Tests:
- On unstable and testing:
- Ran functional tests for upgrades.
- Ran actions "upgrades setup" and "upgrades setup-repositories".
- On testing:
- In develop mode, activated backports.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- 50freedombox4.pref handles freedombox package from current
backports. Whenever upgrading to a new Debian release, backports can
be activated for the new release, and will always include the
freedombox package at the start.
- 51freedombox-apps.pref handles apps, and each entry is particular to
a Debian release. For example, after bullseye release, entries from
bullseye-backports can be added, and entries from buster-backports
can be removed.
Tests:
- In testing container, run setup in development mode. Apt preferences
files have the expected content.
- In stable vagrant box, install deb with these changes. Apt
preferences files have the expected content.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- If backports is for older release, then it can be activated again to
upgrade to latest release. (Plan is to make this automatic, but
leave the manual option as a fallback.)
- Security notice still shown if older backports are enabled.
Tests:
- On Buster system, change distribution in
/etc/apt/sources.list.d/freedombox2.list to
stretch-backports. Updates page shows button to activate backports
again. Activate and check the source list to confirm that it has
buster-backports again.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Build deb and install in buster image. Manually remove backports
sources file. Security page does not show backports notice. Updates
page shows button to activate backports.
- Activate backports from updates page. Success message is shown and
button to activate backports is removed. Security page shows
backports notice.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Although useradd recommends starting with either a lowercase letter or an
underscore, there is nothing that consistently adheres to this recommendation
across systems. Because some systems do not follow this recommendation and this
recommendation is not a hard requirement, we should not prevent connections at
the validation stage.
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested that after this change, only admins can see the MiniDLNA
statistics page https://<freedombox>/_minidlna/ over the web.
Everybody can still see the page on local network using
an address http://<freedombox>:8200/
MiniDLNA web page shows how many media files are served and
some information (IP, MAC address) about the connected clients.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tested against ejabberd's failing installation. The entire test suite
gets marked as failed if the application installation fails.
Fixes#1902#1895
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Ignore errors while trying to expand a file path list into its .d components
path list.
- Ignore errors when reading shortcuts fails a file for any reason.
- Errors when reading configuration file already ignored. os.path.isfile() and
configparser.Configparser.read() do not raise an exception under any
circumstances.
Analysis:
Regression in 20.12 reported at
https://discuss.freedombox.org/t/fb-20-12-solved-plinth-fails-to-start-due-to-new-frontpage-py-shortcuts-and-filesystem-permissions/994/4
- freedom-maker creates /var/lib/freedombox/ with mode 755 as root but this only
applies for disk images.
- freedombox.postinst, networks, apache check for the existence of
/var/lib/freedombox/is-freedombox-disk-image .
- Samba creates /var/lib/freedombox with mode 755 as root.
- Backups creates /var/lib/freedombox/borgbackup but not the parent directory?
- Shortcuts are now read from /var/lib/freedombox/.
Tests performed:
- Create directories /var/lib/freedombox and /etc/freedombox with permission set
to 750. In case of configuration, an early warning message is printed and in
case of shortcuts warnings are printed but service starts properly. Changing the
permission to 755 removes the warnings.
- Ensure 755 permission on above two directories. Create non-empty files
custom-shortcuts.json and freedombox.config with permissions 640. In case of
config no warning is printed (silently ignored) and in case of shortcuts,
warning is printed that file could not be read but service starts properly.
Changing the permission to 644, no warnings are printed.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Change "overtime" to "over time", also matches the other choice in the
form.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Implement ability to refresh page at the framework level so that every page
does not need to handle it.
- Refresh after number of seconds specified in context of the view.
Tests performed:
- Trigger the following functions and ensure that page reload after 3 seconds
during the running operation while it does refresh before and after the
operation.
- Diagnostics tests from the module.
- Gitweb repository cloning.
- Monkeysphere publish key to server.
- OpenVPN setup.
- Tor configuration update.
- Manual software update.
- App installation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests performed:
- Submit a form and notice that button has a spinner soon after click.
- Select a from like Gitweb repository creation form and submit it. After submit
go back to previous form using back button. Notice that button has been restored
to proper state.
- Without filling valid information the form, press submit. Notice that the
button does not change to a spinner.
- Check installing an app, snapshots management, network forms, wireguard forms,
etc.
- Test on Firefox and Chromium.
- Test with LibreJS that the script is accepted as valid free software license.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Mention that interface is automatically assigned to external zone.
Test:
- Re-assigned host0 interface to public zone. Disabled firewalld to
still access interface. Firewall zone is shown as "external" with the
note about automatic assignment.
Closes: #1858.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Ensuring that load_cfg fixture is ordered first will ensure that configuration
is properly restored after test and that changes in other fixtures take effect.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- In containers, loopback devices may not be available. Skip tests in this case
by looking at the output of losetup setup utility.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When deleting connections after editing, sometimes the connection is not found.
Wait until the connection settles down to avoid connection not found errors
during cleanup. Seems to work for now but still not the best way to handle this.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Don't run the second phase of web framework initialization. This avoids
writing to the DB file.
- Set log level to ERROR so that no messages get printed even to stderr while
listing dependencies.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This allows --list-dependencies to run without having to write to disk.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
A simple Django configuration does not need to create the database whereas DB
migration requires creating the database.
In some operations such as listing dependencies, we can skip running the second
part and so writing to database will no longer be necessary during such
operations.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Only effects develop mode.
- To primarily avoid writing to the source code directory. Multiple containers
or VMs using the source folder won't fight with the database file (the overlay
file system plan is not working out well for containers #1873).
- In the earlier days, we used to allow running from source code directory
without even doing ./setup.py install. Currently it is not possible anyway. We
pretty much install freedombox package before running from source directory.
- If the build process itself learns not to write to source directory, then
containers/VMs won't have to write to source directory at all.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The file is not meant for human reading. The comments are already part of the
code.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
