Closes: #2503
- FreedomBox is a server that is typically always running. If applications such
as GNOME desktop environment are installed, they could, by default, cause system
to sleep or hibernate after a period of idleness (based on peripheral activity).
To ensure that services are always available over the network, prevent all such
applications from sending the system to sleep/hibernate.
- Other types of sleep such as hybrid sleep and suspend and hibernate are also
automatically disabled by systemd if either suspend or hibernate are disabled.
Tests:
- Without the changes, install GNOME. In gdm login screen or in desktop
environment, after 20 minutes (default) the system goes to sleep.
- Create the file in the patch with the appropriate directory in a production
FreedomBox machine. Run 'systemctl daemon-reload'. After this, running
'systemctl suspend' or 'systemctl hibernate' will return an error that the
operation is not supported. In GDM, the suspend button does not appear. In GNOME
desktop environment after login, the suspend button does not appear. Even after
the 15-20 minute period, the system does not go to sleep.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The path attribute has been deprecated and will be removed in pytest 9.0. The
new argument to use is collection_path which is pathlib.Path object it is
available in pytest 7.2 (bookworm) and above.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The warning is:
RemovedInDjango50Warning: The default value of USE_TZ will change from False to
True in Django 5.0. Set USE_TZ to False in your project settings if you want to
keep the current default behavior.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Helps: #2501
Helps: Debian #1100995
- With radicale's Debian packaging for version 3.5 (trixie) the auth/type
configuration value is no longer set to remote_user by default[1]. FreedomBox's
setup depends on this. So, set this value explicitly including for bookworm.
Links:
1) https://tracker.debian.org/media/packages/r/radicale/changelog-3.5.0-1
Tests:
- Install on bookworm and testing VMs and run functional tests. Web UI works.
- On bookworm VM, install radicale and perform dist-upgrade. Upgrade succeeds.
Radicale is at version 3.5.0-1. The file /etc/radicale/config *does not*
contains auth/type as 'remote_user'. This is because unattended-upgrades has
unexpectedly upgraded radicale and overwrote the configuration file. This is
being investigated separately.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- We are using a private data structure that lead to failure. psutil 7.0 removed
two fields from the partition class. Just update the code to work with 7.0
instead of emulating psutil completely as that is a better test.
- The primary code is unaffected in is_partition_read_only() and
get_filesystem_type() due to not having any changes in the fields we use.
Tests:
- Run unit tests on testing and unstable VMs.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
There are configuration items that users of syncthing can accidentally
set, resulting in the UI becoming unavailable. Previously, if such a
thing happened, the FreedomBox admin would have to ssh into the server and
edit the xml manually or reinstall/restore the app. With this patch, it
is enough to re-run the setup to make the UI accesible again.
- Remove http basic authentication from the settings (gui/user and
gui/password. This is unnecessary as FreedomBox already provides
authentication.
- Make sure these options are properly set:
- 'Use HTTPS for GUI' is off
- 'GUI Listen Address' is 127.0.0.1:8384
- GUI is enabled
There is a forum discussion that inspired these changes:
https://discuss.freedombox.org/t/solved-cant-access-syncthing-administration-panel/2137
Tests done:
- Fresh install: after the setup, confirm the UI is working properly and
the xml is configured with the expected values.
- Make the changes to break the Syncthing UI, then re-run setup. Confirm
the UI is back online.
Signed-off-by: Benedek Nagy <contact@nbenedek.me>
[sunil: Initialize conf_changed variable to prevent failures accessing it]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2499
[sunil]
- Add a comment about the dependency.
Signed-off-by: Benedek Nagy <contact@nbenedek.me>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
[sunil]
- Move the script to plinth/tests/functional directory as it is the right place
for it.
- Add HACKING.md entry to talk about the script.
- Update the pyproject.toml to ensure that functional tests config.ini is
installed along with functional tests python code.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
As reported in discussion forum[1], when clients connected via 'shared' network
connection try to resolve the a static domain name configured in FreedomBox,
they resolve to 127.0.1.1. Since this refers to client's own IP address, they
fail to connect.
In the previous version, this was not a problem because the entry was stored as
<hostname>.<domainname>. To resolve this, store domain names in kvstore instead
of /etc/hosts.
