def test_init_values():
"""Test initializing with invalid values."""
properties = {
'private_key_path': 'test-private-key-path',
'certificate_path': 'test-certificate-path',
'user_owner': 'test-user',
'group_owner': 'test-group',
'managing_app': 'test-app'
}
LetsEncrypt('test-component', should_copy_certificates=True, **properties)
for key in properties:
new_properties = dict(properties)
new_properties[key] = None
with pytest.raises(ValueError):
LetsEncrypt('test-component',
should_copy_certificates=True,
**new_properties)
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(app_id=self.app_id,
version=version,
name=_('Quassel'),
icon_filename='quassel',
short_description=_('IRC Client'),
description=_description,
manual_page='Quassel',
clients=clients)
self.add(info)
menu_item = menu.Menu('menu-quassel',
info.name,
info.short_description,
info.icon_filename,
'quassel:index',
parent_url_name='apps')
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-quassel',
info.name,
short_description=info.short_description,
icon=info.icon_filename,
description=info.description,
configure_url=reverse_lazy('quassel:index'),
clients=info.clients,
login_required=True)
self.add(shortcut)
firewall = Firewall('firewall-quassel',
info.name,
ports=['quassel-plinth'],
is_external=True)
self.add(firewall)
letsencrypt = LetsEncrypt(
'letsencrypt-quassel',
domains=get_domains,
daemons=managed_services,
should_copy_certificates=True,
private_key_path='/var/lib/quassel/quasselCert.pem',
certificate_path='/var/lib/quassel/quasselCert.pem',
user_owner='quasselcore',
group_owner='quassel',
managing_app='quassel')
self.add(letsencrypt)
daemon = Daemon('daemon-quassel',
managed_services[0],
listen_ports=[(4242, 'tcp4'), (4242, 'tcp6')])
self.add(daemon)
users_and_groups = UsersAndGroups('users-and-groups-quasselcore',
reserved_usernames=['quasselcore'])
self.add(users_and_groups)
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(app_id=self.app_id,
version=version,
name=_('Coturn'),
icon_filename='coturn',
short_description=_('VoIP Helper'),
description=_description,
manual_page='Coturn')
self.add(info)
menu_item = menu.Menu('menu-coturn',
info.name,
info.short_description,
info.icon_filename,
'coturn:index',
parent_url_name='apps')
self.add(menu_item)
firewall = Firewall('firewall-coturn',
info.name,
ports=['coturn-freedombox'],
is_external=True)
self.add(firewall)
letsencrypt = LetsEncrypt(
'letsencrypt-coturn',
domains=get_domains,
daemons=managed_services,
should_copy_certificates=True,
private_key_path='/etc/coturn/certs/pkey.pem',
certificate_path='/etc/coturn/certs/cert.pem',
user_owner='turnserver',
group_owner='turnserver',
managing_app='coturn')
self.add(letsencrypt)
daemon = Daemon('daemon-coturn',
managed_services[0],
listen_ports=[(3478, 'udp4'), (3478, 'udp6'),
(3478, 'tcp4'), (3478, 'tcp6'),
(3479, 'udp4'), (3479, 'udp6'),
(3479, 'tcp4'), (3479, 'tcp6'),
(5349, 'udp4'), (5349, 'udp6'),
(5349, 'tcp4'), (5349, 'tcp6'),
(5350, 'udp4'), (5350, 'udp6'),
(5350, 'tcp4'), (5350, 'tcp6')])
self.add(daemon)
users_and_groups = UsersAndGroups('users-and-groups-coturn',
reserved_usernames=['turnserver'])
self.add(users_and_groups)
backup_restore = BackupRestore('backup-restore-coturn',
**manifest.backup)
self.add(backup_restore)
def fixture_component():
"""Create a new component for testing."""
return LetsEncrypt(
'test-component',
domains=['valid.example', 'invalid.example'],
daemons=['test-daemon'],
should_copy_certificates=True,
private_key_path='/etc/test-app/{domain}/private.path',
certificate_path='/etc/test-app/{domain}/certificate.path',
user_owner='test-user',
group_owner='test-group',
managing_app='test-app')
def test_init_without_arguments():
"""Test that component is initialized with defaults properly."""
