From c59c3fa43889fafc5732f89422c5efcc8be672af Mon Sep 17 00:00:00 2001 From: "ljf (zamentur)" Date: Thu, 26 Sep 2019 19:25:06 +0200 Subject: [PATCH 001/451] [enh] Add some advice about a strange locale problem with postgresql --- data/helpers.d/postgresql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/postgresql b/data/helpers.d/postgresql index d252ae2dc..a4cb50393 100644 --- a/data/helpers.d/postgresql +++ b/data/helpers.d/postgresql @@ -276,7 +276,7 @@ ynh_psql_test_if_first_run() { local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf local logfile=/var/log/postgresql/postgresql-9.6-main.log else - ynh_die "postgresql shoud be 9.4 or 9.6" + ynh_die "postgresql shoud be 9.4 or 9.6 or it could be a problem of locale see https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" fi ynh_systemd_action --service_name=postgresql --action=start From 9bd6d39a79ced84d0cb6b3f939aa86ef568754b6 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sat, 18 Apr 2020 10:53:22 +0200 Subject: [PATCH 002/451] [enh] add dynamic variables to systemd helper --- data/helpers.d/systemd | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/data/helpers.d/systemd b/data/helpers.d/systemd index 47e905f0f..5b1e3eaa8 100644 --- a/data/helpers.d/systemd +++ b/data/helpers.d/systemd @@ -2,9 +2,10 @@ # Create a dedicated systemd config # -# usage: ynh_add_systemd_config [--service=service] [--template=template] -# | arg: -s, --service - Service name (optionnal, $app by default) -# | arg: -t, --template - Name of template file (optionnal, this is 'systemd' by default, meaning ./conf/systemd.service will be used as template) +# usage: ynh_add_systemd_config [--service=service] [--template=template] "list of others variables to replace" +# | arg: -s, --service - Service name (optional, $app by default) +# | arg: -t, --template - Name of template file (optional, this is 'systemd' by default, meaning ./conf/systemd.service will be used as template) +# | arg: -v, --others_var= - List of others variables to replace separeted by a space. For example : 'var_1 var_2 ...' # # This will use the template ../conf/.service # to generate a systemd config, by replacing the following keywords @@ -14,17 +15,22 @@ # __APP__ by $app # __FINALPATH__ by $final_path # +# And dynamic variables (from the last example) : +# __PATH_2__ by $path_2 +# __PORT_2__ by $port_2 +# # Requires YunoHost version 2.7.2 or higher. ynh_add_systemd_config () { # Declare an array to define the options of this helper. local legacy_args=st - declare -Ar args_array=( [s]=service= [t]=template= ) + declare -Ar args_array=( [s]=service= [t]=template= [v]=others_var=) local service local template # Manage arguments with getopts ynh_handle_getopts_args "$@" local service="${service:-$app}" local template="${template:-systemd.service}" + local others_var="${others_var:-}" finalsystemdconf="/etc/systemd/system/$service.service" ynh_backup_if_checksum_is_different --file="$finalsystemdconf" @@ -38,6 +44,15 @@ ynh_add_systemd_config () { if test -n "${app:-}"; then ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$finalsystemdconf" fi + + # Replace all other variable given as arguments + for var_to_replace in $others_var + do + # ${var_to_replace^^} make the content of the variable on upper-cases + # ${!var_to_replace} get the content of the variable named $var_to_replace + ynh_replace_string --match_string="__${var_to_replace^^}__" --replace_string="${!var_to_replace}" --target_file="$finalnginxconf" + done + ynh_store_file_checksum --file="$finalsystemdconf" chown root: "$finalsystemdconf" From 34a12c142776a6b558a87ae1793ed34f63ba5798 Mon Sep 17 00:00:00 2001 From: tituspijean Date: Sat, 18 Apr 2020 11:07:20 +0200 Subject: [PATCH 003/451] [enh] ynh_add_systemd_config comments Some typos fixes should be propagated to the fail2ban helper too. --- data/helpers.d/systemd | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/systemd b/data/helpers.d/systemd index 5b1e3eaa8..6b46dc875 100644 --- a/data/helpers.d/systemd +++ b/data/helpers.d/systemd @@ -2,10 +2,10 @@ # Create a dedicated systemd config # -# usage: ynh_add_systemd_config [--service=service] [--template=template] "list of others variables to replace" +# usage: ynh_add_systemd_config [--service=service] [--template=template] [--others_var="list of others variables to replace"] # | arg: -s, --service - Service name (optional, $app by default) # | arg: -t, --template - Name of template file (optional, this is 'systemd' by default, meaning ./conf/systemd.service will be used as template) -# | arg: -v, --others_var= - List of others variables to replace separeted by a space. For example : 'var_1 var_2 ...' +# | arg: -v, --others_var - List of others variables to replace separated by a space. For example: 'var_1 var_2 ...' # # This will use the template ../conf/.service # to generate a systemd config, by replacing the following keywords From 5777a266a2150fa4490f73fedc25b5e4c4ed38ed Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sat, 18 Apr 2020 12:22:32 +0200 Subject: [PATCH 004/451] Update systemd --- data/helpers.d/systemd | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/data/helpers.d/systemd b/data/helpers.d/systemd index 6b46dc875..4f731f5db 100644 --- a/data/helpers.d/systemd +++ b/data/helpers.d/systemd @@ -16,21 +16,22 @@ # __FINALPATH__ by $final_path # # And dynamic variables (from the last example) : -# __PATH_2__ by $path_2 -# __PORT_2__ by $port_2 +# __VAR_1__ by $var_1 +# __VAR_2__ by $var_2 # # Requires YunoHost version 2.7.2 or higher. ynh_add_systemd_config () { # Declare an array to define the options of this helper. - local legacy_args=st - declare -Ar args_array=( [s]=service= [t]=template= [v]=others_var=) + local legacy_args=stv + declare -Ar args_array=( [s]=service= [t]=template= [v]=others_var= ) local service local template + local others_var # Manage arguments with getopts ynh_handle_getopts_args "$@" - local service="${service:-$app}" - local template="${template:-systemd.service}" - local others_var="${others_var:-}" + service="${service:-$app}" + template="${template:-systemd.service}" + others_var="${others_var:-}" finalsystemdconf="/etc/systemd/system/$service.service" ynh_backup_if_checksum_is_different --file="$finalsystemdconf" @@ -44,15 +45,15 @@ ynh_add_systemd_config () { if test -n "${app:-}"; then ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$finalsystemdconf" fi - - # Replace all other variable given as arguments + + # Replace all other variables given as arguments for var_to_replace in $others_var do # ${var_to_replace^^} make the content of the variable on upper-cases # ${!var_to_replace} get the content of the variable named $var_to_replace - ynh_replace_string --match_string="__${var_to_replace^^}__" --replace_string="${!var_to_replace}" --target_file="$finalnginxconf" + ynh_replace_string --match_string="__${var_to_replace^^}__" --replace_string="${!var_to_replace}" --target_file="$finalsystemdconf" done - + ynh_store_file_checksum --file="$finalsystemdconf" chown root: "$finalsystemdconf" From 4c5f280aef38a62fbd1a768467691a6097ad3a21 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 19 Apr 2020 00:01:54 +0200 Subject: [PATCH 005/451] Make nodejs helpers easier to use --- data/helpers.d/nodejs | 52 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 44 insertions(+), 8 deletions(-) diff --git a/data/helpers.d/nodejs b/data/helpers.d/nodejs index 288240b1b..3e7ac5da2 100644 --- a/data/helpers.d/nodejs +++ b/data/helpers.d/nodejs @@ -28,14 +28,37 @@ SOURCE_SUM=3983fa3f00d4bf85ba8e21f1a590f6e28938093abe0bb950aeea52b1717471fc" > " # Load the version of node for an app, and set variables. # # ynh_use_nodejs has to be used in any app scripts before using node for the first time. +# This helper will provide alias and variables to use in your scripts. # -# 2 variables are available: -# - $nodejs_path: The absolute path of node for the chosen version. +# To use npm or node, use the alias `ynh_npm` and `ynh_node` +# Those alias will use the correct version installed for the app +# For example: use `ynh_npm install` instead of `npm install` +# +# With `sudo` or `ynh_exec_as`, use instead the fallback variables `$ynh_npm` and `$ynh_node` +# Exemple: `ynh_exec_as $app $ynh_npm install` +# +# $PATH contains the path of the requested version of node. +# However, $PATH is duplicated into $node_PATH to outlast any manipulation of $PATH +# You can use the variable `$ynh_node_load_PATH` to quickly load your node version +# in $PATH for an usage into a separate script. +# Exemple: $ynh_node_load_PATH $final_path/script_that_use_npm.sh` +# +# +# Finally, to start a nodejs service with the correct version, 2 solutions +# Either the app is dependent of node or npm, but does not called it directly. +# In such situation, you need to load PATH +# `Environment="__NODE_ENV_PATH__"` +# `ExecStart=__FINALPATH__/my_app` +# You will replace __NODE_ENV_PATH__ with $ynh_node_load_PATH +# +# Or node start the app directly, then you don't need to load the PATH variable +# `ExecStart=__YNH_NODE__ my_app run` +# You will replace __YNH_NODE__ with $ynh_node +# +# +# 2 other variables are also available +# - $nodejs_path: The absolute path to node binaries for the chosen version. # - $nodejs_version: Just the version number of node for this app. Stored as 'nodejs_version' in settings.yml. -# And 2 alias stored in variables: -# - $nodejs_use_version: An old variable, not used anymore. Keep here to not break old apps -# NB: $PATH will contain the path to node, it has to be propagated to any other shell which needs to use it. -# That's means it has to be added to any systemd script. # # usage: ynh_use_nodejs # @@ -43,13 +66,24 @@ SOURCE_SUM=3983fa3f00d4bf85ba8e21f1a590f6e28938093abe0bb950aeea52b1717471fc" > " ynh_use_nodejs () { nodejs_version=$(ynh_app_setting_get --app=$app --key=nodejs_version) - nodejs_use_version="echo \"Deprecated command, should be removed\"" - # Get the absolute path of this version of node nodejs_path="$node_version_path/$nodejs_version/bin" + # Allow alias to be used into bash script + shopt -s expand_aliases + + # Create an alias for the specific version of node and a variable as fallback + ynh_node="$nodejs_path/node" + alias ynh_node="$ynh_node" + # And npm + ynh_npm="$nodejs_path/npm" + alias ynh_npm="$ynh_npm" + # Load the path of this version of node in $PATH [[ :$PATH: == *":$nodejs_path"* ]] || PATH="$nodejs_path:$PATH" + node_PATH="$PATH" + # Create an alias to easily load the PATH + ynh_node_load_PATH="PATH=$node_PATH" } # Install a specific version of nodejs @@ -62,6 +96,8 @@ ynh_use_nodejs () { # usage: ynh_install_nodejs --nodejs_version=nodejs_version # | arg: -n, --nodejs_version - Version of node to install. When possible, your should prefer to use major version number (e.g. 8 instead of 8.10.0). The crontab will then handle the update of minor versions when needed. # +# Refer to ynh_use_nodejs for more information about available commands and variables +# # Requires YunoHost version 2.7.12 or higher. ynh_install_nodejs () { # Use n, https://github.com/tj/n to manage the nodejs versions From 4f56f03e3258202deeb0fc8f784c611e1722f937 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 19 Apr 2020 23:19:57 +0200 Subject: [PATCH 006/451] Update nodejs --- data/helpers.d/nodejs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/data/helpers.d/nodejs b/data/helpers.d/nodejs index 3e7ac5da2..32cfb5680 100644 --- a/data/helpers.d/nodejs +++ b/data/helpers.d/nodejs @@ -35,7 +35,8 @@ SOURCE_SUM=3983fa3f00d4bf85ba8e21f1a590f6e28938093abe0bb950aeea52b1717471fc" > " # For example: use `ynh_npm install` instead of `npm install` # # With `sudo` or `ynh_exec_as`, use instead the fallback variables `$ynh_npm` and `$ynh_node` -# Exemple: `ynh_exec_as $app $ynh_npm install` +# And propagate $PATH to sudo with $ynh_node_load_PATH +# Exemple: `ynh_exec_as $app $ynh_node_load_PATH $ynh_npm install` # # $PATH contains the path of the requested version of node. # However, $PATH is duplicated into $node_PATH to outlast any manipulation of $PATH From f68ae4561f23daa2fa1d25e0efea7663facc0e6c Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 23 Apr 2020 18:00:46 +0200 Subject: [PATCH 007/451] Patch files earlier to avoid raising an exception is setting folder already exists --- src/yunohost/app.py | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index b94f57502..8f16198bc 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -489,17 +489,17 @@ def app_upgrade(app=[], url=None, file=None): env_dict["YNH_APP_INSTANCE_NAME"] = app_instance_name env_dict["YNH_APP_INSTANCE_NUMBER"] = str(app_instance_nb) - # Start register change on system - related_to = [('app', app_instance_name)] - operation_logger = OperationLogger('app_upgrade', related_to, env=env_dict) - operation_logger.start() - # Attempt to patch legacy helpers ... _patch_legacy_helpers(extracted_app_folder) # Apply dirty patch to make php5 apps compatible with php7 _patch_php5(extracted_app_folder) + # Start register change on system + related_to = [('app', app_instance_name)] + operation_logger = OperationLogger('app_upgrade', related_to, env=env_dict) + operation_logger.start() + # Execute App upgrade script os.system('chown -hR admin: %s' % INSTALL_TMP) @@ -695,6 +695,12 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu # Validate domain / path availability for webapps _validate_and_normalize_webpath(manifest, args_odict, extracted_app_folder) + # Attempt to patch legacy helpers ... + _patch_legacy_helpers(extracted_app_folder) + + # Apply dirty patch to make php5 apps compatible with php7 + _patch_php5(extracted_app_folder) + # Prepare env. var. to pass to script env_dict = _make_environment_dict(args_odict) env_dict["YNH_APP_ID"] = app_id @@ -732,12 +738,6 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu } _set_app_settings(app_instance_name, app_settings) - # Attempt to patch legacy helpers ... - _patch_legacy_helpers(extracted_app_folder) - - # Apply dirty patch to make php5 apps compatible with php7 - _patch_php5(extracted_app_folder) - os.system('chown -R admin: ' + extracted_app_folder) # Execute App install script From cb0a87de256ad54d83725d9c395e940c3f441597 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 23 Apr 2020 18:59:12 +0200 Subject: [PATCH 008/451] Patch usage of old in apps 'yunohost tools diagnosis' --- src/yunohost/app.py | 53 +++++++++++++++++++++++++++++++-------------- 1 file changed, 37 insertions(+), 16 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 8f16198bc..ec4e05664 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2843,29 +2843,46 @@ def _patch_legacy_helpers(app_folder): # sudo yunohost app initdb $db_user -p $db_pwd # by # ynh_mysql_setup_db --db_user=$db_user --db_name=$db_user --db_pwd=$db_pwd - "yunohost app initdb": ( - r"(sudo )?yunohost app initdb \"?(\$\{?\w+\}?)\"?\s+-p\s\"?(\$\{?\w+\}?)\"?", - r"ynh_mysql_setup_db --db_user=\2 --db_name=\2 --db_pwd=\3"), + "yunohost app initdb": { + "pattern": r"(sudo )?yunohost app initdb \"?(\$\{?\w+\}?)\"?\s+-p\s\"?(\$\{?\w+\}?)\"?", + "replace": r"ynh_mysql_setup_db --db_user=\2 --db_name=\2 --db_pwd=\3", + "important": True + }, # Replace # sudo yunohost app checkport whaterver # by # ynh_port_available whatever - "yunohost app checkport": ( - r"(sudo )?yunohost app checkport", - r"ynh_port_available"), + "yunohost app checkport": { + "pattern": r"(sudo )?yunohost app checkport", + "replace": r"ynh_port_available", + "important": True + }, # We can't migrate easily port-available # .. but at the time of writing this code, only two non-working apps are using it. - "yunohost tools port-available": (None, None), + "yunohost tools port-available": {"important":True}, # Replace # yunohost app checkurl "${domain}${path_url}" -a "${app}" # by # ynh_webpath_register --app=${app} --domain=${domain} --path_url=${path_url} - "yunohost app checkurl": ( - r"(sudo )?yunohost app checkurl \"?(\$\{?\w+\}?)\/?(\$\{?\w+\}?)\"?\s+-a\s\"?(\$\{?\w+\}?)\"?", - r"ynh_webpath_register --app=\4 --domain=\2 --path_url=\3"), + "yunohost app checkurl": { + "pattern": r"(sudo )?yunohost app checkurl \"?(\$\{?\w+\}?)\/?(\$\{?\w+\}?)\"?\s+-a\s\"?(\$\{?\w+\}?)\"?", + "replace": r"ynh_webpath_register --app=\4 --domain=\2 --path_url=\3", + "important": True + }, + # Remove + # Automatic diagnosis data from YunoHost + # __PRE_TAG1__$(yunohost tools diagnosis | ...)__PRE_TAG2__" + # + "yunohost tools diagnosis": { + "pattern": r"(Automatic diagnosis data from YunoHost( *\n)*)? *(__\w+__)? *\$\(yunohost tools diagnosis.*\)(__\w+__)?", + "replace": r"", + "important": False + } } - stuff_to_replace_compiled = {h: (re.compile(r[0]), r[1]) if r[0] else (None,None) for h, r in stuff_to_replace.items()} + for helper, infos in stuff_to_replace.items(): + infos["pattern"] = re.compile(infos["pattern"]) if infos.get("pattern") else None + infos["replace"] = infos.get("replace") for filename in files_to_patch: @@ -2875,18 +2892,20 @@ def _patch_legacy_helpers(app_folder): content = read_file(filename) replaced_stuff = False + show_warning = False - for helper, regexes in stuff_to_replace_compiled.items(): - pattern, replace = regexes + for helper, infos in stuff_to_replace.items(): # If helper is used, attempt to patch the file - if helper in content and pattern != "": - content = pattern.sub(replace, content) + if helper in content and infos["pattern"]: + content = infos["pattern"].sub(infos["replace"], content) replaced_stuff = True + if infos["important"]: + show_warning = True # If the helpert is *still* in the content, it means that we # couldn't patch the deprecated helper in the previous lines. In # that case, abort the install or whichever step is performed - if helper in content: + if helper in content and infos["important"]: raise YunohostError("This app is likely pretty old and uses deprecated / outdated helpers that can't be migrated easily. It can't be installed anymore.") if replaced_stuff: @@ -2902,5 +2921,7 @@ def _patch_legacy_helpers(app_folder): # Actually write the new content in the file write_to_file(filename, content) + + if show_warning: # And complain about those damn deprecated helpers logger.error("/!\ Packagers ! This app uses a very old deprecated helpers ... Yunohost automatically patched the helpers to use the new recommended practice, but please do consider fixing the upstream code right now ...") From cf32853f810adb4d4a0f674ab887bfbb117703de Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 25 Apr 2020 03:44:26 +0200 Subject: [PATCH 009/451] Fetch all cert-status at once because running a yunohost command takes ~3ish seconds per call --- data/hooks/conf_regen/15-nginx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/data/hooks/conf_regen/15-nginx b/data/hooks/conf_regen/15-nginx index f8b7d8062..f1a278440 100755 --- a/data/hooks/conf_regen/15-nginx +++ b/data/hooks/conf_regen/15-nginx @@ -52,6 +52,8 @@ do_pre_regen() { export compatibility="$(yunohost settings get 'security.nginx.compatibility')" ynh_render_template "security.conf.inc" "${nginx_conf_dir}/security.conf.inc" + cert_status=$(yunohost domain cert-status --json) + # add domain conf files for domain in $domain_list; do domain_conf_dir="${nginx_conf_dir}/${domain}.d" @@ -61,7 +63,7 @@ do_pre_regen() { # NGINX server configuration export domain - export domain_cert_ca=$(yunohost domain cert-status $domain --json \ + export domain_cert_ca=$(echo $cert_status \ | jq ".certificates.\"$domain\".CA_type" \ | tr -d '"') From 319898baf7892582e90b5b9b24fccb8234939fe3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 25 Apr 2020 03:49:30 +0200 Subject: [PATCH 010/451] Feed domain list to regen-conf hooks directly through env to avoid having to call 'yunohost domain list' --- data/hooks/conf_regen/12-metronome | 8 +++----- data/hooks/conf_regen/15-nginx | 14 +++++--------- data/hooks/conf_regen/19-postfix | 5 ++--- data/hooks/conf_regen/31-rspamd | 5 +---- data/hooks/conf_regen/43-dnsmasq | 5 ++--- src/yunohost/regenconf.py | 11 +++++++++-- 6 files changed, 22 insertions(+), 26 deletions(-) diff --git a/data/hooks/conf_regen/12-metronome b/data/hooks/conf_regen/12-metronome index 5a50b2b6e..8aee90212 100755 --- a/data/hooks/conf_regen/12-metronome +++ b/data/hooks/conf_regen/12-metronome @@ -14,7 +14,6 @@ do_pre_regen() { # retrieve variables main_domain=$(cat /etc/yunohost/current_host) - domain_list=$(yunohost domain list --output-as plain --quiet) # install main conf file cat metronome.cfg.lua \ @@ -22,7 +21,7 @@ do_pre_regen() { > "${metronome_dir}/metronome.cfg.lua" # add domain conf files - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do cat domain.tpl.cfg.lua \ | sed "s/{{ domain }}/${domain}/g" \ > "${metronome_conf_dir}/${domain}.cfg.lua" @@ -33,7 +32,7 @@ do_pre_regen() { | awk '/^[^\.]+\.[^\.]+.*\.cfg\.lua$/ { print $1 }') for file in $conf_files; do domain=${file%.cfg.lua} - [[ $domain_list =~ $domain ]] \ + [[ $YNH_DOMAINS =~ $domain ]] \ || touch "${metronome_conf_dir}/${file}" done } @@ -43,10 +42,9 @@ do_post_regen() { # retrieve variables main_domain=$(cat /etc/yunohost/current_host) - domain_list=$(yunohost domain list --output-as plain --quiet) # create metronome directories for domains - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do mkdir -p "/var/lib/metronome/${domain//./%2e}/pep" done # http_upload directory must be writable by metronome and readable by nginx diff --git a/data/hooks/conf_regen/15-nginx b/data/hooks/conf_regen/15-nginx index f1a278440..a43107599 100755 --- a/data/hooks/conf_regen/15-nginx +++ b/data/hooks/conf_regen/15-nginx @@ -46,7 +46,6 @@ do_pre_regen() { # retrieve variables main_domain=$(cat /etc/yunohost/current_host) - domain_list=$(yunohost domain list --output-as plain --quiet) # Support different strategy for security configurations export compatibility="$(yunohost settings get 'security.nginx.compatibility')" @@ -55,7 +54,7 @@ do_pre_regen() { cert_status=$(yunohost domain cert-status --json) # add domain conf files - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do domain_conf_dir="${nginx_conf_dir}/${domain}.d" mkdir -p "$domain_conf_dir" mail_autoconfig_dir="${pending_dir}/var/www/.well-known/${domain}/autoconfig/mail/" @@ -83,7 +82,7 @@ do_pre_regen() { | awk '/^[^\.]+\.[^\.]+.*\.conf$/ { print $1 }') for file in $conf_files; do domain=${file%.conf} - [[ $domain_list =~ $domain ]] \ + [[ $YNH_DOMAINS =~ $domain ]] \ || touch "${nginx_conf_dir}/${file}" done @@ -91,7 +90,7 @@ do_pre_regen() { autoconfig_files=$(ls -1 /var/www/.well-known/*/autoconfig/mail/config-v1.1.xml 2>/dev/null || true) for file in $autoconfig_files; do domain=$(basename $(readlink -f $(dirname $file)/../..)) - [[ $domain_list =~ $domain ]] \ + [[ $YNH_DOMAINS =~ $domain ]] \ || (mkdir -p "$(dirname ${pending_dir}/${file})" && touch "${pending_dir}/${file}") done @@ -105,16 +104,13 @@ do_post_regen() { [ -z "$regen_conf_files" ] && exit 0 - # retrieve variables - domain_list=$(yunohost domain list --output-as plain --quiet) - # create NGINX conf directories for domains - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do mkdir -p "/etc/nginx/conf.d/${domain}.d" done # Get rid of legacy lets encrypt snippets - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do # If the legacy letsencrypt / acme-challenge domain-specific snippet is still there if [ -e /etc/nginx/conf.d/${domain}.d/000-acmechallenge.conf ] then diff --git a/data/hooks/conf_regen/19-postfix b/data/hooks/conf_regen/19-postfix index 10076b680..68afe4bc9 100755 --- a/data/hooks/conf_regen/19-postfix +++ b/data/hooks/conf_regen/19-postfix @@ -20,18 +20,17 @@ do_pre_regen() { # prepare main.cf conf file main_domain=$(cat /etc/yunohost/current_host) - domain_list=$(yunohost domain list --output-as plain --quiet | tr '\n' ' ') # Support different strategy for security configurations export compatibility="$(yunohost settings get 'security.postfix.compatibility')" export main_domain - export domain_list + export domain_list="$YNH_DOMAINS" ynh_render_template "main.cf" "${postfix_dir}/main.cf" cat postsrsd \ | sed "s/{{ main_domain }}/${main_domain}/g" \ - | sed "s/{{ domain_list }}/${domain_list}/g" \ + | sed "s/{{ domain_list }}/${YNH_DOMAINS}/g" \ > "${default_dir}/postsrsd" # adapt it for IPv4-only hosts diff --git a/data/hooks/conf_regen/31-rspamd b/data/hooks/conf_regen/31-rspamd index 26fea4336..861549e27 100755 --- a/data/hooks/conf_regen/31-rspamd +++ b/data/hooks/conf_regen/31-rspamd @@ -25,11 +25,8 @@ do_post_regen() { mkdir -p /etc/dkim chown _rspamd /etc/dkim - # retrieve domain list - domain_list=$(yunohost domain list --output-as plain --quiet) - # create DKIM key for domains - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do domain_key="/etc/dkim/${domain}.mail.key" [ ! -f "$domain_key" ] && { # We use a 1024 bit size because nsupdate doesn't seem to be able to diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq index 59a1f8a06..8a2985f34 100755 --- a/data/hooks/conf_regen/43-dnsmasq +++ b/data/hooks/conf_regen/43-dnsmasq @@ -26,10 +26,9 @@ do_pre_regen() { ynh_validate_ip4 "$ipv4" || ipv4='127.0.0.1' ipv6=$(curl -s -6 https://ip6.yunohost.org 2>/dev/null || true) ynh_validate_ip6 "$ipv6" || ipv6='' - domain_list=$(yunohost domain list --output-as plain --quiet) # add domain conf files - for domain in $domain_list; do + for domain in $YNH_DOMAINS; do cat domain.tpl \ | sed "s/{{ domain }}/${domain}/g" \ | sed "s/{{ ip }}/${ipv4}/g" \ @@ -42,7 +41,7 @@ do_pre_regen() { conf_files=$(ls -1 /etc/dnsmasq.d \ | awk '/^[^\.]