In the event setup page is being shown after the application installation is
already completed. Immediately reload instead of waiting for 3 seconds are
usual.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- During the rendering of the view, the state of installation may keep changing.
This may lead to inconsistencies in the page. Avoid that by collecting the
state once and then reusing that throughout the rendering process.
- During the time that setup middleware's checked of setup state of an app and
rendering of app's setup view, if the setup process could get completed. This
will lead to setup page being shown even after the application is installed.
Handle this case and show a proper page instead of 'Submit Query' button on
the page. Fixes#1360. This can be easily replicated by introducing a 10
second sleep after setup middle checks of the application is 'up-to-date'.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Passwords will be automatically upgraded for each user on login.
Usernames not yet upgraded are vulnerable to user enumeration attack due to
difference in password check timing.
No need to add build dependency on python3-argon2 because tests use a different
Django configuration which does not use argon2 hash.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When a user running tests is root and borg is not installed, several tests fail
due to missing borg. Skip these tests when borg is not installed.
Reviewed-by: Michael Pimmer <info@fonfon.at>
This is primary due to changes in the way Cockpit is doing authentication.
- Only admin users are allowed now. Users outside the admin group won't be able
to login.
- All functions are working (if the reuse password for system functions box is
checked during login).
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
- Explicitly setup the list of Django languages. Keep them sorted by language
code.
- Fallback to language name when Django can't provide locale language name.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
This will help with modularizing the code as well as abstracting out CherryPy
for potential later replacement.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Mention that btrfs filesystems are only supported 'currently'.
- Clarify 'Free Space'. Explain how it actually works.
- Show '%' after the number in free space drop down. Also add 70%.
- Maintain the earlier order of showing timeline snapshots first and then
software snapshots. This is order of importance.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Added a command-line argument called --old-version to the setup command based
on which it can decide whether to do a new setup or a migration.
- Removed the migrate command.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The free space limit value is allowed to a maximum of 60%, since setting the
it to a value higher than possible will effectively disable snapshotting.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org
- Snapper's cleanup algorithms don't apply limits unless they are specified in
the form of ranges. Changed all limit values in the configuration to ranges.
- Also, all MIN_AGE values have been set to 0 to avoid the disk space filling up
in case of a large number of snapshots generated in a very short amount of time.
- FREE_LIMIT has been increased to 30% from the default 20% since backup
archives also take up disk space on the root partition.
Fixes#1435
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Remove access/error log references in configuration files and tests.
- Ensure that /var/log/plinth directory is not created anymore.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Makes it trivial to alter site configuration for all domains at once. Also
possible to easily switch to TLS modules other than mod_gnutls.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
While capturing stdout and stderr and automatically logging that to system
logging daemon provides basic information, a lot of information lost in the
process.
This change logs to systemd journal directly so that rich information such as
code file, code function, code line, etc, can be captured in a structured way.
To avoid double logging, discard stdout and stderr in the systemd unit file.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Instead log only to the console and let daemon wrapper (systemd in Debian) take
the logs from the console and log them to system log. There are many advantages
for logging to system log instead of handling files on our own:
- No need to handle log file rotation. This can be configured in many ways and
we don't have to support that. System's log daemon handles this. Closes#1353.
- Remaining system logs such as sudo and audit logs can be along with FreedomBox
logs for better debugging.
- It is possible to do remote logging based on system logger.
- It is possible to make the logs tamper resistant based on system logger
configuration.
Since timestamp is automatically logged by system log daemon, remove timestamps
from log format. When running on console, timestamps are not very useful.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Access log is not populated by cherrpy anymore.
- CherrPy does not log WSGI handler requests at all. So the request for HTML
pages actually is never logged. Only static file requests which are hardly
useful are logged.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
