FreedomBox 23.14 has been released and uploaded to Debian unstable. Typically, the freedombox package will migrate to testing in 2 days, and then can be uploaded to stable-backports.
Highlights:
app: Implement advanced option to rerun app setup
torproxy: Add separate app for Tor Proxy
upgrades: Use codename in apt preferences
Other Changes:
HACKING: Add instructions for container on Raspberry Pi
bepasty: Don’t enable app when setup is rerun
bind: Don’t enable app when setup is rerun
ci: Add mypy static type check
container: Add support for retrieving GPG keys using wget
container: Update for bookworm images
deluge: Don’t enable app when setup is rerun
ejabberd: Don’t enable app when setup is rerun
firewall: Add diagnostic check for backend
firewall: Add diagnostic check for passthroughs
firewall: Add diagnostic for default zone
gitweb: Don’t enable app when setup is rerun
ikiwiki: Don’t enable app when setup is rerun
infinoted: Don’t enable app when setup is rerun
janus: Don’t enable app when setup is rerun
jsxc: Don’t enable app when setup is rerun
kvstore: Optionally, don’t throw exception when deleting key
locale: Update translations for Dutch
mediawiki: Don’t enable app when setup is rerun
minetest: Don’t enable app when setup is rerun
openvpn: Don’t enable app when setup is rerun
performance: Don’t enable app when setup is rerun
privoxy: Don’t enable app when setup is rerun
quassel: Don’t enable app when setup is rerun
radicale: Don’t enable app when setup is rerun
rssbridge: Don’t enable app when setup is rerun
shaarli: Don’t enable app when setup is rerun
sharing: Don’t enable app when setup is rerun
tor, torproxy: Export settings from old to new app
tor, torproxy: Update description for info on services provided
tor: tests: Make functional test check for running service
ttrss: Don’t enable app when setup is rerun
upgrades: Use codename for unattended-upgrades origin pattern
users: Add diagnostic checks for nsswitch config
users: Add diagnostics check for nslcd config
wireguard: Don’t enable app when setup is rerun
zoph: Don’t enable app when setup is rerun
The following people contributed to the git repository for this release:
I’m happy to see this! I note in the manual that certain services should be disabled before using this feature. Apart from that can you describe what this does? Here are some specifics I’d like to know before I try it…
Does this do dpkg-reconfigure supplying all of the inputs required by the postinst script as set up by FreedomBox?
Will a user risk any data in doing this? Could this change an app data directory if the user had customized the data directory before? ( such as changing data dir from ~myusername/.app to /var/lib/app )
Can you comment on the anticipated use cases for ‘rerun setup’ and how that would differ from ‘uninstall and then reinstall’?
Does this do dpkg-reconfigure supplying all of the inputs required by the postinst script as set up by FreedomBox?
It depends. Each app has a setup function, and we have implemented each of these to be idempotent, so they can be run multiple times without causing any issue. In the case of SSH and Matrix Synapse, we can run dpkg-reconfigure again without any issue, so it is part of the setup.
On the other hand, for Users and Groups, it’s not safe to run dpkg-reconfigure for slapd. So it is not part of setup, but is in a separate function called first_setup, which will not be re-run during “Re-run setup”.
Will a user risk any data in doing this? Could this change an app data directory if the user had customized the data directory before? ( such as changing data dir from ~myusername/.app to /var/lib/app )
There shouldn’t be any risk to data. But yes, it’s possible that manual customizations to configuration files could be lost, and would need to be re-done.
Can you comment on the anticipated use cases for ‘rerun setup’ and how that would differ from ‘uninstall and then reinstall’?
I see 2 differences:
Re-run setup can be performed on essential apps such as Firewall or Users and Groups. These apps can’t be uninstalled.
Uninstalling generally could remove the user’s data, depending on the location where it is stored, because packages are purged on uninstall.
Re-run setup would typically be used to try to fix a problem. For example, during the upgrade to bookworm, some users ended up with the wrong firewalld configuration. We now have a diagnostic to check this, and in case it fails for any reason in the future, it can be fixed by re-running the setup. We can suggest this action through a notification.