Closes: #1528.
Closes: #2041.
Closes: #2438.
- In Bullseye and Bookworm the app is not available.
- i2pd (written is C++) is available in Debian, but it is not a drop-in
replacement for i2p. First, it is only a client. Then has a differently
philosophy of not integrating apps inside it and let outside apps connect to it.
If i2pd is ever added to FreedomBox, it has to be added as a new app with no
possibility of migration from an unlikely old setups.
- Updated wiki pages to remove references to I2P.
Tests:
- Looked for all string references to 'i2p'.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: Debian bug #1088760.
- OpenSSL.crypto.sign has been deprecated and in the current version of
python3-openssl in Debian testing, it has been dropped. The recommended
alternative is cryptography.hazmat.primitives. So, use this instead.
- The entire OpenSSL.crypto module is planned to be deprecated in the future.
So, stop using it entirely by using cryptography.hazmat.primitives.
- sso app does not use openssl anymore, so drop dependency on it. Other apps
such as Let's Encrypt do depend on it and but they have their own dependency
declared. The freedombox package on the overall retains on 'openssl' package.
- We are not using the python OpenSSL module anywhere else, so drop dependency
on it.
- Use pathlib to simplify some code.
- Ensure proper permissions on private and public keys as they are being written
to.
Tests:
- Freshly setup container and ensure that first run succeeds. Permission on the
public/private key files and the parent directly are correct. Users are able
login to FreedomBox. SSO works when accessing apps such as transmission.
- Without patches, setup freedombox container. Apply patches. Permission for
keys directory is updated but keys are not overwritten. Login to FreedomBox
works. SSO works when accessing apps such as transmission.
- Run code to perform signatures using old code and ensure that newer code
generates bit-identical signatures.
- Running ./run --list-dependencies show 'openssl' and python3-cryptography.
- Running unit tests works.
- Building debian package works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- OpenVPN app uses openssl command line. Even though easy-rsa has dependency on
openssl, declare this explicitly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- Let Encrypt app uses openssl to determine the expiry date of a certificate.
So, declare and explicit dependency on it.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- Use various action utilities to simplify daemon management.
- Instead of writing systemd service file to /etc ship an override file in
/usr/lib/systemd/system/*.d/. deluged and deluge-web both have systemd unit file
shipped. They are very close to what we want from them. Drop the old service file.
- Don't write /etc/default/deluged, it is not used in the systemd unit file.
- App's setup version has not been incremented as it has already been
incremented for the next release.
Tests:
- Fresh install of the app works in testing container. Functional tests work as
expected.
- /var/lib/deluged/config/web.conf is created when deluge-web is started
confirming that the correct configuration path is being used. Also app works on
/deluge web path.
- Old systemd unit file is removed when the setup is run when it is present to
due to deluge installation attempt previously.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Drop unnecessary code. Bootstrap does not style a:hover or table roes like
before.
- Use default table color variables from Bootstrap to work well with dark mode.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Custom CSS variables were declared with Bootstrap 4 since it did not use CSS
variables itself. In Boostrap 5, CSS variables are available. Use them to
eliminate custom color definitions. This means that when Bootstrap colors are
changed, custom colored elements will not look different.
- Use color utilities from Bootstratp instead of .processing, .warning, and
.normal.
- Collect more repeated colors into variables. This will make themeing easier.
- Using Bootstrap variables also makes implement dark mode easier.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- In Bootstrap 5, .table-responsive does not seem to set 'width: 100%;'. This
leads to tables getting laid out between the disk name and disk free progress
bar since they are both floating elements. Fix this by using flex layout
instead.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Bootstrap 5 underlines all links by default. Allow this change without
reverting as this is likely done to improve accessibility.
- In Networks diagram and firewall page, provide exception and remove the
underlining.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Wrap each app's results in a <section>. Style section to maintain gap with
previous sections.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- A 'row' class is more suitable when we want to use the Bootstrap's 'Grid'
system. Bootstrap 5 sets 'width: 100%' on all children of a .row. So, use a
simpler 'display: flex' instead.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Also place the body content in <p> for improved semantics and suggested by
Bootstrap.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Ensure that .sr-only is replaced with newer classes.
- Ensure that icons are present for all alerts.
- Use flex-box for display of icons on the left center of the alert.
- .close has been renamed to .btn-close.
- × is no longer required for close buttons.
Tests:
- Visually verify all the changes by triggering them with code changes.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- We no longer print any passwords in the logs. Remove the wording in the notice
that indicates that we do.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- The form does not have DNS-over-TLS field and trying to set initial value for
it fails.
Tests:
- Load the PPPoE creation form. Without the patch, it fails with an exception.
With the patch it succeeds.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Keep the badge-{severity} classes as they are meant for convenience of mapping
severity to style.
