During boot or in other situations when FreedomBox Service is offline, Let's
Encrypt certificate renewals might happen. When FreedomBox Service starts, check
on such certificates and run certificate setup mechanism in each app to use the
latest renewed certificate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
This fixes issues with revoking certificates.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Due a missing dependency on 'names' app, 'dynamicdns' app could be initialized
before 'names' app. This will lead to domain_added signal by dynamicdns being
ignored. Dynamic DNS domain name will not be make it into the list of global
domains.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Remove Python code to handle the extra item in the submitted form
- The select-all checkbox is never submitted in the form since it is missing the
"name" attribute
- Replace selector ':checkbox' with the faster selector '[type=checkbox]'
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is less tiresome for users and also improves the speed of functional tests.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Without this fix, the daemon plinth will not able to acquire a DBus connection
and listen for the FreedomBox DBus service when running as user plinth user.
This is the case for production FreedomBox machines.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Ensure that the fingerprint accepted is the one verified by user. If they
fingerprints and public keys are retrieved separately, there is chance that what
was verified by the user is not what is added to the known hosts file.
- Avoid creating a temporary file when fetching keys
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- There is no compelling reason to make the file configurable. Simplifies
configuration file if we make it relative to FreedomBox data directory.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Fix encrypted repositories getting created without encryption.
- Set verified=False by during save operation for safety.
- Handle common error scenarios and show proper messages. Such as authentication
failure.
- Use pathlib to simplify file handling code.
- Split nested code for readability and do better function splits.
- Expand ~ only if it is at the beginning of the path.
- Allow empty repository path as allowed by SSH.
- Don't internationalize log messages.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Assume that their SSH public keys are not unverified.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
