Closes: #2309.
- This prevents processing of AppView when the app is being uninstalled. For at
least two apps, this has failed because the AppView assumes that app and its
dependencies are installed.
- Use a dedicated template as well is simplify app template.
Tests:
- Installing and uninstalling an app works.
- Refreshing the app page during uninstall does not lead to an error for samba
and email apps.
- Unit tests pass.
- Functional tests for samba and email work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2194.
In the four cases fixed, if a notification is present with a 'btn-primary' in
it, then instead of submitting the intended form, the button on the notification
is clicked. This will result in an indefinite wait for the form to perform an
action. Fix this by specifying which form exactly we want to submit.
Tests:
- Run functional tests for config app and updates app.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2314.
Tests:
- On a fresh testing container, verify that the file
/etc/apache2/conf-available/freedombox-apache-homepage.conf is not present.
Visit the config app and notice that home page shows as 'Apache Default'.
- Apply the patch and refresh the page. The page now shows 'FreedomBox
Service (Plinth)' as the home page.
- Functional tests work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- After a dist-upgrade to Bookworm, install freedombox with this
change. Then update apt cache. After a delay, firewalld is
upgraded. Then apps can be installed as normal.
- On a stable machine, add testing into apt sources list. Run apt update.
FreedomBox will receive the apt update hook and upgrade firewall version to
1.3.x. DefaultZone is set to 'external' after that.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Update all the way up to 2.0]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This will handle sources files with Deb822 format.
Closes: #214.
Tests:
- Enable package download through Tor. "tor+" is prepended to sources
URL.
- Disable package download through Tor. "tor+" is removed from sources
URL.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Helps #214.
Tests:
- Augeas lens tests passed using augparse.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Fix issue with not being able write back with lens]
[sunil: Parse single/multi field values based on man page]
[sunil: Allow creating multi field values by adding \n at the end of the value]
[sunil: Add documentation and make ready for upstream submission]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The upstream issue was fixed in 2015:
https://github.com/hercules-team/augeas/pull/295
Tests:
- In stable container, add options like [arch=amd64] to apt
sources.list.
- Enable package download through Tor. "tor+" is prepended to sources
URL.
- Disable package download through Tor. "tor+" is removed from sources
URL.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- On a setup with the patch, disable and re-enable the restricted users feature.
sudo is not part of allowed users. Apply the patch and restart the service. SSH
app will be updated and sudo is added to SSH allowed groups.
- Add a fresh unprivileged user to sudo group. SSH using that user to the
system.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
This is to allow vagrant user to login, as well as a normal sudo user
that was created before installing FreedomBox.
For most FreedomBoxes, the sudo group is empty, so it will have no
impact.
I do not update the existing file. But if someone needs this update,
they can disable and then re-enable the restrict option.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Fixes: #2098.
Tests:
- Install quassel in bullseye system.
- Start dist upgrade. Check that quassel service is stopped during the
dist upgrade.
- Finish dist upgrade. Quassel service is running again.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- When hidden service is enabled create and enable an apache site with the
proper configurations. This will let visitors using the Tor browser that a
hidden version of the website is available.
- Disable apache site when hidden service is disabled
- Create a backup of the apache site
- Hidden service won't be advertised when the user visits mediawiki, wordpress
or tt-rss. These sites don't work (well) with a hidden service when a normal
domain is already set up.
Tests:
- Functional tests pass.
- With fresh install of Tor app, onion location header apache configuration is
enabled and header is served in HTTP requests.
- When Onion services are enabled/disabled, header is enabled/disabled due to
webserver configuration changes.
- When Tor app is enabled/disabled, header is enabled/disabled due to webserver
configuration being enabled/disabled.
- When Tor app is upgraded from earlier version while app is enabled, onion
service is enabled, Tor app remains enabled. Onion location is enabled.
- FAILED: When Tor app is upgraded from earlier version while app is enabled,
onion service is disabled, Tor app remains enabled. Onion location is disabled.
