Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Convert the PNG to SVG and use it for all sizes]S
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- I tested the changes with the VirtualBox image with a bridged network adapter.
After ten failed authentication attempts, my IP got blocked as expected.
- This setup uses apache's logs to filter the attempts. A wordpress
[plugin](https://wordpress.org/plugins/wp-fail2ban/) exists for redirecting the
logs to syslog, but that needs to be packaged.
Signed-off-by: nbenedek <contact@nbenedek.me>
[sunil: Drop logpath as logs are expected to go to journald]
[sunil: Update regex to match only failures and not successful logins]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- So that the new configuration file to disable
readme.html/xmlrpc.php/wp-cron.php takes effect.
Tests:
- Install wordpress without the security changes. Notice that the three URLs are
accessible. Apply the patch, run ./setup install and restart FreedomBox service.
Wordpress app is updated and the security changes take effect. The three URLs
are return forbidden response without manually restarting apache2.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2244.
This patch disabled xmlrpc.php functionality entirely. For interacting with
WordPress using app, the new REST API functionality is recommended. However, for
the Pingback API XML-RPC is still a necessity. If this is an important feature
for FreedomBox users, we intend to re-enable XML-RPC functionality in WordPress.
Signed-off-by: nbenedek <contact@nbenedek.me>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2253
Tests:
- Build a package with this fix included for bullseye-backports
distribution.
- Install into FreedomBox stable system.
- Start dist-upgrade test.
- At the end of the test, wait for plinth to attempt upgrades, and
then confirm that firewalld was upgraded.
- Confirm that firewalld is running.
- Confirm that /etc/firewalld/firewalld.conf has DefaultZone=external.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2263
- matrix-synapse >= 1.65.0-1 requires python3-canonicaljson >= 1.6.2~
Tests:
- On a stable Vagrant Box, matrixsynapse app is not installable.
- With the changes, start FreedomBox service, setup will run on the upgrades
module and /etc/apt/preferences.d/51freedombox-apps.conf will be changed to
include the new entry. After this, matrix-synapse app is installable.
Signed-off-by: nbenedek <contact@nbenedek.me>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
In a testing container, checked that the mount point /run/host/os-release
is not listed on the Samba app page.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #1872.
Previously, JSXC can't be disabled and it's shortcut appears on the homepage
forever. Use the EnableState component which stores a flag in the sqlite
database to maintain the status of app being enabled.
Tests:
- Enable/disable button appears. Enabling/disabling the app updates the status
currently.
- Enabling the app shows icon on the homepage and disabling removes it.
- Enabling shows the menu item in the apps page as enabled. Disabling shows the
menu item in the apps page as disabled.
- It is possible the uninstall the app. When app is uninstall it is removed from
homepage and shows as disabled in the apps page.
- When app is disabled or uninstalled, trying to visit the
/plinth/apps/jsxc/jsxc/ throws a 404 error.
- Run functional tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
[jvalleroy: Enable JSXC for Ejabberd test]
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Use AppView for app page.
- Handle post enable/disable activities within the App class.
- Use Operation class to perform configuration instead of custom mechanism. Drop
all the older code for it.
Tests:
- DONE: Run functional tests
- DONE: Enabling Tor
- DONE: Enables the service
- DONE: Updates the firewall ports
- DONE: Adds hidden service domain to names app
- DONE: Shows app enabled
- DONE: Firewall ports are opened
- DONE: Disabling Tor
- DONE: Disables apt transport over Tor
- DONE: Firewall ports are closed
- DONE: Shows app disabled
- DONE: Onion domain is removed from names app
- DONE: App page
- DONE: Running/not-running status is shown properly based on whether tor
daemon is running.
- DONE: Port forwarding information is shown properly.
- DONE: When hidden service is enabled, status of hidden services is shown
- DONE: Configuration update
- DONE: Form shown correct status of the option
- DONE: When configuration is being updated, operation progress is shown
- DONE: Page refreshes once in 3 seconds during operation. Refresh stops after
operation.
- Once the operation is complete, success or error message is shown
- DONE: Javascript to show/hide upstream bridges text box works
- DONE: Javascript to enable/disable relay checkboxes works
- DONE: Operation does not show notification.
- DONE: Enabling apt over Tor does not work when app is disabled
- DONE: When configuration is changed, the message 'Settings unchanged' is not
shown.
- DONE: If an error is thrown during configuration, an error message is shown
properly.
- DONE: Tor is restarted after configuration update and hidden service domains
is updated.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- List of certificates in the system is shown.
- Diagnostics menu item is shown and works.
- Certificate operations work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics menu item is shown and works.
- Both Configure and manage snapshots tabs are shown.
- Changing configuration works, updated configuration is shown.
- Deleting some snapshots works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics are shown and work.
- Initial status of the configuration is show properly.
- Enabling/disabling configuration options reflects correct status.
- Status of frequent features updates shows properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics menu item is not shown.
- If apt is busy a warning message is shown.
- Restart and Shutdown buttons are shown and work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not shown.
- Diagnostics button is shown and works.
- Connections list, internet connection type and connectivity are shown
properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- App page shows properly. Status of the current domains is shown properly.
- App page does not show enable/disable button.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Enable/disable button is not present.
- Diagnostics menu item is not present.
- Page shows 'Running diagnostics' button when diagnostics are not running.
- Page shows progress bar and results when diagnostics are running/completed.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- In non-development mode, button does not appear.
- On testing system, button does not appear.
- On stable system in development mode, the button appears.
- Pressing the button starts a dist-upgrade.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Join strings that fit in the same line]
[sunil: Fix indentation in template]
[sunil: Change 'dist-upgrade' to 'distribution upgrade' in UI strings]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
The test uses freedombox.local as the domain. This requires that Avahi
is enabled, and the hostname is set to freedombox.
Fixes#2232.
Test:
- ejabberd functional tests pass even after running tests for config
and avahi.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Add a new server and delete it.
- Add a new client and delete it.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- With the new setup mechanism automatic setup of app is no longer possible.
- Enabling/disabling is desirable by the user.
- During initial setup, ensure that Apache configuration file exists. Upgrade
for existing users to create the file.
- Enabling/disabling the app enables/disables the web server configuration file.
- Diagnostics are not available, disable them explicitly as auto-detect does not
work.
- Use the regular app base template instead of custom one.
- Use framework base classes for view and functional tests.
Tests:
- Run functional tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Django template language does not support overriding blocks that are from
included pages. The status messages were shown as part of the description and
when app header was introduced, these messages were no longer being shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
