From 04bd1cfa418b399cc8b4eaca206f520238661a95 Mon Sep 17 00:00:00 2001 From: Matt Hill Date: Sun, 19 Nov 2023 17:54:12 -0700 Subject: [PATCH 1/3] fix docs links --- .../ui/src/app/pages/login/ca-wizard/ca-wizard.component.html | 2 +- web/projects/ui/src/app/pages/server-routes/lan/lan.page.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html b/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html index a76cdab34..03853c8ca 100644 --- a/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html +++ b/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html @@ -44,7 +44,7 @@ size="small" shape="round" color="primary" - href="https://docs.start9.com/0.3.5.x/user-manual/trust-ca#establishing-trust" + href="https://docs.start9.com/0.3.5.x/user-manual/trust-ca" target="_blank" noreferrer > diff --git a/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html b/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html index ed811d63d..20c8bf468 100644 --- a/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html +++ b/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html @@ -15,7 +15,7 @@

For a secure local connection and faster Tor experience, From efdc558cbab75bae79be161f9f4ab2c6e6317451 Mon Sep 17 00:00:00 2001 From: Aiden McClelland <3732071+dr-bonez@users.noreply.github.com> Date: Mon, 20 Nov 2023 11:54:05 -0700 Subject: [PATCH 2/3] set content disposition for cert (#2527) * set content disposition for cert * update content type for cert * remove unnecessary frontend download attr --- core/startos/src/db/model.rs | 2 +- core/startos/src/init.rs | 6 +++--- core/startos/src/net/keys.rs | 2 +- core/startos/src/net/static_server.rs | 12 +++++++++--- .../pages/login/ca-wizard/ca-wizard.component.html | 3 --- .../ui/src/app/pages/server-routes/lan/lan.page.html | 4 ++-- .../ui/src/app/pages/server-routes/lan/lan.page.ts | 4 ---- 7 files changed, 16 insertions(+), 17 deletions(-) diff --git a/core/startos/src/db/model.rs b/core/startos/src/db/model.rs index bce8886ca..344d5abb3 100644 --- a/core/startos/src/db/model.rs +++ b/core/startos/src/db/model.rs @@ -22,7 +22,7 @@ use crate::net::utils::{get_iface_ipv4_addr, get_iface_ipv6_addr}; use crate::prelude::*; use crate::s9pk::manifest::{Manifest, PackageId}; use crate::status::Status; -use crate::util::cpupower::{get_preferred_governor, Governor}; +use crate::util::cpupower::{Governor}; use crate::util::Version; use crate::version::{Current, VersionT}; use crate::{ARCH, PLATFORM}; diff --git a/core/startos/src/init.rs b/core/startos/src/init.rs index 581814770..4b057be00 100644 --- a/core/startos/src/init.rs +++ b/core/startos/src/init.rs @@ -4,7 +4,7 @@ use std::path::Path; use std::time::{Duration, SystemTime}; use color_eyre::eyre::eyre; -use helpers::NonDetachingJoinHandle; + use models::ResultExt; use rand::random; use sqlx::{Pool, Postgres}; @@ -18,9 +18,9 @@ use crate::disk::mount::util::unmount; use crate::install::PKG_ARCHIVE_DIR; use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH; use crate::prelude::*; -use crate::sound::BEP; + use crate::util::cpupower::{ - current_governor, get_available_governors, get_preferred_governor, set_governor, + get_available_governors, get_preferred_governor, set_governor, }; use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL}; use crate::util::Invoke; diff --git a/core/startos/src/net/keys.rs b/core/startos/src/net/keys.rs index a64e3a187..504bd276d 100644 --- a/core/startos/src/net/keys.rs +++ b/core/startos/src/net/keys.rs @@ -280,7 +280,7 @@ pub fn test_keygen() { key.openssl_key_nistp256(); } -fn display_requires_reboot(arg: RequiresReboot, matches: &ArgMatches) { +fn display_requires_reboot(arg: RequiresReboot, _matches: &ArgMatches) { if arg.0 { println!("Server must be restarted for changes to take effect"); } diff --git a/core/startos/src/net/static_server.rs b/core/startos/src/net/static_server.rs index c4dca85f2..761566a2c 100644 --- a/core/startos/src/net/static_server.rs +++ b/core/startos/src/net/static_server.rs @@ -23,6 +23,7 @@ use tokio_util::io::ReaderStream; use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext}; use crate::core::rpc_continuations::RequestGuid; use crate::db::subscribe; +use crate::hostname::Hostname; use crate::install::PKG_PUBLIC_DIR; use crate::middleware::auth::{auth as auth_middleware, HasValidSession}; use crate::middleware::cors::cors; @@ -339,7 +340,8 @@ async fn main_embassy_ui(req: Request, ctx: RpcContext) -> Result { - cert_send(&ctx.account.read().await.root_ca_cert) + let account = ctx.account.read().await; + cert_send(&account.root_ca_cert, &account.hostname) } (&Method::GET, _) => { let uri_path = UiMode::Main.path( @@ -405,7 +407,7 @@ fn bad_request() -> Response { .unwrap() } -fn cert_send(cert: &X509) -> Result, Error> { +fn cert_send(cert: &X509, hostname: &Hostname) -> Result, Error> { let pem = cert.to_pem()?; Response::builder() .status(StatusCode::OK) @@ -417,8 +419,12 @@ fn cert_send(cert: &X509) -> Result, Error> { ) .to_lowercase(), ) - .header(http::header::CONTENT_TYPE, "application/x-pem-file") + .header(http::header::CONTENT_TYPE, "application/x-x509-ca-cert") .header(http::header::CONTENT_LENGTH, pem.len()) + .header( + http::header::CONTENT_DISPOSITION, + format!("attachment; filename={}.crt", &hostname.0), + ) .body(Body::from(pem)) .with_kind(ErrorKind::Network) } diff --git a/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html b/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html index 03853c8ca..49f65cc14 100644 --- a/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html +++ b/web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html @@ -100,7 +100,4 @@ diff --git a/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html b/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html index 20c8bf468..b61412445 100644 --- a/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html +++ b/web/projects/ui/src/app/pages/server-routes/lan/lan.page.html @@ -26,7 +26,7 @@ - +

