- RSA to ECC migration was introduced in October 2020 is available to
Buster (via backports) and to Bullseye users. Dropping the code will make it
easy to test regular maintenance code updates.
- A two step setup process of first installing and then setting up the
certificates is no longer necessary. (New installs already don't use this). The
certificate generation process does not take hours but minutes. We also have a
good progress indication during install+setup process.
Tests:
- Functional tests pass.
- Initial setup completes successfully and does not take very long time.
- Profiles can be downloaded successfully and imported.
- A client an use them to connect.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests pass.
- Initial setup completes successfully and does not take very long time.
- Profiles can be downloaded successfully and imported.
- A client an use them to connect.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup of during first setup works
- When there are no wired network interfaces
- When there is 1 wired network interface
- When there is one wifi interface. wired network is setup as 'external'
WAN. (simulated with edit of _get_interfaces())
- When there are no wifi interfaces. wired network is setup as 'internal'
WAN.
- When there are multiple wired network interfaces
- First one is setup as WAN rest as shared
- When there is one wifi interface, interface is setup as shared.
- When there are no wifi interfaces
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This prevents the diagnostic failure.
Tests:
- Functional tests pass
- Diagnostics page shows a test for each hostname in the system. All of them
pass.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work
- Setting the media directory updates the configuration file. Newly set
directory is shown on the app page after update.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work
- Updating the configuration values works
- Enable/disable works
- Editing the max players works
- Changing all of them together and one at a time
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests works (when libpam-tmpdir is removed)
- Initial setup works
- Website is accessible
- sqlite file is created
- Database update is triggered
- Changing skin/admin password/public registrations/private mode/site name works
- Configuration file is updated
- App page shows the current value
- Website is reflects the correct value
- When private mode is enabled, public registrations are automatically
disabled
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work
- Initial setup works
- Setup after install works
- Domain is properly set
- Configure domains is properly shown in the app page
- Updating TURN configuration works
- Configuration file is updated
- Enabling/disabling public registration works
- Configuration file is updated
- App page show current status
- FAIL: Daemon fails to start when public registration is enabled
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work
- Initial setup succeeds
- infinoted user/group is added to the system
- systemd service is created and service is running after install
- Directories /var/lib/infinoted, /etc/infinoted and /var/lib/infinoted/sync
are created with infinoted as owner and group.
- Certificates /etc/infinoted/infinoted-{cert,key}.pem are created with
infinoted as owner and group.
- Enabling/disabling works and enables/disables the service
- Gobby is able to connect to the server and create a document
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work.
- Initial setup works
- /var/www/ikiwiki is created
- Shortcuts are created for existing sites after restarting FreedomBox service.
- Creating a new wiki works.
- The site is listed in the list of blogs/wikis
- Creating a new blog works.
- The site is listed in the list of blogs/wikis
- Deleting a wiki works
- Deleting a blog works
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work.
- Initial setup works
- Sometimes fails to write tunnel configuration (See #2127).
- Favorites are created as listed in FAVORITES in resources.py
- Tunnels are created: I2P HTTP Proxy, I2P HTTPS Proxy, Irc2P
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work
- Accessing help/status-log/ works and last 100 logs lines are shown.
- When there are no logs, '--no entries--' message is shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functions tests work
- Initial setup works
- Global default branch is set to 'main'
- Creating an repository works
- Cloning a repository works
- Progress is shown on the app page
- List of repositories is shown properly in the app page
- Deleting a repo works
- Editing a repository works
- Repository information is shown properly in the form
- Renaming a repository
- Setting description
- Setting owner
- Setting a repository private/public
- Setting default branch (list of branches is shown properly)
- Error is thrown properly when a remote repository does not exist
- Errors are handled properly when creating/editing/deleting repo
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- If a daemon is not-running, we already show an error message to the user. Use
that mechanism instead of the custom one.
Tests:
- Functional tests work.
- Initial setup for firewall on first boot works.
