subject:"Bug#873946\: freedombox\-setup\: Cleanup setup steps based on Plinth changes"

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

2017-10-07 Thread James Valleroy

On Fri, 29 Sep 2017 15:37:46 +0530 Sunil Mohan Adapa 
wrote:
> Update set of patches.  This time much cleaner and well separately.
> Still testing them with Plinth and freedom-maker changes.

I've committed these changes to the git repository.

--
James



signature.asc
Description: OpenPGP digital signature

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

2017-10-04 Thread Sunil Mohan Adapa

I believe the patches are now ready for merge.  I have done the
following tests:

* In the image
- FIXED: /usr/lib/freedombox directory should not exit
  - first-run.d exists
  - setup.d exists with 86_plinth
- PASS: Four files should exist in /etc/avahi/services directory
- PASS: avahi-utils package must be installed
- PASS: Image contains file /var/lib/freedombox/is-freedombox-disk-image
- PASS: /etc/init.d/freedombox-first-run should not exit
- PASS: /var/lib/freedombox/first-run-enable should not exist
- PASS: /var/lib/freedombox should exist
- PASS: etckeeper should not be installed and should not be configured
- PASS: There should be no git repository in /etc/
- PASS: /usr/src/packages should not exist
* Plinth setup
- PASS: Building freedom-maker image should not have issues
- PASS: Setup should succeed
- PASS: Machine should not automatically restart
- PASS: Setup should succeed without network
* After Plinth setup
- PASS: Apache
  - PASS: Apache configuration must be properly setup
  - PASS: Apache must be running
  - PASS: Apache must have SSL snakeoil certificate regenerated
  - PASS: Modules disabled
- PASS: mpm_event
- PASS: mpm_worker
- PASS: ssl
  - PASS: Modules enabled
- PASS: mpm_prefork
- PASS: proxy
- PASS: proxy_http
- PASS: rewrite
- PASS: gnutls
- PASS: alias
- PASS: headers
- PASS: php7.0
- PASS: cgi
- PASS: authnz_ldap
- PASS: userdir
  - PASS: Config enabled
- PASS: freedombox
- PASS: javascript-common
  - PASS: Sites enabled
- PASS: 000-default
- PASS: default-tls
- PASS: plinth
- PASS: plinth-ssl
  - PASS: Sites disasbled
- PASS: default-ssl
  - PASS: /etc/apache2/conf-available/freedombox.conf should exist
- PASS: SSO
  - PASS: SSO private keys are created
  - PASS: Able to login to TTRSS, syncthing, repro
  - PASS: Non admin users should not be able to login to repro
- NOTE: They are simply redirected back to Plinth
  - PASS: Unauthorized use of apps should send user to login page
- PASS: SSH
  - PASS: SSH must have server keys generated
  - PASS: SSH shows as running by default
  - PASS: SSH must be running by default
  - PASS: SSH interface works
  - PASS: Disabling SSH stops server, disable port shows as stopped
  - PASS: Enabling SSH starts server, enables port shows as started
- PASS: Firewall
  - FAIL: Enabling Tor enables Tor ports
- Only tor-socks service is enabled
  - PASS: NTP ports should be enabled
  - PASS: Avahi ports should be enabled
  - PASS: Enabling privoxy should enable privoxy ports
  - PASS: Enabling XMPP enables XMPP ports
  - PASS: HTTP, HTTPS, DNS and DHCP ports are enabled
  - PASS: Default firewall zone must external
- Avahi
  - PASS: Avahi should be running
  - FIXED: Avahi should have restarted and picked up new configuration files
- Network
  - PASS: One ethernet should be configuration as DHCP (internal)
  - PASS: More ethernets: First interface DHCP (external), others are
shared (internal)
  - UNTESTED: One ethernet, wireless: Ethernet is DHCP (external)
  - UNTESTED: All wireless: Should shared (internal)
  - FIXED: All network connections should be active (NM restarted)
- PASS: Automatic upgrades
  - PASS: Automatic upgrades are enabled
- PASS: Users
  - PASS: Should be able to create admin user during first-boot
  - FIXED: Should be to login with admin user on SSH
- NOTE: Required restart
  - PASS: Should be able to sudo with admin but not non-admin user




signature.asc
Description: OpenPGP digital signature

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

2017-09-29 Thread Sunil Mohan Adapa

Update set of patches.  This time much cleaner and well separately.
Still testing them with Plinth and freedom-maker changes.

-- 
Sunil

From b8976b7d9e5ff96250817e2b0007fd9bf1580aa9 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 29 Sep 2017 12:08:56 +0530
Subject: [PATCH 8/8] Move Avahi configuration to Plinth

Plinth already handles all Avahi configuration.

After moving this file to Plinth. freedombox-setup must 'Depend' on Plinth >>
0.15.2 and Plinth 'Breaks' freedombox-setup <= 0.15.2.