Download Root CA

@@ -35,5 +35,5 @@ - + diff --git a/web/projects/ui/src/app/pages/server-routes/lan/lan.page.ts b/web/projects/ui/src/app/pages/server-routes/lan/lan.page.ts index bcb0a968f..328524d30 100644 --- a/web/projects/ui/src/app/pages/server-routes/lan/lan.page.ts +++ b/web/projects/ui/src/app/pages/server-routes/lan/lan.page.ts @@ -10,10 +10,6 @@ import { DataModel } from 'src/app/services/patch-db/data-model' changeDetection: ChangeDetectionStrategy.OnPush, }) export class LANPage { - readonly crtName$ = this.patch - .watch$('server-info', 'lan-address') - .pipe(map(addr => `${new URL(addr).hostname}.crt`)) - constructor(private readonly patch: PatchDB) {} installCert(): void { From 5f047d22f4c38901cf3701991d499bc95315981e Mon Sep 17 00:00:00 2001 From: Aiden McClelland <3732071+dr-bonez@users.noreply.github.com> Date: Mon, 20 Nov 2023 13:12:40 -0700 Subject: [PATCH 3/3] fix ntp sync status check daemon (#2528) --- core/startos/src/context/rpc.rs | 16 +++++++++++++++- core/startos/src/init.rs | 22 ++++------------------ 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/core/startos/src/context/rpc.rs b/core/startos/src/context/rpc.rs index f235572e4..5358a59ba 100644 --- a/core/startos/src/context/rpc.rs +++ b/core/startos/src/context/rpc.rs @@ -4,6 +4,7 @@ use std::ops::Deref; use std::path::{Path, PathBuf}; use std::sync::atomic::{AtomicBool, Ordering}; use std::sync::Arc; +use std::time::Duration; use helpers::to_tmp_path; use josekit::jwk::Jwk; @@ -25,7 +26,7 @@ use crate::db::model::{CurrentDependents, Database, PackageDataEntryMatchModelRe use crate::db::prelude::PatchDbExt; use crate::dependencies::compute_dependency_config_errs; use crate::disk::OsPartitionInfo; -use crate::init::init_postgres; +use crate::init::{check_time_is_synchronized, init_postgres}; use crate::install::cleanup::{cleanup_failed, uninstall}; use crate::manager::ManagerMap; use crate::middleware::auth::HashSessionToken; @@ -174,6 +175,19 @@ impl RpcContext { let tor_proxy_url = format!("socks5h://{tor_proxy}"); let devices = lshw().await?; let ram = get_mem_info().await?.total.0 as u64 * 1024 * 1024; + + if !db.peek().await.as_server_info().as_ntp_synced().de()? { + let db = db.clone(); + tokio::spawn(async move { + while !check_time_is_synchronized().await.unwrap() { + tokio::time::sleep(Duration::from_secs(30)).await; + } + db.mutate(|v| v.as_server_info_mut().as_ntp_synced_mut().ser(&true)) + .await + .unwrap() + }); + } + let seed = Arc::new(RpcContextSeed { is_closed: AtomicBool::new(false), datadir: base.datadir().to_path_buf(), diff --git a/core/startos/src/init.rs b/core/startos/src/init.rs index 4b057be00..74c3767e3 100644 --- a/core/startos/src/init.rs +++ b/core/startos/src/init.rs @@ -342,6 +342,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result { .arg("run") .arg("-d") .arg("--rm") + .arg("--init") .arg("--network=start9") .arg("--name=netdummy") .arg("start9/x_system/utils:latest") @@ -379,11 +380,11 @@ pub async fn init(cfg: &RpcContextConfig) -> Result { tracing::info!("Set CPU Governor"); } - let mut time_not_synced = true; + server_info.ntp_synced = false; let mut not_made_progress = 0u32; for _ in 0..1800 { if check_time_is_synchronized().await? { - time_not_synced = false; + server_info.ntp_synced = true; break; } let t = SystemTime::now(); @@ -400,7 +401,7 @@ pub async fn init(cfg: &RpcContextConfig) -> Result { break; } } - if time_not_synced { + if !server_info.ntp_synced { tracing::warn!("Timed out waiting for system time to synchronize"); } else { tracing::info!("Syncronized system clock"); @@ -418,21 +419,6 @@ pub async fn init(cfg: &RpcContextConfig) -> Result { restarting: false, }; - server_info.ntp_synced = if time_not_synced { - let db = db.clone(); - tokio::spawn(async move { - while !check_time_is_synchronized().await.unwrap() { - tokio::time::sleep(Duration::from_secs(30)).await; - } - db.mutate(|v| v.as_server_info_mut().as_ntp_synced_mut().ser(&true)) - .await - .unwrap() - }); - false - } else { - true - }; - db.mutate(|v| { v.as_server_info_mut().ser(&server_info)?; Ok(())