+\.[^\.]+.*$/ { print $1 }') for domain in $conf_files; do - [[ $domain_list =~ $domain ]] \ + [[ $YNH_DOMAINS =~ $domain ]] \ || touch "${dnsmasq_dir}/${domain}" done } diff --git a/src/yunohost/regenconf.py b/src/yunohost/regenconf.py index ad84c8164..b81c043ce 100644 --- a/src/yunohost/regenconf.py +++ b/src/yunohost/regenconf.py @@ -141,7 +141,14 @@ def regen_conf(operation_logger, names=[], with_diff=False, force=False, dry_run if "glances" in names: names.remove("glances") - pre_result = hook_callback('conf_regen', names, pre_callback=_pre_call) + # [Optimization] We compute and feed the domain list to the conf regen + # hooks to avoid having to call "yunohost domain list" so many times which + # ends up in wasted time (about 3~5 seconds per call on a RPi2) + from yunohost.domain import domain_list + env = {} + env["YNH_DOMAINS"] = " ".join(domain_list()["domains"]) + + pre_result = hook_callback('conf_regen', names, pre_callback=_pre_call, env=env) # Keep only the hook names with at least one success names = [hook for hook, infos in pre_result.items() @@ -310,7 +317,7 @@ def regen_conf(operation_logger, names=[], with_diff=False, force=False, dry_run regen_conf_files = '' return post_args + [regen_conf_files, ] - hook_callback('conf_regen', names, pre_callback=_pre_call) + hook_callback('conf_regen', names, pre_callback=_pre_call, env=env) operation_logger.success() From b90155423d73614340c9aa9c85d902afd7b0f1e9 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 25 Apr 2020 04:33:08 +0200 Subject: [PATCH 011/451] Add a caching mechanism to get_public_ip to avoid loading requests and calling ip.yunohost.org dozens of time per minute... --- src/yunohost/utils/network.py | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/src/yunohost/utils/network.py b/src/yunohost/utils/network.py index 3ae1ba910..92ca2a266 100644 --- a/src/yunohost/utils/network.py +++ b/src/yunohost/utils/network.py @@ -21,7 +21,9 @@ import os import re import logging +import time +from moulinette.utils.filesystem import read_file, write_to_file from moulinette.utils.network import download_text from moulinette.utils.process import check_output @@ -29,14 +31,24 @@ logger = logging.getLogger('yunohost.utils.network') def get_public_ip(protocol=4): - """Retrieve the public IP address from ip.yunohost.org""" - if protocol == 4: - url = 'https://ip.yunohost.org' - elif protocol == 6: - url = 'https://ip6.yunohost.org' + assert protocol in [4, 6], "Invalid protocol version for get_public_ip: %s, expected 4 or 6" % protocol + + cache_file = "/var/cache/yunohost/ipv%s" % protocol + cache_duration = 120 # 2 min + if os.path.exists(cache_file) and abs(os.path.getctime(cache_file) - time.time()) < cache_duration: + ip = read_file(cache_file).strip() + ip = ip if ip else None # Empty file (empty string) means there's no IP + logger.debug("Reusing IPv%s from cache: %s" % (protocol, ip)) else: - raise ValueError("invalid protocol version") + ip = get_public_ip_from_remote_server(protocol) + logger.debug("IP fetched: %s" % ip) + write_to_file(cache_file, ip or "") + return ip + + +def get_public_ip_from_remote_server(protocol=4): + """Retrieve the public IP address from ip.yunohost.org""" # We can know that ipv6 is not available directly if this file does not exists if protocol == 6 and not os.path.exists("/proc/net/if_inet6"): @@ -49,6 +61,9 @@ def get_public_ip(protocol=4): logger.debug("No default route for IPv%s, so assuming there's no IP address for that version" % protocol) return None + url = 'https://ip%s.yunohost.org' % (protocol if protocol != 4 else '') + logger.debug("Fetching IP from %s " % url) + try: return download_text(url, timeout=30).strip() except Exception as e: From 9ef2c60a90e828bd991f6d06e728b4537b9af358 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 25 Apr 2020 05:24:27 +0200 Subject: [PATCH 012/451] Uhoh we can't call domain_list if postinstall ain't done yet --- src/yunohost/regenconf.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/yunohost/regenconf.py b/src/yunohost/regenconf.py index b81c043ce..94883367b 100644 --- a/src/yunohost/regenconf.py +++ b/src/yunohost/regenconf.py @@ -146,7 +146,12 @@ def regen_conf(operation_logger, names=[], with_diff=False, force=False, dry_run # ends up in wasted time (about 3~5 seconds per call on a RPi2) from yunohost.domain import domain_list env = {} - env["YNH_DOMAINS"] = " ".join(domain_list()["domains"]) + # Well we can only do domain_list() if postinstall is done ... + # ... but hooks that effectively need the domain list are only + # called only after the 'installed' flag is set so that's all good, + # though kinda tight-coupled to the postinstall logic :s + if os.path.exists("/etc/yunohost/installed"): + env["YNH_DOMAINS"] = " ".join(domain_list()["domains"]) pre_result = hook_callback('conf_regen', names, pre_callback=_pre_call, env=env) From 0226ff2fd1f71d82e1e9a6f969f21c09dc464f8c Mon Sep 17 00:00:00 2001 From: xaloc33 Date: Thu, 16 Apr 2020 12:58:13 +0000 Subject: [PATCH 013/451] Translated using Weblate (Catalan) Currently translated at 100.0% (598 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/ca/ --- locales/ca.json | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/locales/ca.json b/locales/ca.json index ff7045d0a..bd071e354 100644 --- a/locales/ca.json +++ b/locales/ca.json @@ -4,7 +4,7 @@ "admin_password_change_failed": "No es pot canviar la contrasenya", "admin_password_changed": "S'ha canviat la contrasenya d'administració", "app_already_installed": "{app:s} ja està instal·lada", - "app_already_installed_cant_change_url": "Aquesta aplicació ja està instal·lada. La URL no és pot canviar únicament amb aquesta funció. Mireu a \"app changeurl\" si està disponible.", + "app_already_installed_cant_change_url": "Aquesta aplicació ja està instal·lada. La URL no és pot canviar únicament amb aquesta funció. Mireu a `app changeurl` si està disponible.", "app_already_up_to_date": "{app:s} ja està actualitzada", "app_argument_choice_invalid": "Utilitzeu una de les opcions «{choices:s}» per l'argument «{name:s}»", "app_argument_invalid": "Escolliu un valor vàlid per l'argument «{name:s}»: {error:s}", @@ -59,7 +59,7 @@ "backup_couldnt_bind": "No es pot lligar {src:s} amb {dest:s}.", "backup_created": "S'ha creat la còpia de seguretat", "aborting": "Avortant.", - "app_not_upgraded": "L'aplicació «{failed_app}» no s'ha pogut actualitzar, i com a conseqüència l'actualització de les següents aplicacions ha estat cancel·lada: {apps}", + "app_not_upgraded": "L'aplicació «{failed_app}» no s'ha pogut actualitzar, i com a conseqüència s'ha cancel·lat l'actualització de les següents aplicacions: {apps}", "app_start_install": "instal·lant l'aplicació «{app}»…", "app_start_remove": "Eliminant l'aplicació «{app}»…", "app_start_backup": "Recuperant els fitxers pels que s'ha de fer una còpia de seguretat per «{app}»…", @@ -167,7 +167,7 @@ "file_does_not_exist": "El camí {path:s} no existeix.", "firewall_reload_failed": "No s'ha pogut tornar a carregar el tallafocs", "firewall_reloaded": "S'ha tornat a carregar el tallafocs", - "firewall_rules_cmd_failed": "No s'han pogut aplicar algunes regles del tallafocs. Més informació en el registre.", + "firewall_rules_cmd_failed": "Han fallat algunes comandes per aplicar regles del tallafocs. Més informació en el registre.", "global_settings_bad_choice_for_enum": "Opció pel paràmetre {setting:s} incorrecta, s'ha rebut «{choice:s}», però les opcions disponibles són: {available_choices:s}", "global_settings_bad_type_for_setting": "El tipus del paràmetre {setting:s} és incorrecte. S'ha rebut {received_type:s}, però s'esperava {expected_type:s}", "global_settings_cant_open_settings": "No s'ha pogut obrir el fitxer de configuració, raó: {reason:s}", @@ -284,7 +284,7 @@ "migration_0008_root": "• No es podrà connectar com a root a través de SSH. S'haurà d'utilitzar l'usuari admin per fer-ho;", "migration_0008_dsa": "• Es desactivarà la clau DSA. Per tant, es podria haver d'invalidar un missatge esgarrifós del client SSH, i tornar a verificar l'empremta digital del servidor;", "migration_0008_warning": "Si heu entès els avisos i voleu que YunoHost sobreescrigui la configuració actual, comenceu la migració. Sinó, podeu saltar-vos la migració, tot i que no està recomanat.", - "migration_0008_no_warning": "Hauria de ser segur sobreescriure la configuració SSH, però no es pot estar del tot segur! Executetu la migració per sobreescriure-la. Sinó, podeu saltar-vos la migració, tot i que no està recomanat.", + "migration_0008_no_warning": "Hauria de ser segur sobreescriure la configuració SSH, però no es pot estar del tot segur! Executeu la migració per sobreescriure-la. Sinó, podeu saltar-vos la migració, tot i que no està recomanat.", "migration_0009_not_needed": "Sembla que ja s'ha fet aquesta migració… (?) Ometent.", "migrations_cant_reach_migration_file": "No s'ha pogut accedir als fitxers de migració al camí «%s»", "migrations_list_conflict_pending_done": "No es pot utilitzar «--previous» i «--done» al mateix temps.", @@ -596,5 +596,7 @@ "diagnosis_description_web": "Web", "diagnosis_basesystem_hardware_board": "El model de la targeta del servidor és {model}", "diagnosis_basesystem_hardware": "L'arquitectura del maquinari del servidor és {virt} {arch}", - "group_already_exist_on_system_but_removing_it": "El grup {group} ja existeix en els grups del sistema, però YunoHost l'eliminarà…" + "group_already_exist_on_system_but_removing_it": "El grup {group} ja existeix en els grups del sistema, però YunoHost l'eliminarà…", + "certmanager_warning_subdomain_dns_record": "El subdomini «{subdomain:s}» no resol a la mateixa adreça IP que «{domain:s}». Algunes funcions no estaran disponibles fins que no s'hagi arreglat i s'hagi regenerat el certificat.", + "domain_cannot_add_xmpp_upload": "No podeu afegir dominis començant per «xmpp-upload.». Aquest tipus de nom està reservat per a la funció de pujada de XMPP integrada a YunoHost." } From 8fd7456a9be2f069bbf9ea0702023dc7bac16119 Mon Sep 17 00:00:00 2001 From: Zeik0s Date: Wed, 15 Apr 2020 15:38:08 +0000 Subject: [PATCH 014/451] Translated using Weblate (German) Currently translated at 36.1% (216 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/de/ --- locales/de.json | 43 +++++++++++++++++++++++++++++++++---------- 1 file changed, 33 insertions(+), 10 deletions(-) diff --git a/locales/de.json b/locales/de.json index 2369e3bdc..b354f60c5 100644 --- a/locales/de.json +++ b/locales/de.json @@ -15,7 +15,7 @@ "app_removed": "{app:s} wurde entfernt", "app_sources_fetch_failed": "Quelldateien konnten nicht abgerufen werden, ist die URL korrekt?", "app_unknown": "Unbekannte App", - "app_upgrade_failed": "{app:s} konnte nicht aktualisiert werden", + "app_upgrade_failed": "{app:s} konnte nicht aktualisiert werden: {error}", "app_upgraded": "{app:s} aktualisiert", "ask_email": "E-Mail-Adresse", "ask_firstname": "Vorname", @@ -35,7 +35,7 @@ "backup_hook_unknown": "Der Datensicherungshook '{hook:s}' unbekannt", "backup_invalid_archive": "Dies ist kein Backup-Archiv", "backup_nothings_done": "Keine Änderungen zur Speicherung", - "backup_output_directory_forbidden": "Wähle ein anderes Ausgabeverzeichnis. Datensicherung können nicht in /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var oder in Unterordnern von /home/yunohost.backup/archives erstellt werden", + "backup_output_directory_forbidden": "Wähle ein anderes Ausgabeverzeichnis. Datensicherungen können nicht in /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var oder in Unterordnern von /home/yunohost.backup/archives erstellt werden", "backup_output_directory_not_empty": "Der gewählte Ausgabeordner sollte leer sein", "backup_output_directory_required": "Für die Datensicherung muss ein Zielverzeichnis angegeben werden", "backup_running_hooks": "Datensicherunghook wird ausgeführt…", @@ -213,7 +213,7 @@ "domain_dns_conf_is_just_a_recommendation": "Dieser Befehl zeigt Ihnen, was die * empfohlene * Konfiguration ist. Die DNS-Konfiguration wird NICHT für Sie eingerichtet. Es liegt in Ihrer Verantwortung, Ihre DNS-Zone in Ihrem Registrar gemäß dieser Empfehlung zu konfigurieren.", "dpkg_lock_not_available": "Dieser Befehl kann momentan nicht ausgeführt werden, da anscheinend ein anderes Programm die Sperre von dpkg (dem Systempaket-Manager) verwendet", "confirm_app_install_thirdparty": "WARNUNG! Das Installieren von Anwendungen von Drittanbietern kann die Integrität und Sicherheit Deines Systems beeinträchtigen. Du solltest es wahrscheinlich NICHT installieren, es sei denn, Du weisst, was Du tust. Bist du bereit, dieses Risiko einzugehen? [{answers:s}]", - "confirm_app_install_danger": "WARNUNG! Diese Anwendung ist noch experimentell (wenn nicht ausdrücklich \"not working\"/\"funktioniert nicht\") und es ist wahrscheinlich, dass Dein System Schaden nimmt! Du solltest es wahrscheinlich NICHT installieren, es sei denn, Du weisst, was Du tust. Bist du bereit, dieses Risiko einzugehen? [{answers:s}]", + "confirm_app_install_danger": "WARNUNG! Diese Anwendung ist noch experimentell (wenn nicht ausdrücklich \"not working\"/\"nicht funktionsfähig\")! Du solltest es wahrscheinlich NICHT installieren, es sei denn, du weißt, was du tust. Es wird keine Unterstützung geleistet, falls diese Anwendung nicht funktioniert oder dein System zerstört... Falls du bereit bist, dieses Risiko einzugehen, tippe '{answers:s}'", "confirm_app_install_warning": "Warnung: Diese Anwendung funktioniert möglicherweise, ist jedoch nicht gut in YunoHost integriert. Einige Funktionen wie Single Sign-On und Backup / Restore sind möglicherweise nicht verfügbar. Trotzdem installieren? [{answers:s}] ", "backup_with_no_restore_script_for_app": "Die App {app:s} hat kein Wiederherstellungsskript. Das Backup dieser App kann nicht automatisch wiederhergestellt werden.", "backup_with_no_backup_script_for_app": "Die App {app:s} hat kein Sicherungsskript. Ignoriere es.", @@ -231,7 +231,7 @@ "backup_csv_creation_failed": "Die zur Wiederherstellung erforderliche CSV-Datei kann nicht erstellt werden", "backup_couldnt_bind": "{src:s} konnte nicht an {dest:s} angebunden werden.", "backup_borg_not_implemented": "Die Borg-Sicherungsmethode ist noch nicht implementiert", - "backup_ask_for_copying_if_needed": "Möchten Sie die Sicherung mit {size:s} MB temporär durchführen? (Dieser Weg wird verwendet, da einige Dateien nicht mit einer effizienteren Methode vorbereitet werden konnten).", + "backup_ask_for_copying_if_needed": "Möchten Sie die Sicherung mit {size:s} MB temporär durchführen? (Dieser Weg wird verwendet, da einige Dateien nicht mit einer effizienteren Methode vorbereitet werden konnten.)", "backup_actually_backuping": "Erstellt ein Backup-Archiv aus den gesammelten Dateien …", "ask_new_path": "Neuer Pfad", "ask_new_domain": "Neue Domain", @@ -302,17 +302,40 @@ "app_install_script_failed": "Im Installationsscript ist ein Fehler aufgetreten", "app_remove_after_failed_install": "Entfernen der App nach fehlgeschlagener Installation…", "app_upgrade_script_failed": "Es ist ein Fehler im App-Upgrade-Skript aufgetreten", - "diagnosis_basesystem_host": "Server läuft unter Debian {debian_version}.", + "diagnosis_basesystem_host": "Server läuft unter Debian {debian_version}", "diagnosis_basesystem_kernel": "Server läuft unter Linux-Kernel {kernel_version}", "diagnosis_basesystem_ynh_single_version": "{package} Version: {version} ({repo})", "diagnosis_basesystem_ynh_main_version": "Server läuft YunoHost {main_version} ({repo})", "diagnosis_basesystem_ynh_inconsistent_versions": "Sie verwenden inkonsistente Versionen der YunoHost-Pakete... wahrscheinlich wegen eines fehlgeschlagenen oder teilweisen Upgrades.", "diagnosis_display_tip_web": "Sie können den Abschnitt Diagnose (im Startbildschirm) aufrufen, um die gefundenen Probleme anzuzeigen.", - "apps_catalog_init_success": "Apps-Katalogsystem initialisiert!", - "apps_catalog_updating": "Aktualisierung des Applikationskatalogs...", - "apps_catalog_failed_to_download": "Der {apps_catalog} Apps-Katalog kann nicht heruntergeladen werden: {error}", - "apps_catalog_obsolete_cache": "Der Cache des Apps-Katalogs ist leer oder veraltet.", + "apps_catalog_init_success": "App-Katalogsystem initialisiert!", + "apps_catalog_updating": "Aktualisierung des Applikationskatalogs…", + "apps_catalog_failed_to_download": "Der {apps_catalog} App-Katalog kann nicht heruntergeladen werden: {error}", + "apps_catalog_obsolete_cache": "Der Cache des App-Katalogs ist leer oder veraltet.", "apps_catalog_update_success": "Der Apps-Katalog wurde aktualisiert!", "password_too_simple_1": "Das Passwort muss mindestens 8 Zeichen lang sein", - "diagnosis_display_tip_cli": "Sie können 'yunohost diagnosis show --issues' ausführen, um die gefundenen Probleme anzuzeigen." + "diagnosis_display_tip_cli": "Sie können 'yunohost diagnosis show --issues' ausführen, um die gefundenen Probleme anzuzeigen.", + "diagnosis_everything_ok": "Alles schaut gut aus für {category}!", + "diagnosis_failed": "Kann Diagnose-Ergebnis für die Kategorie '{category}' nicht abrufen: {error}", + "diagnosis_ip_connected_ipv4": "Der Server ist mit dem Internet über IPv4 verbunden!", + "diagnosis_no_cache": "Kein Diagnose Cache aktuell für die Kategorie '{category}'", + "diagnosis_ip_no_ipv4": "Der Server hat kein funktionierendes IPv4.", + "diagnosis_ip_connected_ipv6": "Der Server ist mit dem Internet über IPv6 verbunden!", + "diagnosis_ip_no_ipv6": "Der Server hat kein funktionierendes IPv6.", + "diagnosis_ip_not_connected_at_all": "Der Server scheint überhaupt nicht mit dem Internet verbunden zu sein!?", + "diagnosis_failed_for_category": "Diagnose fehlgeschlagen für die Kategorie '{category}': {error}", + "diagnosis_cache_still_valid": "(Cache noch gültig für {category} Diagnose. Werde keine neue Diagnose durchführen!)", + "diagnosis_cant_run_because_of_dep": "Kann Diagnose für {category} nicht ausführen während wichtige Probleme zu {dep} noch nicht behoben sind.", + "diagnosis_found_errors_and_warnings": "Habe {errors} erhebliche(s) Problem(e) (und {warnings} Warnung(en)) in Verbindung mit {category} gefunden!", + "diagnosis_ip_broken_dnsresolution": "Domänen-Namens-Auflösung scheint aus einem bestimmten Grund nicht zu funktionieren... Blockiert eine Firewall die DNS Anfragen?", + "diagnosis_ip_broken_resolvconf": "Domänen-Namens-Auflösung scheint nicht zu funktionieren, was daran liegen könnte, dass in /etc/resolv.conf kein Eintrag auf 127.0.0.1 zeigt.", + "diagnosis_ip_weird_resolvconf_details": "Stattdessen sollte diese Datei ein Softlink auf /etc/resolvconf/run/resolv.conf sein, die auf sich selbst zu 127.0.0.1 zeigt (dnsmasq). Der eigentlich Auflösende sollte in /etc/resolv.dnsmasq.conf konfiguriert werden.", + "diagnosis_dns_good_conf": "Gute DNS Konfiguration für Domäne {domain} (Kategorie {category})", + "diagnosis_ignored_issues": "(+ {nb_ignored} ignorierte(s) Problem(e))", + "diagnosis_basesystem_hardware": "Server Hardware Architektur ist {virt} {arch}", + "diagnosis_basesystem_hardware_board": "Server Platinen Modell ist {model}", + "diagnosis_found_errors": "Habe {errors} erhebliche(s) Problem(e) in Verbindung mit {category} gefunden!", + "diagnosis_found_warnings": "Habe {warnings} Ding(e) gefunden, die verbessert werden könnten für {category}.", + "diagnosis_ip_dnsresolution_working": "Domänen-Namens-Auflösung funktioniert!", + "diagnosis_ip_weird_resolvconf": "DNS Auflösung scheint zu funktionieren, aber sei vorsichtig wenn du eine eigene /etc/resolv.conf verwendest." } From ced18062562370f9347f930ef2be8876ff8e06e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= Date: Wed, 15 Apr 2020 16:45:40 +0000 Subject: [PATCH 015/451] Translated using Weblate (French) Currently translated at 96.2% (575 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index 80d9f07dd..ee6aca0a8 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -555,9 +555,8 @@ "diagnosis_swap_ok": "Le système dispose de {total} de swap !", "diagnosis_regenconf_manually_modified": "Le fichier de configuration {file} a été modifié manuellement.", "diagnosis_regenconf_manually_modified_debian": "Le fichier de configuration {file} a été modifié manuellement par rapport à celui par défaut de Debian.", - "diagnosis_regenconf_manually_modified_details": "C’est probablement OK tant que vous savez ce que vous faites ;) !", + "diagnosis_regenconf_manually_modified_details": "C'est probablement OK tant que vous savez ce que vous faites;) !", "diagnosis_regenconf_manually_modified_debian_details": "Cela peut probablement être OK, mais il faut garder un œil dessus …", - "diagnosis_security_all_good": "Aucune vulnérabilité de sécurité critique n’a été trouvée.", "apps_catalog_init_success": "Système de catalogue d’applications initialisé !", "apps_catalog_failed_to_download": "Impossible de télécharger le catalogue des applications {apps_catalog}:{error}", "diagnosis_mail_outgoing_port_25_blocked": "Le port sortant 25 semble être bloqué. Vous devriez essayer de le débloquer dans le panneau de configuration de votre fournisseur de services Internet (ou hébergeur). En attendant, le serveur ne pourra pas envoyer de courrier électronique à d’autres serveurs.", From 661735c9d9b59d884469c1e062e4a7e8cfce87a2 Mon Sep 17 00:00:00 2001 From: amirale qt Date: Mon, 20 Apr 2020 10:48:16 +0000 Subject: [PATCH 016/451] Translated using Weblate (Esperanto) Currently translated at 90.8% (543 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/eo/ --- locales/eo.