Signed-off-by: Sunil Mohan Adapa 
Signed-off-by: Joseph Nuthalapati 
---
 data/etc/avahi/services/domain.service  | 12 
 data/etc/avahi/services/sftp-ssh.service| 14 --
 data/etc/avahi/services/ssh.service | 12 
 data/etc/avahi/services/xmpp-server.service | 12 
 debian/control  |  2 --
 debian/freedombox-setup.install |  1 -
 6 files changed, 53 deletions(-)
 delete mode 100644 data/etc/avahi/services/domain.service
 delete mode 100644 data/etc/avahi/services/sftp-ssh.service
 delete mode 100644 data/etc/avahi/services/ssh.service
 delete mode 100644 data/etc/avahi/services/xmpp-server.service

diff --git a/data/etc/avahi/services/domain.service b/data/etc/avahi/services/domain.service
deleted file mode 100644
index f6210c1..000
--- a/data/etc/avahi/services/domain.service
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-  %h
-
-  
-_domain._udp
-53
-  
-
-
diff --git a/data/etc/avahi/services/sftp-ssh.service b/data/etc/avahi/services/sftp-ssh.service
deleted file mode 100644
index bfe1a0f..000
--- a/data/etc/avahi/services/sftp-ssh.service
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-
-
-  %h
-
-  
-_sftp-ssh._tcp
-22
-path=/home/fbx
-u=fbx
-  
-
-
diff --git a/data/etc/avahi/services/ssh.service b/data/etc/avahi/services/ssh.service
deleted file mode 100644
index 7090f20..000
--- a/data/etc/avahi/services/ssh.service
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-  %h
-
-  
-_ssh._tcp
-22
-  
-
-
diff --git a/data/etc/avahi/services/xmpp-server.service b/data/etc/avahi/services/xmpp-server.service
deleted file mode 100644
index 4dc9b06..000
--- a/data/etc/avahi/services/xmpp-server.service
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-  %h
-
-  
-_xmpp-server._tcp
-5269
-  
-
-
diff --git a/debian/control b/debian/control
index 4e68828..4e62d84 100644
--- a/debian/control
+++ b/debian/control
@@ -22,8 +22,6 @@ Depends: ${misc:Depends}
  , ${python3:Depends}
  , apache2
  , augeas-tools
- , avahi-daemon
- , avahi-utils
  , bridge-utils
  , curl
  , devio
diff --git a/debian/freedombox-setup.install b/debian/freedombox-setup.install
index 9a7b08d..4203fbe 100644
--- a/debian/freedombox-setup.install
+++ b/debian/freedombox-setup.install
@@ -1,4 +1,3 @@
-data/etc/avahi/services/*.service etc/avahi/services
 data/etc/sudoers.d/freedombox etc/sudoers.d
 data/etc/sysctl.d/freedombox.conf etc/sysctl.d
 data/etc/update-motd.d/50-freedombox etc/update-motd.d/
-- 
2.11.0


From a60fe1bbea315ffecb6ec5b90557da17dc699f92 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 29 Sep 2017 12:03:51 +0530
Subject: [PATCH 7/8] Move Apache FreedomBox configuration to Plinth

Plinth already handles all Apache configuration. This configuration file is
actually enabled in Plinth now. If freedombox-setup is not installed and Plinth
tries to do Apache setup, then we might run into Apache setup failure.

After moving this file to Plinth. freedombox-setup must 'Depend' on Plinth >>
0.15.2 and Plinth 'Breaks' freedombox-setup <= 0.15.2.

Signed-off-by: Sunil Mohan Adapa 
Signed-off-by: Joseph Nuthalapati 
---
 data/etc/apache2/conf-available/freedombox.conf | 11 ---
 debian/freedombox-setup.install |  1 -
 debian/freedombox-setup.lintian-overrides   |  6 --
 3 files changed, 18 deletions(-)
 delete mode 100644 data/etc/apache2/conf-available/freedombox.conf
 delete mode 100644 debian/freedombox-setup.lintian-overrides

diff --git a/data/etc/apache2/conf-available/freedombox.conf b/data/etc/apache2/conf-available/freedombox.conf
deleted file mode 100644
index 3156b37..000
--- a/data/etc/apache2/conf-available/freedombox.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-##
-## Enable HSTS, even for subdomains.
-##
-Header set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
-
-##
-## Redirect traffic on home to /plinth as part of turning the machine
-## into FreedomBox server.  Plinth then acts as a portal to reach all
-## other services.
-##
-RedirectMatch "^/$" "/plinth"
diff --git a/debian/freedombox-setup.install b/debian/freedombox-setup.install
index fe3d1a6..9a7b08d 100644
--- a/debian/freedombox-setup.install
+++ b/debian/freedombox-setup.install
@@ -1,4 +1,3 @@
-data/etc/apache2/conf-available/freedombox.conf

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

2017-09-01 Thread Sunil Mohan Adapa

Package: freedombox-setup
Version: 0.10
Severity: normal
Tags: patch

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Currently, Plinth is undergoing changes to move a lot of setup steps into
Plinth.  This will eliminate the need for many steps in freedombox-setup.

Attached patch is a work-in-progress patch to indicate the kind of cleanups
that may be done on freedombox-setup after these changes.  Note that both the
packages should depend on particular versions with these changes (using Depends
and Breaks to avoid circular dependencies).

