Tests:
- Config files are all symlinks /etc/
- Configuration file is effective
- Web interface works
- Web interface authentication works
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This will leave /etc/{plinth,freedombox} empty by default making service more
robust to run across various environments and situations. See systemd's
explanation for more details.
- Use Debian maintainer scripts remove all the existing files in
/etc/plinth/modules-enabled.
- Read from /usr/share/freedombox/modules-enabled then from
/etc/plinth/modules-enabled and finally from /etc/freedombox/modules-enabled.
Later read ones override previously read files. Any file pointing to /dev/null
will mean the module must be ignored.
Tests:
- Clean up /etc/plinth, /etc/freedombox and
/usr/share/freedombox/modules-enabled. Run service and notice that files are
getting loaded from development folder using a debug message.
- Run setup.py and notice that files get installed in
/usr/share/freedombox/modules-enabled/ and in the next run they get loaded from
there.
- Create a override file in /etc/plinth/modules-enabled/transmission and notice
that overriden file gets priority over the one in
/usr/share/freedombox/modules-enabled.
- Link the file /etc/plinth/modules-enabled/transmission to /dev/null and notice
that is not loaded.
- Create another file in /etc/freedombox/modules-enabled/transmission and notice
that it overrides the previous two files.
- All affected modules are loaded.
- Build a new Debian package and ensure that upgrading 23.8 to new version
removes are all configuration files.
- Build developer documentation and test that Tutorial -> Full Code and Tutorial
-> Skeleton sections have been updated with references to
-.../modules-enabled/... paths.
- Install quassel and notice that certificates were copied to /var/lib/quassel
directory. Change domain to another domain and notice that certificates were
copied again to that directory.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
* Fixes the gitweb app initalization when there are no public
repositories and the apache2 configuration gitweb-freedombox-auth has
not been enabled before (this may happen when the git repositories or
apache2 configuration has been modified outside the plinth web UI).
* Fix comment in the gitweb-freedombox-auth.conf apache2 configuration
file.
Fixes#1928
Tests performed:
* The gitweb app unit and functional tests pass.
* Configured all gitweb repositories as private. Stopped the plinth
service. Disabled the apache2 configuration gitweb-freedombox-auth.
Then starting the plinth service succeeds and gitweb-freedombox-auth
configuration gets enabled.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
On the Gitweb site, links that end with /HEAD (for example menu links after
selecting 'tree' on the front page) are mistakenly redirected
to the git-http-backend cgi script and an empty page is shown to the user.
Modified Apache2 ScriptAliasMatch regex so that git-http-backend services get
redirected only if they immediately follow repository's name path component.
Links on Gitweb site have additional action component before /HEAD and those
will be handled by the gitweb cgi script.
The relevant git-http-backend source:
https://repo.or.cz/git/debian.git/blob/refs/tags/v2.20.1:/http-backend.c#l706
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
When using git-http-backend, both URLs ending with and without .git are allowed.
However, access restriction has only be applied for URLs ending with .git. This
means that private git repositories are clone-able by anonymous users by
removing the .git suffix in the URLs.
Fix the issue by extending the access restriction to cover URLs not ending with
.git.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
