mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-02-11 08:23:49 +00:00
61ff15a04f
- This is to capture stdout and stderr and transmit that from privileged daemon back to the service to be displayed in HTML. Tests: - Unit tests and code checks pass. - Some of the modified actions work as expected. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: Veiko Aasa <veiko17@disroot.org>
161 lines
4.9 KiB
Python
161 lines
4.9 KiB
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
"""Configure Names App."""
|
|
|
|
import pathlib
|
|
|
|
import augeas
|
|
|
|
from plinth import action_utils
|
|
from plinth.actions import privileged
|
|
|
|
fallback_conf = pathlib.Path(
|
|
'/etc/systemd/resolved.conf.d/freedombox-fallback.conf')
|
|
override_conf = pathlib.Path('/etc/systemd/resolved.conf.d/freedombox.conf')
|
|
source_fallback_conf = pathlib.Path(
|
|
'/usr/share/freedombox'
|
|
'/etc/systemd/resolved.conf.d/freedombox-fallback.conf')
|
|
|
|
HOSTS_LOCAL_IP = '127.0.1.1'
|
|
|
|
|
|
@privileged
|
|
def set_hostname(hostname: str):
|
|
"""Set system hostname using hostnamectl."""
|
|
action_utils.run(
|
|
['hostnamectl', 'set-hostname', '--transient', '--static', hostname],
|
|
check=True)
|
|
action_utils.service_restart('avahi-daemon')
|
|
|
|
|
|
def _load_augeas_hosts():
|
|
"""Initialize Augeas for editing /etc/hosts."""
|
|
hosts_file = '/etc/hosts'
|
|
aug = augeas.Augeas(flags=augeas.Augeas.NO_LOAD +
|
|
augeas.Augeas.NO_MODL_AUTOLOAD)
|
|
aug.transform('hosts', hosts_file)
|
|
aug.set('/augeas/context', '/files' + hosts_file)
|
|
aug.load()
|
|
return aug
|
|
|
|
|
|
def get_old_domains(aug=None) -> list[str]:
|
|
"""Return the list of domains store in old /etc/hosts format."""
|
|
if not aug:
|
|
aug = _load_augeas_hosts()
|
|
|
|
domains = {} # Maintain order of entries
|
|
for match in aug.match('*'):
|
|
if aug.get(match + '/ipaddr') != HOSTS_LOCAL_IP:
|
|
continue
|
|
|
|
domain = aug.get(match + '/canonical')
|
|
aliases = []
|
|
for alias_match in aug.match(match + '/alias'):
|
|
aliases.append(aug.get(alias_match))
|
|
|
|
# Read old style domains too.
|
|
if aliases and '.' not in aliases[-1]:
|
|
hostname = aliases[-1]
|
|
if domain.startswith(hostname + '.'):
|
|
domain = domain.partition('.')[2]
|
|
aliases = aliases[:-1]
|
|
|
|
for value in [domain] + aliases:
|
|
if value:
|
|
domains[domain] = True
|
|
|
|
return list(domains.keys())
|
|
|
|
|
|
@privileged
|
|
def domain_delete_all():
|
|
"""Remove all static domain names from /etc/hosts."""
|
|
aug = _load_augeas_hosts()
|
|
for match in aug.match('*'):
|
|
if aug.get(match + '/ipaddr') == HOSTS_LOCAL_IP:
|
|
aug.remove(match)
|
|
|
|
aug.save()
|
|
|
|
|
|
@privileged
|
|
def install_resolved():
|
|
"""Install systemd-resolved related packages."""
|
|
packages = ['systemd-resolved', 'libnss-resolve']
|
|
action_utils.run(['dpkg', '--configure', '-a'], check=False)
|
|
with action_utils.apt_hold_freedombox():
|
|
action_utils.run_apt_command(['--fix-broken', 'install'])
|
|
returncode = action_utils.run_apt_command(['install'] + packages)
|
|
|
|
if returncode:
|
|
raise RuntimeError(
|
|
f'Apt command failed with return code: {returncode}')
|
|
|
|
|
|
@privileged
|
|
def set_resolved_configuration(dns_fallback: bool | None = None,
|
|
dns_over_tls: str | None = None,
|
|
dnssec: str | None = None):
|
|
"""Set systemd-resolved configuration options."""
|
|
if dns_fallback is not None:
|
|
_set_enable_dns_fallback(dns_fallback)
|
|
|
|
if dns_over_tls is not None or dnssec is not None:
|
|
_set_resolved_configuration(dns_over_tls, dnssec)
|
|
|
|
# Workaround buggy reload that does not apply DNS-over-TLS changes
|
|
# properly.
|
|
action_utils.service_try_restart('systemd-resolved')
|
|
|
|
|
|
def get_resolved_configuration() -> dict[str, bool]:
|
|
"""Return systemd-resolved configuration."""
|
|
configuration = _get_resolved_configuration()
|
|
configuration['dns_fallback'] = fallback_conf.exists()
|
|
return configuration
|
|
|
|
|
|
def _set_enable_dns_fallback(dns_fallback: bool):
|
|
"""Update whether to use DNS fallback servers."""
|
|
if dns_fallback:
|
|
if not fallback_conf.exists():
|
|
fallback_conf.parent.mkdir(parents=True, exist_ok=True)
|
|
fallback_conf.symlink_to(source_fallback_conf)
|
|
else:
|
|
fallback_conf.unlink(missing_ok=True)
|
|
|
|
|
|
def _load_augeas():
|
|
"""Initialize Augeas."""
|
|
aug = augeas.Augeas(flags=augeas.Augeas.NO_LOAD +
|
|
augeas.Augeas.NO_MODL_AUTOLOAD)
|
|
aug.transform('Systemd', str(override_conf))
|
|
aug.set('/augeas/context', '/files' + str(override_conf))
|
|
aug.load()
|
|
return aug
|
|
|
|
|
|
def _get_resolved_configuration():
|
|
"""Return overridden configuration for systemd-resolved."""
|
|
aug = _load_augeas()
|
|
# Default value for DNSSEC upstream is 'allow-downgrade', but in Debian it
|
|
# is 'no'.
|
|
return {
|
|
'dns_over_tls': aug.get('Resolve/DNSOverTLS/value') or 'no',
|
|
'dnssec': aug.get('Resolve/DNSSEC/value') or 'no'
|
|
}
|
|
|
|
|
|
def _set_resolved_configuration(dns_over_tls: str | None = None,
|
|
dnssec: str | None = None):
|
|
"""Write configuration into a systemd-resolved override file."""
|
|
aug = _load_augeas()
|
|
|
|
if dns_over_tls is not None:
|
|
aug.set('Resolve/DNSOverTLS/value', dns_over_tls)
|
|
|
|
if dnssec is not None:
|
|
aug.set('Resolve/DNSSEC/value', dnssec)
|
|
|
|
aug.save()
|