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/locales/eo.json b/locales/eo.json index f81ea8da6..eb701494d 100644 --- a/locales/eo.json +++ b/locales/eo.json @@ -1,6 +1,6 @@ { "admin_password_change_failed": "Ne eblas ŝanĝi pasvorton", - "admin_password_changed": "La pasvorto de administrado ŝanĝiĝis", + "admin_password_changed": "La pasvorto de administrado estis ŝanĝita", "app_already_installed": "{app:s} estas jam instalita", "app_already_up_to_date": "{app:s} estas jam ĝisdata", "app_argument_required": "Parametro {name:s} estas bezonata", @@ -81,7 +81,7 @@ "backup_archive_name_exists": "Rezerva arkivo kun ĉi tiu nomo jam ekzistas.", "backup_applying_method_tar": "Krei la rezervan TAR-ar archiveivon …", "backup_method_custom_finished": "Propra rezerva metodo '{method:s}' finiĝis", - "app_already_installed_cant_change_url": "Ĉi tiu app estas jam instalita. La URL ne povas esti ŝanĝita nur per ĉi tiu funkcio. Rigardu \"app changeurl\" se ĝi haveblas.", + "app_already_installed_cant_change_url": "Ĉi tiu app estas jam instalita. La URL ne povas esti ŝanĝita nur per ĉi tiu funkcio. Kontrolu en `app changeurl` se ĝi haveblas.", "app_not_correctly_installed": "{app:s} ŝajnas esti malĝuste instalita", "app_removed": "{app:s} forigita", "backup_delete_error": "Ne povis forigi '{path:s}'", From 220c62ab4c18e1a66546a9d3af8aebf5ea1c0da8 Mon Sep 17 00:00:00 2001 From: amirale qt Date: Mon, 20 Apr 2020 09:54:48 +0000 Subject: [PATCH 017/451] Translated using Weblate (Spanish) Currently translated at 100.0% (598 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/es/ --- locales/es.json | 89 +++++++++++++++++++++++++------------------------ 1 file changed, 46 insertions(+), 43 deletions(-) diff --git a/locales/es.json b/locales/es.json index 15b4b5316..f76d722e6 100644 --- a/locales/es.json +++ b/locales/es.json @@ -2,7 +2,7 @@ "action_invalid": "Acción no válida '{action:s} 1'", "admin_password": "Contraseña administrativa", "admin_password_change_failed": "No se puede cambiar la contraseña", - "admin_password_changed": "La contraseña de administración ha sido cambiada", + "admin_password_changed": "La contraseña de administración fue cambiada", "app_already_installed": "{app:s} ya está instalada", "app_argument_choice_invalid": "Use una de estas opciones «{choices:s}» para el argumento «{name:s}»", "app_argument_invalid": "Elija un valor válido para el argumento «{name:s}»: {error:s}", @@ -41,16 +41,16 @@ "backup_hook_unknown": "El gancho «{hook:s}» de la copia de seguridad es desconocido", "backup_invalid_archive": "Esto no es un archivo de respaldo", "backup_nothings_done": "Nada que guardar", - "backup_output_directory_forbidden": "Elija un directorio de salida diferente. No se pueden crear copias de seguridad en las subcarpetas de /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var o /home/yunohost.backup/archives", + "backup_output_directory_forbidden": "Elija un directorio de salida diferente. Las copias de seguridad no se pueden crear en /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var o /home/yunohost.backup/archives subcarpetas", "backup_output_directory_not_empty": "Debe elegir un directorio de salida vacío", "backup_output_directory_required": "Debe proporcionar un directorio de salida para la copia de seguridad", "backup_running_hooks": "Ejecutando los hooks de copia de seguridad...", "custom_app_url_required": "Debe proporcionar una URL para actualizar su aplicación personalizada {app:s}", "domain_cert_gen_failed": "No se pudo generar el certificado", "domain_created": "Dominio creado", - "domain_creation_failed": "No se pudo crear el dominio {domain}: {error}", + "domain_creation_failed": "No se puede crear el dominio {domain}: {error}", "domain_deleted": "Dominio eliminado", - "domain_deletion_failed": "No se pudo eliminar el dominio {domain}: {error}", + "domain_deletion_failed": "No se puede eliminar el dominio {domain}: {error}", "domain_dyndns_already_subscribed": "Ya se ha suscrito a un dominio de DynDNS", "domain_dyndns_root_unknown": "Dominio raíz de DynDNS desconocido", "domain_exists": "El dominio ya existe", @@ -117,20 +117,20 @@ "restore_running_app_script": "Restaurando la aplicación «{app:s}»…", "restore_running_hooks": "Ejecutando los ganchos de restauración…", "service_add_failed": "No se pudo añadir el servicio «{service:s}»", - "service_added": "Añadido el servicio «{service:s}»", + "service_added": "Se agregó el servicio '{service:s}'", "service_already_started": "El servicio «{service:s}» ya está funcionando", "service_already_stopped": "El servicio «{service:s}» ya ha sido detenido", "service_cmd_exec_failed": "No se pudo ejecutar la orden «{command:s}»", - "service_disable_failed": "No se pudo desactivar el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", - "service_disabled": "El servicio «{service:s}» ha sido desactivado", - "service_enable_failed": "No se pudo activar el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", - "service_enabled": "El servicio «{service:s}» ha sido desactivado", + "service_disable_failed": "No se pudo hacer que el servicio '{service:s}' no se iniciara en el arranque.\n\nRegistros de servicio recientes: {logs:s}", + "service_disabled": "El servicio '{service:s}' ya no se iniciará cuando se inicie el sistema.", + "service_enable_failed": "No se pudo hacer que el servicio '{service:s}' se inicie automáticamente en el arranque.\n\nRegistros de servicio recientes: {logs s}", + "service_enabled": "El servicio '{service:s}' ahora se iniciará automáticamente durante el arranque del sistema.", "service_remove_failed": "No se pudo eliminar el servicio «{service:s}»", - "service_removed": "Eliminado el servicio «{service:s}»", + "service_removed": "Servicio '{service:s}' eliminado", "service_start_failed": "No se pudo iniciar el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", - "service_started": "Iniciado el servicio «{service:s}»", + "service_started": "El servicio '{service:s}' comenzó", "service_stop_failed": "No se pudo detener el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", - "service_stopped": "El servicio «{service:s}» se detuvo", + "service_stopped": "Servicio '{service:s}' detenido", "service_unknown": "Servicio desconocido '{service:s}'", "ssowat_conf_generated": "Generada la configuración de SSOwat", "ssowat_conf_updated": "Actualizada la configuración de SSOwat", @@ -161,7 +161,7 @@ "yunohost_installing": "Instalando YunoHost…", "yunohost_not_installed": "YunoHost no está correctamente instalado. Ejecute «yunohost tools postinstall»", "ldap_init_failed_to_create_admin": "La inicialización de LDAP no pudo crear el usuario «admin»", - "mailbox_used_space_dovecot_down": "El servicio de correo Dovecot debe estar funcionando si desea obtener el espacio usado por el buzón de correo", + "mailbox_used_space_dovecot_down": "El servicio de buzón Dovecot debe estar activo si desea recuperar el espacio usado del buzón", "certmanager_attempt_to_replace_valid_cert": "Está intentando sobrescribir un certificado correcto y válido para el dominio {domain:s}! (Use --force para omitir este mensaje)", "certmanager_domain_unknown": "Dominio desconocido «{domain:s}»", "certmanager_domain_cert_not_selfsigned": "El certificado para el dominio {domain:s} no es un certificado autofirmado. ¿Está seguro de que quiere reemplazarlo? (Use «--force» para hacerlo)", @@ -170,7 +170,7 @@ "certmanager_attempt_to_renew_valid_cert": "¡El certificado para el dominio «{domain:s}» no está a punto de expirar! (Puede usar --force si sabe lo que está haciendo)", "certmanager_domain_http_not_working": "Parece que no se puede acceder al dominio {domain:s} a través de HTTP. Compruebe que la configuración del DNS y de NGINX es correcta", "certmanager_error_no_A_record": "No se ha encontrado un registro DNS «A» para el dominio {domain:s}. Debe hacer que su nombre de dominio apunte a su máquina para poder instalar un certificado de Let's Encrypt. (Si sabe lo que está haciendo, use «--no-checks» para desactivar esas comprobaciones.)", - "certmanager_domain_dns_ip_differs_from_public_ip": "El registro «A» del DNS para el dominio «{domain:s}» es diferente de la IP de este servidor. Si recientemente modificó su registro A, espere a que se propague (existen algunos verificadores de propagación de DNS disponibles en línea). (Si sabe lo que está haciendo, use «--no-checks» para desactivar esas comprobaciones.)", + "certmanager_domain_dns_ip_differs_from_public_ip": "El registro DNS 'A' para el dominio '{dominio:s}' es diferente de la IP de este servidor. Si recientemente modificó su registro A, espere a que se propague (algunos verificadores de propagación de DNS están disponibles en línea). (Si sabe lo que está haciendo, use '--no-checks' para desactivar esos cheques)", "certmanager_cannot_read_cert": "Se ha producido un error al intentar abrir el certificado actual para el dominio {domain:s} (archivo: {file:s}), razón: {reason:s}", "certmanager_cert_install_success_selfsigned": "Instalado correctamente un certificado autofirmado para el dominio «{domain:s}»", "certmanager_cert_install_success": "Instalado correctamente un certificado de Let's Encrypt para el dominio «{domain:s}»", @@ -179,7 +179,7 @@ "certmanager_cert_signing_failed": "No se pudo firmar el nuevo certificado", "certmanager_no_cert_file": "No se pudo leer el certificado para el dominio {domain:s} (archivo: {file:s})", "certmanager_conflicting_nginx_file": "No se pudo preparar el dominio para el desafío ACME: el archivo de configuración de NGINX {filepath:s} está en conflicto y debe ser eliminado primero", - "domain_cannot_remove_main": "No se puede eliminar el dominio principal. Primero debes configurar otro utilizando la linea de comando 'yunohost domain main-domain -n ' donde es parte de esta lista: {other_domains:s}", + "domain_cannot_remove_main": "No puede eliminar '{domain:s}' ya que es el dominio principal, primero debe configurar otro dominio como el dominio principal usando 'yunohost domain main-domain -n '; Aquí está la lista de dominios candidatos: {other_domains:s}", "certmanager_self_ca_conf_file_not_found": "No se pudo encontrar el archivo de configuración para la autoridad de autofirma (archivo: {file:s})", "certmanager_unable_to_parse_self_CA_name": "No se pudo procesar el nombre de la autoridad de autofirma (archivo: {file:s})", "domains_available": "Dominios disponibles:", @@ -189,7 +189,7 @@ "certmanager_couldnt_fetch_intermediate_cert": "Tiempo de espera agotado intentando obtener el certificado intermedio de Let's Encrypt. Cancelada la instalación o renovación del certificado. Vuelva a intentarlo más tarde.", "domain_hostname_failed": "No se pudo establecer un nuevo nombre de anfitrión («hostname»). Esto podría causar problemas más tarde (no es seguro... podría ir bien).", "yunohost_ca_creation_success": "Creada la autoridad de certificación local.", - "app_already_installed_cant_change_url": "Esta aplicación ya está instalada. No se puede cambiar el URL únicamente mediante esta función. Compruebe si está disponible la opción `app changeurl`.", + "app_already_installed_cant_change_url": "Esta aplicación ya está instalada. La URL no se puede cambiar solo con esta función. Marque `app changeurl` si está disponible.", "app_change_url_failed_nginx_reload": "No se pudo recargar NGINX. Esta es la salida de «nginx -t»:\n{nginx_errors:s}", "app_change_url_identical_domains": "El antiguo y nuevo dominio/url_path son idénticos ('{domain:s} {path:s}'), no se realizarán cambios.", "app_change_url_no_script": "La aplicación «{app_name:s}» aún no permite la modificación de URLs. Quizás debería actualizarla.", @@ -222,8 +222,8 @@ "dyndns_could_not_check_provide": "No se pudo verificar si {provider:s} puede ofrecer {domain:s}.", "dyndns_domain_not_provided": "El proveedor de DynDNS {provider:s} no puede proporcionar el dominio {domain:s}.", "experimental_feature": "Aviso : esta funcionalidad es experimental y no se considera estable, no debería usarla a menos que sepa lo que está haciendo.", - "good_practices_about_user_password": "Está a punto de establecer una nueva contraseña de usuario. La contraseña debería de ser de al menos 8 caracteres, aunque es una buena práctica usar una contraseña más extensa (básicamente una frase) y/o usar caracteres de varias clases (mayúsculas, minúsculas, números y caracteres especiales).", - "password_listed": "Esta contraseña es una de las más usadas en el mundo. Elija algo más único.", + "good_practices_about_user_password": "Ahora está a punto de definir una nueva contraseña de usuario. La contraseña debe tener al menos 8 caracteres, aunque es una buena práctica usar una contraseña más larga (es decir, una frase de contraseña) y / o una variación de caracteres (mayúsculas, minúsculas, dígitos y caracteres especiales).", + "password_listed": "Esta contraseña se encuentra entre las contraseñas más utilizadas en el mundo. Por favor, elija algo más único.", "password_too_simple_1": "La contraseña debe tener al menos 8 caracteres de longitud", "password_too_simple_2": "La contraseña tiene que ser de al menos 8 caracteres de longitud e incluir un número y caracteres en mayúsculas y minúsculas", "password_too_simple_3": "La contraseña tiene que ser de al menos 8 caracteres de longitud e incluir un número, mayúsculas, minúsculas y caracteres especiales", @@ -232,7 +232,7 @@ "update_apt_cache_warning": "Algo fue mal durante la actualización de la caché de APT (gestor de paquetes de Debian). Aquí tiene un volcado de las líneas de sources.list que podría ayudarle a identificar las líneas problemáticas:\n{sourceslist}", "update_apt_cache_failed": "No se pudo actualizar la caché de APT (gestor de paquetes de Debian). Aquí tiene un volcado de las líneas de sources.list que podría ayudarle a identificar las líneas problemáticas:\n{sourceslist}", "tools_upgrade_special_packages_completed": "Actualización de paquetes de YunoHost completada.\nPulse [Intro] para regresar a la línea de órdenes", - "tools_upgrade_special_packages_explanation": "Esta acción terminará pero la actualización especial real continuará en segundo plano. No inicie ninguna otra acción en su servidor en aproximadamente 10 minutos (dependiendo de la velocidad de su hardware). Una vez hecho, podría tener que volver a iniciar sesión en la administración web. El registro de actualización estará disponible en Herramientas → Registro (en la página de administración web) o mediante «yunohost log list» (desde la línea de órdenes).", + "tools_upgrade_special_packages_explanation": "La actualización especial continuará en segundo plano. No inicie ninguna otra acción en su servidor durante los próximos 10 minutos (dependiendo de la velocidad del hardware). Después de esto, es posible que deba volver a iniciar sesión en el administrador web. El registro de actualización estará disponible en Herramientas → Registro (en el webadmin) o usando 'yunohost log list' (desde la línea de comandos).", "tools_upgrade_special_packages": "Actualizando ahora paquetes «especiales» (relacionados con YunoHost)…", "tools_upgrade_regular_packages_failed": "No se pudieron actualizar los paquetes: {packages_list}", "tools_upgrade_regular_packages": "Actualizando ahora paquetes «normales» (no relacionados con YunoHost)…", @@ -241,11 +241,11 @@ "tools_upgrade_cant_both": "No se puede actualizar el sistema y las aplicaciones al mismo tiempo", "tools_upgrade_at_least_one": "Especifique «--apps», o «--system»", "this_action_broke_dpkg": "Esta acción rompió dpkg/APT(los gestores de paquetes del sistema)… Puede tratar de solucionar este problema conectando mediante SSH y ejecutando `sudo dpkg --configure -a`.", - "service_reloaded_or_restarted": "El servicio «{service:s}» ha sido recargado o reiniciado", + "service_reloaded_or_restarted": "El servicio '{service:s}' fue recargado o reiniciado", "service_reload_or_restart_failed": "No se pudo recargar o reiniciar el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", - "service_restarted": "Reiniciado el servicio «{service:s}»", + "service_restarted": "Servicio '{service:s}' reiniciado", "service_restart_failed": "No se pudo reiniciar el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", - "service_reloaded": "El servicio «{service:s}» ha sido recargado", + "service_reloaded": "Servicio '{service:s}' recargado", "service_reload_failed": "No se pudo recargar el servicio «{service:s}»\n\nRegistro de servicios recientes:{logs:s}", "service_regen_conf_is_deprecated": "¡«yunohost service regen-conf» está obsoleto! Use «yunohost tools regen-conf» en su lugar.", "service_description_yunohost-firewall": "Gestiona los puertos de conexiones abiertos y cerrados a los servicios", @@ -280,7 +280,7 @@ "regenconf_failed": "No se pudo regenerar la configuración para la(s) categoría(s): {categories}", "regenconf_dry_pending_applying": "Comprobando la configuración pendiente que habría sido aplicada para la categoría «{category}»…", "regenconf_would_be_updated": "La configuración habría sido actualizada para la categoría «{category}»", - "regenconf_updated": "Actualizada la configuración para la categoría '{category}'", + "regenconf_updated": "Configuración actualizada para '{category}'", "regenconf_up_to_date": "Ya está actualizada la configuración para la categoría «{category}»", "regenconf_now_managed_by_yunohost": "El archivo de configuración «{conf}» está gestionado ahora por YunoHost (categoría {category}).", "regenconf_file_updated": "Actualizado el archivo de configuración «{conf}»", @@ -345,7 +345,7 @@ "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 está instalado pero no PostgreSQL 9.6. Algo raro podría haber ocurrido en su sistema:(…", "migration_0005_postgresql_94_not_installed": "PostgreSQL no estaba instalado en su sistema. Nada que hacer.", "migration_0003_modified_files": "Tenga en cuenta que se encontró que los siguientes archivos fueron modificados manualmente y podrían ser sobrescritos después de la actualización: {manually_modified_files}", - "migration_0003_problematic_apps_warning": "Tenga en cuenta que las aplicaciones listadas mas abajo fueron detectadas como 'posiblemente problemáticas'. Parece que no fueron instaladas desde una lista de aplicaciones o no estaban etiquetadas como 'funcional'. Así que no hay garantía de que aún funcionen después de la actualización: {problematic_apps}", + "migration_0003_problematic_apps_warning": "Tenga en cuenta que se detectaron las siguientes aplicaciones instaladas posiblemente problemáticas. Parece que no se instalaron desde un catálogo de aplicaciones, o no se marcan como \"en funcionamiento\". En consecuencia, no se puede garantizar que seguirán funcionando después de la actualización: {problematic_apps}", "migration_0003_general_warning": "Tenga en cuenta que esta migración es una operación delicada. El equipo de YunoHost ha hecho todo lo posible para revisarla y probarla, pero la migración aún podría romper parte del sistema o de sus aplicaciones.\n\nPor lo tanto, se recomienda que:\n - Realice una copia de seguridad de cualquier dato crítico o aplicación. Más información en https://yunohost.org/backup;\n - Tenga paciencia tras iniciar la migración: dependiendo de su conexión a Internet y de su hardware, podría tardar unas cuantas horas hasta que todo se actualice.\n\nAdemás, el puerto para SMTP usado por los clientes de correo externos (como Thunderbird o K9-Mail) cambió de 465 (SSL/TLS) a 587 (STARTTLS). El antiguo puerto (465) se cerrará automáticamente y el nuevo puerto (587) se abrirá en el cortafuegos. Todos los usuarios *tendrán* que adaptar la configuración de sus clientes de correo por lo tanto.", "migration_0003_still_on_jessie_after_main_upgrade": "Algo fue mal durante la actualización principal: ⸘el sistema está aún en Jessie‽ Para investigar el problema, vea {log}:s…", "migration_0003_system_not_fully_up_to_date": "Su sistema no está totalmente actualizado. Realice una actualización normal antes de ejecutar la migración a Stretch.", @@ -358,7 +358,7 @@ "migration_0003_start": "Iniciando migración a Stretch. El registro estará disponible en {logfile}.", "migration_description_0012_postgresql_password_to_md5_authentication": "Forzar a la autentificación de PostgreSQL a usar MD5 para las conexiones locales", "migration_description_0011_setup_group_permission": "Configurar grupo de usuario y permisos para aplicaciones y servicios", - "migration_description_0010_migrate_to_apps_json": "Eliminar las listas de aplicaciones («appslists») obsoletas y usar en su lugar la nueva lista unificada «apps.json»", + "migration_description_0010_migrate_to_apps_json": "Elimine los catálogos de aplicaciones obsoletas y use la nueva lista unificada de 'apps.json' en su lugar (desactualizada, reemplazada por la migración 13)", "migration_description_0009_decouple_regenconf_from_services": "Separar el mecanismo «regen-conf» de los servicios", "migration_description_0008_ssh_conf_managed_by_yunohost_step2": "Permitir que la configuración de SSH la gestione YunoHost (paso 2, manual)", "migration_description_0007_ssh_conf_managed_by_yunohost_step1": "Permitir que la configuración de SSH la gestione YunoHost (paso 1, automático)", @@ -422,7 +422,7 @@ "group_deleted": "Eliminado el grupo «{group}»", "group_creation_failed": "No se pudo crear el grupo «{group}»: {error}", "group_created": "Creado el grupo «{group}»", - "good_practices_about_admin_password": "Va a establecer una nueva contraseña de administración. La contraseña debería tener al menos 8 caracteres, aunque es una buena práctica usar una contraseña más extensa (básicamente una frase) y/o usar caracteres de varias clases (mayúsculas, minúsculas, números y caracteres especiales).", + "good_practices_about_admin_password": "Ahora está a punto de definir una nueva contraseña de administración. La contraseña debe tener al menos 8 caracteres, aunque es una buena práctica usar una contraseña más larga (es decir, una frase de contraseña) y / o usar una variación de caracteres (mayúsculas, minúsculas, dígitos y caracteres especiales).", "global_settings_unknown_type": "Situación imprevista, la configuración {setting:s} parece tener el tipo {unknown_type:s} pero no es un tipo compatible con el sistema.", "global_settings_setting_service_ssh_allow_deprecated_dsa_hostkey": "Permitir el uso de la llave (obsoleta) DSA para la configuración del demonio SSH", "global_settings_unknown_setting_from_settings_file": "Clave desconocida en la configuración: «{setting_key:s}», desechada y guardada en /etc/yunohost/settings-unknown.json", @@ -447,8 +447,8 @@ "domain_dns_conf_is_just_a_recommendation": "Esta orden muestra la configuración *recomendada*. No configura el DNS en realidad. Es su responsabilidad configurar la zona de DNS en su registrador según esta recomendación.", "dpkg_lock_not_available": "Esta orden no se puede ejecutar en este momento ,parece que programa está usando el bloqueo de dpkg (el gestor de paquetes del sistema)", "dpkg_is_broken": "No puede hacer esto en este momento porque dpkg/apt (los gestores de paquetes del sistema) parecen estar en un estado roto... Puede tratar de solucionar este problema conectando a través de SSH y ejecutando `sudo dpkg --configure -a`.", - "confirm_app_install_thirdparty": "¡PELIGRO! Esta aplicación no forma parte del catálogo de aplicaciones de YunoHost. Instalar aplicaciones de terceros podría comprometer la integridad y seguridad de su sistema. Probablemente NO debería instalarla salvo que sepa lo que está haciendo. No tendrá NINGUNA AYUDA si esta aplicación no funciona o rompe su sistema… Si está dispuesto a aceptar ese riesgo de todas formas, escriba «{answers:s}»", - "confirm_app_install_danger": "¡PELIGRO! ¡Esta aplicación es conocida por ser aún experimental (o no funciona explícitamente)! Probablemente NO debería instalarla salvo que sepa lo que está haciendo. No tendrá NINGUNA AYUDA si esta aplicación no funciona o rompe su sistema… Si está dispuesto a aceptar ese riesgo de todas formas, escriba «{answers:s}»", + "confirm_app_install_thirdparty": "¡PELIGRO! Esta aplicación no forma parte del catálogo de aplicaciones de Yunohost. La instalación de aplicaciones de terceros puede comprometer la integridad y la seguridad de su sistema. Probablemente NO debería instalarlo a menos que sepa lo que está haciendo. NO se proporcionará SOPORTE si esta aplicación no funciona o rompe su sistema ... Si de todos modos está dispuesto a correr ese riesgo, escriba '{answers:s}'", + "confirm_app_install_danger": "¡PELIGRO! ¡Se sabe que esta aplicación sigue siendo experimental (si no explícitamente no funciona)! Probablemente NO debería instalarlo a menos que sepa lo que está haciendo. NO se proporcionará SOPORTE si esta aplicación no funciona o rompe su sistema ... Si de todos modos está dispuesto a correr ese riesgo, escriba '{answers:s}'", "confirm_app_install_warning": "Aviso: esta aplicación puede funcionar pero no está bien integrada en YunoHost. Algunas herramientas como la autentificación única y respaldo/restauración podrían no estar disponibles. ¿Instalar de todos modos? [{answers:s}] ", "backup_unable_to_organize_files": "No