- Make tests more semantically correct
- Add implementation for missing fixture - When I log out
- Check whether file exists when disabling public access
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Preserve the setting during enable/disable as well as during backup/restore.
- Show setting as disabled when application is disabled but restore user's
original preference value on enable.
- Add functional test for this.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
[jvalleroy] Resolved merge conflict to use shortcut component.
Fixes#1590
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Turn frontpage shortcut into an App component. Add tests and full
documentation.
- Overridden implementations for tahoe, diaspora, mediawiki shortcuts to handle
special cases. Special handling for ikiwiki.
- Extend App API for removing and retrieving a component.
- Add clients information into shortcuts to avoid hacks when presenting
shortcuts to Mobile devices via API.
- Fixed unnecessary stripping and adding of '/' when setting home page redirect
URLs. This fixes problem with setting Cockpit as home page.
- Replaced the use of term 'app' in favor of 'shortcut' as the term when setting
frontpage shortcuts as home page.
- JSXC shortcut does not require login.
- Don't show shadowsocks for anonymous users.
- Simplify showing selected shortcut details.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
The default favorites might change and we might have to update the list but for
now they were extracted from a clean router.config saved by the i2p daemon.
1528 - augeas for router.config
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
It's cleaner and less hacky, however we still overwrite the default favs because
they aren't written to the file by i2p until a change is made manually in the
frontend.
We still need to recreate the list of default and add them manually.
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Add interface to get port types and numbers for a service.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- Fetch disk information for all disks using udisks
- Call df as superuser so that all disks are listed (udisks doesn't need sudo)
- Improved implementation to check if device is removable
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Remove unneeded actions: start, stop, restart, is-running and is-enabled.
- Remove short form parameter passing for add-favorite action. Mostly for
consistency and avoid confusion. Actions are not expected to be used by
regular users.
- Rename Apache configuration from: i2p-plinth.conf to i2p-freedombox.conf
- Fix issue with adding favorites when none already present. This eliminates
failure during first time installation for I2P.
- Fix issue with incorrect new lines while editing favorites.
- Minor fixes in Apache configuration.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Enable by default so that app installation (algo during backup restore) does not
cause apache to restart and show error pages.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
3 search engines and a torrent tracker added to the favorites
freedombox-team/plinth#1428 Request: I2P support
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- installs i2p from apt
- accessible under /i2p/
- needed to modify diagnostics url to include numbers
TODO:
- fix CSS at /i2p/ : firefox NS_ERROR_INVALID_CONTENT_ENCODING ???
- all green diagnostics
- functional tests
- autoconfiguration in setup form
- configuration of SOCKS5 proxy for network interfaces
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Instead of using a wildcard tun+ interface, use a fixed number of tun
interfaces and hope OpenVPN will use one of them.
Fixes: #1438.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Set permissions properly as if they are created newly.
- Ensure that configuration file is rewritten so that new certificate paths are
used.
- Run easyrsa init-pki to ensure that configuration file is present.
- Create necessary empty directories as per new structure.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Change file and directory structure from easy-rsa 2's flat format to easy-rsa
3's format.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Due to security risk that a compromised Plinth process will give adversary the
ability to write to any file on the system.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
While moving the home page configuration to a new file, also reset the home page
path in freedombox.conf to its default setting of /plinth.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Pass the `mail` attribute as an empty string instead of None (null in yaml)
Fixes#1484
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This includes list of packages for which conffile prompts will be shown. For
each package current version of the package, new version of the package and list
of configuration files that were modified.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Trying to enable cgi module results in cgid being enabled. Checking for cgi
being enabled always results in failure.
Your MPM seems to be threaded. Selecting cgid instead of cgi.
Module cgid already enabled
No module matches cgi (disabled by site administrator)
This is the reason why installing ikiwiki was causing Apache restart even though
the modules required by ikiwiki are already enabled.
Closes: #1448.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
To avoid Apache restart during installation (although sso is an essential app
and this is not an issue).
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
To avoid restart during installation (although since letsencrypt is an essential
app and this is not an issue).
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Use backup hooks to dump and restore database.
- Add functional test for backup and restore.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Given a list of packages, check with among those will result in showing a
configuration file prompt.
Irrespective of whether apt shows a conffile prompt, this logic mimics what
unattended-upgrades perceives as package needing a conffile prompt. This is
because when unattended-upgrades gives up, that is when this logic need to take
over.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When ORPort is set to 'auto', Tor automatically allocates a port for it. During
it's first run, we able to extract the port number and open the firewall port.
However, unlike for pluggable transports, Tor does not seem to store this port
for future reuse in the state file. It hence opens a new port every time it is
started. This leads to a new port being assigned on next Tor startup and leads
to relay functionality not being reachable from outside.
According to the documentation, only possible values for ORPort are a fixed
number or 0 (disable) or auto (current behavior). Choose 9001 as this is the
commonly used port number for ORPort. The recommended port number of 443 is not
possible in FreedomBox due it is use for other purposes.
Closes: #1495.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Whatever function is passed in post_exit can simply be called by the caller
itself as the next statement.
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
If a valid certificate is available but not yet setup, the earlier code assumes
there is a valid certificate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Immediately after the installation, a self-signed certificate is used because
domain name is not available. However, after domain name becomes available,
setup a Let's Encrypt certificate.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Setting permissions after copying the file will lead to momentary exposure of
the private key to other users on the system. Use umask instead.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Don't match the hook's domain against domain set in configuration. We already
check if the domain matches the Matrix Synapse configured domain.
- Fix un-checking letsencrypt option for matrixsynapse. Keep the old certificate
but don't throw error. This means future certificates are not renewed.
- Use utility get_configured_domain_name()
- Style function names without uppercase.
- Style multi-line docstrings correctly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
