Exemplo n.º 1
0
def test_init_values():
    """Test initializing with invalid values."""
    properties = {
        'private_key_path': 'test-private-key-path',
        'certificate_path': 'test-certificate-path',
        'user_owner': 'test-user',
        'group_owner': 'test-group',
        'managing_app': 'test-app'
    }
    LetsEncrypt('test-component', should_copy_certificates=True, **properties)
    for key in properties:
        new_properties = dict(properties)
        new_properties[key] = None
        with pytest.raises(ValueError):
            LetsEncrypt('test-component',
                        should_copy_certificates=True,
                        **new_properties)
Exemplo n.º 2
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()
        info = app_module.Info(app_id=self.app_id,
                               version=version,
                               name=_('Quassel'),
                               icon_filename='quassel',
                               short_description=_('IRC Client'),
                               description=_description,
                               manual_page='Quassel',
                               clients=clients)
        self.add(info)

        menu_item = menu.Menu('menu-quassel',
                              info.name,
                              info.short_description,
                              info.icon_filename,
                              'quassel:index',
                              parent_url_name='apps')
        self.add(menu_item)

        shortcut = frontpage.Shortcut(
            'shortcut-quassel',
            info.name,
            short_description=info.short_description,
            icon=info.icon_filename,
            description=info.description,
            configure_url=reverse_lazy('quassel:index'),
            clients=info.clients,
            login_required=True)
        self.add(shortcut)

        firewall = Firewall('firewall-quassel',
                            info.name,
                            ports=['quassel-plinth'],
                            is_external=True)
        self.add(firewall)

        letsencrypt = LetsEncrypt(
            'letsencrypt-quassel',
            domains=get_domains,
            daemons=managed_services,
            should_copy_certificates=True,
            private_key_path='/var/lib/quassel/quasselCert.pem',
            certificate_path='/var/lib/quassel/quasselCert.pem',
            user_owner='quasselcore',
            group_owner='quassel',
            managing_app='quassel')
        self.add(letsencrypt)

        daemon = Daemon('daemon-quassel',
                        managed_services[0],
                        listen_ports=[(4242, 'tcp4'), (4242, 'tcp6')])
        self.add(daemon)

        users_and_groups = UsersAndGroups('users-and-groups-quasselcore',
                                          reserved_usernames=['quasselcore'])
        self.add(users_and_groups)
Exemplo n.º 3
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()

        info = app_module.Info(app_id=self.app_id,
                               version=version,
                               name=_('Coturn'),
                               icon_filename='coturn',
                               short_description=_('VoIP Helper'),
                               description=_description,
                               manual_page='Coturn')
        self.add(info)

        menu_item = menu.Menu('menu-coturn',
                              info.name,
                              info.short_description,
                              info.icon_filename,
                              'coturn:index',
                              parent_url_name='apps')
        self.add(menu_item)

        firewall = Firewall('firewall-coturn',
                            info.name,
                            ports=['coturn-freedombox'],
                            is_external=True)
        self.add(firewall)

        letsencrypt = LetsEncrypt(
            'letsencrypt-coturn',
            domains=get_domains,
            daemons=managed_services,
            should_copy_certificates=True,
            private_key_path='/etc/coturn/certs/pkey.pem',
            certificate_path='/etc/coturn/certs/cert.pem',
            user_owner='turnserver',
            group_owner='turnserver',
            managing_app='coturn')
        self.add(letsencrypt)

        daemon = Daemon('daemon-coturn',
                        managed_services[0],
                        listen_ports=[(3478, 'udp4'), (3478, 'udp6'),
                                      (3478, 'tcp4'), (3478, 'tcp6'),
                                      (3479, 'udp4'), (3479, 'udp6'),
                                      (3479, 'tcp4'), (3479, 'tcp6'),
                                      (5349, 'udp4'), (5349, 'udp6'),
                                      (5349, 'tcp4'), (5349, 'tcp6'),
                                      (5350, 'udp4'), (5350, 'udp6'),
                                      (5350, 'tcp4'), (5350, 'tcp6')])
        self.add(daemon)