component = LetsEncrypt('test-component')
assert component.component_id == 'test-component'
assert component.domains is None
assert component.daemons is None
assert not component.should_copy_certificates
assert component.private_key_path is None
assert component.certificate_path is None
assert component.user_owner is None
assert component.group_owner is None
assert component.managing_app is None
assert len(component._all) == 1
assert component._all['test-component'] == component
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(app_id=self.app_id, version=version,
name=_('Matrix Synapse'),
icon_filename='matrixsynapse',
short_description=_('Chat Server'),
description=_description,
manual_page='MatrixSynapse', clients=clients)
self.add(info)
menu_item = menu.Menu('menu-matrixsynapse', info.name,
info.short_description, 'matrixsynapse',
'matrixsynapse:index', parent_url_name='apps')
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-matrixsynapse', info.name,
short_description=info.short_description, icon=info.icon_filename,
description=info.description,
configure_url=reverse_lazy('matrixsynapse:index'),
clients=info.clients, login_required=True)
self.add(shortcut)
firewall = Firewall('firewall-matrixsynapse', info.name,
ports=['matrix-synapse-plinth'], is_external=True)
self.add(firewall)
webserver = Webserver('webserver-matrixsynapse',
'matrix-synapse-plinth',
urls=['https://{host}/_matrix/client/versions'])
self.add(webserver)
letsencrypt = LetsEncrypt(
'letsencrypt-matrixsynapse', domains=get_domains,
daemons=[managed_services[0]], should_copy_certificates=True,
private_key_path='/etc/matrix-synapse/homeserver.tls.key',
certificate_path='/etc/matrix-synapse/homeserver.tls.crt',
user_owner='matrix-synapse', group_owner='nogroup',
managing_app='matrixsynapse')
self.add(letsencrypt)
daemon = Daemon('daemon-matrixsynapse', managed_services[0],
listen_ports=[(8008, 'tcp4'), (8448, 'tcp4')])
self.add(daemon)
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(app_id=self.app_id,
version=self._version,
is_essential=True,
name=_('Apache HTTP Server'))
self.add(info)
packages = Packages('packages-apache', [
'apache2', 'php-fpm', 'ssl-cert', 'uwsgi', 'uwsgi-plugin-python3'
])
self.add(packages)
web_server_ports = Firewall('firewall-web',
_('Web Server'),
ports=['http', 'https'],
is_external=True)
self.add(web_server_ports)
freedombox_ports = Firewall('firewall-plinth',
format_lazy(
_('{box_name} Web Interface (Plinth)'),
box_name=_(cfg.box_name)),
ports=['http', 'https'],
is_external=True)
self.add(freedombox_ports)
letsencrypt = LetsEncrypt('letsencrypt-apache',
domains='*',
daemons=['apache2'])
self.add(letsencrypt)
daemon = Daemon('daemon-apache', 'apache2')
self.add(daemon)
daemon = RelatedDaemon('related-daemon-apache', 'uwsgi')
self.add(daemon)
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(
app_id=self.app_id,
version=self._version,
name=_('Mumble'),
icon_filename='mumble',
short_description=_('Voice Chat'),
description=_description,
manual_page='Mumble',
clients=manifest.clients,
donation_url='https://wiki.mumble.info/wiki/Donate')
self.add(info)
menu_item = menu.Menu('menu-mumble',
info.name,
info.short_description,
'mumble',
'mumble:index',
parent_url_name='apps')
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-mumble',
info.name,
short_description=info.short_description,
icon=info.icon_filename,
description=info.description,
configure_url=reverse_lazy('mumble:index'),
clients=info.clients)
self.add(shortcut)
packages = Packages('packages-mumble', ['mumble-server'])
self.add(packages)
firewall = Firewall('firewall-mumble',
info.name,
ports=['mumble-plinth'],
is_external=True)
self.add(firewall)
letsencrypt = LetsEncrypt(
'letsencrypt-mumble',
domains=get_domains,
daemons=['mumble-server'],
should_copy_certificates=True,
private_key_path='/var/lib/mumble-server/privkey.pem',
