- Add a component to easily manage registration of client applications.
Tests:
- Package build is successful has dependency on python3-django-auto-toolkit
- python3-django-oauth-toolkit can be installed on stable, testing and unstable
containers
- /.well-known/openid-configuration and /.well-known/jwks.json are servered
properly.
- /o/ URLs don't require login to access
- When logging in list of claims includes 'sub', email, freedombox_groups.
- Logging in using IP address works. Also works with a port.
- Logging in using 127.0.0.1 address works. Also works with a port.
- Logging in using localhost works. Also works with a port.
- Logging in with IPv6 address works. Also works with a port.
- Logging in with IPv6 [::1] address works. Also works with a port.
- Logging in with IPv6 link-local address with zone ID is not possible (as
browsers don't support them).
- When authorization page is enabled, scopes show description as expected.
- When domain name is added/removed, all OIDC components are updated with
expected domains
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Without the --git-export-dir option, gbp builds from the current directory
which contains .container and many other large files. All of these files will
get included into the tarball by default when 'gbp buildpackage' is executed in
an unclean folder.
- With the --git-export-dir option set, 'git export' is first executed to a
temporary directory and this git operation respects patterns in .gitignore. Thus
only expected files end up in the freedombox package source tarball.
Tests:
- When the source directory contains files in ./container, running 'gbp
buildpackage' results in freedombox*.tar.xz containing the disk images of the
containers. With this change, the tarball is clean and none of the files in
.gitignore endup in the tarball.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Update link in copyright file to the logo.
- Update paths to configuration file. Drop hack to load old configuration path.
Migrate old configuration file to new path.
- Use newer package name instead of transitional package name.
- Use newer systemd unit name instead of aliased one.
- Update backup/restore paths.
- Drop code to handle configuration file update. This upgrade was done during
Bookworm cycle. It is not needed for upgrade from Bookworm to Trixie.
- Fix understanding of default values for keys not present in the configuration
file. These values are picked up from source code as the documentation does not
mention them.
Tests:
- Run unit and minetest functional tests.
- After the app is freshly installed. Max users is 15. PvP is enabled. Create
mode is disabled. Damaged is enabled.
- Changes in configuration are reflected.
- Play a game and make some changes. Update configuration. Backup. Uninstall and
restore. The player data is restored. Configuration is restored.
- Install without the changes. Make configuration changes. Apply changes and
remove obsolete files. Restart service. App is updated. Notice that
configuration file is migrated to new path. Configuration options are retained.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Add a toggle menu for selecting the color scheme. JS code largely taken from
Bootstrap documentation and slightly customized.
- Use local storage to store the setting for dark/light/auto. Default to auto
which means browser level preference is picked up (which could be system level
preference).
Tests:
- Appearance of the toggle menu is consistent. Check box is shown on the
currently selected value.
- Deleting the local storage value reverts the preference to browser set value.
- Menu is collapsed at smaller screen sizes. Appearance and functionality as
expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Bootswatch is a theme library for bootstrap. In Debian, only 3.x version of
the package is available. It is compatible with bootstrap 3.x but not bootstrap
5. Drop the theming altogether and use the basic bootstrap style (which is
already very close to the theme).
- Updated copyright year, mention the video room files in debian/copyright.
- Drop libjs-spin.js which is no longer used by the updated code.
- Change bootstrap version to 5.x from the earlier 4.x. Also add node-popper2
library (needed by bootstrap5 and video room code) as explicit dependency.
- Add missing style for btn-default class dropped in bootstrap 5.
- .simulcast-button CSS style is not longer needed as updated code used flex box
with .d-flex bootstrap class.
Tests:
- Compare the files in janus source code around Mar 2022 with the files in
FreedomBox source code before this patch. Compare latest janus source code with
the files after this patch. Both sets of changes are very similar.
- Connect to video room using two browser windows. Connection is successful and
2 video streams are shown in each of the browser windows.
- Styling looks close to the demo on janus website and is acceptable.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Running 'make build install' remove the module loading include file for ttrss.
- TT-RSS is no longer available in apps page.
- Installing Tor works. Onion header is set correctly. Re-running app setup
works.
- RSS Bridge's description is updated as expected. Links work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Since debhelper 13.11.6, we don't need this hack as dh_installsystemd recognizes
the files in /usr/lib/systemd/ directory in addition to /lib/systemd/.
Tests:
- After build package with gbp. Notice that postinst script has code inserted by
dh_installsystemd for starting/restarting the service.
- Install the deb package starts service. Reinstalling the package restarts the
service.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Running make install installs to /usr/lib/freedombox. Non-privileged users
don't find it in the path. root user does.
- New service file contains path to /usr/lib/freedombox/. Actions works as
expected.