        users_and_groups = UsersAndGroups('users-and-groups-coturn',
                                          reserved_usernames=['turnserver'])
        self.add(users_and_groups)

        backup_restore = BackupRestore('backup-restore-coturn',
                                       **manifest.backup)
        self.add(backup_restore)
Exemplo n.º 4
0
def fixture_component():
    """Create a new component for testing."""
    return LetsEncrypt(
        'test-component',
        domains=['valid.example', 'invalid.example'],
        daemons=['test-daemon'],
        should_copy_certificates=True,
        private_key_path='/etc/test-app/{domain}/private.path',
        certificate_path='/etc/test-app/{domain}/certificate.path',
        user_owner='test-user',
        group_owner='test-group',
        managing_app='test-app')
Exemplo n.º 5
0
def test_init_without_arguments():
    """Test that component is initialized with defaults properly."""
    component = LetsEncrypt('test-component')

    assert component.component_id == 'test-component'
    assert component.domains is None
    assert component.daemons is None
    assert not component.should_copy_certificates
    assert component.private_key_path is None
    assert component.certificate_path is None
    assert component.user_owner is None
    assert component.group_owner is None
    assert component.managing_app is None
    assert len(component._all) == 1
    assert component._all['test-component'] == component
Exemplo n.º 6
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()
        info = app_module.Info(app_id=self.app_id, version=version,
                               name=_('Matrix Synapse'),
                               icon_filename='matrixsynapse',
                               short_description=_('Chat Server'),
                               description=_description,
                               manual_page='MatrixSynapse', clients=clients)
        self.add(info)

        menu_item = menu.Menu('menu-matrixsynapse', info.name,
                              info.short_description, 'matrixsynapse',
                              'matrixsynapse:index', parent_url_name='apps')
        self.add(menu_item)

        shortcut = frontpage.Shortcut(
            'shortcut-matrixsynapse', info.name,
            short_description=info.short_description, icon=info.icon_filename,
            description=info.description,
            configure_url=reverse_lazy('matrixsynapse:index'),
            clients=info.clients, login_required=True)
        self.add(shortcut)

        firewall = Firewall('firewall-matrixsynapse', info.name,
                            ports=['matrix-synapse-plinth'], is_external=True)
        self.add(firewall)

        webserver = Webserver('webserver-matrixsynapse',
                              'matrix-synapse-plinth',
                              urls=['https://{host}/_matrix/client/versions'])
        self.add(webserver)

        letsencrypt = LetsEncrypt(
            'letsencrypt-matrixsynapse', domains=get_domains,
            daemons=[managed_services[0]], should_copy_certificates=True,
            private_key_path='/etc/matrix-synapse/homeserver.tls.key',
            certificate_path='/etc/matrix-synapse/homeserver.tls.crt',
            user_owner='matrix-synapse', group_owner='nogroup',
            managing_app='matrixsynapse')
        self.add(letsencrypt)

        daemon = Daemon('daemon-matrixsynapse', managed_services[0],
                        listen_ports=[(8008, 'tcp4'), (8448, 'tcp4')])
        self.add(daemon)
Exemplo n.º 7
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()

        info = app_module.Info(app_id=self.app_id,
                               version=self._version,
                               is_essential=True,
                               name=_('Apache HTTP Server'))
        self.add(info)

        packages = Packages('packages-apache', [
            'apache2', 'php-fpm', 'ssl-cert', 'uwsgi', 'uwsgi-plugin-python3'
        ])
        self.add(packages)

        web_server_ports = Firewall('firewall-web',
                                    _('Web Server'),
                                    ports=['http', 'https'],
                                    is_external=True)
        self.add(web_server_ports)

        freedombox_ports = Firewall('firewall-plinth',
                                    format_lazy(
                                        _('{box_name} Web Interface (Plinth)'),
                                        box_name=_(cfg.box_name)),
                                    ports=['http', 'https'],
                                    is_external=True)
        self.add(freedombox_ports)