se pudo usar el método rápido de organización de los archivos en el archivo", "backup_permission": "Permiso de respaldo para la aplicación {app:s}", @@ -467,13 +467,13 @@ "app_start_backup": "Obteniendo archivos para el respaldo de «{app}»…", "app_start_remove": "Eliminando aplicación «{app}»…", "app_start_install": "Instalando aplicación «{app}»…", - "app_not_upgraded": "Error al actualizar la aplicación «{failed_app}» y como consecuencia se han cancelado las actualizaciones de las siguientes aplicaciones: {apps}", + "app_not_upgraded": "La aplicación '{failed_app}' no se pudo actualizar y, como consecuencia, se cancelaron las actualizaciones de las siguientes aplicaciones: {apps}", "app_action_cannot_be_ran_because_required_services_down": "Estos servicios necesarios deberían estar funcionando para ejecutar esta acción: {services}. Pruebe a reiniciarlos para continuar (y posiblemente investigar por qué están caídos).", "already_up_to_date": "Nada que hacer. Todo está actualizado.", "admin_password_too_long": "Elija una contraseña de menos de 127 caracteres", "aborting": "Cancelando.", "app_action_broke_system": "Esta acción parece que ha roto estos servicios importantes: {services}", - "operation_interrupted": "¿Ha sido interrumpida la operación manualmente?", + "operation_interrupted": "¿La operación fue interrumpida manualmente?", "apps_already_up_to_date": "Todas las aplicaciones están ya actualizadas", "dyndns_provider_unreachable": "No se puede conectar con el proveedor de Dyndns {provider}: o su YunoHost no está correctamente conectado a Internet o el servidor dynette está caído.", "group_already_exist": "El grupo {group} ya existe", @@ -488,7 +488,7 @@ "log_user_permission_reset": "Restablecer permiso «{}»", "migration_0011_failed_to_remove_stale_object": "No se pudo eliminar el objeto obsoleto {dn}: {error}", "permission_already_allowed": "El grupo «{group}» ya tiene el permiso «{permission}» activado", - "permission_already_disallowed": "El grupo «{group}» ya tiene el permiso «{permission}» desactivado", + "permission_already_disallowed": "El grupo '{group}' ya tiene el permiso '{permission}' deshabilitado", "permission_cannot_remove_main": "No está permitido eliminar un permiso principal", "user_already_exists": "El usuario «{user}» ya existe", "app_full_domain_unavailable": "Lamentablemente esta aplicación tiene que instalarse en un dominio propio pero ya hay otras aplicaciones instaladas en el dominio «{domain}». Podría usar un subdomino dedicado a esta aplicación en su lugar.", @@ -503,20 +503,20 @@ "permission_currently_allowed_for_all_users": "Este permiso se concede actualmente a todos los usuarios además de los otros grupos. Probablemente quiere o eliminar el permiso de «all_users» o eliminar los otros grupos a los que está otorgado actualmente.", "permission_require_account": "El permiso {permission} solo tiene sentido para usuarios con una cuenta y, por lo tanto, no se puede activar para visitantes.", "app_remove_after_failed_install": "Eliminando la aplicación tras el fallo de instalación…", - "diagnosis_basesystem_host": "El servidor está ejecutando Debian {debian_version}.", + "diagnosis_basesystem_host": "El servidor está ejecutando Debian {debian_version}", "diagnosis_basesystem_kernel": "El servidor está ejecutando el núcleo de Linux {kernel_version}", "diagnosis_basesystem_ynh_single_version": "{package} versión: {version} ({repo})", "diagnosis_basesystem_ynh_main_version": "El servidor está ejecutando YunoHost {main_version} ({repo})", - "diagnosis_basesystem_ynh_inconsistent_versions": "Está ejecutando versiones incoherentes de los paquetes de YunoHost... probablemente por una actualización errónea o parcial.", - "diagnosis_failed_for_category": "Diagnóstico fallido para la categoría «{category}» : {error}", + "diagnosis_basesystem_ynh_inconsistent_versions": "Está ejecutando versiones inconsistentes de los paquetes de YunoHost ... probablemente debido a una actualización parcial o fallida.", + "diagnosis_failed_for_category": "Error de diagnóstico para la categoría '{category}': {error}", "diagnosis_cache_still_valid": "(Caché aún válida para el diagnóstico de {category}. ¡Aún no se ha rediagnosticado!)", "diagnosis_found_errors_and_warnings": "¡Encontrado(s) error(es) significativo(s) {errors} (y aviso(s) {warnings}) relacionado(s) con {category}!", "diagnosis_display_tip_web": "Puede ir a la sección de diagnóstico (en la pantalla principal) para ver los problemas encontrados.", "diagnosis_display_tip_cli": "Puede ejecutar «yunohost diagnosis show --issues» para mostrar los problemas encontrados.", "apps_catalog_init_success": "¡Sistema de catálogo de aplicaciones inicializado!", - "apps_catalog_updating": "Actualizando catálogo de aplicaciones...", - "apps_catalog_failed_to_download": "No se pudo descargar el catálogo de aplicaciones {apps_catalog}: {error}", - "apps_catalog_obsolete_cache": "La caché del catálogo de aplicaciones está vacía u obsoleta.", + "apps_catalog_updating": "Actualizando el catálogo de aplicaciones…", + "apps_catalog_failed_to_download": "No se puede descargar el catálogo de aplicaciones {apps_catalog}: {error}", + "apps_catalog_obsolete_cache": "El caché del catálogo de aplicaciones está vacío u obsoleto.", "apps_catalog_update_success": "¡El catálogo de aplicaciones ha sido actualizado!", "diagnosis_cant_run_because_of_dep": "No se puede ejecutar el diagnóstico para {category} mientras haya problemas importantes relacionados con {dep}.", "diagnosis_ignored_issues": "(+ {nb_ignored} problema(s) ignorado(s))", @@ -545,9 +545,9 @@ "diagnosis_diskusage_ok": "¡El almacenamiento {mountpoint} (en el dispositivo {device}) todavía tiene {free} ({free_percent}%) de espacio libre!", "diagnosis_services_conf_broken": "¡Mala configuración para el servicio {service}!", "diagnosis_services_running": "¡El servicio {service} está en ejecución!", - "diagnosis_failed": "No se ha podido obtener el resultado del diagnóstico para la categoría '{category}': {error}", + "diagnosis_failed": "Error al obtener el resultado del diagnóstico para la categoría '{category}': {error}", "diagnosis_ip_connected_ipv4": "¡El servidor está conectado a internet a través de IPv4!", - "diagnosis_security_vulnerable_to_meltdown_details": "Para corregir esto, debieras actualizar y reiniciar tu sistema para cargar el nuevo kernel de Linux (o contacta tu proveedor si esto no funciona). Mas información en https://meltdownattack.com/", + "diagnosis_security_vulnerable_to_meltdown_details": "Para corregir esto, debieras actualizar y reiniciar tu sistema para cargar el nuevo kernel de Linux (o contacta tu proveedor si esto no funciona). Mas información en https://meltdownattack.com/ .", "diagnosis_ram_verylow": "Al sistema le queda solamente {available} ({available_percent}%) de RAM! (De un total de {total})", "diagnosis_ram_low": "Al sistema le queda {available} ({available_percent}%) de RAM de un total de {total}. Cuidado.", "diagnosis_ram_ok": "El sistema aun tiene {available} ({available_percent}%) de RAM de un total de {total}.", @@ -561,7 +561,7 @@ "diagnosis_regenconf_manually_modified_debian": "El archivos de configuración {file} fue modificado manualmente comparado con el valor predeterminado de Debian.", "diagnosis_regenconf_manually_modified_debian_details": "Esto este probablemente BIEN, pero igual no lo pierdas de vista...", "diagnosis_security_all_good": "Ninguna vulnerabilidad critica de seguridad fue encontrada.", - "diagnosis_security_vulnerable_to_meltdown": "Pareces vulnerable a el colapso de vulnerabilidad critica de seguridad.", + "diagnosis_security_vulnerable_to_meltdown": "Pareces vulnerable a el colapso de vulnerabilidad critica de seguridad", "diagnosis_description_basesystem": "Sistema de base", "diagnosis_description_ip": "Conectividad a Internet", "diagnosis_description_dnsrecords": "Registro DNS", @@ -588,15 +588,18 @@ "log_app_action_run": "Inicializa la acción de la aplicación '{}'", "group_already_exist_on_system_but_removing_it": "El grupo {group} ya existe en el grupo de sistema, pero YunoHost lo suprimirá …", "global_settings_setting_pop3_enabled": "Habilita el protocolo POP3 para el servidor de correo electrónico", - "domain_cannot_remove_main_add_new_one": "No se puede remover '{domain:s}' porque es su principal y único dominio. Primero debe agregar un nuevo dominio con la linea de comando 'yunohost domain add ', entonces configurarlo como dominio principal con 'yunohost domain main-domain -n ' y finalmente borrar el dominio '{domain:s}' con 'yunohost domain remove {domain:s}'.", + "domain_cannot_remove_main_add_new_one": "No se puede remover '{domain:s}' porque es su principal y único dominio. Primero debe agregar un nuevo dominio con la linea de comando 'yunohost domain add ', entonces configurarlo como dominio principal con 'yunohost domain main-domain -n ' y finalmente borrar el dominio '{domain:s}' con 'yunohost domain remove {domain:s}'.'", "diagnosis_never_ran_yet": "Este servidor todavía no tiene reportes de diagnostico. Puede iniciar un diagnostico completo desde la interface administrador web o con la linea de comando 'yunohost diagnosis run'.", "diagnosis_unknown_categories": "Las siguientes categorías están desconocidas: {categories}", "diagnosis_http_unreachable": "El dominio {domain} esta fuera de alcance desde internet y a través de HTTP.", "diagnosis_http_bad_status_code": "El sistema de diagnostico no pudo comunicarse con su servidor. Puede ser otra maquina que contesto en lugar del servidor. Debería verificar en su firewall que el re-direccionamiento del puerto 80 esta correcto.", - "diagnosis_http_connection_error": "Error de conexión: Ne se pudo conectar al dominio solicitado,", + "diagnosis_http_connection_error": "Error de conexión: Ne se pudo conectar al dominio solicitado.", "diagnosis_http_timeout": "El intento de contactar a su servidor desde internet corrió fuera de tiempo. Al parece esta incomunicado. Debería verificar que nginx corre en el puerto 80, y que la redireción del puerto 80 no interfiere con en el firewall.", "diagnosis_http_ok": "El Dominio {domain} es accesible desde internet a través de HTTP.", "diagnosis_http_could_not_diagnose": "No se pudo verificar si el dominio es accesible desde internet.", "diagnosis_http_could_not_diagnose_details": "Error: {error}", - "diagnosis_ports_forwarding_tip": "Para solucionar este incidente, debería configurar el \"port forwading\" en su router como especificado en https://yunohost.org/isp_box_config" + "diagnosis_ports_forwarding_tip": "Para solucionar este incidente, debería configurar el \"port forwading\" en su router como especificado en https://yunohost.org/isp_box_config", + "certmanager_warning_subdomain_dns_record": "El subdominio '{subdomain:s}' no se resuelve en la misma dirección IP que '{domain:s}'. Algunas funciones no estarán disponibles hasta que solucione esto y regenere el certificado.", + "domain_cannot_add_xmpp_upload": "No puede agregar dominios que comiencen con 'xmpp-upload'. Este tipo de nombre está reservado para la función de carga XMPP integrada en YunoHost.", + "yunohost_postinstall_end_tip": "¡La post-instalación completada! Para finalizar su configuración, considere:\n - agregar un primer usuario a través de la sección 'Usuarios' del webadmin (o 'yunohost user create ' en la línea de comandos);\n - diagnostique problemas potenciales a través de la sección 'Diagnóstico' de webadmin (o 'ejecución de diagnóstico yunohost' en la línea de comandos);\n - leyendo las partes 'Finalizando su configuración' y 'Conociendo a Yunohost' en la documentación del administrador: https://yunohost.org/admindoc." } From 48329bee03211ef58ceed115e49bec0fe0b646dd Mon Sep 17 00:00:00 2001 From: amirale qt Date: Mon, 20 Apr 2020 07:59:36 +0000 Subject: [PATCH 018/451] Translated using Weblate (French) Currently translated at 100.0% (598 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 53 ++++++++++++++++++++----------------------------- 1 file changed, 22 insertions(+), 31 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index ee6aca0a8..7b31f9237 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -41,7 +41,7 @@ "backup_hook_unknown": "Script de sauvegarde '{hook:s}' inconnu", "backup_invalid_archive": "Archive de sauvegarde invalide", "backup_nothings_done": "Il n’y a rien à sauvegarder", - "backup_output_directory_forbidden": "Dossier de destination interdit. Les sauvegardes ne peuvent être créées dans les sous-dossiers /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives", + "backup_output_directory_forbidden": "Choisissez un répertoire de sortie différent. Les sauvegardes ne peuvent pas être créées dans les sous-dossiers /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives", "backup_output_directory_not_empty": "Le répertoire de destination n’est pas vide", "backup_output_directory_required": "Vous devez spécifier un dossier de destination pour la sauvegarde", "backup_running_hooks": "Exécution des scripts de sauvegarde …", @@ -75,7 +75,7 @@ "field_invalid": "Champ incorrect : '{:s}'", "firewall_reload_failed": "Impossible de recharger le pare-feu", "firewall_reloaded": "Pare-feu rechargé", - "firewall_rules_cmd_failed": "Certaines règles du pare-feu n’ont pas pu être appliquées. Plus d’info dans le journal de log.", + "firewall_rules_cmd_failed": "Certaines commandes de règles de pare-feu ont échoué. Plus d'informations dans le journal.", "hook_exec_failed": "Échec de l’exécution du script : {path:s}", "hook_exec_not_terminated": "L’exécution du script {path:s} ne s’est pas terminée correctement", "hook_list_by_invalid": "Propriété invalide pour lister les actions par celle-ci", @@ -112,7 +112,7 @@ "restore_complete": "Restauré", "restore_confirm_yunohost_installed": "Voulez-vous vraiment restaurer un système déjà installé ? [{answers:s}]", "restore_failed": "Impossible de restaurer le système", - "restore_hook_unavailable": "Le script de restauration '{part:s}' n’est pas disponible sur votre système, et ne l’est pas non plus dans l’archive", + "restore_hook_unavailable": "Script de restauration pour '{part:s}' non disponible sur votre système et non plus dans l'archive", "restore_nothings_done": "Rien n’a été restauré", "restore_running_app_script": "Exécution du script de restauration de l’application '{app:s}' …", "restore_running_hooks": "Exécution des scripts de restauration …", @@ -168,7 +168,7 @@ "certmanager_attempt_to_renew_valid_cert": "Le certificat pour le domaine {domain:s} n’est pas sur le point d’expirer ! (Vous pouvez utiliser --force si vous savez ce que vous faites)", "certmanager_domain_http_not_working": "Il semble que le domaine {domain:s} ne soit pas accessible via HTTP. Veuillez vérifier que vos configuration DNS et Nginx sont correctes", "certmanager_error_no_A_record": "Aucun enregistrement DNS 'A' n’a été trouvé pour {domain:s}. Vous devez faire pointer votre nom de domaine vers votre machine pour être en mesure d’installer un certificat Let’s Encrypt ! (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", - "certmanager_domain_dns_ip_differs_from_public_ip": "L’enregistrement DNS 'A' du domaine {domain:s} est différent de l’adresse IP de ce serveur. Si vous avez récemment modifié votre enregistrement 'A', veuillez attendre sa propagation (quelques vérificateurs de propagation DNS sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", + "certmanager_domain_dns_ip_differs_from_public_ip": "L’enregistrement DNS 'A' du domaine {domain:s} est différent de l’adresse IP de ce serveur. Si vous avez récemment modifié votre enregistrement 'A', veuillez attendre sa propagation (quelques vérificateur de propagation DNS sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", "certmanager_cannot_read_cert": "Quelque chose s’est mal passé lors de la tentative d’ouverture du certificat actuel pour le domaine {domain:s} (fichier : {file:s}), la cause est : {reason:s}", "certmanager_cert_install_success_selfsigned": "Le certificat auto-signé est maintenant installé pour le domaine « {domain:s} »", "certmanager_cert_install_success": "Le certificat Let’s Encrypt est maintenant installé pour le domaine « {domain:s} »", @@ -235,7 +235,7 @@ "global_settings_cant_serialize_settings": "Échec de la sérialisation des données de paramétrage car : {reason:s}", "restore_removing_tmp_dir_failed": "Impossible de sauvegarder un ancien dossier temporaire", "restore_extracting": "Extraction des fichiers nécessaires depuis l’archive …", - "restore_may_be_not_enough_disk_space": "Votre système semble ne pas avoir suffisamment d’espace disponible (L’espace libre est de {free_space:d} octets. Le besoin d’espace nécessaire est de {needed_space:d} octets. En appliquant une marge de sécurité, la quantité d’espace nécessaire est de {margin:d} octets)", + "restore_may_be_not_enough_disk_space": "Votre système ne semble pas avoir suffisamment d'espace (libre: {free_space:d} B, espace nécessaire: {needed_space:d} B, marge de sécurité: {margin:d} B)", "restore_not_enough_disk_space": "Espace disponible insuffisant (L’espace libre est de {free_space:d} octets. Le besoin d’espace nécessaire est de {needed_space:d} octets. En appliquant une marge de sécurité, la quantité d’espace nécessaire est de {margin:d} octets)", "restore_system_part_failed": "Impossible de restaurer la partie '{part:s}' du système", "backup_couldnt_bind": "Impossible de lier {src:s} avec {dest:s}.", @@ -270,8 +270,8 @@ "migration_0003_patching_sources_list": "Modification du fichier sources.lists …", "migration_0003_main_upgrade": "Démarrage de la mise à niveau principale …", "migration_0003_fail2ban_upgrade": "Démarrage de la mise à niveau de fail2ban …", - "migration_0003_restoring_origin_nginx_conf": "Votre fichier /etc/nginx/nginx.conf a été modifié d’une manière ou d’une autre. La migration va d’abord le réinitialiser à son état initial. Le fichier précédent sera disponible en tant que {backup_dest}.", - "migration_0003_yunohost_upgrade": "Démarrage de la mise à niveau du paquet YunoHost. La migration se terminera, mais la mise à jour réelle aura lieu immédiatement après. Une fois cette opération terminée, vous pourriez avoir à vous reconnecter à l’administration via le panel web.", + "migration_0003_restoring_origin_nginx_conf": "Votre fichier /etc/nginx/nginx.conf a été modifié d'une manière ou d'une autre. La migration va d'abord le réinitialiser à son état d'origine… Le fichier précédent sera disponible en tant que {backup_dest}.", + "migration_0003_yunohost_upgrade": "Démarrage de la mise à niveau du package YunoHost… La migration se terminera, mais la mise à niveau réelle aura lieu immédiatement après. Une fois l'opération terminée, vous devrez peut-être vous reconnecter à la page webadmin.", "migration_0003_not_jessie": "La distribution Debian actuelle n’est pas Jessie !", "migration_0003_system_not_fully_up_to_date": "Votre système n’est pas complètement à jour. Veuillez mener une mise à jour classique avant de lancer la migration à Stretch.", "migration_0003_still_on_jessie_after_main_upgrade": "Quelque chose s’est mal passé pendant la mise à niveau principale : le système est toujours sur Debian Jessie !? Pour investiguer sur le problème, veuillez regarder les journaux {log}:s …", @@ -304,7 +304,7 @@ "log_link_to_failed_log": "L’opération '{desc}' a échoué ! Pour obtenir de l’aide, merci de partager le journal de l’opération en cliquant ici", "backup_php5_to_php7_migration_may_fail": "Impossible de convertir votre archive pour prendre en charge PHP 7, vous pourriez ne plus pouvoir restaurer vos applications PHP (cause : {error:s})", "log_help_to_get_failed_log": "L’opération '{desc}' a échoué ! Pour obtenir de l’aide, merci de partager le journal de l’opération en utilisant la commande 'yunohost log display {name} --share'", - "log_does_exists": "Il n’existe pas de journal de l’opération ayant pour nom '{log}', utiliser 'yunohost log list' pour voir tous les fichiers de journaux disponibles", + "log_does_exists": "Il n'y a pas de journal des opérations avec le nom '{log}', utilisez 'yunohost log list' pour voir tous les journaux d'opérations disponibles", "log_operation_unit_unclosed_properly": "L’opération ne s’est pas terminée correctement", "log_app_change_url": "Changer l’URL de l’application '{}'", "log_app_install": "Installer l’application '{}'", @@ -321,12 +321,12 @@ "log_dyndns_subscribe": "Souscrire au sous-domaine YunoHost '{}'", "log_dyndns_update": "Mettre à jour l’adresse IP associée à votre sous-domaine YunoHost '{}'", "log_letsencrypt_cert_install": "Installer le certificat Let’s Encrypt sur le domaine '{}'", - "log_selfsigned_cert_install": "Installer le certificat auto-signé sur le domaine '{}'", + "log_selfsigned_cert_install": "Installer un certificat auto-signé sur le domaine '{}'", "log_letsencrypt_cert_renew": "Renouveler le certificat Let’s Encrypt de '{}'", "log_user_create": "Ajouter l’utilisateur '{}'", "log_user_delete": "Supprimer l’utilisateur '{}'", "log_user_update": "Mettre à jour les informations de l’utilisateur '{}'", - "log_domain_main_domain": "Faire de '{}' le domaine principal", + "log_domain_main_domain": "Faites de '{}' le domaine principal", "log_tools_migrations_migrate_forward": "Éxecuter les migrations", "log_tools_postinstall": "Faire la post-installation de votre serveur YunoHost", "log_tools_upgrade": "Mettre à jour les paquets du système", @@ -336,15 +336,15 @@ "migration_description_0004_php5_to_php7_pools": "Reconfigurer les espaces utilisateurs PHP pour utiliser PHP 7 au lieu de PHP 5", "migration_description_0005_postgresql_9p4_to_9p6": "Migration des bases de données de PostgreSQL 9.4 vers PostgreSQL 9.6", "migration_0005_postgresql_94_not_installed": "PostgreSQL n’a pas été installé sur votre système. Rien à faire !", - "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 a été trouvé et installé, mais pas PostgreSQL 9.6 !? Quelque chose d’étrange a dû arriver à votre système… :(", + "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 est installé, mais pas postgresql 9.6‽ Quelque chose de bizarre aurait pu se produire sur votre système: (…", "migration_0005_not_enough_space": "Laissez suffisamment d’espace disponible dans {path} pour exécuter la migration.", "service_description_php7.0-fpm": "Exécute des applications écrites en PHP avec NGINX", "users_available": "Liste des utilisateurs disponibles :", - "good_practices_about_admin_password": "Vous êtes maintenant sur le point de définir un nouveau mot de passe d’administration. Le mot de passe doit comporter au moins 8 caractères – bien qu’il soit recommandé d’utiliser un mot de passe plus long (c’est-à-dire une phrase secrète) et/ou d’utiliser différents types de caractères (majuscules, minuscules, chiffres et caractères spéciaux).", - "good_practices_about_user_password": "Vous êtes maintenant sur le point de définir un nouveau mot de passe utilisateur. Le mot de passe doit comporter au moins 8 caractères - bien qu’il soit recommandé d’utiliser un mot de passe plus long (c’est-à-dire une phrase secrète) et/ou d’utiliser différents types de caractères tels que : majuscules, minuscules, chiffres et caractères spéciaux.", + "good_practices_about_admin_password": "Vous êtes maintenant sur le point de définir un nouveau mot de passe d'administration. Le mot de passe doit comporter au moins 8 caractères, bien qu'il soit recommandé d'utiliser un mot de passe plus long (c'est-à-dire une phrase de passe) et / ou d'utiliser une variation de caractères (majuscule, minuscule, chiffres et caractères spéciaux).", + "good_practices_about_user_password": "Vous êtes maintenant sur le point de définir un nouveau mot de passe utilisateur. Le mot de passe doit comporter au moins 8 caractères, bien qu'il soit recommandé d'utiliser un mot de passe plus long (c'est-à-dire une phrase secrète) et / ou une variation de caractères (majuscule, minuscule, chiffres et caractères spéciaux).", "migration_description_0006_sync_admin_and_root_passwords": "Synchroniser les mots de passe admin et root", "migration_0006_disclaimer": "YunoHost s’attend maintenant à ce que les mots de passe administrateur et racine soient synchronisés. Cette migration remplace votre mot de passe root par le mot de passe administrateur.", - "password_listed": "Ce mot de passe est l’un des mots de passe les plus utilisés dans le monde. Veuillez choisir quelque chose d’un peu plus singulier.", + "password_listed": "Ce mot de passe fait partie des mots de passe les plus utilisés au monde. Veuillez choisir quelque chose de plus unique.", "password_too_simple_1": "Le mot de passe doit comporter au moins 8 caractères", "password_too_simple_2": "Le mot de passe doit comporter au moins 8 caractères et contenir des chiffres, des majuscules et des minuscules", "password_too_simple_3": "Le mot de passe doit comporter au moins 8 caractères et contenir des chiffres, des majuscules, des minuscules et des caractères spéciaux", @@ -363,7 +363,7 @@ "backup_mount_archive_for_restore": "Préparation de l’archive pour restauration …", "confirm_app_install_warning": "Avertissement : cette application peut fonctionner mais n’est pas bien intégrée dans YunoHost. Certaines fonctionnalités telles que l’authentification unique et la sauvegarde/restauration peuvent ne pas être disponibles. L’installer quand même ? [{answers:s}] ", "confirm_app_install_danger": "DANGER ! Cette application est connue pour être encore expérimentale (si elle ne fonctionne pas explicitement) ! Vous ne devriez probablement PAS l’installer à moins de savoir ce que vous faites. AUCUN SUPPORT ne sera fourni si cette application ne fonctionne pas ou casse votre système … Si vous êtes prêt à prendre ce risque de toute façon, tapez '{answers:s}'", - "confirm_app_install_thirdparty": "DANGER ! Cette application ne fait pas partie du catalogue d’applications de YunoHost. L’installation d’applications tierces peut compromettre l’intégrité et la sécurité de votre système. Vous ne devriez probablement PAS l’installer à moins de savoir ce que vous faites. AUCUN SUPPORT ne sera fourni si cette application ne fonctionne pas ou casse votre système … Si vous êtes prêt à prendre ce risque de toute façon, tapez '{answers:s}'", + "confirm_app_install_thirdparty": "DANGER! Cette application ne fait pas partie du catalogue d'applications de Yunohost. L'installation d'applications tierces peut compromettre l'intégrité et la sécurité de votre système. Vous ne devriez probablement PAS l'installer à moins de savoir ce que vous faites. AUCUN SUPPORT ne sera fourni si cette application ne fonctionne pas ou casse votre système ... Si vous êtes prêt à prendre ce risque de toute façon, tapez '{answers:s}'", "dpkg_is_broken": "Vous ne pouvez pas faire ça maintenant car dpkg/apt (le gestionnaire de paquets du système) semble avoir laissé des choses non configurées. Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo dpkg --configure -a'.", "dyndns_could_not_check_available": "Impossible de vérifier si {domain:s} est disponible chez {provider:s}.", "file_does_not_exist": "Le fichier dont le chemin est {path:s} n’existe pas.", @@ -380,7 +380,7 @@ "migration_0008_root": "- Vous ne pourrez pas vous connecter en tant que root via SSH. Au lieu de cela, vous devrez utiliser l’utilisateur admin ;", "migration_0008_dsa": "- La clé DSA sera désactivée. Par conséquent, il se peut que vous ayez besoin d’invalider un avertissement effrayant de votre client SSH afin de revérifier l’empreinte de votre serveur ;", "migration_0008_warning": "Si vous comprenez ces avertissements et souhaitez que YunoHost écrase votre configuration actuelle, exécutez la migration. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", - "migration_0008_no_warning": "Remplacer votre configuration SSH devrait être sûr, bien que cela ne puisse être promis ! Exécutez la migration pour la remplacer. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", + "migration_0008_no_warning": "Remplacer votre configuration SSH devrait être sûr, bien que cela ne puisse pas être promis! Exécutez la migration pour la remplacer. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", "migrations_success": "Migration {number} {name} réussie !", "pattern_password_app": "Désolé, les mots de passe ne peuvent pas contenir les caractères suivants : {forbidden_chars}", "root_password_replaced_by_admin_password": "Votre mot de passe root a été remplacé par votre mot de passe administrateur.", @@ -424,9 +424,9 @@ "tools_upgrade_regular_packages_failed": "Impossible de mettre à jour les paquets suivants : {packages_list}", "tools_upgrade_special_packages": "Mise à jour des paquets 'spécifiques' (liés a YunoHost) …", "tools_upgrade_special_packages_completed": "La mise à jour des paquets de YunoHost est finie !\nPressez [Entrée] pour revenir à la ligne de commande", - "dpkg_lock_not_available": "Cette commande ne peut être exécutée actuellement car un autre programme semble utiliser le verrou de dpkg (gestionnaire de paquets)", + "dpkg_lock_not_available": "Cette commande ne peut pas être exécutée pour le moment car un autre programme semble utiliser le verrou de dpkg (le gestionnaire de package système)", "tools_upgrade_cant_unhold_critical_packages": "Impossible de conserver les paquets critiques…", - "tools_upgrade_special_packages_explanation": "La mise à jour spéciale va continuer en arrière-plan. Veuillez ne pas lancer d’autres actions sur votre serveur pendant environ 10 minutes (en fonction de la vitesse du matériel). Après cela, il vous faudra peut-être vous reconnecter à la webadmin. Le journal de mise à niveau sera disponible dans Outils → Journal (dans la webadmin) ou via \"yunohost log list\" (en ligne de commande).", + "tools_upgrade_special_packages_explanation": "La mise à niveau spéciale se poursuivra en arrière-plan. Veuillez ne pas lancer d'autres actions sur votre serveur pendant les 10 prochaines minutes (selon la vitesse du matériel). Après cela, vous devrez peut-être vous reconnecter à l'administrateur Web. Le journal de mise à niveau sera disponible dans Outils → Journal (dans le webadmin) ou en utilisant la «liste des journaux yunohost» (à partir de la ligne de commande).", "update_apt_cache_failed": "Impossible de mettre à jour le cache APT (gestionnaire de paquets Debian). Voici un extrait du fichier sources.list qui pourrait vous aider à identifier les lignes problématiques :\n{sourceslist}", "update_apt_cache_warning": "Des erreurs se sont produites lors de la mise à jour du cache APT (gestionnaire de paquets Debian). Voici un extrait des lignes du fichier sources.list qui pourrait vous aider à identifier les lignes problématiques :\n{sourceslist}", "backup_permission": "Permission de sauvegarde pour l’application {app:s}", @@ -457,7 +457,7 @@ "migration_0011_update_LDAP_database": "Mise à jour de la base de données LDAP…", "migration_0011_backup_before_migration": "Création d’une sauvegarde des paramètres de la base de données LDAP et des applications avant la migration.", "permission_not_found": "Autorisation '{permission:s}' introuvable", - "permission_update_failed": "Impossible de mettre à jour la permission '{permission}' : {error}", + "permission_update_failed": "Impossible de mettre à jour l'autorisation '{permission}': {error}", "permission_updated": "Permission '{permission:s}' mise à jour", "permission_update_nothing_to_do": "Aucune autorisation pour mettre à jour", "dyndns_provider_unreachable": "Impossible d’atteindre le fournisseur DynDNS {provider}: votre YunoHost n’est pas correctement connecté à Internet ou le serveur Dynette est en panne.", @@ -518,14 +518,14 @@ "diagnosis_basesystem_kernel": "Le serveur utilise le noyau Linux {kernel_version}", "diagnosis_basesystem_ynh_single_version": "{package} version: {version} ({repo})", "diagnosis_basesystem_ynh_main_version": "Le serveur utilise YunoHost {main_version} ({repo})", - "diagnosis_basesystem_ynh_inconsistent_versions": "Vous exécutez des versions incohérentes des packages YunoHost … probablement à cause d’une mise à niveau partielle ou échouée.", + "diagnosis_basesystem_ynh_inconsistent_versions": "Vous exécutez des versions incohérentes des packages YunoHost ... très probablement en raison d'une mise à niveau échouée ou partielle.", "diagnosis_display_tip_cli": "Vous pouvez exécuter 'yunohost diagnosis show --issues' pour afficher les problèmes détectés.", "diagnosis_failed_for_category": "Échec du diagnostic pour la catégorie '{category}': {error}", "diagnosis_cache_still_valid": "(Le cache est encore valide pour le diagnostic {category}. Il ne sera pas re-diagnostiqué pour le moment!)", "diagnosis_ignored_issues": "(+ {nb_ignored} questions ignorée(s))", "diagnosis_found_warnings": "Trouvé {warnings} objet(s) pouvant être amélioré(s) pour {category}.", "diagnosis_everything_ok": "Tout semble bien pour {category} !", - "diagnosis_failed": "Impossible d’extraire le résultat du diagnostic pour la catégorie '{category}': {error}", + "diagnosis_failed": "Échec de la récupération du résultat du diagnostic pour la catégorie '{category}': {error}", "diagnosis_ip_connected_ipv4": "Le serveur est connecté à Internet en IPv4 !", "diagnosis_ip_no_ipv4": "Le serveur ne dispose pas d’une adresse IPv4.", "diagnosis_ip_connected_ipv6": "Le serveur est connecté à Internet en IPv6 !", @@ -535,15 +535,6 @@ "diagnosis_ip_broken_resolvconf": "La résolution du nom de domaine semble cassée sur votre serveur, ce qui semble lié au fait que /etc/resolv.conf ne pointe pas vers 127.0.0.1.", "diagnosis_dns_good_conf": "Bonne configuration DNS pour le domaine {domain} (catégorie {category})", "diagnosis_dns_bad_conf": "Configuration DNS incorrecte ou manquante pour le domaine {domain} (catégorie {category})", - "diagnosis_dns_discrepancy": "L’enregistrement DNS de type {0} et nom {1} ne correspond pas à la configuration recommandée. Valeur actuelle: {2}. Valeur exceptée: {3}. Vous pouvez consulter https://yunohost.org/dns_config pour plus d’informations.", - "diagnosis_services_bad_status": "Le service {service} est {status} :-(", - "diagnosis_diskusage_verylow": "Le stockage {mountpoint} (sur le périphérique {device}) ne dispose que de {free_abs_GB} Go ({free_percent}%). Vous devriez vraiment envisager de nettoyer un peu d’espace.", - "diagnosis_diskusage_low": "Le stockage {mountpoint} (sur le périphérique {device}) ne dispose que de {free_abs_GB} Go ({free_percent}%). Faites attention.", - "diagnosis_ram_verylow": "Le système ne dispose plus que de {available_abs_MB} MB ({available_percent}%) ! (sur {total_abs_MB} Mo)", - "diagnosis_ram_low": "Le système n’a plus de {available_abs_MB} MB ({available_percent}%) RAM sur {total_abs_MB} MB. Faites attention.", - "diagnosis_swap_none": "Le système n’a aucun échange. Vous devez envisager d’ajouter au moins 256 Mo de swap pour éviter les situations où le système manque de mémoire.", - "diagnosis_swap_notsomuch": "Le système ne dispose que de {total_MB} Mo de swap. Vous devez envisager d’avoir au moins 256 Mo pour éviter les situations où le système manque de mémoire.", - "diagnosis_swap_ok": "Le système dispose de {total_MB} Mo de swap !", "diagnosis_dns_discrepancy": "L’enregistrement DNS de type {type} et nom {name} ne correspond pas à la configuration recommandée.\nValeur actuelle: {current}\nValeur attendue: {value}", "diagnosis_services_bad_status": "Le service {service} est {status} :-(", "diagnosis_diskusage_verylow": "Le stockage {mountpoint} (sur le périphérique {device}) ne dispose que de {free} ({free_percent}%). Vous devriez vraiment envisager de nettoyer un peu d’espace.", @@ -590,7 +581,7 @@ "diagnosis_services_running": "Le service {service} est en cours de fonctionnement !", "diagnosis_services_conf_broken": "La configuration est cassée pour le service {service} !", "diagnosis_ports_needed_by": "Rendre ce port accessible est nécessaire pour les fonctionnalités de type {category} (service {service})", - "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit sur https://yunohost.org/isp_box_config", + "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config", "diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.", "diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie « {category} »", "yunohost_postinstall_end_tip": "La post-installation terminée! Pour finaliser votre configuration, il est recommendé de :\n - ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l’interface web (ou \"yunohost user create \" en ligne de commande);\n - diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou \"yunohost diagnosis run\" en ligne de commande);\n - lire les parties \"Finalisation de votre configuration\" et \"Découverte de Yunohost\" dans le guide de l’administrateur: https://yunohost.org/admindoc.", From b1dda63385d0bb826adf80b268be91c61a89e1eb Mon Sep 17 00:00:00 2001 From: amirale qt Date: Mon, 20 Apr 2020 09:44:28 +0000 Subject: [PATCH 019/451] Translated using Weblate (Greek) Currently translated at 0.2% (1 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/el/ --- locales/el.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/locales/el.json b/locales/el.json index efa5bf769..b43f11d5d 100644 --- a/locales/el.json +++ b/locales/el.json @@ -1,3 +1,3 @@ { - "password_too_simple_1": "Ο κωδικός πρόσβασης πρέπει να έχει μήκος τουλάχιστον 8 χαρακτήρων" -} \ No newline at end of file + "password_too_simple_1": "Ο κωδικός πρόσβασης πρέπει να έχει τουλάχιστον 8 χαρακτήρες" +} From e35d87f7ed4fe58cfaae0e66f01581deac849749 Mon Sep 17 00:00:00 2001 From: amirale qt Date: Mon, 20 Apr 2020 09:11:59 +0000 Subject: [PATCH 020/451] Translated using Weblate (Nepali) Currently translated at 0.2% (1 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/ne/ --- locales/ne.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/locales/ne.json b/locales/ne.json index 9e26dfeeb..72c4c8537 100644 --- a/locales/ne.json +++ b/locales/ne.json @@ -1 +1,3 @@ -{} \ No newline at end of file +{ + "password_too_simple_1": "पासवर्ड कम्तिमा characters अक्षर लामो हुनु आवश्यक छ" +} From c95c08ef8f792175a02fc226cd38ad1b9a649401 Mon Sep 17 00:00:00 2001 From: amirale qt Date: Tue, 21 Apr 2020 06:16:56 +0000 Subject: [PATCH 021/451] Translated using Weblate (Esperanto) Currently translated at 100.0% (598 of 598 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/eo/ --- locales/eo.json | 75 +++++++++++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 34 deletions(-) diff --git a/locales/eo.json b/locales/eo.json index eb701494d..22656188d 100644 --- a/locales/eo.json +++ b/locales/eo.json @@ -70,7 +70,7 @@ "backup_cant_mount_uncompress_archive": "Ne povis munti la nekompresitan ar archiveivon kiel protektita kontraŭ skribo", "app_action_cannot_be_ran_because_required_services_down": "Ĉi tiuj postulataj servoj devas funkcii por funkciigi ĉi tiun agon: {services}. Provu rekomenci ilin por daŭrigi (kaj eble esploru, kial ili malsupreniras).", "backup_copying_to_organize_the_archive": "Kopiante {size:s} MB por organizi la ar archiveivon", - "backup_output_directory_forbidden": "Elektu malsaman elirejan dosierujon. Sekurkopioj ne povas esti kreitaj en sub-dosierujoj / bin, / boot, / dev, / ktp, / lib, / root, / run, / sbin, / sys, / usr, / var aŭ /home/yunohost.backup/archives", + "backup_output_directory_forbidden": "Elektu malsaman elirejan dosierujon. Sekurkopioj ne povas esti kreitaj en sub-dosierujoj /bin, /boot, /dev, /ktp, /lib, /root, /run, /sbin, /sys, /usr, /var aŭ /home/yunohost.backup/archives", "backup_no_uncompress_archive_dir": "Ne ekzistas tia nekompremita arkiva dosierujo", "password_too_simple_1": "Pasvorto devas esti almenaŭ 8 signojn longa", "app_upgrade_failed": "Ne povis ĝisdatigi {app:s}: {error}", @@ -107,13 +107,13 @@ "app_sources_fetch_failed": "Ne povis akiri fontajn dosierojn, ĉu la URL estas ĝusta?", "ask_new_domain": "Nova domajno", "app_unknown": "Nekonata apliko", - "app_not_upgraded": "La aplikaĵo '{failed_app}' ne ĝisdatigis, kaj pro tio la sekvaj ĝisdatigoj de aplikoj estis nuligitaj: {apps}", + "app_not_upgraded": "La '{failed_app}' de la programo ne sukcesis ĝisdatigi, kaj sekve la nuntempaj plibonigoj de la sekvaj programoj estis nuligitaj: {apps}", "aborting": "Aborti.", "app_upgraded": "{app:s} altgradigita", "backup_deleted": "Rezerva forigita", "backup_csv_addition_failed": "Ne povis aldoni dosierojn al sekurkopio en la CSV-dosiero", "dpkg_lock_not_available": "Ĉi tiu komando ne povas funkcii nun ĉar alia programo uzas la seruron de dpkg (la administrilo de paka sistemo)", - "migration_0003_yunohost_upgrade": "Komenci la ĝisdatigon de YunoHost-pako ... La migrado finiĝos, sed la efektiva ĝisdatigo okazos tuj poste. Post kiam la operacio finiĝos, vi eble devos ensaluti denove sur la retpaĝo.", + "migration_0003_yunohost_upgrade": "Komencante la ĝisdatigon de la pakaĵo YunoHost ... La migrado finiĝos, sed la efektiva ĝisdatigo okazos tuj poste. Post kiam la operacio finiĝos, vi eble devos ensaluti al la retpaĝo.", "domain_dyndns_root_unknown": "Nekonata radika domajno DynDNS", "field_invalid": "Nevalida kampo '{:s}'", "log_app_makedefault": "Faru '{}' la defaŭlta apliko", @@ -124,7 +124,7 @@ "global_settings_setting_security_postfix_compatibility": "Kongruo vs sekureca kompromiso por la Postfix-servilo. Afektas la ĉifradojn (kaj aliajn aspektojn pri sekureco)", "group_unknown": "La grupo '{group:s}' estas nekonata", "mailbox_disabled": "Retpoŝto malŝaltita por uzanto {user:s}", - "migration_description_0011_setup_group_permission": "Agordu uzantogrupon kaj starigu permeson por programoj kaj servoj", + "migration_description_0011_setup_group_permission": "Agordu uzantajn grupojn kaj permesojn por programoj kaj servoj", "migration_0011_backup_before_migration": "Krei sekurkopion de LDAP-datumbazo kaj agordojn antaŭ la efektiva migrado.", "migration_0011_migrate_permission": "Migrado de permesoj de agordoj al aplikoj al LDAP…", "migration_0011_migration_failed_trying_to_rollback": "Ne povis migri ... provante redakti la sistemon.", @@ -148,8 +148,8 @@ "log_user_group_delete": "Forigi grupon '{}'", "log_user_group_update": "Ĝisdatigi grupon '{}'", "migration_0005_postgresql_94_not_installed": "PostgreSQL ne estis instalita en via sistemo. Nenio por fari.", - "dyndns_provider_unreachable": "Ne povas atingi Dyndns-provizanton {provider}: ĉu via YunoHost ne estas ĝuste konektita al la interreto aŭ la dynette-servilo malŝaltiĝas.", - "good_practices_about_user_password": "Vi nun estas por difini novan uzantan pasvorton. La pasvorto devas esti almenaŭ 8 signoj - kvankam estas bone praktiki uzi pli longan pasvorton (t.e. pasfrazon) kaj / aŭ variaĵon de signoj (majuskloj, minuskloj, ciferoj kaj specialaj signoj).", + "dyndns_provider_unreachable": "Ne povas atingi la provizanton DynDNS {provider}: ĉu via YunoHost ne estas ĝuste konektita al la interreto aŭ la dyneta servilo malŝaltiĝas.", + "good_practices_about_user_password": "Vi nun estas por difini novan uzantan pasvorton. La pasvorto devas esti almenaŭ 8 signojn - kvankam estas bone praktiki uzi pli longan pasvorton (t.e. pasfrazon) kaj/aŭ variaĵon de signoj (majuskloj, minuskloj, ciferoj kaj specialaj signoj).", "group_updated": "Ĝisdatigita \"{group}\" grupo", "group_already_exist": "Grupo {group} jam ekzistas", "group_already_exist_on_system": "Grupo {group} jam ekzistas en la sistemaj grupoj", @@ -172,7 +172,7 @@ "migrations_already_ran": "Tiuj migradoj estas jam faritaj: {ids}", "migrations_no_such_migration": "Estas neniu migrado nomata '{id}'", "permission_already_allowed": "Grupo '{group}' jam havas rajtigitan permeson '{permission}'", - "permission_already_disallowed": "Grupo '{group}' jam havas permeson '{permission}' malebligita'", + "permission_already_disallowed": "Grupo '{group}' jam havas permeson '{permission}' malebligita", "permission_cannot_remove_main": "Forigo de ĉefa permeso ne rajtas", "permission_creation_failed": "Ne povis krei permeson '{permission}': {error}", "user_already_exists": "La uzanto '{user}' jam ekzistas", @@ -186,7 +186,7 @@ "permission_not_found": "Permesita \"{permission:s}\" ne trovita", "restore_not_enough_disk_space": "Ne sufiĉa spaco (spaco: {free_space:d} B, necesa spaco: {needed_space:d} B, sekureca marĝeno: {margin:d} B)", "tools_upgrade_regular_packages": "Nun ĝisdatigi 'regulajn' (ne-yunohost-rilatajn) pakojn …", - "tools_upgrade_special_packages_explanation": "La speciala ĝisdatigo daŭros en fono. Bonvolu ne komenci aliajn agojn en via servilo la sekvajn ~ 10 minutojn (depende de la aparata rapideco). Post tio, vi eble devos re-ensaluti sur la retadreso. La ĝisdatiga registro estos havebla en Iloj → Ensaluto (en la retadreso) aŭ uzante 'yunohost-logliston' (el la komandlinio).", + "tools_upgrade_special_packages_explanation": "La speciala ĝisdatigo daŭros en la fono. Bonvolu ne komenci aliajn agojn en via servilo dum la sekvaj ~ 10 minutoj (depende de la aparata rapideco). Post tio, vi eble devos re-ensaluti al la retadreso. La ĝisdatiga registro estos havebla en Iloj → Ensaluto (en la retadreso) aŭ uzante 'yunohost logliston' (el la komandlinio).", "unrestore_app": "App '{app:s}' ne restarigos", "group_created": "Grupo '{group}' kreita", "group_creation_failed": "Ne povis krei la grupon '{group}': {error}", @@ -199,7 +199,7 @@ "log_user_create": "Aldonu uzanton '{}'", "ip6tables_unavailable": "Vi ne povas ludi kun ip6tabloj ĉi tie. Vi estas en ujo aŭ via kerno ne subtenas ĝin", "mail_unavailable": "Ĉi tiu retpoŝta adreso estas rezervita kaj aŭtomate estos atribuita al la unua uzanto", - "certmanager_domain_dns_ip_differs_from_public_ip": "La DNS 'A' rekordo por la domajno '{domain:s}' diferencas de ĉi tiu IP-servilo. Se vi lastatempe modifis vian A-registron, bonvolu atendi ĝin propagandi (iuj DNS-disvastigaj kontroliloj estas disponeblaj interrete). (Se vi scias, kion vi faras, uzu '--no-checks' por malŝalti tiujn ĉekojn.)", + "certmanager_domain_dns_ip_differs_from_public_ip": "La DNS 'A' rekordo por la domajno '{domain:s}' diferencas de la IP de ĉi tiu servilo. Se vi lastatempe modifis vian A-registron, bonvolu atendi ĝin propagandi (iuj DNS-disvastigaj kontroliloj estas disponeblaj interrete). (Se vi scias, kion vi faras, uzu '--no-checks' por malŝalti tiujn ĉekojn.)", "tools_upgrade_special_packages_completed": "Plenumis la ĝisdatigon de pakaĵoj de YunoHost.\nPremu [Enter] por retrovi la komandlinion", "log_remove_on_failed_install": "Forigu '{}' post malsukcesa instalado", "regenconf_file_manually_modified": "La agorddosiero '{conf}' estis modifita permane kaj ne estos ĝisdatigita", @@ -211,7 +211,7 @@ "migration_description_0006_sync_admin_and_root_passwords": "Sinkronigu admin kaj radikajn pasvortojn", "iptables_unavailable": "Vi ne povas ludi kun iptables ĉi tie. Vi estas en ujo aŭ via kerno ne subtenas ĝin", "global_settings_cant_write_settings": "Ne eblis konservi agordojn, tial: {reason:s}", - "service_added": "La servo '{service:s}' aldonis", + "service_added": "La servo '{service:s}' estis aldonita", "upnp_disabled": "UPnP malŝaltis", "service_started": "Servo '{service:s}' komenciĝis", "port_already_opened": "Haveno {port:d} estas jam malfermita por {ip_version:s} rilatoj", @@ -283,7 +283,7 @@ "log_operation_unit_unclosed_properly": "Operaciumo ne estis fermita ĝuste", "upgrade_complete": "Ĝisdatigo kompleta", "upnp_enabled": "UPnP ŝaltis", - "mailbox_used_space_dovecot_down": "La retpoŝta servo de Dovecot devas funkcii, se vi volas akcepti uzitan poŝtan spacon", + "mailbox_used_space_dovecot_down": "La poŝta servo de Dovecot devas funkcii, se vi volas akcepti uzitan poŝtan keston", "restore_system_part_failed": "Ne povis restarigi la sisteman parton '{part:s}'", "service_stop_failed": "Ne povis maldaŭrigi la servon '{service:s}'\n\nLastatempaj servaj protokoloj: {logs:s}", "unbackup_app": "App '{app:s}' ne konserviĝos", @@ -312,7 +312,7 @@ "package_unknown": "Nekonata pako '{pkgname}'", "domain_unknown": "Nekonata domajno", "global_settings_setting_security_password_user_strength": "Uzanto pasvorta forto", - "restore_may_be_not_enough_disk_space": "Via sistemo ŝajnas ne havi sufiĉe da spaco (free:{free_space:d} B, necesa spaco: {needed_space:d} B, sekureca marĝeno: {margin:d} B)", + "restore_may_be_not_enough_disk_space": "Via sistemo ne ŝajnas havi sufiĉe da spaco (libera: {libera_spaco:d} B, necesa spaco: {necesa_spaco:d} B, sekureca marĝeno: {rando:d} B)", "log_corrupted_md_file": "La YAD-metadata dosiero asociita kun protokoloj estas damaĝita: '{md_file}\nEraro: {error} '", "downloading": "Elŝutante …", "user_deleted": "Uzanto forigita", @@ -323,7 +323,7 @@ "service_description_fail2ban": "Protektas kontraŭ bruta forto kaj aliaj specoj de atakoj de la interreto", "file_does_not_exist": "La dosiero {path:s} ne ekzistas.", "yunohost_not_installed": "YunoHost ne estas ĝuste instalita. Bonvolu prilabori 'yunohost tools postinstall'", - "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 estas instalita, sed ne postgresql 9.6‽ Io stranga eble okazis en via sistemo: (…", + "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 estas instalita, sed ne postgresql 9.6‽ Io stranga eble okazis en via sistemo :(…", "restore_removing_tmp_dir_failed": "Ne povis forigi malnovan provizoran dosierujon", "certmanager_cannot_read_cert": "Io malbona okazis, kiam mi provis malfermi aktualan atestilon por domajno {domain:s} (dosiero: {file:s}), kialo: {reason:s}", "service_removed": "Servo '{service:s}' forigita", @@ -372,7 +372,7 @@ "migration_0003_general_warning": "Bonvolu noti, ke ĉi tiu migrado estas delikata operacio. La teamo de YunoHost faris sian plej bonan revizii kaj testi ĝin, sed la migrado eble ankoraŭ rompos partojn de la sistemo aŭ ĝiaj programoj.