- Build and install the debian package. Privileged daemon runs as expected and
first setup steps complete as expected. First wizard works as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Fixes: #2251Fixes: #2426
- Temporarily add a bug fix for the one-line style apt sources format. Upstream
submission: https://github.com/hercules-team/augeas/pull/865 .
- Currently, only two options with keys arch= or trusted= are allowed. However,
as documented in apt manual page[1], there are many different options possible.
Apt itself parses these options in a much more generic way[2][3].
- Fixes allow parsing all the different options allowed by apt. A practical
example (accepted by apt) is also provided as a test case.
Tests:
- Add the following line to one of the apt sources file in
/etc/apt/sources.list.d: "deb
[signed-by=/usr/share/keyrings/debian-archive-trixie-stable.gpg]
https://deb.debian.org/debian trixie main". In augtool, print
/augeas/files/etc/apt/sources.list.d//error.
- With the patch, run 'make build install' and errors in augtool disappear.
- In tor proxy app, enabling/disabling apt through tor works. The files in
/etc/apt/ are updated as expected.
Link: https://manpages.debian.org/trixie/apt/sources.list.5.en.html
Link: 3c9399e643/apt-pkg/sourcelist.cc (L215)
Link: 3c9399e643/apt-pkg/contrib/strutl.cc (L245)
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2533.
See https://salsa.debian.org/freedombox-team/freedombox/-/issues/2533 for
rationale.
Tests:
- Build Debian package with changes and incremented version number. Install it
in the development container and run unattended-upgrade -d. libpam-abl package
is removed by unattended-upgrades.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Build a Debian package before and after the patch and notice that binary
packages have no differences when compared with diffoscope. Source packages show
only the change in the patch but no other change.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Daemon starts up with uid/gid set to root.
- Daemon does not run by default if a request is not received. Socket file is
created with 666 permissions and root:root ownership. Socket file parent directory
is created with 755 permissions and root:root ownership.
- Daemon starts if a request is sent to the socket using nc.
- If there an exception in daemon starting, then restart is done every second to
5 seconds, forever.
- Build a Debian package.
- Install it on fresh trixie Debian VM. Ensure that setup works and privileged
daemon is auto-enabled.
- Start a fresh trixie Debian VM and install freedombox from Debian repos.
Upgrade to the built package. Privileged daemon works and is auto-enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- The most pleasant font on any system is the default system font.
- It is the most optimized and styled font for the system considering screen
type and screen sizes.
- Used by all the system apps. Websites can become consistent with system apps
by using system fonts. GNOME, KDE, Ubuntu, Android, Chrome OS, iOS, and MacOS,
all have their own system fonts.
- Changed by the user using OS settings if they don't like it.
- Many popular sites have started using system fonts.
- No extra fonts have to be loaded making page loading jerk free and much
faster. On the first FreedomBox UI page load, the largest item is the font.
- We won't have carry the binary woff files in FreedomBox source tree anymore.
Also eliminates a bunch of lintian warnings.
- Lato font was used because it is prescribed by the FreedomBox identity manual.
Lato can still be used in other places such as marketing materials.
Tests:
- System font is used in the UI. When system font is changed in Gnome settings
and browser is restarted, the new font is shown in the UI.
- Check that the overall layout of the app grids is not effected by the font
size change.
- Check that all the tables in the UI are not affected by the font change.
- Backups repository listing shows each backup archive in one line.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
Thanks to git blame I found why python3-tomli had been added back then:
6199718a19383d8d070b7bdc9d26ead71a9d26dd
python3-tomli is slowly being sunset in favor of tomllib from the Standard
Library: https://wiki.debian.org/Python/Backports
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Use docker container via registry.freedombox.org to obtain the package.
Specify this in the description.
- Mark the app as experimental.
- Show information that a dedicated domain is required to host Home Assistant.
- Use special YAML loader/dumper to deal with custom YAML tags in configuration
file.
- Obtain logo file from a test file in code repository with Apache license as
the actual logo files are freely licensed.
- Write functional tests without accessing the website as a dedicated domain is
necessary.
Tests:
- Functional tests work.
- Add a domain 'mydomain.example' using the Names app. Assign this domain in
Home Assistant app configuration. In /etc/hosts on the host machine add a
mapping from mydomain.example to the IP address of the container/VM. Access the
web interface using https://mydomain.example. Home Assistant web interface is
available and functional.
- After install of the app the configuration.yaml file contains the proxy
related lines are expected.
- Diagnostics work (expect the URL access).
- Re-run setup works.
- 'Launch web client' and frontpage shortcut work as expected.
- Non-admin users can't connect on port 8123.
- Home Assistant is able to establish websocket connection in its web UI.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
