6ba35df665
Fixes: #2566. Thanks to joeDoe for helping with identifying the bug and confirming a fix. - Currently, when multiple domains are configured, only one certificate is setup. One domains properly and other domains will end up using the certificate for the configured domain. This leads to domain validation errors on the client-side. - Copy certificates for all domains to /etc/ejabberd/letsencrypt directory whether they are configured for ejabberd or not. - Use the new certfiles: directive to provide multiple certificates. Don't use and remove the old s2s_certfile: directive. Migrate old configuration. Tests: - Functional tests for ejabberd work. - Installing ejabberd freshly works. s2s_certfile: is not present in the configuration file. certfiles: is present with wildcard for LE certs. - Install ejabberd without the patch. s2s_certfile: is present and certfiles: does not contain the wildcard for LE certificates. Apply the patch. Setup is re-run for ejabberd app and succeeds. s2s_certfile: is removed from configuration file. certfiles: contains wildcard for LE certificates. /etc/ejabberd/letsencrypt/ contains certificates for all the configured domains on the system. - Adding domain works. Certificate for newly configured domain is copied into the ejabberd LE cert directory. ejabberd daemon is reloaded. hosts: list is updated. - Removing domain works. Certificate for the old domain is retained in the ejabberd LE directory. ejabberd daemon is not reloaded. - Setting the list of domains works. Old certificates are retained in the ejabberd LE directory. ejabberd daemon is reloaded. hosts: list is updated. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
FreedomBox Service (Plinth)
The core functionality and web front-end of FreedomBox.
Description
FreedomBox is a community project to develop, design and promote personal servers running free software for private, personal communications. It is a networking appliance designed to allow interfacing with the rest of the Internet under conditions of protected privacy and data security. It hosts applications such as blog, wiki, website, social network, email, web proxy and a Tor relay, on a device that can replace your Wi-Fi router, so that your data stays with you.
This module, called FreedomBox Service and also know as Plinth, is the core functionality and web interface to the functions of the FreedomBox. It is extensible and provides various applications of FreedomBox as modules. Each module or application provides simplified user interface to control the underlying functionality. As FreedomBox can act as a wireless router, it is possible to configure networking. It also allows configuration of basic system parameters such as time zone, hostname and automatic upgrades.
You can find more information about FreedomBox Service (Plinth) on the Plinth Wiki page, the FreedomBox Wiki and the FreedomBox Manual.
Getting Started
To have a running FreedomBox, first install Debian (Buster or higher) on a clean machine. Then run:
$ sudo apt install freedombox
Full instructions are available on FreedomBox Manual's QuickStart page.
For instructions on running the service on a local machine from source code, see INSTALL.md. For instructions on setting up for development purposes, see HACKING.md.
Contributing
See the HACKING.md file for contributing to FreedomBox Service (Plinth).
Localization
License
FreedomBox is distributed under the GNU Affero General Public License, Version 3 or later. A copy of AGPLv3 is available from the Free Software Foundation.