Certificate can be setup for a single domain at a time in Mumble. So, allow the
user to choose the domain purely for this propose even though Mumble can work
with multiple domains. Tell Let's Encrypt to work with this domain.
Tests:
- Without Mumble installed, change the domain name. Notice the mumble related
certificate events are ignored.
- Install Mumble, a TLS domain is automatically selected. Certificate is setup
for that domain.
- Ensure at least two domains are setup in the system. See the list in the
Mumble app page. Choose a non-default domain. Domain should change and cert
should be setup for that domain.
- Go to config app and change the domain. Mumble domain should get set to a
different domain and cert should get updated.
- Install mumble without these changes. Apply the changes and start FreedomBox.
Mumble app should get upgraded and certificate should get setup for a domain.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
The Service object now offers handling services on a system level,
and gathering information whether it's enabled or running.
New methods: enable, disable, is_enabled, is_running;
For this it needs the correct (system-level) service name.
All of the methods can be overridden/customized.
This changes all modules to the new Service object and deletes
action scripts that are not required anymore.
- To check whether a service is running does not require root
privileges. This can directly be done from a module without any
action.
- Since actions are allowed to be run using sudo, introducing
unnecessary sub-commands increases attack surface.
- Simple functions calls are unnecessarily being converted to command
line invocations and involve parsing response.
- There is a lot of repeated code because of this that can be
eliminated.
- To generalize this, we need to make all non-root system operations
directly from module instead of delegating to action commands.
