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
When network-manager restarts, it leaves the existing connections intact. When
it start again, it somehow restores that active connection. So, restarting
network-manager is not a solution to activate all newly created connections.
Explicitly activate all connections and don't restart network-manager. Do
connection activation in background so that failed activation does not lead to
failed setup of remaining connections.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
The changes made for system login will not be effective until a restart. This
includes SSH login, console login, getent answers, etc.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Closes#928
- Adds shell and python APIs adding/removing LDAP groups
Signed-off-by: Rahul De <rahul080327@gmail.com>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
This does not change the order of any of the current devices. Only device
supported currently that has multiple interfaces is APU.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- For a user who installed using FreedomBox disk image, when Plinth upgrades to
a release containing this change, don't run network setup. This is ensured by
not incrementing the version number of the networks module.
- For a user who installed using freedombox-setup Debian package, when Plinth
upgrades to a release containing this change, don't run network setup. This is
ensured by not incrementing the version number of the networks module.
- For a user who installed using freedombox-setup Debian package, when Plinth is
run for the first time, don't run network setup. This is ensured by checking
for the file /var/lib/freedombox/is-freedombox-disk-image which will not
exist.
- For a user who installed using FreedomBox disk image, when Plinth runs for the
first time, setup process executes and triggers the script due networks module
being an essential module.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
* Fixing wrong function calls leading to error 500.
* Merging enable/disabling/status into single action, to improve
handling in cli, and reduce code duplication.
* Fixing order of restart and enabling of public registration option.
* Minor, cosmetic fixes of code and user-facing strings.
* Overall code design now almost identical to Ejabberd service page.
Signed-off-by: Johannes Keyser <johanneskeyser@posteo.de>
