Closes#2157.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Split diaspora and tahoe-lafs into separate commits]
[sunil: Remove monkeysphere from help/tests/test_views.py]
[sunil: Add to configuration file removal in Debian package and setup.py]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
MLDonkey is currently not available in testing and not installable in
unstable. Attempting to install MLDonkey leaves dpkg in a broken state
which breaks other app installations as well.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Fixes#2158.
When 'systemctl show' is used see the ConditionResult property, the value is
correct only when the unit has been started. When the unit is not running but
can run, ConditionResult has a value of 'no' leading to an incorrect result.
This in turn leads to _is_time_managed() returning incorrect value once the
service has been stopped. FreedomBox would have noted that daemon can be
enabled/disabled during startup while during attempts to enable it the action
script will think that service can't be enabled/disabled.
Fix this by using a better approach to detect when the service can run. Newer
versions of systemd (likely >=250) have the ability to run 'systemd-analzye
condition --unit=systemd-timesyncd.service' which have been ideal to detect
this. However, --unit option is not available in older versions. Use
systemd-virt-detect (part of systemd package) to detect for containers instead.
Tests:
- Boot the machine and run datetime functional tests
- User interface should not show enable/disable button for the app in container
but show in VM.
- Running first setup (after removing /var/lib/plinth/plinth.sqlite3) should
work on container and VM.
- Run above tests on a container and on a VM
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Configuration parameters are set properly after fresh app setup according to
'doveconf'.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Don't add TLS debugging information to Received: header.
- Drop unused fingerprint digest configuration. They are only used when
smtpd_tls_security_level is set to 'fingerprint' in which case certifying
authorities are ignored.
- Drop alterations to TLS low/high cipher lists. They are not used since
tls_ciphers are all set to 'medium'.
Tests:
- No configuration errors are reported by postfix in its logs after startup.
- 'postconf' shows that the new configuration parameters are set properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Use LetsEncrypt component to perform TLS certificate copying instead of custom
implementation.
- Use two components to copy the certificates to dovecot and postfix separately.
- Add support for multiple domains using SNI. Provide all the certificates. Use
primary domain's certificate as the fallback certificate.
- Drop the diagnose/repair approach due to its complexity.
Tests:
- Installing the app works. After installation, all TLS parameters are show as
expected by 'postconf' command and 'doveconf' command.
- A default domain is selected by default. This will reflect as primary domain
in TLS certificate configuration.
- When primary domain is changed, the configuration is updated to reflect the
default certificate path but SNI configuration is unchanged in dovecot and
postfix.
- Postfix and dovecot are restarted after setup.
- There are no configuration error shows in postfix/dovecot logs.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Mostly for consistency. Will be useful when uninstall action is implemented.
Tests:
- Installation of email server app works without errors.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Currently, when domains is for an app's LE component is set as '*'. Calling
setup_certificates() results in copying certificate for the '*' domain instead
copying certificates for each of the domains on the system. Fix this by
implementing a special case where certificates are copied for all domains that
can have certificates.
Tests:
- Implement and run unit tests.
- Certificates are copied to /etc/{postfix,dovecot}/letsencrypt/ when email
server uses LE components with '*' for domains parameter.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2159.
Ship a separate Apache configuration file instead of editing the one provided by
roundcube package. This avoids configuration file prompt when roundcube package
needs to be upgraded.
Tests:
- Freshly install roundcube package 1.4.x (using apt preferences and Bullseye),
run functional tests and login to a gmail account.
- Freshly install roundcube package 1.5.x (from testing), run functional tests
and login to a gmail account.
- Install roundcube 1.4.x version on testing container without these changes.
After applying these changes, run 'apt update' while roundcube is enabled and
let FreedomBox upgrade roundcube to 1.5.x version. After this, run functional
tests and login to a gmail account.
- Repeat the previous test with upgrade while rouncube is disabled. Then enable
rouncube, run functional tests and login to gmail account.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Removed a stray `$` character prepended to the app name.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2156.
Tests:
- Remove a domain from System -> Config, 'letsencrypt revoke' action is not
invoked.
- Triggering a manual revoke operation still leads to action getting triggered.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Test:
- Submit the domain form unchanged. Message is printed that settings are
unchanged.
- Submit the domain form with changes. Message is printed that domain has been
updated. Configuration reflects the new domain.
- On page load, the current domain is shown in the domain configuration form.
- Clicking the repair button the service alert section triggers the repair
operations as seen in the console.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- By default, receive mail for all the domains on the system.
- Allow user to select a primary domain. This domain is used for TLS
certificate, automatically adding domain to sender address, etc.
- Don't expose postfix configuration parameters.
Tests:
- On installation, the domain list populated in postfix. Primary domain is
the one set in the config module. If it is not set, any other domain from
configured domains is taken.
- When not installed, adding/removing domains does not cause errors.
- Changing the domain in the domain view works. mydomain has the primary domain
set. myhostname has primary domain set. mydestination has default values and in
addition has all the domains on the system.
- /etc/mailname is populated with the primary domain.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Without the change, the list of domains in the app pages for tt-rss and quassel
is empty.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Don't try to get the depends from module level and sort modules based on that.
- Instead after all App instances are created, sort the apps based on
app.info.depends and app.info.is_essential.
- Print message that apps have been initialized instead of printing before they
are initialized. The correct order of apps is only known after they have been
initialized and sorted.
- Avoid circular import on module_loader and setup.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Useful for replacing setup_helper. This API should be considered EXPERIMENTAL
and may change.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