certificate_path='/var/lib/mumble-server/fullchain.pem',
user_owner='mumble-server',
group_owner='mumble-server',
managing_app='mumble')
self.add(letsencrypt)
daemon = Daemon('daemon-mumble',
'mumble-server',
listen_ports=[(64738, 'tcp4'), (64738, 'tcp6'),
(64738, 'udp4'), (64738, 'udp6')])
self.add(daemon)
users_and_groups = UsersAndGroups('users-and-groups-mumble',
reserved_usernames=['mumble-server'])
self.add(users_and_groups)
backup_restore = BackupRestore('backup-restore-mumble',
**manifest.backup)
self.add(backup_restore)
def __init__(self):
"""The app's constructor"""
super().__init__()
info = plinth.app.Info(app_id=self.app_id,
version=self._version,
name=_('Postfix/Dovecot'),
icon_filename='email',
short_description=_('Email Server'),
description=_description,
manual_page='Email',
clients=manifest.clients,
donation_url='https://rspamd.com/support.html')
self.add(info)
menu_item = menu.Menu('menu-email',
info.name,
info.short_description,
info.icon_filename,
'email:index',
parent_url_name='apps',
advanced=True)
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-email',
info.name,
short_description=info.short_description,
icon=info.icon_filename,
description=info.description,
configure_url=reverse_lazy('email:index'),
clients=info.clients,
login_required=True)
self.add(shortcut)
shortcut = frontpage.Shortcut(
'shortcut-email-aliases',
_('My Email Aliases'),
short_description=_('Manage Aliases for Mailbox'),
icon=info.icon_filename,
url=reverse_lazy('email:aliases'),
login_required=True)
self.add(shortcut)
# Other likely install conflicts have been discarded:
# - msmtp, nullmailer, sendmail don't cause install faults.
# - qmail and smail are missing in Bullseye (Not tested,
# but less likely due to that).
packages = Packages(
'packages-email', [
'postfix', 'postfix-sqlite', 'dovecot-pop3d', 'dovecot-imapd',
'dovecot-lmtpd', 'dovecot-managesieved', 'dovecot-ldap',
'rspamd', 'redis-server', 'openssl'
],
conflicts=['exim4-base', 'exim4-config', 'exim4-daemon-light'],
conflicts_action=Packages.ConflictsAction.IGNORE)
self.add(packages)
listen_ports = [(25, 'tcp4'), (25, 'tcp6'), (465, 'tcp4'),
(465, 'tcp6'), (587, 'tcp4'), (587, 'tcp6')]
daemon = Daemon('daemon-email-postfix',
'postfix',
listen_ports=listen_ports)
self.add(daemon)
listen_ports = [(143, 'tcp4'), (143, 'tcp6'), (993, 'tcp4'),
(993, 'tcp6'), (110, 'tcp4'), (110, 'tcp6'),
(995, 'tcp4'), (995, 'tcp6'), (4190, 'tcp4'),
(4190, 'tcp6')]
daemon = Daemon('daemon-email-dovecot',
'dovecot',
listen_ports=listen_ports)
self.add(daemon)
listen_ports = [(11332, 'tcp4'), (11332, 'tcp6'), (11333, 'tcp4'),
(11333, 'tcp6'), (11334, 'tcp4'), (11334, 'tcp6')]
daemon = Daemon('daemon-email-rspamd',
'rspamd',
listen_ports=listen_ports)
self.add(daemon)
daemon = Daemon('daemon-email-redis',
'redis-server',
listen_ports=[(6379, 'tcp4'), (6379, 'tcp6')])
self.add(daemon)
port_names = [
'smtp', 'smtps', 'smtp-submission', 'imaps', 'pop3s', 'managesieve'
]
firewall = Firewall('firewall-email',
info.name,
ports=port_names,
is_external=True)
self.add(firewall)
# /rspamd location
webserver = Webserver(
'webserver-email', # unique id
'email-freedombox', # config file name
urls=['https://{host}/rspamd'])
self.add(webserver)
# Let's Encrypt event hook
letsencrypt = LetsEncrypt(
'letsencrypt-email-postfix',
domains='*',
daemons=['postfix'],
should_copy_certificates=True,
private_key_path='/etc/postfix/letsencrypt/{domain}/chain.pem',
certificate_path='/etc/postfix/letsencrypt/{domain}/chain.pem',
user_owner='root',
group_owner='root',
managing_app='email')
self.add(letsencrypt)
letsencrypt = LetsEncrypt(
'letsencrypt-email-dovecot',
domains='*',
daemons=['dovecot'],
should_copy_certificates=True,
private_key_path='/etc/dovecot/letsencrypt/{domain}/privkey.pem',
certificate_path='/etc/dovecot/letsencrypt/{domain}/cert.pem',
user_owner='root',
