Closes: #1846
Tests:
- When systemd-timesyncd is running, 'Run Diagnostics' button is shown and two
diagnostics results are shown. The two results appears on the diagnostics app
results too.
- When systemd-timesyncd is not running, 'Run Diagnostics' button is not shown.
Datetime app is not included the diagnostics app page results.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Merged the two DateTimeApp classes. In future, we will remove all
module.init() methods in favor of automatically performing the operations from
module_loader.
- Also fix an error running './run --list-dependencies' when running without
systemd support inside a test case container:
ERROR plinth.module_loader Exception while running init for <module 'plinth.modules.datetime' from '/builds/sunilmohan/plinth/plinth/modules/datetime/__init__.py'>: Command '['systemctl', 'show', '--property=ConditionResult', '--value', 'systemd-timesyncd']' returned non-zero exit status 1.
Traceback (most recent call last):
File "/builds/sunilmohan/plinth/plinth/module_loader.py", line 123, in _initialize_module
init()
File "/builds/sunilmohan/plinth/plinth/modules/datetime/__init__.py", line 77, in init
if _is_time_managed():
File "/builds/sunilmohan/plinth/plinth/modules/datetime/__init__.py", line 112, in _is_time_managed
output = subprocess.check_output([
File "/usr/lib/python3.8/subprocess.py", line 411, in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
File "/usr/lib/python3.8/subprocess.py", line 512, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['systemctl', 'show', '--property=ConditionResult', '--value', 'systemd-timesyncd']' returned non-zero exit status 1.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
CC: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Shows URLs and shared secret that communication servers like matrix-synapse
should be configured to. Later we will implement auto-configuring those servers.
- Allow selecting domain for the sake of TLS/DTLS certificate installation.
- Simplify systemd service file options. Drop log file and pid file support as
they are not needed with systemd. Add security options.
- Set custom configuration file by overriding systemd service file options so
that we don't have a problem with conffile prompts.
- Implement functional tests (and automatic diagnostics).
- Custom icon selected from the Noun project as Coturn project does not have
one.
- Backup/restore configuration file and certificates.
- Document some questions regarding configuration options.
Tests performed:
- App is not listed in the app page if 'advanced' flag is disabled.
- App name, icon and short description shows up correctly in apps page.
- App name, icon, short description, description, manual link, enable/disable
button and diagnostics link show up currently in app page.
- Verify that configuration used by coturn server is the FreedomBox
configuration by checking the cert path in the log output.
- PID file is not created in /var/run/turnserver/. It goes into /dev/null
according to the log output.
- No log file is created other than what is collected by systemd from command
line.
- systemctl show coturn.service shows all the intended restrictions such as
NoNewPrivileges, Protect* options.
- Run functional tests.
- Ensure that backup of configuration file works by taking backup, changing the
secret and restoring. During backup and restore coturn should be stopped and
started as per logs.
- Build Debian package. No warnings about the copyright file.
- Enabling the app enables the service and runs it.
- Disabling the app disables the service and stop it.
- All diagnostics tests pass.
- Diagnostic tests show firewall port coturn-freedombox for internal and
external networks, service coturn, and each listening port for udp4, udp6, tcp4
and tcp6.
- Information in the firewall page shows up properly. Enabling the app opens
firewall ports, and disabling it closes them.
- When the app is installed, if a cert domain is available, it will be used.
When multiple domains are available, one of them is picked.
- Status shows 4 URLs with the currently selected domain and secret key.
- Changing domain to another domain succeeds and reflects in the status
information.
- When no domain is configured. Installing the app succeeds. No domain is shown
in the list of domains.
- When domain is changed, the certificates files in /etc/coturn/certs are
overwritten.
- Certificates have the ownership turnserver:turnserver. Public key is cert.pem
has 644 permissions. Private is pkey.pem has 600 permissions. /etc/coturn/certs
is owned by root:root.
- Let's encrypt certificates are setup immediately after install.