- FAILED: When Tor app is upgraded from earlier version while app is disabled,
onion service is enabled, Tor app remains disabled. Onion location is disabled.
- FAILED: When Tor app is upgraded from earlier version while app is disabled,
onion service is disabled, Tor app remains disabled. Onion location is disabled.
Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Ensure that enabling/disabling app enables/disables onion location]
[sunil: Ensure that upgrading from old version does not enable the app]
[sunil: Ensure that upgrading from old version enables/disables onion location]
[sunil: Apache file should be a 'config' and not 'site']
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is to ensure that mysql server is not uninstalled when wordpress is
uninstalled.
Tests:
- Uninstalling zoph does not remove default-mysql-server when wordpress is
installed.
- Uninstalling wordpress does not remove default-mysql-server when zoph is
installed.
- Uninstalling both wordpress and zoph removes default-mysql-server.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Showing the uninstall progress page fails during uninstall of email app.
Workaround that by handling the errors raised. A better approach is to ensure
that the view is not processed when uninstall operation is in progress.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Don't start the helper class name with 'Test' as it will be treated as a class
with test cases to run.
Fixes#2288.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes#2306.
Tested that all the gitweb tests pass in Debian stable and testing
containers.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2303.
Tests:
- In testing container, install Janus.
- Downgrade janus package to 1.0.1-1.
- Manually re-run janus setup action.
- Run "apt update".
- janus is upgraded to 1.1.1-1, and rtp_port_range is set in
/etc/janus/janus.jcfg.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This change was only needed for upgrade to bullseye.
Closes: #2302.
Tests:
- Run a dist upgrade in a bullseye vagrant box. Apt sources has
expected content and apt-get does not produce an error.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2239.
- Adding Conflicts in freedombox Debian package seems to cause
unattended-upgrade to not upgrade the package to next version. This approach
seems be an alternative.
Tests:
- Install libpam-tmpdir. Go to Zoph page, see that conflicts messages is shown.
Install succeeds. libpam-tmpdir is removed.
- Install libpam-tmpdir. Go to WordPress page, see that conflicts messages is
shown. Install succeeds. libpam-tmpdir is removed.
- Remove libpam-tmpdir. Go to Zoph page, see that conflicts message is not
shown. Install succeeds.
- Remove libpam-tmpdir. Go to WordPress page, see that conflicts message is not
shown. Install succeeds.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Warning that exim4 will be removed is incorrectly not shown during email app
installation. Fix that.
Tests:
- Unit tests pass.
- On a fresh testing container, trying to install email app shows the warning
message that exim will be removed. Installing the email app succeeds. exim is
removed during installation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is a regression from commit 9b6774f279e2c8af588609c2413aa9804fd48cfa. When
change the view to use AppView, the condition to check for non-btrfs filesystems
and show an unsupported message instead of the actual view was accidentally
removed. Restore the check and show a different view when on non-btrfs
filesystems.
Fixes: #2268.
Tests:
- On non-btrfs filesystem, snapshots view is shown as expected.
- On ext4 filesystem, a message that snapshots are not supported is shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
MiniDLNA's TCP service has been incorrectly marked as needing to be protected
from local users. This leads to service not being accessible from local network.
Fix this by removing local protection.
As reported on https://discuss.freedombox.org/t/minidlna-on-22-26/2386
Tests:
- With MiniDLNA installed, apply the changes and restart service. 'nft list
ruleset ip', 'nft list ruleset ip6' and 'cat /etc/firewalld/direct.xml' confirm
that port 8200 is no longer protected as a local service.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit alone doesn't fix the problem of our functional tests timing
out. It is harmless to increase the timeout.
The maximum timeout for shared runners in Salsa is 3h according to this:
https://salsa.debian.org/salsa-ci-team/pipeline/-/blob/master/README.md#set-build-timeout
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