Links:
1)
https://discuss.freedombox.org/t/freedombox-resolves-its-own-external-name-as-127-0-1-1/3660
Tests:
- Adding/removing static domains from Names app works. The order of added
domains is preserved in the stored configuration. When adding a existing domain,
a proper error message is shown.
- Without the patch, configure multiple domains. They show up in /etc/hosts.
Apply the patches and restart the service. Names app setup will run. Entries
from /etc/hosts are removed and will be added to kvstore. The list of domains
shows properly in Names app. After restarting the services, domains are show
properly.
- Without the patch on a version of FreedomBox without support for multiple
static domains, configure a static domain. Switch to latest version FreedomBox
with the patches. Restart the service. Names app setup will run. Entry from
/etc/hosts will be removed and will be added to kvstore. The list of domains
shows properly in Names app. After restarting the services, domains are show
properly.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2490
Tests:
- Unit tests works.
- On a fresh stable container, enable auto updates. Run 'apt install
mumble-server' and kill the apt process when it is unpacking. After this any apt
install command will ask for running dpkg --configure -a. At this time, run the
Testing dist upgrade. Dist upgrade starts successfully and then shows the
message 'Fixing any broken apt/dpkg states...'. It also shows that packages that
were not setup have been setup. Dist upgrades proceeds after that.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Use qcow2 image format so that snapshots of VMs can be taken.
- Snapshots of running VMs can't yet taken yet. But once the VM is stopped,
snapshots are possible.
Tests:
- Bring up a stable VM freshly after destroying. Work with the VM, stop it and
take a snapshot using virt-manager.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2490
- When app update and force upgrade are pending on an app, app.setup() is run
during initialization. During setup(), force upgrade is first run as expected.
However, force upgrade does not do it's job when an app needs version upgrade.
setup() then tries to run package install() for the app and fails because
configuration file prompt is pending.
Tests:
- On a fresh bookworm container, update all packages. Run freedombox and ensure
that first setup has been completed. Stop freedombox and increment the firewall
app version. Then change sources.list and change bookworm to testing. Run apt
update. Then start the fredombox service. Notice that firewall app setup is run.
During the setup, force upgrader is executed. It install the newer firewall
package with the newer configuration file and performs the configuration file
changes. After that setup process continues and completes successfully.
firewalld package has been upgraded from 1.3.x to 2.3.x. firewalld service is
running. In /etc/firewalld/firewalld.conf default zone is set to external and
backend is set to nftables.
- Rerun the above test without the patches and notice that force upgrader does
not recognize firewall as a package to upgrade and setup() fails when trying to
install() packages. This is run in a loop continuously.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Save changes to /etc/apt/sources.list as a different file.
- When launching the dist upgrade process via systemd-run, use bind mounting to
ensure that the newly created sources file is treated as the original
/etc/apt/sources.list.
- If the process completes successfully, rename the new file to the original
sources.list. If the process terminates abruptly or machine reboots,
sources.list will remain unchanged. This will also the dist upgrade process to
be restarted (and hopefully continued).
Tests:
- On a fresh stable container, running dist-upgrade succeeds.
- While dist-upgrade is running, /etc/apt/sources.list is unmodified. After the
operation is successfully completed, /etc/apt/sources.list has been updates
successfully. If the operation fails, /etc/apt/sources.list remains unmodified.
- During the run the following are run:
- apt update
- package holds
- debconf selections
- full-upgrade
- autoremove
- unattended-upgrades
- restarting freedombox service
- waiting 10 minutes
- apt update
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When an action is invoked, it configured to handle console and journal
handlers. Console logger (StreamHandler) flushes after each event. Journal event
is sent immediately after the event. So, we are not losing the immediate flush
advantage by switching to logging framework.
- Since console logging is present (and the output is not captured away), using
journal handler also will double log each event. Remove the journal handler.
Console is where the output of various commands is logged. So, keep that.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- A service with the same name can't be started again.
- Transient service goes away as soon as the process ends. This is like
automatically removing the flag. This ensures that stale file does not cause an
issue.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2493.
Tests:
- For each of the packages in the list, download the Bookworm version and Trixie
version of the packages. See if the files in /etc/ that were modified were also
files we also modify. If so, keep it in the list. Otherwise, remove it from the
list.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Helps: #2493.
- searx will not be part of Trixie.
- This special upgrade code is not required for Bookworm -> Trixie upgrade.
- This code is not be invoked for Bullseye -> Bookworm upgrade as this removal
will not reach Bullseye.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