\n\nTial oni rekomendas al:\n - Elfari kopion de iuj kritikaj datumoj aŭ app. Pliaj informoj pri https://yunohost.org/backup;\n - Paciencu post lanĉo de la migrado: Depende de via interreta konekto kaj aparataro, eble daŭros kelkaj horoj ĝis ĉio ĝisdatigi.\n\nAldone, la haveno por SMTP, uzata de eksteraj retpoŝtaj klientoj (kiel Thunderbird aŭ K9-Mail) estis ŝanĝita de 465 (SSL / TLS) al 587 (STARTTLS). La malnova haveno (465) aŭtomate fermiĝos, kaj la nova haveno (587) malfermiĝos en la fajrejo. Vi kaj viaj uzantoj * devos adapti la agordon de viaj retpoŝtaj klientoj laŭe.", "global_settings_setting_example_int": "Ekzemple int elekto", "backup_output_symlink_dir_broken": "Via arkiva dosierujo '{path:s}' estas rompita ligilo. Eble vi forgesis restarigi aŭ munti aŭ enŝovi la stokadon, al kiu ĝi notas.", - "good_practices_about_admin_password": "Vi nun estas por difini novan administran pasvorton. La pasvorto devas esti almenaŭ 8 signoj - kvankam estas bone praktiki uzi pli longan pasvorton (t.e. pasfrazon) kaj / aŭ uzi variaĵon de signoj (majuskloj, minuskloj, ciferoj kaj specialaj signoj).", + "good_practices_about_admin_password": "Vi nun estas por difini novan administran pasvorton. La pasvorto devas esti almenaŭ 8 signojn - kvankam estas bone praktiki uzi pli longan pasvorton (t.e. pasfrazon) kaj/aŭ uzi variaĵon de signoj (majuskloj, minuskloj, ciferoj kaj specialaj signoj).", "certmanager_attempt_to_renew_valid_cert": "La atestilo por la domajno '{domain:s}' ne finiĝos! (Vi eble uzos --force se vi scias kion vi faras)", "restore_running_hooks": "Kurantaj restarigaj hokoj…", "regenconf_pending_applying": "Aplikante pritraktata agordo por kategorio '{category}'…", @@ -387,12 +387,12 @@ "migrations_list_conflict_pending_done": "Vi ne povas uzi ambaŭ '--previous' kaj '--done' samtempe.", "server_shutdown_confirm": "La servilo haltos tuj, ĉu vi certas? [{answers:s}]", "log_backup_restore_app": "Restarigu '{}' de rezerva ar archiveivo", - "log_does_exists": "Ne estas operacio-registro kun la nomo '{log}', uzu 'yunohost loglist' por vidi ĉiujn disponeblajn operaciojn", + "log_does_exists": "Ne estas operacio kun la nomo '{log}', uzu 'yunohost log list' por vidi ĉiujn disponeblajn operaciojn", "service_add_failed": "Ne povis aldoni la servon '{service:s}'", "pattern_password_app": "Bedaŭrinde, pasvortoj ne povas enhavi jenajn signojn: {forbidden_chars}", "this_action_broke_dpkg": "Ĉi tiu ago rompis dpkg / APT (la administrantoj pri la paka sistemo) ... Vi povas provi solvi ĉi tiun problemon per konekto per SSH kaj funkcianta `sudo dpkg --configure -a`.", "log_regen_conf": "Regeneri sistemajn agordojn '{}'", - "restore_hook_unavailable": "La restariga skripto por '{part:s}' ne haveblas en via sistemo kaj ankaŭ ne en la ar theivo", + "restore_hook_unavailable": "Restariga skripto por '{part:s}' ne haveblas en via sistemo kaj ankaŭ ne en la ar theivo", "log_dyndns_subscribe": "Aboni al YunoHost-subdominio '{}'", "password_too_simple_4": "La pasvorto bezonas almenaŭ 12 signojn kaj enhavas ciferon, majuskle, pli malaltan kaj specialajn signojn", "migration_0003_main_upgrade": "Komencanta ĉefa ĝisdatigo …", @@ -401,7 +401,7 @@ "global_settings_setting_security_nginx_compatibility": "Kongruo vs sekureca kompromiso por la TTT-servilo NGINX. Afektas la ĉifradojn (kaj aliajn aspektojn pri sekureco)", "no_internet_connection": "La servilo ne estas konektita al la interreto", "migration_0008_dsa": "• La DSA-ŝlosilo estos malŝaltita. Tial vi eble bezonos nuligi spuran averton de via SSH-kliento kaj revizii la fingrospuron de via servilo;", - "migration_0003_restoring_origin_nginx_conf": "Fileia dosiero /etc/nginx/nginx.conf estis iel redaktita. La migrado reaperos unue al sia originala stato ... La antaŭa dosiero estos havebla kiel {backup_dest}.", + "migration_0003_restoring_origin_nginx_conf": "Fileia dosiero /etc/nginx/nginx.conf estis iel redaktita. La migrado unue restarigos ĝin al sia originala stato ... La antaŭa dosiero estos havebla kiel {backup_dest}.", "migrate_tsig_end": "Migrado al HMAC-SHA-512 finiĝis", "restore_complete": "Restarigita", "certmanager_couldnt_fetch_intermediate_cert": "Ekvilibrigita kiam vi provis ricevi interajn atestilojn de Let's Encrypt. Atestita instalado / renovigo nuligita - bonvolu reprovi poste.", @@ -432,14 +432,14 @@ "certmanager_cert_install_success": "Ni Ĉifru atestilon nun instalitan por la domajno '{domain:s}'", "global_settings_bad_choice_for_enum": "Malbona elekto por agordo {setting:s}, ricevita '{choice:s}', sed disponeblaj elektoj estas: {available_choices:s}", "server_shutdown": "La servilo haltos", - "log_tools_migrations_migrate_forward": "Migri antaŭen", - "migration_0008_no_warning": "Supersalti vian SSH-agordon estu sekura, kvankam ĉi tio ne povas esti promesita! Ekfunkciu la migradon por superregi ĝin. Alie, vi ankaŭ povas salti la migradon, kvankam ĝi ne rekomendas.", + "log_tools_migrations_migrate_forward": "Kuru migradoj", + "migration_0008_no_warning": "Supersalti vian SSH-agordon estu sekura, kvankam tio ne povas esti promesita! Ekfunkciu la migradon por superregi ĝin. Alie, vi ankaŭ povas salti la migradon, kvankam ĝi ne rekomendas.", "regenconf_now_managed_by_yunohost": "La agorda dosiero '{conf}' nun estas administrata de YunoHost (kategorio {category}).", "server_reboot_confirm": "Ĉu la servilo rekomencos tuj, ĉu vi certas? [{answers:s}]", "log_app_install": "Instalu la aplikon '{}'", "service_description_dnsmasq": "Traktas rezolucion de domajna nomo (DNS)", "global_settings_unknown_type": "Neatendita situacio, la agordo {setting:s} ŝajnas havi la tipon {unknown_type:s} sed ĝi ne estas tipo subtenata de la sistemo.", - "migration_0003_problematic_apps_warning": "Bonvolu noti, ke la sekvaj eventuale problemaj instalitaj programoj estis detektitaj. Ŝajnas, ke tiuj ne estis instalitaj el app_katalogo aŭ ne estas markitaj kiel \"funkciantaj\". Tial ne eblas garantii, ke ili ankoraŭ funkcios post la ĝisdatigo: {problematic_apps}", + "migration_0003_problematic_apps_warning": "Bonvolu noti, ke la sekvaj eventuale problemaj instalitaj programoj estis detektitaj. Ŝajnas, ke tiuj ne estis instalitaj el aplika katalogo aŭ ne estas markitaj kiel \"funkciantaj\". Tial ne eblas garantii, ke ili ankoraŭ funkcios post la ĝisdatigo: {problematic_apps}", "domain_hostname_failed": "Ne povis agordi novan gastigilon. Ĉi tio eble kaŭzos problemon poste (eble bone).", "server_reboot": "La servilo rekomenciĝos", "regenconf_failed": "Ne povis regeneri la agordon por kategorio(j): {categories}", @@ -497,11 +497,11 @@ "app_install_failed": "Ne povis instali {app} : {error}", "app_install_script_failed": "Eraro okazis en la skripto de instalado de la app", "app_remove_after_failed_install": "Forigado de la app post la instala fiasko …", - "diagnosis_basesystem_host": "Servilo funkcias Debian {debian_version}.", + "diagnosis_basesystem_host": "Servilo funkcias Debian {debian_version}", "apps_catalog_init_success": "Aplikoj katalogsistemo inicializita !", - "apps_catalog_updating": "Ĝisdatigante katalogo de aplikoj ...", + "apps_catalog_updating": "Ĝisdatigante katalogo de aplikoj …", "apps_catalog_failed_to_download": "Ne eblas elŝuti la katalogon de {apps_catalog}: {error}", - "apps_catalog_obsolete_cache": "La kaŝmemoro de la katalogo de programoj estas malplena aŭ malaktuala.", + "apps_catalog_obsolete_cache": "La kaŝmemoro de la aplika katalogo estas malplena aŭ malaktuala.", "apps_catalog_update_success": "La aplika katalogo estis ĝisdatigita!", "diagnosis_basesystem_kernel": "Servilo funkcias Linuksan kernon {kernel_version}", "diagnosis_basesystem_ynh_single_version": "{package} versio: {version} ({repo})", @@ -516,9 +516,9 @@ "diagnosis_diskusage_verylow": "Stokado {mountpoint} (sur aparato {device)) restas nur {free} ({free_percent}%) spaco. Vi vere konsideru purigi iom da spaco.", "diagnosis_ram_verylow": "La sistemo nur restas {available} ({available_percent}%) RAM! (el {total})", "diagnosis_mail_outgoing_port_25_blocked": "Eliranta haveno 25 ŝajnas esti blokita. Vi devas provi malŝlosi ĝin en via agorda panelo de provizanto (aŭ gastiganto). Dume la servilo ne povos sendi retpoŝtojn al aliaj serviloj.", - "diagnosis_http_bad_status_code": "Ne povis atingi vian servilon kiel atendite, ĝi redonis malbonan statuskodon. Povas esti, ke alia maŝino respondis anstataŭ via servilo. Vi devus kontroli, ke vi ĝuste redonas la havenon 80, ke via nginx-agordo ĝisdatigas kaj ke reverso-prokuro ne interbatalas.", + "diagnosis_http_bad_status_code": "La diagnoza sistemo ne povis atingi vian servilon. Povas esti, ke alia maŝino respondis anstataŭ via servilo. Vi devus kontroli, ke vi ĝuste redonas la havenon 80, ke via agordo de nginx estas ĝisdatigita kaj ke reverso-prokuro ne interbatalas.", "main_domain_changed": "La ĉefa domajno estis ŝanĝita", - "yunohost_postinstall_end_tip": "La post-instalado finiĝis! Por fini vian agordon, bonvolu konsideri:\n - aldonado de unua uzanto tra la sekcio 'Uzantoj' de la retadreso (aŭ 'yunohost user create ' en komandlinio);\n - diagnozi problemojn atendantajn solvi por ke via servilo funkciu kiel eble plej glate tra la sekcio 'Diagnosis' de la retadministrado (aŭ 'yunohost diagnosis run' en komandlinio);\n - legante la partojn 'Finigi vian agordon' kaj 'Ekkoni Yunohost' en la administra dokumentado: https://yunohost.org/admindoc.", + "yunohost_postinstall_end_tip": "La post-instalado finiĝis! Por fini vian agordon, bonvolu konsideri:\n - aldonado de unua uzanto tra la sekcio 'Uzantoj' de la retadreso (aŭ 'uzanto de yunohost kreu ' en komandlinio);\n - diagnozi eblajn problemojn per la sekcio 'Diagnozo' de la reteja administrado (aŭ 'diagnoza yunohost-ekzekuto' en komandlinio);\n - legante la partojn 'Finigi vian agordon' kaj 'Ekkoni Yunohost' en la administra dokumentado: https://yunohost.org/admindoc.", "migration_description_0014_remove_app_status_json": "Forigi heredajn dosierojn", "diagnosis_ip_connected_ipv4": "La servilo estas konektita al la interreto per IPv4 !", "diagnosis_ip_no_ipv4": "La servilo ne havas funkciantan IPv4.", @@ -527,9 +527,9 @@ "diagnosis_ip_not_connected_at_all": "La servilo tute ne ŝajnas esti konektita al la Interreto !?", "diagnosis_ip_dnsresolution_working": "Rezolucio pri domajna nomo funkcias !", "diagnosis_ip_weird_resolvconf": "DNS-rezolucio ŝajnas funkcii, sed atentu, ke vi ŝajnas uzi kutimon /etc/resolv.conf.", - "diagnosis_ip_weird_resolvconf_details": "Anstataŭe, ĉi tiu dosiero estu ligilo kun /etc/resolvconf/run/resolv.conf mem montrante al 127.0.0.1 (dnsmasq). La efektivaj solvantoj devas agordi per /etc/resolv.dnsmasq.conf.", + "diagnosis_ip_weird_resolvconf_details": "Anstataŭe, ĉi tiu dosiero estu ligilo kun /etc/resolvconf/run/resolv.conf mem montrante al 127.0.0.1 (dnsmasq). La efektivaj solvantoj devas agordi en /etc/resolv.dnsmasq.conf.", "diagnosis_dns_good_conf": "Bona DNS-agordo por domajno {domain} (kategorio {category})", - "diagnosis_dns_bad_conf": "Malbona / mankas DNS-agordo por domajno {domain} (kategorio {category})", + "diagnosis_dns_bad_conf": "Malbona aŭ mankas DNS-agordo por domajno {domain} (kategorio {category})", "diagnosis_ram_ok": "La sistemo ankoraŭ havas {available} ({available_percent}%) RAM forlasita de {total}.", "diagnosis_swap_none": "La sistemo tute ne havas interŝanĝon. Vi devus pripensi aldoni almenaŭ {recommended} da interŝanĝo por eviti situaciojn en kiuj la sistemo restas sen memoro.", "diagnosis_swap_notsomuch": "La sistemo havas nur {total}-interŝanĝon. Vi konsideru havi almenaŭ {recommended} por eviti situaciojn en kiuj la sistemo restas sen memoro.", @@ -539,7 +539,7 @@ "diagnosis_security_all_good": "Neniu kritika sekureca vundebleco estis trovita.", "diagnosis_security_vulnerable_to_meltdown": "Vi ŝajnas vundebla al la kritiko-vundebleco de Meltdown", "diagnosis_no_cache": "Neniu diagnoza kaŝmemoro por kategorio '{category}'", - "diagnosis_ip_broken_dnsresolution": "Rezolucio pri domajna nomo rompiĝas pro iu kialo ... Ĉu fajroŝirmilo blokas DNS-petojn ?", + "diagnosis_ip_broken_dnsresolution": "Rezolucio pri domajna nomo rompiĝas pro iu kialo... Ĉu fajroŝirmilo blokas DNS-petojn ?", "diagnosis_ip_broken_resolvconf": "Rezolucio pri domajna nomo ŝajnas esti rompita en via servilo, kiu ŝajnas rilata al /etc/resolv.conf ne notante 127.0.0.1.", "diagnosis_dns_missing_record": "Laŭ la rekomendita DNS-agordo, vi devas aldoni DNS-registron kun\ntipo: {type}\nnomo: {name}\nvaloro: {value}", "diagnosis_dns_discrepancy": "La DNS-registro kun tipo {type} kaj nomo {name} ne kongruas kun la rekomendita agordo.\nNuna valoro: {current}\nEsceptita valoro: {value}", @@ -562,7 +562,7 @@ "diagnosis_description_basesystem": "Baza sistemo", "diagnosis_description_regenconf": "Sistemaj agordoj", "main_domain_change_failed": "Ne eblas ŝanĝi la ĉefan domajnon", - "log_domain_main_domain": "Faru '{}' kiel ĉefa domajno", + "log_domain_main_domain": "Faru de '{}' la ĉefa domajno", "diagnosis_http_timeout": "Tempolimigita dum provado kontakti vian servilon de ekstere. Ĝi ŝajnas esti neatingebla. Vi devus kontroli, ke vi ĝuste redonas la havenon 80, ke nginx funkcias kaj ke fajroŝirmilo ne interbatalas.", "diagnosis_http_connection_error": "Rilata eraro: ne povis konektiĝi al la petita domajno, tre probable ĝi estas neatingebla.", "migration_description_0013_futureproof_apps_catalog_system": "Migru al la nova katalogosistemo pri estontecaj programoj", @@ -576,12 +576,12 @@ "diagnosis_services_running": "Servo {service} funkcias!", "diagnosis_ports_unreachable": "Haveno {port} ne atingeblas de ekstere.", "diagnosis_ports_ok": "Haveno {port} atingeblas de ekstere.", - "diagnosis_ports_needed_by": "Eksponi ĉi tiun havenon necesas por servo {service}", - "diagnosis_ports_forwarding_tip": "Por solvi ĉi tiun problemon, plej probable vi devas agordi la plusendon de haveno en via interreta enkursigilo kiel priskribite en https://yunohost.org/isp_box_config", + "diagnosis_ports_needed_by": "Eksponi ĉi tiun havenon necesas por {1} funkcioj (servo {0})", + "diagnosis_ports_forwarding_tip": "Por solvi ĉi tiun problemon, vi plej verŝajne bezonas agordi havenon en via interreta enkursigilo kiel priskribite en https://yunohost.org/isp_box_config", "diagnosis_http_could_not_diagnose": "Ne povis diagnozi, ĉu atingeblas domajno de ekstere.", "diagnosis_http_could_not_diagnose_details": "Eraro: {error}", - "diagnosis_http_ok": "Domajno {domain} atingeblas de ekstere.", - "diagnosis_http_unreachable": "Domajno {domain} estas atingebla per HTTP de ekstere.", + "diagnosis_http_ok": "Domajno {domain} atingebla per HTTP de ekster la loka reto.", + "diagnosis_http_unreachable": "Domajno {domain} ŝajnas neatingebla per HTTP de ekster la loka reto.", "domain_cannot_remove_main_add_new_one": "Vi ne povas forigi '{domain:s}' ĉar ĝi estas la ĉefa domajno kaj via sola domajno, vi devas unue aldoni alian domajnon uzante ''yunohost domain add ', tiam agordi kiel ĉefan domajnon uzante 'yunohost domain main-domain -n ' kaj tiam vi povas forigi la domajnon' {domain:s} 'uzante' yunohost domain remove {domain:s} '.'", "permission_require_account": "Permesilo {permission} nur havas sencon por uzantoj, kiuj havas konton, kaj tial ne rajtas esti ebligitaj por vizitantoj.", "diagnosis_found_warnings": "Trovitaj {warnings} ero (j) kiuj povus esti plibonigitaj por {category}.", @@ -591,5 +591,12 @@ "diagnosis_description_mail": "Retpoŝto", "log_app_action_run": "Funkciigu agon de la apliko '{}'", "log_app_config_show_panel": "Montri la agordan panelon de la apliko '{}'", - "log_app_config_apply": "Apliki agordon al la apliko '{}'" + "log_app_config_apply": "Apliki agordon al la apliko '{}'", + "diagnosis_never_ran_yet": "Ŝajnas, ke ĉi tiu servilo estis instalita antaŭ nelonge kaj estas neniu diagnoza raporto por montri. Vi devas komenci kurante plenan diagnozon, ĉu de la retadministro aŭ uzante 'yunohost diagnosis run' el la komandlinio.", + "certmanager_warning_subdomain_dns_record": "Subdominio '{subdomain:s}' ne solvas al la sama IP-adreso kiel '{domain:s}'. Iuj funkcioj ne estos haveblaj ĝis vi riparos ĉi tion kaj regeneros la atestilon.", + "diagnosis_basesystem_hardware": "Arkitekturo de servila aparataro estas {virt} {arch}", + "diagnosis_basesystem_hardware_board": "Servilo-tabulo-modelo estas {model}", + "diagnosis_description_web": "Reta", + "domain_cannot_add_xmpp_upload": "Vi ne povas aldoni domajnojn per 'xmpp-upload'. Ĉi tiu speco de nomo estas rezervita por la XMPP-alŝuta funkcio integrita en YunoHost.", + "group_already_exist_on_system_but_removing_it": "Grupo {group} jam ekzistas en la sistemaj grupoj, sed YunoHost forigos ĝin …" } From caf41928cc17f665acab3c0fc3decf7d5280fb67 Mon Sep 17 00:00:00 2001 From: amirale qt Date: Tue, 21 Apr 2020 06:58:00 +0000 Subject: [PATCH 022/451] Translated using Weblate (French) Currently translated at 100.0% (632 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 67 ++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 53 insertions(+), 14 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index 7b31f9237..ef60a6956 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -507,10 +507,10 @@ "diagnosis_found_errors": "Trouvé {errors} problème(s) significatif(s) lié(s) à {category} !", "diagnosis_found_errors_and_warnings": "Trouvé {errors} problème(s) significatif(s) (et {warnings} (avertissement(s)) en relation avec {category} !", "diagnosis_ip_not_connected_at_all": "Le serveur ne semble pas du tout connecté à Internet !?", - "diagnosis_ip_weird_resolvconf": "La résolution DNS semble fonctionner, mais soyez prudent en utilisant un fichier /etc/resolv.conf personnalisé.", - "diagnosis_ip_weird_resolvconf_details": "Au lieu de cela, ce fichier devrait être un lien symbolique vers /etc/resolvconf/run/resolv.conf lui-même pointant vers 127.0.0.1 (dnsmasq). Les résolveurs réels doivent être configurés dans /etc/resolv.dnsmasq.conf.", + "diagnosis_ip_weird_resolvconf": "La résolution DNS semble fonctionner, mais il semble que vous utilisez un /etc/resolv.conf personnalisé.", + "diagnosis_ip_weird_resolvconf_details": "Le fichier /etc/resolv.conf doit être un lien symbolique vers /etc/resolvconf/run/resolv.conf lui-même pointant vers 127.0.0.1 (dnsmasq). Si vous souhaitez configurer manuellement les résolveurs DNS, veuillez modifier /etc/resolv.dnsmasq.conf.", "diagnosis_dns_missing_record": "Selon la configuration DNS recommandée, vous devez ajouter un enregistrement DNS\nType: {type}\nNom: {name}\nValeur {value}", - "diagnosis_diskusage_ok": "Le stockage {mountpoint} (sur le périphérique {device}) a encore {free} ({free_percent}%) d’espace libre !", + "diagnosis_diskusage_ok": "L'espace de stockage {mountpoint} (sur l'appareil {device}) a encore {libre} ({free_percent}%) espace restant (sur {total}) !", "diagnosis_ram_ok": "Le système dispose encore de {available} ({available_percent}%) de RAM sur {total}.", "diagnosis_regenconf_allgood": "Tous les fichiers de configuration sont conformes à la configuration recommandée !", "diagnosis_security_vulnerable_to_meltdown": "Vous semblez vulnérable à la vulnérabilité de sécurité critique de Meltdown", @@ -532,26 +532,26 @@ "diagnosis_ip_no_ipv6": "Le serveur ne dispose pas d’une adresse IPv6.", "diagnosis_ip_dnsresolution_working": "La résolution de nom de domaine fonctionne !", "diagnosis_ip_broken_dnsresolution": "La résolution du nom de domaine semble interrompue pour une raison quelconque … Un pare-feu bloque-t-il les requêtes DNS ?", - "diagnosis_ip_broken_resolvconf": "La résolution du nom de domaine semble cassée sur votre serveur, ce qui semble lié au fait que /etc/resolv.conf ne pointe pas vers 127.0.0.1.", - "diagnosis_dns_good_conf": "Bonne configuration DNS pour le domaine {domain} (catégorie {category})", - "diagnosis_dns_bad_conf": "Configuration DNS incorrecte ou manquante pour le domaine {domain} (catégorie {category})", + "diagnosis_ip_broken_resolvconf": "La résolution du nom de domaine semble être rompue sur votre serveur, ce qui semble lié au fait que /etc/resolv.conf ne pointe pas sur 127.0.0.1.", + "diagnosis_dns_good_conf": "Les enregistrements DNS sont correctement configurés pour le domaine {domain} (catégorie {category})", + "diagnosis_dns_bad_conf": "Certains enregistrements DNS sont manquants ou incorrects pour le domaine {domain} (catégorie {category})", "diagnosis_dns_discrepancy": "L’enregistrement DNS de type {type} et nom {name} ne correspond pas à la configuration recommandée.