        letsencrypt = LetsEncrypt('letsencrypt-apache',
                                  domains='*',
                                  daemons=['apache2'])
        self.add(letsencrypt)

        daemon = Daemon('daemon-apache', 'apache2')
        self.add(daemon)

        daemon = RelatedDaemon('related-daemon-apache', 'uwsgi')
        self.add(daemon)
Exemplo n.º 8
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()

        info = app_module.Info(
            app_id=self.app_id,
            version=self._version,
            name=_('Mumble'),
            icon_filename='mumble',
            short_description=_('Voice Chat'),
            description=_description,
            manual_page='Mumble',
            clients=manifest.clients,
            donation_url='https://wiki.mumble.info/wiki/Donate')
        self.add(info)

        menu_item = menu.Menu('menu-mumble',
                              info.name,
                              info.short_description,
                              'mumble',
                              'mumble:index',
                              parent_url_name='apps')
        self.add(menu_item)

        shortcut = frontpage.Shortcut(
            'shortcut-mumble',
            info.name,
            short_description=info.short_description,
            icon=info.icon_filename,
            description=info.description,
            configure_url=reverse_lazy('mumble:index'),
            clients=info.clients)
        self.add(shortcut)

        packages = Packages('packages-mumble', ['mumble-server'])
        self.add(packages)

        firewall = Firewall('firewall-mumble',
                            info.name,
                            ports=['mumble-plinth'],
                            is_external=True)
        self.add(firewall)

        letsencrypt = LetsEncrypt(
            'letsencrypt-mumble',
            domains=get_domains,
            daemons=['mumble-server'],
            should_copy_certificates=True,
            private_key_path='/var/lib/mumble-server/privkey.pem',
            certificate_path='/var/lib/mumble-server/fullchain.pem',
            user_owner='mumble-server',
            group_owner='mumble-server',
            managing_app='mumble')
        self.add(letsencrypt)

        daemon = Daemon('daemon-mumble',
                        'mumble-server',
                        listen_ports=[(64738, 'tcp4'), (64738, 'tcp6'),
                                      (64738, 'udp4'), (64738, 'udp6')])
        self.add(daemon)

        users_and_groups = UsersAndGroups('users-and-groups-mumble',
                                          reserved_usernames=['mumble-server'])
        self.add(users_and_groups)

        backup_restore = BackupRestore('backup-restore-mumble',
                                       **manifest.backup)
        self.add(backup_restore)
Exemplo n.º 9
0
    def __init__(self):
        """The app's constructor"""
        super().__init__()

        info = plinth.app.Info(app_id=self.app_id,
                               version=self._version,
                               name=_('Postfix/Dovecot'),
                               icon_filename='email',
                               short_description=_('Email Server'),
                               description=_description,
                               manual_page='Email',
                               clients=manifest.clients,
                               donation_url='https://rspamd.com/support.html')
        self.add(info)

        menu_item = menu.Menu('menu-email',
                              info.name,
                              info.short_description,
                              info.icon_filename,
                              'email:index',
                              parent_url_name='apps',
                              advanced=True)
        self.add(menu_item)

        shortcut = frontpage.Shortcut(
            'shortcut-email',
            info.name,
            short_description=info.short_description,
            icon=info.icon_filename,
            description=info.description,
            configure_url=reverse_lazy('email:index'),
            clients=info.clients,
            login_required=True)
        self.add(shortcut)

        shortcut = frontpage.Shortcut(
            'shortcut-email-aliases',
            _('My Email Aliases'),
            short_description=_('Manage Aliases for Mailbox'),
            icon=info.icon_filename,
            url=reverse_lazy('email:aliases'),
            login_required=True)
        self.add(shortcut)