- Match bootstrap colors to maintain consistency and contrast.
Tests:
- Visually confirm that all the changes effective.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Check for availability of access_point.strength before using
access_point.strength.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Closes: #2322.
On Debian stable, mark deluge app as not available because deluge-web is not
working in this distribution.
- Default deluged configuration directory location changed. I didn't do
migration from the old location because deluge app hasn't been working on
Debian stable.
- Make deluge-web systemd service start after deluged service to prevent
Connection Manager popup in deluge-web after system reboot.
Tests performed:
- On Debian stable:
- Deluge app is not installable from the app page.
- All functional tests are skipped.
- On Debian testing:
- All tests pass.
- After reboot, deluge-web service started after deluge service and there
is no Connection Manager popup in deluge web UI.
- Changing torrent download directory works.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Add type signature to an overridden method]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
- So that the page appearance can be easily customized in CSS.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Tests:
- Run diagnostics for nextcloud and notice that there is not check to reach
docker.com.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Should fix issues related to rate limiting on docker.io and improve privacy
for our users.
Tests:
- Install nextcloud, install succeeds. 'podman image list' shows that image is
from registry.freedombox.org.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When the box shadows are dropped, the cards overlay on those backgrounds is
not pleasant.
Tests:
- MediaWiki functional tests pass.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When a link on 'Nearby Wi-Fi Networks' page is clicked, a new Wi-Fi connection
page is shown. In this form, the DNS-over-TLS and IPv6 method radio buttons are
not pre-selected with default value. Fix this by setting default values for
them.
Tests:
- On a system with Wi-Fi device, click on 'Nearby Wi-Fi Networks', click on a
Wi-Fi network and go to new Wi-Fi connection creation page. Notice that values
for DNS-over-TLS and IPv6 connection method are filled in. Simply clicking
'Submit' creates the connection.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Fixes: #1725.
- Show multiple Wi-Fi devices in separate tables so that users can pick them
understanding what they are. Also avoids some confusion related to why APs are
duplicated.
- Request scanning if the last scan time was long ago.
- Show the last scanned time.
- Refresh page in 10 seconds if scan has been requested so that the results of
scan can be shown without user explicitly refreshing the page. Show spinner when
scan has been requested and we are awaiting results.
- Refresh page every 60 seconds in other cases.
- When an SSID can't be decoded into a string, don't show it.
- Don't show hidden networks with no SSID set.
- Improve the styling for signal strength.
- Show a message when no Wi-Fi devices are present.
- Show a message when no Wi-Fi networks are found for a device.
Tests:
- Test on a machine with Wi-Fi device available.
- When page is loaded is for the first time, spinner is shown and refresh
happens in 10 seconds. After refresh if the scan has not completed, again,
spinner is shown and page is reloaded in 10 seconds. Otherwise, spinner is not
shown and page is reloaded in 60 seconds.
- Hidden networks are not shown.
- On a machine with no Wi-Fi devices, 'No Wi-Fi device detected.' message is
shown.
- Clicking on a network takes us to new Wi-Fi network connection page with
'connection name', 'network interface' and SSID filled in correctly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- With a locale that has translation for the 'FreedomBox' source string, check
the following locations have translated string for 'FreedomBox':
- Default backup repository label.
- Firewall app description.
- Network forms for: topology, internet connection type, and router
configuration.
- RSS-Bridge app description.
- TiddlyWiki app description.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Currently, strength and channel information is not shown for Wi-Fi connections
in connection information page. This is a regression related to handling SSID as
a binary string. Fix this.
- Also fix the styling to not make signal strength too prominent.
Tests:
- On a machine with Wi-Fi network device. Viewing the Wi-Fi connection
information does not signal strength and channel without patch but show with the
patch.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Fixes: #2447.
- When editing an existing wireless connection, SSID field shows as "b'myap'"
instead of "myap". Fix this.
Tests:
- On a machine with a wireless connection, edit the connection. Without the
patch, form show SSID incorrectly. With the patch, it shows the correct value.
- Unit tests in test_network.py pass when run as root.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Fixes: #2464.
- This page will act as replacement for the footer links in the home page.
- Remove link to FreedomBox Foundation and add link to Weblate project. We
already have a donate link to the foundation website.
Tests:
- About page is shown as expected. Old 'Learn more' button is no more. So is the
last paragraph.
- Styling is as expected. All the section have equal width.
- All links work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This page will replace the rather large footer in the front page.
Tests:
- Log out. Visit the help about page. It is available without redirection to
login page. Version related alert is not shown.
- Log in. Visit the help about page. It is available. Version related alert is
shown.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Update the mediawiki functional tests which were using this image.
- Slightly increase the darkness of the shadow around the cards to compensate
for the loss of the contrast with the noise background.