This patch is somewhat aggressive.  While the first-run can be completely
removed without question, same is not true setup process.  However, what
remains in setup step is so minimal that it does not warrant an extra
FreedomBox install complication.  So, with this patch I suggest removing
functionalities of etckeeper and provide source temporarily in order to gain
the huge advantage of simplification of the FreedomBox install/setup process.



- -- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IN.UTF-8, LC_CTYPE=en_IN.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_IN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAlmpYusRHHN1bmlsQG1l
ZGhhcy5vcmcACgkQQ+oc/wqnxfJhahAAgbhTVkCHrbG5oPUQj1RQqHrjiBeVDuJr
FQv+F4Pa/OvPrrdQOUW54jCt9VP9QC87y2cxXVU6j5gxzZ7290oOC0t1Q0yOSiPy
NH9X6wZ1629ywTd6tmat1rphWlmPFLTANZTJlKeR4ZWUB/MnIaH5f2jT2wbgI0lC
Y1503luAfAGlwiBKjAQJnOMGQPFQekibpsgEUwtWSBskA0DO7My+oTChuXY429jg
vPy5ACMkSLH+GBSqFwwj7dv8RvLpzEDGbmudb+Ry5+GQJDgrG66XleyEo+ut62f4
V4vm3kIsl3tjsVYnL1+DhMC8pFFkUYShIDlSucNoF01J1UHahiIuGsotQTS9W5YB
vq6D29nXw+UE+eLRJQdS47SjXwgsdrNGLd+E0SKHOXkvXHjXArmRQ45u9dCbhgaO
whDtvZxtyGcfHXweHW4WncB7VG8sjXDlb+F16Q5PjZ0vK12hSq7GIjjbARphLMFU
vaeNYv43sWmscu2lse4SNw1y9kUjukmJ5umg3a5ZjLcEC5Czc6jPGO2zherZxatf
9mdcec90ahPOgu0Pm5fa7TpDUlVsOex79zsKSIbPh9XnlhswVnrJBHs7hI8EjAK6
232MPuywB/e7r7kHv5m4KF2h74UJc/agB1igrZR3bUBqDkKnZ5yFrRyGkcD9lFOb
0zxK4ysd8rw=
=hE65
-END PGP SIGNATURE-
>From c7b26d6e2df98ae97b0ed4263bc3d94d98ec0bee Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 1 Sep 2017 18:41:33 +0530
Subject: [PATCH] WIP: Move most setup steps to Plinth

Signed-off-by: Sunil Mohan Adapa 
---
 debian/freedombox-setup.freedombox-first-run.init |  64 
 debian/freedombox-setup.install   |   3 -
 debian/freedombox-setup.maintscript   |   1 +
 debian/rules  |   3 -
 debian/tests/control  |   2 -
 debian/tests/test-run-setup   |  15 ---
 first-run.d/05_network| 119 --
 first-run.d/10_ssh-keys   |  12 ---
 first-run.d/40_apache2|   8 --
 setup |  29 --
 setup.d/01_etckeeper-pre  |  15 ---
 setup.d/90_apache2|  44 
 setup.d/98_next-is-first-run  |   7 --
 setup.d/99_etckeeper  |   7 --
 setup.d/99_provide-source |  28 -
 setup.d/99_zmessage   |  22 
 16 files changed, 1 insertion(+), 378 deletions(-)
 delete mode 100755 debian/freedombox-setup.freedombox-first-run.init
 delete mode 100644 debian/tests/control
 delete mode 100755 debian/tests/test-run-setup
 delete mode 100755 first-run.d/05_network
 delete mode 100755 first-run.d/10_ssh-keys
 delete mode 100755 first-run.d/40_apache2
 delete mode 100755 setup
 delete mode 100755 setup.d/01_etckeeper-pre
 delete mode 100755 setup.d/90_apache2
 delete mode 100755 setup.d/98_next-is-first-run
 delete mode 100755 setup.d/99_etckeeper
 delete mode 100755 setup.d/99_provide-source
 delete mode 100755 setup.d/99_zmessage

diff --git a/debian/freedombox-setup.freedombox-first-run.init 
b/debian/freedombox-setup.freedombox-first-run.init
deleted file mode 100755
index bb8cd96..000
--- a/debian/freedombox-setup.freedombox-first-run.init
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/sh
-### BEGIN INIT INFO
-# Provides:  freedombox-first-run
-# Default-Start: 2 3 4 5
-# Default-Stop:
-# Required-Start:$network $remote_fs $syslog
-# Required-Stop: $remote_fs $syslog
-# Should-Start:  firewalld tor haveged
-# Short-Description: Finish Freedombox install after first boot
-# Description:
-#   Script to complete the post-install process on first FBX boot.
-### END INIT INFO
-
-RUNONCE=/var/lib/freedombox/first-run-enable
-LOGFILE=/var/log/freedombox-first-run.log
-
-if [ ! -e $RUNONCE ]
-then
-exit
-fi
-
-. /lib/lsb/init-functions
-
-exec > $LOGFILE 2>&1
-
-etckeeper_commit() {
-if

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

Bug#873946: freedombox-setup: Cleanup setup steps based on Plinth changes

4 matches

Site Navigation

Mail list logo

Footer information