b64ea720fc
Closes: Debian bug #1088760. - OpenSSL.crypto.sign has been deprecated and in the current version of python3-openssl in Debian testing, it has been dropped. The recommended alternative is cryptography.hazmat.primitives. So, use this instead. - The entire OpenSSL.crypto module is planned to be deprecated in the future. So, stop using it entirely by using cryptography.hazmat.primitives. - sso app does not use openssl anymore, so drop dependency on it. Other apps such as Let's Encrypt do depend on it and but they have their own dependency declared. The freedombox package on the overall retains on 'openssl' package. - We are not using the python OpenSSL module anywhere else, so drop dependency on it. - Use pathlib to simplify some code. - Ensure proper permissions on private and public keys as they are being written to. Tests: - Freshly setup container and ensure that first run succeeds. Permission on the public/private key files and the parent directly are correct. Users are able login to FreedomBox. SSO works when accessing apps such as transmission. - Without patches, setup freedombox container. Apply patches. Permission for keys directory is updated but keys are not overwritten. Login to FreedomBox works. SSO works when accessing apps such as transmission. - Run code to perform signatures using old code and ensure that newer code generates bit-identical signatures. - Running ./run --list-dependencies show 'openssl' and python3-cryptography. - Running unit tests works. - Building debian package works. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
FreedomBox Service (Plinth)
The core functionality and web front-end of FreedomBox.
Description
FreedomBox is a community project to develop, design and promote personal servers running free software for private, personal communications. It is a networking appliance designed to allow interfacing with the rest of the Internet under conditions of protected privacy and data security. It hosts applications such as blog, wiki, website, social network, email, web proxy and a Tor relay, on a device that can replace your Wi-Fi router, so that your data stays with you.
This module, called FreedomBox Service and also know as Plinth, is the core functionality and web interface to the functions of the FreedomBox. It is extensible and provides various applications of FreedomBox as modules. Each module or application provides simplified user interface to control the underlying functionality. As FreedomBox can act as a wireless router, it is possible to configure networking. It also allows configuration of basic system parameters such as time zone, hostname and automatic upgrades.
You can find more information about FreedomBox Service (Plinth) on the Plinth Wiki page, the FreedomBox Wiki and the FreedomBox Manual.
Getting Started
To have a running FreedomBox, first install Debian (Buster or higher) on a clean machine. Then run:
$ sudo apt install freedombox
Full instructions are available on FreedomBox Manual's QuickStart page.
For instructions on running the service on a local machine from source code, see INSTALL.md. For instructions on setting up for development purposes, see HACKING.md.
Contributing
See the HACKING.md file for contributing to FreedomBox Service (Plinth).
Localization
License
FreedomBox is distributed under the GNU Affero General Public License, Version 3 or later. A copy of AGPLv3 is available from the Free Software Foundation.