Added all default Django password validators.
Not enforcing special characters.
https://blog.codinghorror.com/password-rules-are-bullshit/
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Reviewed-by: Johannes Keyser <johanneskeyser@posteo.de>
- Essential modules would be installed by apt as they are already
dependencies of plinth.
- Plinth trying to trigger an installation is unnecessary.
- Plinth installing deb packages might also cause problems with plinth
startup if automatic upgrades are running.
- Added back the --setup option
- setup doesn't run when something else like diagnostics is invoked
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This ensures that Apache is fully setup before setting up mod-auth-pubtkt.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
There is no need to restart firewalld after the setup steps run.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Essential modules enable their own services properly. There is no need to do
them as part of common setup.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Capture all Python warnings so that they can shown as part of logging system
on console and in log file.
- Also capture deprecation warnings into logging system if debug mode is
enabled. Current versions of Python disable deprecation warnings by default.
Django 1.11 also follows this approach now.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Johannes Keyser <johanneskeyser@posteo.de>
If pubtkt module is not enabled (rare) and if repro is enabled, Apache fails to
start. Make sure this effects only repro module. The single-sign-on
configuration already ensures that access is denied if pubtkt module is not
enabled, preventing unauthorized access.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Instead run all of the setup process during the first boot. This enables us to
someday remove the reboot step entirely.
Tests: After building a new image with the changes, call the modules have shown
to be properly setup. Running the setup wizard, creating admin user and logging
works as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Enable cached results when checking if the user is an admin. Cached results
are only invalid when a user newly get admin permission or when an existing
user loose admin permission. Here the consequence of showing wrong results is
minor.
- Use all small case for variable names.
- When we use a utility method from Plinth, we can trust it to give expected
values. Otherwise, we should fix the method to be more robust.
- Don't recommend the user to go to disks configuration page as there is not
much there to do to free up space. The action might be removing apps, deleting
downloaded content (downloaded via torrents) etc.
- df is unlikely to return '-1' for size of disk.
- Avoid using -1 as error value.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- using latest version of lib-apache2-mod-authpubtkt
- upgraded keys to 4096-bit RSA
- upgraded hashing algorithm to sha512
Plinth needs dependency on libapache2-mod-auth-pubtkt >= 0.11
Signed-off-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- This avoids an issue where it would try to enable the apache conf
possibly before it is generated.
- Added an explicit enable statement since it was missing.
Reviewed-by: Joseph Nuthalpati <njoseph@thoughtworks.com>
- Hide the listing of apps and configuration options on small screens,
so that the user doesn't have to navigate to the bottom of the page.
- Closes#921
Reviewed-by: Johannes Keyser <johanneskeyser@posteo.de>