group_owner='root',
managing_app='email')
self.add(letsencrypt)
backup_restore = BackupRestore('backup-restore-email',
**manifest.backup)
self.add(backup_restore)
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(app_id=self.app_id,
version=version,
name=_('ejabberd'),
icon_filename='ejabberd',
short_description=_('Chat Server'),
description=_description,
manual_page='ejabberd',
clients=clients)
self.add(info)
menu_item = menu.Menu('menu-ejabberd',
info.name,
info.short_description,
info.icon_filename,
'ejabberd:index',
parent_url_name='apps')
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-ejabberd',
info.name,
short_description=info.short_description,
icon=info.icon_filename,
description=info.description,
configure_url=reverse_lazy('ejabberd:index'),
clients=info.clients,
login_required=True)
self.add(shortcut)
firewall = Firewall('firewall-ejabberd',
info.name,
ports=['xmpp-client', 'xmpp-server', 'xmpp-bosh'],
is_external=True)
self.add(firewall)
webserver = Webserver('webserver-ejabberd',
'jwchat-plinth',
urls=['http://{host}/bosh/'])
self.add(webserver)
letsencrypt = LetsEncrypt(
'letsencrypt-ejabberd',
domains=get_domains,
daemons=['ejabberd'],
should_copy_certificates=True,
private_key_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
certificate_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
user_owner='ejabberd',
group_owner='ejabberd',
managing_app='ejabberd')
self.add(letsencrypt)
daemon = Daemon('daemon-ejabberd',
managed_services[0],
listen_ports=[(5222, 'tcp4'), (5222, 'tcp6'),
(5269, 'tcp4'), (5269, 'tcp6'),
(5443, 'tcp4'), (5443, 'tcp6')])
self.add(daemon)
def test_list():
"""Test listing components."""
component1 = LetsEncrypt('test-component1')
component2 = LetsEncrypt('test-component2')
assert set(LetsEncrypt.list()) == {component1, component2}
def test_domains():
"""Test getting domains."""
component = LetsEncrypt('test-component', domains=lambda: ['test-domains'])
assert component.domains == ['test-domains']
def __init__(self):
"""Create components for the app."""
super().__init__()
info = app_module.Info(app_id=self.app_id,
version=self._version,
depends=['coturn'],
name=_('ejabberd'),
icon_filename='ejabberd',
short_description=_('Chat Server'),
description=_description,
manual_page='ejabberd',
clients=manifest.clients)
self.add(info)
menu_item = menu.Menu('menu-ejabberd',
info.name,
info.short_description,
info.icon_filename,
'ejabberd:index',
parent_url_name='apps')
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-ejabberd',
info.name,
short_description=info.short_description,
icon=info.icon_filename,
description=info.description,
configure_url=reverse_lazy('ejabberd:index'),
clients=info.clients,
login_required=True)
self.add(shortcut)
packages = Packages('packages-ejabberd', ['ejabberd'])
self.add(packages)
firewall = Firewall('firewall-ejabberd',
info.name,
ports=['xmpp-client', 'xmpp-server', 'xmpp-bosh'],
is_external=True)
self.add(firewall)
webserver = Webserver('webserver-ejabberd',
'jwchat-plinth',
urls=['http://{host}/bosh/'])
self.add(webserver)
letsencrypt = LetsEncrypt(
'letsencrypt-ejabberd',
domains=get_domains,
daemons=['ejabberd'],
should_copy_certificates=True,
private_key_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
certificate_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
user_owner='ejabberd',
group_owner='ejabberd',
managing_app='ejabberd')
self.add(letsencrypt)
daemon = Daemon('daemon-ejabberd',
'ejabberd',
listen_ports=[(5222, 'tcp4'), (5222, 'tcp6'),
(5269, 'tcp4'), (5269, 'tcp6'),
(5443, 'tcp4'), (5443, 'tcp6')])
self.add(daemon)
users_and_groups = UsersAndGroups('users-and-groups-ejabberd',
reserved_usernames=['ejabberd'])
self.add(users_and_groups)
backup_restore = BackupRestore('backup-restore-ejabberd',
**manifest.backup)
self.add(backup_restore)
turn = EjabberdTurnConsumer('turn-ejabberd')
self.add(turn)