        # Other likely install conflicts have been discarded:
        # - msmtp, nullmailer, sendmail don't cause install faults.
        # - qmail and smail are missing in Bullseye (Not tested,
        #   but less likely due to that).
        packages = Packages(
            'packages-email', [
                'postfix', 'postfix-sqlite', 'dovecot-pop3d', 'dovecot-imapd',
                'dovecot-lmtpd', 'dovecot-managesieved', 'dovecot-ldap',
                'rspamd', 'redis-server', 'openssl'
            ],
            conflicts=['exim4-base', 'exim4-config', 'exim4-daemon-light'],
            conflicts_action=Packages.ConflictsAction.IGNORE)
        self.add(packages)

        listen_ports = [(25, 'tcp4'), (25, 'tcp6'), (465, 'tcp4'),
                        (465, 'tcp6'), (587, 'tcp4'), (587, 'tcp6')]
        daemon = Daemon('daemon-email-postfix',
                        'postfix',
                        listen_ports=listen_ports)
        self.add(daemon)

        listen_ports = [(143, 'tcp4'), (143, 'tcp6'), (993, 'tcp4'),
                        (993, 'tcp6'), (110, 'tcp4'), (110, 'tcp6'),
                        (995, 'tcp4'), (995, 'tcp6'), (4190, 'tcp4'),
                        (4190, 'tcp6')]
        daemon = Daemon('daemon-email-dovecot',
                        'dovecot',
                        listen_ports=listen_ports)
        self.add(daemon)

        listen_ports = [(11332, 'tcp4'), (11332, 'tcp6'), (11333, 'tcp4'),
                        (11333, 'tcp6'), (11334, 'tcp4'), (11334, 'tcp6')]
        daemon = Daemon('daemon-email-rspamd',
                        'rspamd',
                        listen_ports=listen_ports)
        self.add(daemon)

        daemon = Daemon('daemon-email-redis',
                        'redis-server',
                        listen_ports=[(6379, 'tcp4'), (6379, 'tcp6')])
        self.add(daemon)

        port_names = [
            'smtp', 'smtps', 'smtp-submission', 'imaps', 'pop3s', 'managesieve'
        ]
        firewall = Firewall('firewall-email',
                            info.name,
                            ports=port_names,
                            is_external=True)
        self.add(firewall)

        # /rspamd location
        webserver = Webserver(
            'webserver-email',  # unique id
            'email-freedombox',  # config file name
            urls=['https://{host}/rspamd'])
        self.add(webserver)

        # Let's Encrypt event hook
        letsencrypt = LetsEncrypt(
            'letsencrypt-email-postfix',
            domains='*',
            daemons=['postfix'],
            should_copy_certificates=True,
            private_key_path='/etc/postfix/letsencrypt/{domain}/chain.pem',
            certificate_path='/etc/postfix/letsencrypt/{domain}/chain.pem',
            user_owner='root',
            group_owner='root',
            managing_app='email')
        self.add(letsencrypt)

        letsencrypt = LetsEncrypt(
            'letsencrypt-email-dovecot',
            domains='*',
            daemons=['dovecot'],
            should_copy_certificates=True,
            private_key_path='/etc/dovecot/letsencrypt/{domain}/privkey.pem',
            certificate_path='/etc/dovecot/letsencrypt/{domain}/cert.pem',
            user_owner='root',
            group_owner='root',
            managing_app='email')
        self.add(letsencrypt)

        backup_restore = BackupRestore('backup-restore-email',
                                       **manifest.backup)
        self.add(backup_restore)
Exemplo n.º 10
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()
        info = app_module.Info(app_id=self.app_id,
                               version=version,
                               name=_('ejabberd'),
                               icon_filename='ejabberd',
                               short_description=_('Chat Server'),
                               description=_description,
                               manual_page='ejabberd',
                               clients=clients)
        self.add(info)

        menu_item = menu.Menu('menu-ejabberd',
                              info.name,
                              info.short_description,
                              info.icon_filename,
                              'ejabberd:index',
                              parent_url_name='apps')
        self.add(menu_item)

        shortcut = frontpage.Shortcut(
            'shortcut-ejabberd',
            info.name,
            short_description=info.short_description,
            icon=info.icon_filename,
            description=info.description,
            configure_url=reverse_lazy('ejabberd:index'),
            clients=info.clients,
            login_required=True)
        self.add(shortcut)