\nValeur actuelle: {current}\nValeur attendue: {value}", "diagnosis_services_bad_status": "Le service {service} est {status} :-(", - "diagnosis_diskusage_verylow": "Le stockage {mountpoint} (sur le périphérique {device}) ne dispose que de {free} ({free_percent}%). Vous devriez vraiment envisager de nettoyer un peu d’espace.", - "diagnosis_diskusage_low": "Le stockage {mountpoint} (sur le périphérique {device}) ne dispose que de {free} ({free_percent}%). Faites attention.", + "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l'appareil {device} ) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l'espace !", + "diagnosis_diskusage_low": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Faites attention.", "diagnosis_ram_verylow": "Le système ne dispose plus que de {available} ({available_percent}%)! (sur {total})", "diagnosis_ram_low": "Le système n’a plus de {available} ({available_percent}%) RAM sur {total}. Faites attention.", "diagnosis_swap_none": "Le système n’a aucun espace de swap. Vous devriez envisager d’ajouter au moins {recommended} de swap pour éviter les situations où le système manque de mémoire.", "diagnosis_swap_notsomuch": "Le système ne dispose que de {total} de swap. Vous devez envisager d’avoir au moins {recommended} pour éviter les situations où le système manque de mémoire.", "diagnosis_swap_ok": "Le système dispose de {total} de swap !", - "diagnosis_regenconf_manually_modified": "Le fichier de configuration {file} a été modifié manuellement.", + "diagnosis_regenconf_manually_modified": "Le fichier de configuration {file} semble avoir été modifié manuellement.", "diagnosis_regenconf_manually_modified_debian": "Le fichier de configuration {file} a été modifié manuellement par rapport à celui par défaut de Debian.", - "diagnosis_regenconf_manually_modified_details": "C'est probablement OK tant que vous savez ce que vous faites;) !", + "diagnosis_regenconf_manually_modified_details": "C'est probablement OK si vous savez ce que vous faites! YunoHost cessera de mettre à jour ce fichier automatiquement ... Mais attention, les mises à jour de YunoHost pourraient contenir d'importantes modifications recommandées. Si vous le souhaitez, vous pouvez inspecter les différences avec les outils yunohost regen-conf {category} --dry-run --with-diff et forcer la réinitialisation à la configuration recommandée avec les outils yunohost regen-conf {category} --force ", "diagnosis_regenconf_manually_modified_debian_details": "Cela peut probablement être OK, mais il faut garder un œil dessus …", "apps_catalog_init_success": "Système de catalogue d’applications initialisé !", "apps_catalog_failed_to_download": "Impossible de télécharger le catalogue des applications {apps_catalog}:{error}", "diagnosis_mail_outgoing_port_25_blocked": "Le port sortant 25 semble être bloqué. Vous devriez essayer de le débloquer dans le panneau de configuration de votre fournisseur de services Internet (ou hébergeur). En attendant, le serveur ne pourra pas envoyer de courrier électronique à d’autres serveurs.", - "domain_cannot_remove_main_add_new_one": "Vous ne pouvez pas supprimer '{domain:s}' car il s’agit du domaine principal et de votre seul domaine. Vous devez d’abord ajouter un autre domaine à l’aide de 'yunohost domain add ', puis définir comme domaine principal à l’aide de 'yunohost domain main-domain -n ' et vous pouvez ensuite supprimer le domaine '{domain:s}' à l’aide de 'yunohost domain remove {domain:s}'.", + "domain_cannot_remove_main_add_new_one": "Vous ne pouvez pas supprimer '{domain:s}' car il s’agit du domaine principal et de votre seul domaine. Vous devez d’abord ajouter un autre domaine à l’aide de 'yunohost domain add ', puis définir comme domaine principal à l’aide de 'yunohost domain main-domain -n ' et vous pouvez ensuite supprimer le domaine '{domain:s}' à l’aide de 'yunohost domain remove {domain:s}'.'", "diagnosis_security_vulnerable_to_meltdown_details": "Pour résoudre ce problème, vous devez mettre à niveau votre système et redémarrer pour charger le nouveau noyau Linux (ou contacter votre fournisseur de serveur si cela ne fonctionne pas). Voir https://meltdownattack.com/ pour plus d’informations.", "diagnosis_description_basesystem": "Système de base", "diagnosis_description_ip": "Connectivité Internet", @@ -581,11 +581,11 @@ "diagnosis_services_running": "Le service {service} est en cours de fonctionnement !", "diagnosis_services_conf_broken": "La configuration est cassée pour le service {service} !", "diagnosis_ports_needed_by": "Rendre ce port accessible est nécessaire pour les fonctionnalités de type {category} (service {service})", - "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config", + "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config ", "diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.", "diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie « {category} »", "yunohost_postinstall_end_tip": "La post-installation terminée! Pour finaliser votre configuration, il est recommendé de :\n - ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l’interface web (ou \"yunohost user create \" en ligne de commande);\n - diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou \"yunohost diagnosis run\" en ligne de commande);\n - lire les parties \"Finalisation de votre configuration\" et \"Découverte de Yunohost\" dans le guide de l’administrateur: https://yunohost.org/admindoc.", - "diagnosis_services_bad_status_tip": "Vous pouvez essayer de redémarrer le service. Si cela ne fonctionne pas, consultez les journaux de service à l’aide de 'yunohost service log {service}' ou de la section 'Services' dans la webadmin.", + "diagnosis_services_bad_status_tip": "Vous pouvez essayer de redémarrer le service, et si cela ne fonctionne pas, consultez les journaux de service dans le webadmin (à partir de la ligne de commande, vous pouvez le faire avec yunohost service restart {service} et yunohost service log {service} ).", "diagnosis_http_bad_status_code": "Le système de diagnostique n’a pas réussi à contacter votre serveur. Il se peut qu’une autre machine réponde à la place de votre serveur. Vérifiez que le port 80 est correctement redirigé, que votre configuration nginx est à jour et qu’un reverse-proxy n’interfère pas.", "diagnosis_http_timeout": "Expiration du délai en essayant de contacter votre serveur de l’extérieur. Il semble être inaccessible. Vérifiez que vous transférez correctement le port 80, que nginx est en cours d’exécution et qu’un pare-feu n’interfère pas.", "global_settings_setting_pop3_enabled": "Activer le protocole POP3 pour le serveur de messagerie", @@ -598,5 +598,44 @@ "diagnosis_basesystem_hardware": "L’architecture du serveur est {virt} {arch}", "group_already_exist_on_system_but_removing_it": "Le groupe {group} est déjà présent dans les groupes du système, mais YunoHost va le supprimer…", "certmanager_warning_subdomain_dns_record": "Le sous-domaine '{subdomain:s}' ne résout pas vers la même adresse IP que '{domain:s}'. Certaines fonctionnalités seront indisponibles tant que vous n’aurez pas corrigé cela et regénéré le certificat.", - "domain_cannot_add_xmpp_upload": "Vous ne pouvez pas ajouter de domaine commençant par 'xmpp-upload.'. Ce type de nom est réservé à la fonctionnalité d’upload XMPP intégrée dans YunoHost." + "domain_cannot_add_xmpp_upload": "Vous ne pouvez pas ajouter de domaine commençant par 'xmpp-upload.'. Ce type de nom est réservé à la fonctionnalité d’upload XMPP intégrée dans YunoHost.", + "diagnosis_mail_outgoing_port_25_ok": "Le serveur de messagerie SMTP peut envoyer des e-mails (le port sortant 25 n'est pas bloqué).", + "diagnosis_mail_outgoing_port_25_blocked_details": "Vous devez d'abord essayer de débloquer le port sortant 25 dans votre interface de routeur Internet ou votre interface d'hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", + "diagnosis_mail_ehlo_bad_answer": "Un service non SMTP a répondu sur le port 25 sur IPv {ipversion}", + "diagnosis_mail_ehlo_bad_answer_details": "Cela peut être dû à un autre répondeur au lieu de votre serveur.", + "diagnosis_mail_ehlo_wrong": "Un autre serveur de messagerie SMTP répond sur IPv{ipversion}. Il ne sera probablement pas en mesure de recevoir des e-mails.", + "diagnosis_mail_ehlo_could_not_diagnose": "Impossible de diagnostiquer si le serveur de messagerie postfix est accessible de l'extérieur pour IPv {ipversion}.", + "diagnosis_mail_ehlo_could_not_diagnose_details": "Erreur: {error}", + "diagnosis_mail_fcrdns_dns_missing": "Aucun DNS inverse n'est défini dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", + "diagnosis_mail_fcrdns_ok": "Votre DNS inversé est correctement configuré !", + "diagnosis_mail_fcrdns_nok_details": "Vous devez d'abord essayer de configurer le DNS inverse avec {ehlo_domain} dans votre interface de routeur Internet ou votre interface d'hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", + "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Le DNS inverse n'est pas correctement configuré dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", + "diagnosis_mail_blacklist_ok": "Les adresses IP et les domaines utilisés par ce serveur ne semblent pas être sur liste noire", + "diagnosis_mail_blacklist_reason": "La raison de la liste noire est: {reason}", + "diagnosis_mail_blacklist_website": "Après avoir identifié pourquoi vous êtes répertorié et corrigé, n'hésitez pas à demander la radiation sur {blacklist_website}", + "diagnosis_mail_queue_ok": "{nb_pending} e-mails en attente dans les files d'attente de messagerie", + "diagnosis_mail_queue_unavailable_details": "Erreur: {error}", + "diagnosis_mail_queue_too_big": "Trop d'e-mails en attente dans la file d'attente ({nb_pending} e-mails)", + "global_settings_setting_smtp_allow_ipv6": "Autoriser l'utilisation d'IPv6 pour recevoir et envoyer du courrier", + "diagnosis_security_all_good": "Aucune vulnérabilité de sécurité critique n'a été trouvée.", + "diagnosis_display_tip": "Pour voir les problèmes détectés, vous pouvez accéder à la section Diagnostic du webadmin ou exécuter «yunohost diagnostic show --issues» à partir de la ligne de commande.", + "diagnosis_ip_global": "IP globale: {global} ", + "diagnosis_ip_local": "IP locale: {local} ", + "diagnosis_dns_point_to_doc": "Veuillez consulter la documentation à https://yunohost.org/dns_config si vous avez besoin d'aide pour configurer les enregistrements DNS.", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Certains fournisseurs ne vous laisseront pas débloquer le port sortant 25 parce qu'ils ne se soucient pas de la neutralité du Net.
- Certains d'entre eux offrent l'alternative de en utilisant un relais de serveur de messagerie bien que cela implique que le relais sera en mesure d'espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type des limites. Voir https://yunohost.org/#/vpn_advantage
- Vous pouvez également envisager de passer à un fournisseur plus respectueux de la neutralité du net ", + "diagnosis_mail_ehlo_ok": "Le serveur de messagerie SMTP est accessible de l'extérieur et peut donc recevoir des e-mails !", + "diagnosis_mail_ehlo_unreachable": "Le serveur de messagerie SMTP est inaccessible de l'extérieur sur IPv {ipversion}. Il ne pourra pas recevoir d'e-mails.", + "diagnosis_mail_ehlo_unreachable_details": "Impossible d'ouvrir une connexion sur le port 25 à votre serveur dans IPv {ipversion}. Il semble inaccessible.
1. La cause la plus courante de ce problème est que le port 25 n'est pas correctement transmis à votre serveur .
2. Vous devez également vous assurer que le suffixe de service est en cours d'exécution.
3. Sur les configurations plus complexes: assurez-vous qu'aucun pare-feu ou proxy inverse n'interfère.", + "diagnosis_mail_ehlo_wrong_details": "L'EHLO reçu par le diagnostiqueur distant dans IPv {ipversion} est différent du domaine de votre serveur.
EHLO reçu: {bad_ehlo}
Attendu: {right_ehlo}
La cause la plus courante ce problème est que le port 25 n'est pas correctement transmis à votre serveur . Vous pouvez également vous assurer qu'aucun pare-feu ou proxy inverse n'interfère.", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée …). Si vous rencontrez des problèmes à cause de cela, envisagez les solutions suivantes:
- Certains FAI fournissent l’alternative de à l’aide d’un relais de serveur de messagerie bien que cela implique que le relais pourra espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Enfin, il est également possible de changement de fournisseur ", + "diagnosis_mail_fcrdns_nok_alternatives_6": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée ...). Si votre DNS inversé est correctement configuré pour IPv4, vous pouvez essayer de désactiver l'utilisation d'IPv6 lors de l'envoi d'e-mails en exécutant yunohost settings set smtp.allow_ipv6 -v off . Remarque: cette dernière solution signifie que vous ne pourrez pas envoyer ou recevoir de courriels des quelques serveurs IPv6 uniquement disponibles.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS inverse actuel: {rdns_domain}
Valeur attendue: {ehlo_domain} ", + "diagnosis_mail_blacklist_listed_by": "Votre IP ou domaine {item} est sur liste noire sur {blacklist_name}", + "diagnosis_mail_queue_unavailable": "Impossible de consulter le nombre d'e-mails en attente dans la file d'attente", + "diagnosis_ports_partially_unreachable": "Le port {port} n'est pas accessible de l'extérieur dans IPv {failed}.", + "diagnosis_http_hairpinning_issue": "Votre réseau local ne semble pas avoir activé l'épingle à cheveux.", + "diagnosis_http_hairpinning_issue_details": "C'est probablement à cause de votre box/routeur ISP. Par conséquent, les personnes extérieures à votre réseau local pourront accéder à votre serveur comme prévu, mais pas les personnes internes au réseau local (comme vous, probablement ?). Vous pourrez peut-être améliorer la situation en consultant https://yunohost.org/dns_local_network", + "diagnosis_http_partially_unreachable": "Le domaine {domain} semble inaccessible via HTTP depuis l'extérieur du réseau local en IPv {failed}, bien qu'il fonctionne en IPv {passed}.", + "diagnosis_http_nginx_conf_not_up_to_date": "La configuration nginx de ce domaine semble avoir été modifiée manuellement et empêche YunoHost de diagnostiquer si elle est accessible sur HTTP.", + "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d'accord, appliquez les modifications avec yunohost tools regen-conf nginx --force." } From 91355274f8c4cee03c63faf9dea3fec278e8e698 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= Date: Wed, 22 Apr 2020 10:09:38 +0000 Subject: [PATCH 023/451] Translated using Weblate (French) Currently translated at 100.0% (632 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 192 ++++++++++++++++++++++++------------------------ 1 file changed, 96 insertions(+), 96 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index ef60a6956..7bc6b1687 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -12,7 +12,7 @@ "app_install_files_invalid": "Fichiers d’installation incorrects", "app_manifest_invalid": "Manifeste d’application incorrect : {error}", "app_not_correctly_installed": "{app:s} semble être mal installé", - "app_not_installed": "Nous n’avons pas trouvé l’application « {app:s} » dans la liste des applications installées: {all_apps}", + "app_not_installed": "Nous n’avons pas trouvé l’application « {app:s} » dans la liste des applications installées : {all_apps}", "app_not_properly_removed": "{app:s} n’a pas été supprimé correctement", "app_removed": "{app:s} supprimé", "app_requirements_checking": "Vérification des paquets requis pour {app} …", @@ -48,9 +48,9 @@ "custom_app_url_required": "Vous devez spécifier une URL pour mettre à jour votre application personnalisée {app:s}", "domain_cert_gen_failed": "Impossible de générer le certificat", "domain_created": "Le domaine a été créé", - "domain_creation_failed": "Impossible de créer le domaine {domain}: {error}", + "domain_creation_failed": "Impossible de créer le domaine {domain} : {error}", "domain_deleted": "Le domaine a été supprimé", - "domain_deletion_failed": "Impossible de supprimer le domaine {domain}:{error}", + "domain_deletion_failed": "Impossible de supprimer le domaine {domain} : {error}", "domain_dyndns_already_subscribed": "Vous avez déjà souscris à un domaine DynDNS", "domain_dyndns_root_unknown": "Domaine DynDNS principal inconnu", "domain_exists": "Le domaine existe déjà", @@ -114,8 +114,8 @@ "restore_failed": "Impossible de restaurer le système", "restore_hook_unavailable": "Script de restauration pour '{part:s}' non disponible sur votre système et non plus dans l'archive", "restore_nothings_done": "Rien n’a été restauré", - "restore_running_app_script": "Exécution du script de restauration de l’application '{app:s}' …", - "restore_running_hooks": "Exécution des scripts de restauration …", + "restore_running_app_script": "Exécution du script de restauration de l’application '{app:s}'…", + "restore_running_hooks": "Exécution des scripts de restauration…", "service_add_failed": "Impossible d’ajouter le service '{service:s}'", "service_added": "Le service '{service:s}' a été ajouté", "service_already_started": "Le service '{service:s}' est déjà en cours d’exécution", @@ -140,25 +140,25 @@ "unexpected_error": "Une erreur inattendue est survenue : {error}", "unlimit": "Pas de quota", "unrestore_app": "L’application '{app:s}' ne sera pas restaurée", - "updating_apt_cache": "Récupération des mises à jour disponibles pour les paquets du système …", + "updating_apt_cache": "Récupération des mises à jour disponibles pour les paquets du système…", "upgrade_complete": "Mise à jour terminée", - "upgrading_packages": "Mise à jour des paquets en cours …", + "upgrading_packages": "Mise à jour des paquets en cours…", "upnp_dev_not_found": "Aucun périphérique compatible UPnP n’a été trouvé", "upnp_disabled": "UPnP désactivé", "upnp_enabled": "UPnP activé", "upnp_port_open_failed": "Impossible d’ouvrir les ports UPnP", "user_created": "L’utilisateur créé", - "user_creation_failed": "Impossible de créer l’utilisateur {user}: {error}", + "user_creation_failed": "Impossible de créer l’utilisateur {user} : {error}", "user_deleted": "L’utilisateur supprimé", - "user_deletion_failed": "Impossible de supprimer l’utilisateur {user}: {error}", + "user_deletion_failed": "Impossible de supprimer l’utilisateur {user} : {error}", "user_home_creation_failed": "Impossible de créer le dossier personnel de l’utilisateur", "user_unknown": "L’utilisateur {user:s} est inconnu", - "user_update_failed": "Impossible de mettre à jour l’utilisateur {user}: {error}", + "user_update_failed": "Impossible de mettre à jour l’utilisateur {user} : {error}", "user_updated": "L’utilisateur a été modifié", "yunohost_already_installed": "YunoHost est déjà installé", "yunohost_ca_creation_failed": "Impossible de créer l’autorité de certification", "yunohost_configured": "YunoHost est maintenant configuré", - "yunohost_installing": "L’installation de YunoHost est en cours …", + "yunohost_installing": "L’installation de YunoHost est en cours…", "yunohost_not_installed": "YunoHost n’est pas correctement installé. Veuillez exécuter 'yunohost tools postinstall'", "certmanager_attempt_to_replace_valid_cert": "Vous êtes en train de vouloir remplacer un certificat correct et valide pour le domaine {domain:s} ! (Utilisez --force pour contourner cela)", "certmanager_domain_unknown": "Domaine {domain:s} inconnu", @@ -178,7 +178,7 @@ "certmanager_conflicting_nginx_file": "Impossible de préparer le domaine pour le défi ACME : le fichier de configuration NGINX {filepath:s} est en conflit et doit être préalablement retiré", "certmanager_hit_rate_limit": "Trop de certificats ont déjà été émis récemment pour ce même ensemble de domaines {domain:s}. Veuillez réessayer plus tard. Lisez https://letsencrypt.org/docs/rate-limits/ pour obtenir plus de détails sur les ratios et limitations", "ldap_init_failed_to_create_admin": "L’initialisation de l’annuaire LDAP n’a pas réussi à créer l’utilisateur admin", - "domain_cannot_remove_main": "Vous ne pouvez pas supprimer '{domain:s}' car il s’agit du domaine principal. Vous devez d’abord définir un autre domaine comme domaine principal à l’aide de 'yunohost domain main-domain -n ', voici la liste des domaines candidats. : {other_domains:s}", + "domain_cannot_remove_main": "Vous ne pouvez pas supprimer '{domain:s}' car il s’agit du domaine principal. Vous devez d’abord définir un autre domaine comme domaine principal à l’aide de 'yunohost domain main-domain -n ', voici la liste des domaines candidats : {other_domains:s}", "certmanager_self_ca_conf_file_not_found": "Le fichier de configuration pour l’autorité du certificat auto-signé est introuvable (fichier : {file:s})", "certmanager_unable_to_parse_self_CA_name": "Impossible d’analyser le nom de l’autorité du certificat auto-signé (fichier : {file:s})", "mailbox_used_space_dovecot_down": "Le service de courriel Dovecot doit être démarré si vous souhaitez voir l’espace disque occupé par la messagerie", @@ -187,7 +187,7 @@ "certmanager_acme_not_configured_for_domain": "Le certificat du domaine {domain:s} ne semble pas être correctement installé. Veuillez d’abord exécuter cert-install.", "certmanager_http_check_timeout": "Expiration du délai lorsque le serveur a essayé de se contacter lui-même via HTTP en utilisant l’adresse IP public {ip:s} du domaine {domain:s}. Vous rencontrez peut-être un problème d’hairpinning ou alors le pare-feu/routeur en amont de votre serveur est mal configuré.", "certmanager_couldnt_fetch_intermediate_cert": "Expiration du délai lors de la tentative de récupération du certificat intermédiaire depuis Let’s Encrypt. L’installation ou le renouvellement du certificat a été annulé. Veuillez réessayer plus tard.", - "domain_hostname_failed": "Échec de l’utilisation d’un nouveau nom d’hôte. Cela pourrait causer des soucis plus tard (peut-être que ça n’en causera pas).", + "domain_hostname_failed": "Échec de l’utilisation d’un nouveau nom d’hôte. Cela pourrait causer des soucis plus tard (cela n’en causera peut-être pas).", "yunohost_ca_creation_success": "L’autorité de certification locale créée.", "app_already_installed_cant_change_url": "Cette application est déjà installée. L’URL ne peut pas être changé simplement par cette fonction. Vérifiez si cela est disponible avec `app changeurl`.", "app_change_url_failed_nginx_reload": "Le redémarrage de Nginx a échoué. Voici la sortie de 'nginx -t' :\n{nginx_errors:s}", @@ -234,8 +234,8 @@ "backup_with_no_restore_script_for_app": "L’application « {app:s} » n’a pas de script de restauration, vous ne pourrez pas restaurer automatiquement la sauvegarde de cette application.", "global_settings_cant_serialize_settings": "Échec de la sérialisation des données de paramétrage car : {reason:s}", "restore_removing_tmp_dir_failed": "Impossible de sauvegarder un ancien dossier temporaire", - "restore_extracting": "Extraction des fichiers nécessaires depuis l’archive …", - "restore_may_be_not_enough_disk_space": "Votre système ne semble pas avoir suffisamment d'espace (libre: {free_space:d} B, espace nécessaire: {needed_space:d} B, marge de sécurité: {margin:d} B)", + "restore_extracting": "Extraction des fichiers nécessaires depuis l’archive…", + "restore_may_be_not_enough_disk_space": "Votre système ne semble pas avoir suffisamment d’espace (libre : {free_space:d} B, espace nécessaire : {needed_space:d} B, marge de sécurité : {margin:d} B)", "restore_not_enough_disk_space": "Espace disponible insuffisant (L’espace libre est de {free_space:d} octets. Le besoin d’espace nécessaire est de {needed_space:d} octets. En appliquant une marge de sécurité, la quantité d’espace nécessaire est de {margin:d} octets)", "restore_system_part_failed": "Impossible de restaurer la partie '{part:s}' du système", "backup_couldnt_bind": "Impossible de lier {src:s} avec {dest:s}.", @@ -244,7 +244,7 @@ "migrations_loading_migration": "Chargement de la migration {id} …", "migrations_migration_has_failed": "La migration {id} a échoué avec l’exception {exception} : annulation", "migrations_no_migrations_to_run": "Aucune migration à lancer", - "migrations_skip_migration": "Ignorer et passer la migration {id} …", + "migrations_skip_migration": "Ignorer et passer la migration {id}…", "server_shutdown": "Le serveur va s’éteindre", "server_shutdown_confirm": "Le serveur va être éteint immédiatement, le voulez-vous vraiment ? [{answers:s}]", "server_reboot": "Le serveur va redémarrer", @@ -256,7 +256,7 @@ "app_upgrade_app_name": "Mise à jour de l’application {app} …", "backup_output_symlink_dir_broken": "Votre répertoire d’archivage '{path:s}' est un lien symbolique brisé. Peut-être avez-vous oublié de re/monter ou de brancher le support de stockage sur lequel il pointe.", "migrate_tsig_end": "La migration à HMAC-SHA-512 est terminée", - "migrate_tsig_failed": "La migration du domaine DynDNS {domain} à hmac-sha512 a échoué. Annulation des modifications. Erreur : {error_code} - {error}", + "migrate_tsig_failed": "La migration du domaine DynDNS {domain} à HMAC-SHA-512 a échoué. Annulation des modifications. Erreur : {error_code} - {error}", "migrate_tsig_start": "L’algorithme de génération des clefs n’est pas suffisamment sécurisé pour la signature TSIG du domaine '{domain}', lancement de la migration vers HMAC-SHA-512 qui est plus sécurisé", "migrate_tsig_wait": "Attendre trois minutes pour que le serveur DynDNS prenne en compte la nouvelle clef …", "migrate_tsig_wait_2": "2 minutes …", @@ -269,19 +269,19 @@ "migration_0003_start": "Démarrage de la migration vers Stretch. Les journaux seront disponibles dans {logfile}.", "migration_0003_patching_sources_list": "Modification du fichier sources.lists …", "migration_0003_main_upgrade": "Démarrage de la mise à niveau principale …", - "migration_0003_fail2ban_upgrade": "Démarrage de la mise à niveau de fail2ban …", - "migration_0003_restoring_origin_nginx_conf": "Votre fichier /etc/nginx/nginx.conf a été modifié d'une manière ou d'une autre. La migration va d'abord le réinitialiser à son état d'origine… Le fichier précédent sera disponible en tant que {backup_dest}.", + "migration_0003_fail2ban_upgrade": "Démarrage de la mise à niveau de Fail2Ban …", + "migration_0003_restoring_origin_nginx_conf": "Votre fichier /etc/nginx/nginx.conf a été modifié d'une manière ou d’une autre. La migration va d’abord le réinitialiser à son état d'origine… Le fichier précédent sera disponible en tant que {backup_dest}.", "migration_0003_yunohost_upgrade": "Démarrage de la mise à niveau du package YunoHost… La migration se terminera, mais la mise à niveau réelle aura lieu immédiatement après. Une fois l'opération terminée, vous devrez peut-être vous reconnecter à la page webadmin.", "migration_0003_not_jessie": "La distribution Debian actuelle n’est pas Jessie !", "migration_0003_system_not_fully_up_to_date": "Votre système n’est pas complètement à jour. Veuillez mener une mise à jour classique avant de lancer la migration à Stretch.", "migration_0003_still_on_jessie_after_main_upgrade": "Quelque chose s’est mal passé pendant la mise à niveau principale : le système est toujours sur Debian Jessie !? Pour investiguer sur le problème, veuillez regarder les journaux {log}:s …", "migration_0003_general_warning": "Veuillez noter que cette migration est une opération délicate. Si l’équipe YunoHost a fait de son mieux pour la relire et la tester, la migration pourrait tout de même casser des parties de votre système ou de vos applications.