- Port forwarding information shows all ports except for relay ports.
- Trying to create a user with username 'turnserver' throws an error. This
happens even when coturn is not installed yet.
- After installing coturn, the configuration file /etc/coturn/freedombox.conf is
created with ownership root:turnserver and permissions 640. The directory
/etc/coturn is created with ownership root:root and permissions 755.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
[jvalleroy: Fix copied form_valid comment]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
* `py.test-3 plinth/modules/mumble/manifest.py` said only two warnings
(could not create cache path {path})
* `sudo -u plinth /vagrant/run --develop` and https://localhost:4430/ had
show me what I expected
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- The repository has been renamed from 'plinth' to 'freedombox'.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
systemd-timesyncd service does not run if we have another NTP daemon installed
or FreedomBox runs inside a container where the host manages the time. In this
case, make the application as unmanaged - app can't be disabled, no app
diagnostics is shown and enable/disable functional tests are skipped.
Closes#1616
Tests performed:
- Run FreedomBox inside a KVM virtualization module, check that
systemd-timesyncd is running, datetime app can be disabled and all
diagnostics and date_and_time functional tests pass.
- Run FreedomBox inside a systemd-nspawn container, check that
systemd-timesyncd is not running, datetime app can't be disabled,
the diagnostics button is not shown and two date_and_time functional tests
are skipped.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Also properly cleanup mounted file systems.
- When a file system is created, it is automatically mounted by udiskie (or
FreedomBox itself). This leads loop back setups not getting cleaned and btrfs
check failing to check a mounted disk. Force check in case of btrfs and umount
ignoring errors before cleanup.
Closes: #1839.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This removes the need to ship a 67K file and scales better.
- Rename the file to have lowercase chars only for consistency.
Tests performed:
- Goto home page, see the logo at the bottom properly displayed.
- Goto the first wizard welcome page, notice that the logo is displayed. Also
the dimensions of the image are same as without the change.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When JSXC is not installed, currently we get warnings that jsxc directories are
not found when we start the web server.
Suppress warning that some of the static directories don't exist. Since there is
no way to add/remove those tree mounts at will, we need to add them all before
hand even if they don't exist now. If the directories becomes available later,
CherryPy serves them just fine.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Try-restart the service (instead of restart) after adding service to the
freedombox-share group to avoid starting the service if app is disabled.
Tests performed:
- Remove syncthing user from the freedombox-share group, disable
syncthing app, increase app version. After the app is upgraded,
verify that syncthing user is in the freedombox-share group and
syncthing@syncthing.service remains disabled.
- Remove syncthing user from the freedombox-share group, enable
syncthing app, increase app version. After the app is upgraded,
verify that syncthing user is in the freedombox-share group and
logs show that syncthing@syncthing.service was restarted.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #1808
Test performed:
- Install samba in development VM and create open share (owned from root:freedombox-share).
- install syncthing and create syncronization folder in the above openshare.
- Sync files from desktop peer to development VM one on the above folder.
Signed-off-by: Nektarios Katakis <iam@nektarioskatakis.xyz>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
If an error occurs during creation of a git repository, delete possibly
corrupted git repository directory and show more specific error message.
Closes#1829
Tests performed:
- Gitweb unit and functional tests pass
- Create a small disk for git repositories:
> dd if=/dev/zero of=disk.img iflag=fullblock bs=128k count=100 && sync
> mkfs.ext4 disk.img
> mount -o loop disk.img /var/lib/git/
- Clone a large repository https://salsa.debian.org/freedombox-team/plinth
Disk got full during cloning remote repository. Repository listing do not
show this repository anymore. (No errors is shown to the user.)
- Fill disk space:
> head -c 1G </dev/urandom > /var/lib/git/myfile
- Disk is full. Cloning an existing remote repository fails with an error
message (No space left on device)
- Disk is full. Creating a new repository fails with an error message
(No space left on device)
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