Tests:
- Re-run mediawiki functional tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: #2364
Tests:
- Set language to English. Go to backups -> create. List of apps is sorted
alphabetically and case is ignored. Take a backup.
- Click on restore for the new backup. The list of apps is again sorted
alphabetically and case is ignored.
- Click on schedules. List of apps is sorted and alphabetically and case is
ignored.
- Repeat tests with Spanish locale.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Fixes: #2115.
Tests:
- Visit the backups upload page. Notice that the new help text is as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This helps various clients to use MAM.
Fixes: #2338
Tests:
- Functional tests for ejabberd pass.
- Install ejabberd and enable MAM. Check that default is set to always
in the configuration.
- Without this change, install ejabberd and enable MAM. Then restart
plinth with this change. The configuration is changed from never to
always. After several minutes, ejabberd is running again.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests performed in stable and testing containers:
- All the users module tests pass.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
On user deletion, user's home folder is also deleted. Admins have an
option to avoid deleting user's home by inactivating the user instead.
This commit also removes user deletion buttons from the user's list
page and adds this option to the user edit page. The user's edit form
asks for a confirmation if the user deletion is requested. This change
also means that the confirmation password is now required to delete a user.
Also:
- Add a simple username validation to the privileged actions.
- Functional tests: Create a fixture to login as an admin before every test.
- Functional tests: Add a test to check that SSH passwordless login works
after user is renamed to validate correct SSH related path permissions.
- Privileged tests: Add `test_` prefix to the generated random string which
makes easier to check and cleanup created home folders.
- Minor quote fixes.
Tests performed in stable and testing containers:
- Run all the users module tests twice, no failures in tests.
- When user is the last admin, both "Active" and "Delete user"
checkboxes are disabled.
Closes#2451.
[sunil]
- Refactor the JS code:
- Ensure that DOM elements are lookup after DOM content is loaded.
- Styling changes. Reduce the number of globals, name the global names
somewhat more unique.
- Click the button instead of submitting the form to disable the button.
- Template changes:
- Add a body for the confirmation dialog to talk about disabling the user and
deleting the home directory.
- Change the label of the confirm button to make it more
explicit (recommendation from many UX guides).
- Styling.
- Functional tests:
- Fix visibility checking of an element to use the correct splinter API.
- Simplify clicking the edit user link.
- Minor update to form checkbox help text.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Fixes: #2463.
- When FreedomBox service is run via systemd and if the unit has PrivateTmp=yes
as was recently introduced, then 'podman exec --user www-data' fails with error
'Error: unable to find user www-data: no matching entries in passwd file'.
- The problem seems isolated to this specific instance and does not seem to
effect the container start up (which happens via systemd).
Tests:
- Without the patch, start FreedomBox service via systemd and install Nextcloud.
It fails.
- With the patch, install succeeds and functional tests for Nextcloud succeed.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Don't use title casing, instead use simple capitalization.
- Add some tags.
- Drop outdated tags like 'VoIP', 'IM' while emphasizing 'Audio chat', 'Video
chat', 'Encrypted messaging' instead.
- Try to clarify server vs. web client with tags.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
- Add tags to Info component of apps. Use only English tags for all operations.
Localized tags are used for presentation to the user only. Add tags to all the
apps. Conventions (English):
1. Tags describing use cases should be in kebab case.
2. Protocols in tag names should be in their canonical format.
3. Tags needn't be 100% technically correct. This can get in the way of
comparing apps using a tag. Words that describe use cases that users can
easily understand should be preferred over being pedantic.
4. Tags should be short, ideally not more than 2 words. Avoid conjunctions
like "and", "or" in tags.
5. Avoid redundant words like "server", or "web-clients". Most apps on
FreedomBox are either servers or web clients.
6. Keep your nouns singular in tags.
- Use query
params to filter the Apps page by tags. When all tags are removed, redirect to /apps.
- Add UI elements to add and remove tag filters in the Apps page. Make the UI
similar to GitLab issue tags. Since there are 40 apps, there will be at least 40
tags. Selecting a tag from a dropdown will be difficult on mobile devices. A
fuzzy search is useful to find tags to add to the filter. Allow user to find the
best match for the search term and highlight it visually. The user can then
press Enter to select the highlighted tag. Make tag search case-insensitive.
Make the dropdown menu scrollable with a fixed size. User input is debounced by
300 ms during search.
- tests: Add missing mock in test_module_loader.py
- Add functional tests
[sunil]
- 'list' can be used instead of 'List' for typing in recent Python versions.
- Reserve tripe-quoted strings for docstrings.
- Undo some changes in module initialization, use module_name for logging
errors.
- isort and yapf changes.
- Encode parameters before adding them to the URL.
Tests:
- Tested the functionality of filtering by tag with one tag and two tags.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
