Regression was introduced in a2d07fef0b9e2ae54f98fb5209b9cb0c5fd6f456 when
backup data import from manifest was inadvertently removed.
Closes: #1636.
Test:
Create a backup with this patch and 'storage' as one of the selected apps for
backup. Try to restore the backup without the patch. Observe that it fails.
Restore the backup with the patch. Observe that it succeeds.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- matrix-synapse 1.2 is already unavailable in buster-backports, testing and
unstable. It is replaced by matrix-synapse 1.3. Allow matrix-synapse 1.3 to
become available for Buster users.
- Allow upgrades to all future versions of matrix-synapse from buster-backports.
Since buster-backports does not have security updates except that provided
by the maintainer, it is best to let users be on the latest version provided
by the maintainer in buster-backports.
- We don't pick and choose among the versions uploaded to backports. Once we
allow a package to upgrade to backports version, we should continue to do that
without any further restriction. Update descriptions accordingly.
- Simplify updating the apt preferences file by providing a simple configuration
instead of creating the file on the fly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- When only when admin user is present, the users list does not show delete
button next to the admin user. The checkbox for admin group is disabled (but
checked) for that user in edit user form.
- When there are multiple admin users preset, the users list shows delete button
against all admin users. The checkbox for admin group is enabled (but checked)
for all admin users.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This reverts the additional changes done in merge request !1540 and sets the
configuration to what was originally proposed in the merge request.
- AllowEncodedSlashes can't be set inside <Location> directive. It needs to be
set inside VirtualHost directive making it apply for the entire site. In case
of FreedomBox, this needs to be set globally. It may have implications for how
we are encoding slashes in URLs include for storage module. It could cause
unexpected regressions elsewhere.
- ProxyPass directory should have only argument inside a <Location> directive.
Fix that too.
Closes: #1635.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Force upgrade to any lower version to version less than or equal to 19.8.*.
config.php is the only configuration file for tt-rss app the FreedomBox
modifies. Comparison of config.php from 19.8 shows that there are no major
changes since 18.12. Changes to the configuration file are likely to be minor
and from Debian packaging. Force upgrading to all versions until 19.8.* should
be okay by retaining new configuration and performing FreedomBox changes on top
everything new configuration file is installed.
Tests:
- Install tt-rss version 18.12-1 using a test repository and custom priority.
Then remove the custom priority and trigger 'apt update'. This will trigger an
force upgrade of tt-rss to version 18.12-1.1. Verify that the tt-rss interface
is available and functional.
- Install tt-rss version 18.12-1.1 freshly. Verify that the tt-rss interface is
available and functional.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When a hostname is set or changed, expose <hostname>.local as a domain. With
this, daemons can configure themselves to work properly with .local domains.
Cockpit is an example of a daemon that can be configured to allow connections
from .local domains
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Replace the check for ignoring .onion domains with a check that ignore any
domain type that can't have certificates.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
If the domain name is not properly set before calling post_hostname_change
signal, then in the signal handlers config.get_domainname() returns an empty
string. So, call the post_hostname_change signal only after fully finishing the
hostname related changes, that is, after setting back the original domain name
too.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When domain name is not set in the config app, currently ejabberd return a list
with an empty string as list of domains. This leads to certificates being copied
to invalid directory. Fix this by making sure domain name is added to the list
only if it is not an empty string.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Without restarting cockpit, newly added/removed domain in cockpit configuration
file do not immediately work. Either the daemon has to stop itself due to
inactivity (it is socket activated by systemd) or system needs to be restarted.
Without the patch, if cockpit is not currently running (due to socket activation
not having happened yet) the domain name changes would be noticeable
immediately.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #1626
Tests:
- List apps in mobile app front page. Observe that all apps are shown including
disabled apps.
- With the patch, observer that only enabled apps are shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Domain added and removed signals provide sufficient knowledge of domain name
changes.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
In the action, the new domain is always extended to the list of domain names
accepted by ejabberd. To simplify domain handling simply use the domain_added
signal.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
When a domain is added, an attempt will be made to obtain a valid LE certificate
for domain.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Helps #1601.
When release information such as 'Version' and 'Suite' change for a distribution
changes, apt requires an explicit confirmation from the user. apt-get(8)
specifies the reason for this prompt as ensuring that the user is prepared for
the change. On a FreedomBox installation, as the system administration agent of
the user, FreedomBox has to make this decision on whether the user is ready for
the change. FreedomBox works to keep the system up-to-date and manages
configuration changes for packages, data migration etc. Hence, accept all
release information changes without a prompt.
Without this, when a stable release is made, if the user was using that
code-name before the release, then the system stop receiving updates and no new
apps can be installed in FreedomBox. This happened in case of Buster release
although Debian itself had some part in this. See:
https://salsa.debian.org/freedombox-team/plinth/issues/1601
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #1608
Allow upgrade to any version of 0.7.x series. Use new configuration and apply
the two default configuration changes of FreedomBox.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Currently, in cases of ignoring an upgrade and actually upgrading, the log
message says success which is somewhat confusing. Make the force_upgrade()
methods in apps return information about ignoring the upgrade and print log
message accordingly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #1618.
When using RAID disk, the disks paths could look like /dev/dm-1. Current regular
expression does not allow for '-' in the device path.
Ensure that all characters in the device path are handled as part of eject
operation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Remove inline styling as it won't work with upcoming content security rules.
They should be re-added in CSS files.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Fix an exception when loading backups page:
Exception Value: 'functools.partial' object has no attribute '__name__'
Exception Location: /vagrant/plinth/modules/backups/decorators.py in
delete_tmp_backup_file, line 38
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Replace subsubmenu with buttons
- Left align icons in table header (restore and delete)
- Replace the technical term "repository" with "location"
- Confirmation dialogs shouldn't have app name, description, manual etc.
- Confirmation dialogs don't need Cancel buttons
Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
[sunil@medhas.org: Remove 'primary' for all but one button]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Show the number of vulnerabilities reported by debsecan for freedombox
package and for managed_packages of each installed app.
Essential apps are not included in the list. Also note that
dependencies of the managed_packages are not included yet.
The purpose of this information is to help users decide which apps to
use, and what level of personal information to store in each app.
Closes#1609.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil@medhas.org Show essential apps too]
[sunil@medhas.org Fix HTML tags]
[sunil@medhas.org Use setup_helper to get the installed state of an app]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This introduces flake8 and fixes a bunch of flake8 errors.
flake8 is run with: ./venv/bin/flake8 plinth
if you're using a python3 venv.
We can eventually further integrate this with gitlab ci.
https://salsa.debian.org/freedombox-team/plinth/issues/58
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