- Default zone of the firewalld is set to external in /etc/firewalld.conf
- Status of various apps is shown properly in the app page
- If firewalld is not running, the app page is still displayed properly and
message that firewalld is not running is shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work (uninstall test does not work)
- Initial setup works
- Domains are setup
- Home is setup (others don't have permission for /var/mail)
- Aliases configuration is setup
- Postfix is setup
- rspamd is setup
- Changing primary domain works
- Adding/removing domains works
- Error during operations is handle properly: getting dkim key
- Setting up DKIM key when changing, adding/removing domain works
- Showing DKIM key in app page works
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work (backup test intermittent failure)
- Initial setup works
- Domain name is configured properly
- FAIL: Changing hostname works (See #2276)
- Adding a domain to the system works
- Current list of domains shown properly in app page
- Setting list of domains works
- Showing TURN configuration works
- Updating TURN configuration in coturn page works
- Enabling/disabling MAM status works
- Configure file is updated
- App page shows correct status
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests work.
- Initial setup works.
- Setting the setup version to 1 and running the service upgrades to version 2.
During this, export_config() and clean() work successfully.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup of coturn succeeds
- Configuration file is created and required configuration is set.
- Coturn is restarted
- Coturn configuration is shown on app page.
- Changing the domain succeeds and coturn configuration reflects the new domain.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Running flake8 as in .gitlab-ci.yml works.
- Setting the domain name again to update /etc/hosts file after hostname change
works
- Setting the domain name from the text box works. New domain name is read back
and shown properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Running flake8 as in .gitlab-ci.yml works.
- Changes the hostname works and it is updated in /etc/hostname
- Avahi daemon is restarted
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup succeeds
- (not tested, functionality removed later) During initial setup, if
/etc/apache2/conf-available/freedombox.conf has home page other than /plinth,
it will be changed to /plinth.
- Setting the home page to Apache default, plinth, or an app works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Unit and functional tests work.
- Creating a library works.
- An error while creating library shows as proper message.
- Deleting a library works.
- An error while deleting library shows as proper messages.
- Creating/deleting library reflects properly in the list of libraries.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup:
- Creates zones directory
- Write default configuration
- named is restarted
- Forwarders
- Setting forwarders works as expected.
- Current list of forwarders is shown as expected
- List of served domains is shown properly
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Functional tests
- Initial setup
- Sets the domain to freedombox.local (SITENAME)
- Default permissions are set to read
- Three passwords with varying permissions are create by default
- Current configuration is retrieved properly (default permissions, passwords)
- Adding passwords works, they are list as expected
- With or without comment
- Removing password works
- Setting default permissions works
- Untested:
- Upgrade from version 1
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Initial setup works when a new container is created
- When transmission is enabled/disabled, the web configuration for it is
enabled/disabled.
- When radicale is enabled/disabled, the uwsgi configuration for it is
enabled/disabled.
- Sharing web configuration is disabled during backup and re-enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When the action was converted from shell to python3, it was not removed from
the exclusion list.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
We depend on systemd for many things anyway and this code path is never tested.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
There is not much additional risk by doing this. This is needed in case of some
exceptional cases such as storage.validate_directory() which need to run as a
different user other than root.
Tests:
- Directory validation works in transmission and deluge.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Currently privileged actions use stdout for returning the results. If any of the
sub-processes accidentally output to stdout, decoding errors occur. Prevent this
by opening a pipe to the privileged action and returning the output in that
pipe.
Tests:
- Run unit tests
- Functional tests for other apps pass
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Currently, privileged actions are not allowed under top-level plinth module.
They are only allowed under each app module. Allow privileged actions under
plinth module.
- Currently, privileged actions are not allowed under a sub-module of
'privileged' package. They are allowed only in 'privileged' module. Allow
sub-modules under 'privileged' package.
Tests:
- Email app functional tests pass
- Functional tests for apps using package and service privileged methods pass
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- 'application-name' is not meant for regular web pages, just web apps.
FreedomBox qualifies as a web app. Browsers may use this over title.
- 'description' should rather talk about FreedomBox rather than just what role
the web interface plays in the FreedomBox project.
Tests:
- Verify formatting in output HTML.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When a notification's message contains unexpected formatting characters such
as '{}', showing the notification and consequently the entire FreedomBox web
interface fails. Prevent that by make sure that that message formatting never
fails.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