        firewall = Firewall('firewall-ejabberd',
                            info.name,
                            ports=['xmpp-client', 'xmpp-server', 'xmpp-bosh'],
                            is_external=True)
        self.add(firewall)

        webserver = Webserver('webserver-ejabberd',
                              'jwchat-plinth',
                              urls=['http://{host}/bosh/'])
        self.add(webserver)

        letsencrypt = LetsEncrypt(
            'letsencrypt-ejabberd',
            domains=get_domains,
            daemons=['ejabberd'],
            should_copy_certificates=True,
            private_key_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
            certificate_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
            user_owner='ejabberd',
            group_owner='ejabberd',
            managing_app='ejabberd')
        self.add(letsencrypt)

        daemon = Daemon('daemon-ejabberd',
                        managed_services[0],
                        listen_ports=[(5222, 'tcp4'), (5222, 'tcp6'),
                                      (5269, 'tcp4'), (5269, 'tcp6'),
                                      (5443, 'tcp4'), (5443, 'tcp6')])
        self.add(daemon)
Exemplo n.º 11
0
def test_list():
    """Test listing components."""
    component1 = LetsEncrypt('test-component1')
    component2 = LetsEncrypt('test-component2')
    assert set(LetsEncrypt.list()) == {component1, component2}
Exemplo n.º 12
0
def test_domains():
    """Test getting domains."""
    component = LetsEncrypt('test-component', domains=lambda: ['test-domains'])
    assert component.domains == ['test-domains']
Exemplo n.º 13
0
    def __init__(self):
        """Create components for the app."""
        super().__init__()

        info = app_module.Info(app_id=self.app_id,
                               version=self._version,
                               depends=['coturn'],
                               name=_('ejabberd'),
                               icon_filename='ejabberd',
                               short_description=_('Chat Server'),
                               description=_description,
                               manual_page='ejabberd',
                               clients=manifest.clients)
        self.add(info)

        menu_item = menu.Menu('menu-ejabberd',
                              info.name,
                              info.short_description,
                              info.icon_filename,
                              'ejabberd:index',
                              parent_url_name='apps')
        self.add(menu_item)

        shortcut = frontpage.Shortcut(
            'shortcut-ejabberd',
            info.name,
            short_description=info.short_description,
            icon=info.icon_filename,
            description=info.description,
            configure_url=reverse_lazy('ejabberd:index'),
            clients=info.clients,
            login_required=True)
        self.add(shortcut)

        packages = Packages('packages-ejabberd', ['ejabberd'])
        self.add(packages)

        firewall = Firewall('firewall-ejabberd',
                            info.name,
                            ports=['xmpp-client', 'xmpp-server', 'xmpp-bosh'],
                            is_external=True)
        self.add(firewall)

        webserver = Webserver('webserver-ejabberd',
                              'jwchat-plinth',
                              urls=['http://{host}/bosh/'])
        self.add(webserver)

        letsencrypt = LetsEncrypt(
            'letsencrypt-ejabberd',
            domains=get_domains,
            daemons=['ejabberd'],
            should_copy_certificates=True,
            private_key_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
            certificate_path='/etc/ejabberd/letsencrypt/{domain}/ejabberd.pem',
            user_owner='ejabberd',
            group_owner='ejabberd',
            managing_app='ejabberd')
        self.add(letsencrypt)

        daemon = Daemon('daemon-ejabberd',
                        'ejabberd',
                        listen_ports=[(5222, 'tcp4'), (5222, 'tcp6'),
                                      (5269, 'tcp4'), (5269, 'tcp6'),
                                      (5443, 'tcp4'), (5443, 'tcp6')])
        self.add(daemon)

        users_and_groups = UsersAndGroups('users-and-groups-ejabberd',
                                          reserved_usernames=['ejabberd'])
        self.add(users_and_groups)

        backup_restore = BackupRestore('backup-restore-ejabberd',
                                       **manifest.backup)
        self.add(backup_restore)

        turn = EjabberdTurnConsumer('turn-ejabberd')
        self.add(turn)