\n\nEn conséquence, nous vous recommandons :\n - de lancer une sauvegarde de vos données ou applications critiques. Plus d’informations sur https://yunohost.org/backup ;\n - d’être patient après avoir lancé la migration : selon votre connexion internet et matériel, cela pourrait prendre jusqu’à quelques heures pour que tout soit à niveau.\n\nEn outre, le port SMTP utilisé par les clients de messagerie externes comme (Thunderbird ou K9-Mail) a été changé de 465 (SSL/TLS) à 587 (STARTTLS). L’ancien port 465 sera automatiquement fermé et le nouveau port 587 sera ouvert dans le pare-feu. Vous et vos utilisateurs *devront* adapter la configuration de vos clients de messagerie en conséquence.", - "migration_0003_problematic_apps_warning": "Veuillez noter que les applications installées potentiellement problématiques suivantes ont été détectées. Il semble que celles-ci n’ont pas été installées à partir d’un catalogue d’applications, ou ne sont pas marquées comme \"fonctionnelle\". Par conséquent, il ne peut pas être garanti qu’ils fonctionneront toujours après la mise à niveau: {problematic_apps}", + "migration_0003_problematic_apps_warning": "Veuillez noter que les applications installées potentiellement problématiques suivantes ont été détectées. Il semble que celles-ci n’ont pas été installées à partir d’un catalogue d’applications, ou ne sont pas marquées comme \"fonctionnelle\". Par conséquent, il ne peut pas être garanti qu’ils fonctionneront toujours après la mise à niveau : {problematic_apps}", "migration_0003_modified_files": "Veuillez noter que les fichiers suivants ont été détectés comme modifiés manuellement et pourraient être écrasés à la fin de la mise à niveau : {manually_modified_files}", "migrations_list_conflict_pending_done": "Vous ne pouvez pas utiliser --previous et --done simultanément.", "migrations_to_be_ran_manually": "La migration {id} doit être lancée manuellement. Veuillez aller dans Outils > Migrations dans l’interface admin, ou lancer `yunohost tools migrations migrate`.", "migrations_need_to_accept_disclaimer": "Pour lancer la migration {id}, vous devez accepter cette clause de non-responsabilité :\n---\n{disclaimer}\n---\nSi vous acceptez de lancer la migration, veuillez relancer la commande avec l’option --accept-disclaimer.", - "service_description_avahi-daemon": "Vous permet d’atteindre votre serveur en utilisant «yunohost.local» sur votre réseau local", + "service_description_avahi-daemon": "Vous permet d’atteindre votre serveur en utilisant « yunohost.local » sur votre réseau local", "service_description_dnsmasq": "Gère la résolution des noms de domaine (DNS)", "service_description_dovecot": "Permet aux clients de messagerie d’accéder/récupérer les courriels (via IMAP et POP3)", "service_description_fail2ban": "Protège contre les attaques brute-force et autres types d’attaques venant d’Internet", @@ -304,7 +304,7 @@ "log_link_to_failed_log": "L’opération '{desc}' a échoué ! Pour obtenir de l’aide, merci de partager le journal de l’opération en cliquant ici", "backup_php5_to_php7_migration_may_fail": "Impossible de convertir votre archive pour prendre en charge PHP 7, vous pourriez ne plus pouvoir restaurer vos applications PHP (cause : {error:s})", "log_help_to_get_failed_log": "L’opération '{desc}' a échoué ! Pour obtenir de l’aide, merci de partager le journal de l’opération en utilisant la commande 'yunohost log display {name} --share'", - "log_does_exists": "Il n'y a pas de journal des opérations avec le nom '{log}', utilisez 'yunohost log list' pour voir tous les journaux d'opérations disponibles", + "log_does_exists": "Il n’y a pas de journal des opérations avec le nom '{log}', utilisez 'yunohost log list' pour voir tous les journaux d’opérations disponibles", "log_operation_unit_unclosed_properly": "L’opération ne s’est pas terminée correctement", "log_app_change_url": "Changer l’URL de l’application '{}'", "log_app_install": "Installer l’application '{}'", @@ -327,7 +327,7 @@ "log_user_delete": "Supprimer l’utilisateur '{}'", "log_user_update": "Mettre à jour les informations de l’utilisateur '{}'", "log_domain_main_domain": "Faites de '{}' le domaine principal", - "log_tools_migrations_migrate_forward": "Éxecuter les migrations", + "log_tools_migrations_migrate_forward": "Exécuter les migrations", "log_tools_postinstall": "Faire la post-installation de votre serveur YunoHost", "log_tools_upgrade": "Mettre à jour les paquets du système", "log_tools_shutdown": "Éteindre votre serveur", @@ -336,7 +336,7 @@ "migration_description_0004_php5_to_php7_pools": "Reconfigurer les espaces utilisateurs PHP pour utiliser PHP 7 au lieu de PHP 5", "migration_description_0005_postgresql_9p4_to_9p6": "Migration des bases de données de PostgreSQL 9.4 vers PostgreSQL 9.6", "migration_0005_postgresql_94_not_installed": "PostgreSQL n’a pas été installé sur votre système. Rien à faire !", - "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 est installé, mais pas postgresql 9.6‽ Quelque chose de bizarre aurait pu se produire sur votre système: (…", + "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 est installé, mais pas PostgreSQL 9.6 ‽ Quelque chose de bizarre aurait pu se produire sur votre système :(…", "migration_0005_not_enough_space": "Laissez suffisamment d’espace disponible dans {path} pour exécuter la migration.", "service_description_php7.0-fpm": "Exécute des applications écrites en PHP avec NGINX", "users_available": "Liste des utilisateurs disponibles :", @@ -380,7 +380,7 @@ "migration_0008_root": "- Vous ne pourrez pas vous connecter en tant que root via SSH. Au lieu de cela, vous devrez utiliser l’utilisateur admin ;", "migration_0008_dsa": "- La clé DSA sera désactivée. Par conséquent, il se peut que vous ayez besoin d’invalider un avertissement effrayant de votre client SSH afin de revérifier l’empreinte de votre serveur ;", "migration_0008_warning": "Si vous comprenez ces avertissements et souhaitez que YunoHost écrase votre configuration actuelle, exécutez la migration. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", - "migration_0008_no_warning": "Remplacer votre configuration SSH devrait être sûr, bien que cela ne puisse pas être promis! Exécutez la migration pour la remplacer. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", + "migration_0008_no_warning": "Remplacer votre configuration SSH devrait être sûr, bien que cela ne puisse pas être promis ! Exécutez la migration pour la remplacer. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", "migrations_success": "Migration {number} {name} réussie !", "pattern_password_app": "Désolé, les mots de passe ne peuvent pas contenir les caractères suivants : {forbidden_chars}", "root_password_replaced_by_admin_password": "Votre mot de passe root a été remplacé par votre mot de passe administrateur.", @@ -391,7 +391,7 @@ "service_reload_or_restart_failed": "Impossible de recharger ou de redémarrer le service '{service:s}'\n\nJournaux historisés récents de ce service : {logs:s}", "service_reloaded_or_restarted": "Le service « {service:s} » a été rechargé ou redémarré", "this_action_broke_dpkg": "Cette action a laissé des paquets non configurés par dpkg/apt (les gestionnaires de paquets système). Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo dpkg --configure -a`.", - "app_action_cannot_be_ran_because_required_services_down": "Ces services requis doivent être en cours d’exécution pour exécuter cette action: {services}. Essayez de les redémarrer pour continuer (et éventuellement rechercher pourquoi ils sont en panne).", + "app_action_cannot_be_ran_because_required_services_down": "Ces services requis doivent être en cours d’exécution pour exécuter cette action : {services}. Essayez de les redémarrer pour continuer (et éventuellement rechercher pourquoi ils sont en panne).", "admin_password_too_long": "Veuillez choisir un mot de passe de moins de 127 caractères", "log_regen_conf": "Régénérer les configurations du système '{}'", "migration_0009_not_needed": "Cette migration semble avoir déjà été jouée ? On l’ignore.", @@ -405,7 +405,7 @@ "regenconf_now_managed_by_yunohost": "Le fichier de configuration '{conf}' est maintenant géré par YunoHost (catégorie {category}).", "regenconf_up_to_date": "La configuration est déjà à jour pour la catégorie '{category}'", "already_up_to_date": "Il n’y a rien à faire ! Tout est déjà à jour !", - "global_settings_setting_security_nginx_compatibility": "Compatibilité versus compromis sécuritaire pour le serveur web nginx. Affecte les cryptogrammes (et d’autres aspects liés à la sécurité)", + "global_settings_setting_security_nginx_compatibility": "Compatibilité versus compromis sécuritaire pour le serveur web Nginx. Affecte les cryptogrammes (et d’autres aspects liés à la sécurité)", "global_settings_setting_security_ssh_compatibility": "Compatibilité versus compromis sécuritaire pour le serveur SSH. Affecte les cryptogrammes (et d’autres aspects liés à la sécurité)", "global_settings_setting_security_postfix_compatibility": "Compatibilité versus compromis sécuritaire pour le serveur Postfix. Affecte les cryptogrammes (et d’autres aspects liés à la sécurité)", "migration_description_0009_decouple_regenconf_from_services": "Dissocier le mécanisme « regen-conf » des services", @@ -413,20 +413,20 @@ "regenconf_file_kept_back": "Le fichier de configuration '{conf}' devait être supprimé par « regen-conf » (catégorie {category}) mais a été conservé.", "regenconf_updated": "La configuration a été mise à jour pour '{category}'", "regenconf_would_be_updated": "La configuration aurait dû être mise à jour pour la catégorie '{category}'", - "regenconf_dry_pending_applying": "Vérification de la configuration en attente qui aurait été appliquée pour la catégorie '{category}' …", + "regenconf_dry_pending_applying": "Vérification de la configuration en attente qui aurait été appliquée pour la catégorie '{category}'…", "regenconf_failed": "Impossible de régénérer la configuration pour la ou les catégorie(s) : '{categories}'", "regenconf_pending_applying": "Applique la configuration en attente pour la catégorie '{category}' …", "service_regen_conf_is_deprecated": "'yunohost service regen-conf' est obsolète ! Veuillez plutôt utiliser 'yunohost tools regen-conf' à la place.", - "tools_upgrade_at_least_one": "Veuillez spécifier '--apps' OU '--system'", + "tools_upgrade_at_least_one": "Veuillez spécifier '--apps' ou '--system'", "tools_upgrade_cant_both": "Impossible de mettre à niveau le système et les applications en même temps", "tools_upgrade_cant_hold_critical_packages": "Impossibilité de maintenir les paquets critiques…", - "tools_upgrade_regular_packages": "Mise à jour des paquets du système (non liés a YunoHost) …", + "tools_upgrade_regular_packages": "Mise à jour des paquets du système (non liés a YunoHost)…", "tools_upgrade_regular_packages_failed": "Impossible de mettre à jour les paquets suivants : {packages_list}", - "tools_upgrade_special_packages": "Mise à jour des paquets 'spécifiques' (liés a YunoHost) …", + "tools_upgrade_special_packages": "Mise à jour des paquets 'spécifiques' (liés a YunoHost)…", "tools_upgrade_special_packages_completed": "La mise à jour des paquets de YunoHost est finie !\nPressez [Entrée] pour revenir à la ligne de commande", "dpkg_lock_not_available": "Cette commande ne peut pas être exécutée pour le moment car un autre programme semble utiliser le verrou de dpkg (le gestionnaire de package système)", "tools_upgrade_cant_unhold_critical_packages": "Impossible de conserver les paquets critiques…", - "tools_upgrade_special_packages_explanation": "La mise à niveau spéciale se poursuivra en arrière-plan. Veuillez ne pas lancer d'autres actions sur votre serveur pendant les 10 prochaines minutes (selon la vitesse du matériel). Après cela, vous devrez peut-être vous reconnecter à l'administrateur Web. Le journal de mise à niveau sera disponible dans Outils → Journal (dans le webadmin) ou en utilisant la «liste des journaux yunohost» (à partir de la ligne de commande).", + "tools_upgrade_special_packages_explanation": "La mise à niveau spéciale se poursuivra en arrière-plan. Veuillez ne pas lancer d'autres actions sur votre serveur pendant les 10 prochaines minutes (selon la vitesse du matériel). Après cela, vous devrez peut-être vous reconnecter à l'administrateur Web. Le journal de mise à niveau sera disponible dans Outils → Journal (dans le webadmin) ou en utilisant la « liste des journaux yunohost » (à partir de la ligne de commande).", "update_apt_cache_failed": "Impossible de mettre à jour le cache APT (gestionnaire de paquets Debian). Voici un extrait du fichier sources.list qui pourrait vous aider à identifier les lignes problématiques :\n{sourceslist}", "update_apt_cache_warning": "Des erreurs se sont produites lors de la mise à jour du cache APT (gestionnaire de paquets Debian). Voici un extrait des lignes du fichier sources.list qui pourrait vous aider à identifier les lignes problématiques :\n{sourceslist}", "backup_permission": "Permission de sauvegarde pour l’application {app:s}", @@ -435,8 +435,8 @@ "group_unknown": "Le groupe {group:s} est inconnu", "group_updated": "Le groupe '{group}' a été mis à jour", "group_update_failed": "La mise à jour du groupe '{group}' a échoué : {error}", - "group_creation_failed": "Échec de la création du groupe '{group}': {error}", - "group_deletion_failed": "Échec de la suppression du groupe '{group}': {error}", + "group_creation_failed": "Échec de la création du groupe '{group}' : {error}", + "group_deletion_failed": "Échec de la suppression du groupe '{group}' : {error}", "log_user_group_delete": "Supprimer le groupe '{}'", "log_user_group_update": "Mettre à jour '{}' pour le groupe", "mailbox_disabled": "La boîte aux lettres est désactivée pour l’utilisateur {user:s}", @@ -449,23 +449,23 @@ "migrations_pending_cant_rerun": "Ces migrations étant toujours en attente, vous ne pouvez pas les exécuter à nouveau : {ids}", "migration_description_0012_postgresql_password_to_md5_authentication": "Forcer l’authentification PostgreSQL à utiliser MD5 pour les connexions locales", "migrations_exclusive_options": "'auto', '--skip' et '--force-rerun' sont des options mutuellement exclusives.", - "migrations_not_pending_cant_skip": "Ces migrations ne sont pas en attente et ne peuvent donc pas être ignorées: {ids}", - "migration_0011_can_not_backup_before_migration": "La sauvegarde du système n’a pas pu être terminée avant l’échec de la migration. Erreur: {error:s}", - "migration_0011_migrate_permission": "Migration des autorisations des paramètres des applications vers LDAP …", + "migrations_not_pending_cant_skip": "Ces migrations ne sont pas en attente et ne peuvent donc pas être ignorées : {ids}", + "migration_0011_can_not_backup_before_migration": "La sauvegarde du système n’a pas pu être terminée avant l’échec de la migration. Erreur : {error:s}", + "migration_0011_migrate_permission": "Migration des autorisations des paramètres des applications vers LDAP…", "migration_0011_migration_failed_trying_to_rollback": "La migration a échoué… Tentative de restauration du système.", "migration_0011_rollback_success": "Système restauré.", "migration_0011_update_LDAP_database": "Mise à jour de la base de données LDAP…", "migration_0011_backup_before_migration": "Création d’une sauvegarde des paramètres de la base de données LDAP et des applications avant la migration.", "permission_not_found": "Autorisation '{permission:s}' introuvable", - "permission_update_failed": "Impossible de mettre à jour l'autorisation '{permission}': {error}", + "permission_update_failed": "Impossible de mettre à jour l’autorisation '{permission}' : {error}", "permission_updated": "Permission '{permission:s}' mise à jour", "permission_update_nothing_to_do": "Aucune autorisation pour mettre à jour", - "dyndns_provider_unreachable": "Impossible d’atteindre le fournisseur DynDNS {provider}: votre YunoHost n’est pas correctement connecté à Internet ou le serveur Dynette est en panne.", - "migration_0011_update_LDAP_schema": "Mise à jour du schéma LDAP …", + "dyndns_provider_unreachable": "Impossible d’atteindre le fournisseur DynDNS {provider} : votre YunoHost n’est pas correctement connecté à Internet ou le serveur Dynette est en panne.", + "migration_0011_update_LDAP_schema": "Mise à jour du schéma LDAP…", "migrations_already_ran": "Ces migrations sont déjà effectuées : {ids}", "migrations_dependencies_not_satisfied": "Exécutez ces migrations : '{dependencies_id}', avant migration {id}.", - "migrations_failed_to_load_migration": "Impossible de charger la migration {id}: {error}", - "migrations_running_forward": "Exécution de la migration {id} …", + "migrations_failed_to_load_migration": "Impossible de charger la migration {id} : {error}", + "migrations_running_forward": "Exécution de la migration {id}…", "migrations_success_forward": "Migration {id} terminée", "operation_interrupted": "L’opération a été interrompue manuellement ?", "permission_already_exist": "L’autorisation '{permission}' existe déjà", @@ -474,7 +474,7 @@ "permission_deleted": "Permission '{permission:s}' supprimée", "permission_deletion_failed": "Impossible de supprimer la permission '{permission}' : {error}", "migration_description_0011_setup_group_permission": "Initialiser les groupes d’utilisateurs et autorisations pour les applications et les services", - "migration_0011_LDAP_update_failed": "Impossible de mettre à jour LDAP. Erreur: {error:s}", + "migration_0011_LDAP_update_failed": "Impossible de mettre à jour LDAP. Erreur : {error:s}", "group_already_exist": "Le groupe {group} existe déjà", "group_already_exist_on_system": "Le groupe {group} existe déjà dans les groupes système", "group_cannot_be_deleted": "Le groupe {group} ne peut pas être supprimé manuellement.", @@ -485,20 +485,20 @@ "log_user_group_create": "Créer '{}' groupe", "log_user_permission_update": "Mise à jour des accès pour la permission '{}'", "log_user_permission_reset": "Réinitialiser la permission '{}'", - "migration_0011_failed_to_remove_stale_object": "Impossible de supprimer un objet périmé {dn}: {error}", - "permission_already_allowed": "Le groupe '{group}' a déjà l'autorisation '{permission}' activée", - "permission_already_disallowed": "Le groupe '{group}' a déjà l'autorisation '{permission}' désactivé", - "permission_cannot_remove_main": "Supprimer une autorisation principale n'est pas autorisé", - "user_already_exists": "L'utilisateur '{user}' existe déjà", - "app_full_domain_unavailable": "Désolé, cette application doit être installée sur un domaine qui lui est propre, mais d'autres applications sont déjà installées sur le domaine '{domain}'. Vous pouvez utiliser un sous-domaine dédié à cette application à la place.", - "group_cannot_edit_all_users": "Le groupe 'all_users' ne peut pas être édité manuellement. C'est un groupe spécial destiné à contenir tous les utilisateurs enregistrés dans YunoHost", - "group_cannot_edit_visitors": "Le groupe 'visiteurs' ne peut pas être édité manuellement. C'est un groupe spécial représentant les visiteurs anonymes", - "group_cannot_edit_primary_group": "Le groupe '{group}' ne peut pas être édité manuellement. C'est le groupe principal destiné à ne contenir qu'un utilisateur spécifique.", - "log_permission_url": "Mise à jour de l'URL associée à l'autorisation '{}'", + "migration_0011_failed_to_remove_stale_object": "Impossible de supprimer un objet périmé {dn} : {error}", + "permission_already_allowed": "Le groupe '{group}' a déjà l’autorisation '{permission}' activée", + "permission_already_disallowed": "Le groupe '{group}' a déjà l’autorisation '{permission}' désactivé", + "permission_cannot_remove_main": "Supprimer une autorisation principale n’est pas autorisé", + "user_already_exists": "L’utilisateur '{user}' existe déjà", + "app_full_domain_unavailable": "Désolé, cette application doit être installée sur un domaine qui lui est propre, mais d’autres applications sont déjà installées sur le domaine '{domain}'. Vous pouvez utiliser un sous-domaine dédié à cette application à la place.", + "group_cannot_edit_all_users": "Le groupe 'all_users' ne peut pas être édité manuellement. C’est un groupe spécial destiné à contenir tous les utilisateurs enregistrés dans YunoHost", + "group_cannot_edit_visitors": "Le groupe 'visiteurs' ne peut pas être édité manuellement. C’est un groupe spécial représentant les visiteurs anonymes", + "group_cannot_edit_primary_group": "Le groupe '{group}' ne peut pas être édité manuellement. C’est le groupe principal destiné à ne contenir qu’un utilisateur spécifique.", + "log_permission_url": "Mise à jour de l’URL associée à l’autorisation '{}'", "migration_0011_slapd_config_will_be_overwritten": "Il semble que vous ayez modifié manuellement la configuration de slapd. Pour cette migration critique, YunoHost doit forcer la mise à jour de la configuration de slapd. Les fichiers originaux seront sauvegardés dans {conf_backup_folder}.", "permission_already_up_to_date": "L’autorisation n’a pas été mise à jour car les demandes d’ajout/suppression correspondent déjà à l’état actuel.", "permission_currently_allowed_for_all_users": "Cette autorisation est actuellement accordée à tous les utilisateurs en plus des autres groupes. Vous voudrez probablement soit supprimer l’autorisation 'all_users', soit supprimer les autres groupes auxquels il est actuellement autorisé.", - "app_install_failed": "Impossible d’installer {app}: {error}", + "app_install_failed": "Impossible d’installer {app} : {error}", "app_install_script_failed": "Une erreur est survenue dans le script d’installation de l’application", "permission_require_account": "Permission {permission} n’a de sens que pour les utilisateurs ayant un compte et ne peut donc pas être activé pour les visiteurs.", "app_remove_after_failed_install": "Supprimer l’application après l’échec de l’installation …", @@ -509,23 +509,23 @@ "diagnosis_ip_not_connected_at_all": "Le serveur ne semble pas du tout connecté à Internet !?", "diagnosis_ip_weird_resolvconf": "La résolution DNS semble fonctionner, mais il semble que vous utilisez un /etc/resolv.conf personnalisé.", "diagnosis_ip_weird_resolvconf_details": "Le fichier /etc/resolv.conf doit être un lien symbolique vers /etc/resolvconf/run/resolv.conf lui-même pointant vers 127.0.0.1 (dnsmasq). Si vous souhaitez configurer manuellement les résolveurs DNS, veuillez modifier /etc/resolv.dnsmasq.conf.", - "diagnosis_dns_missing_record": "Selon la configuration DNS recommandée, vous devez ajouter un enregistrement DNS\nType: {type}\nNom: {name}\nValeur {value}", - "diagnosis_diskusage_ok": "L'espace de stockage {mountpoint} (sur l'appareil {device}) a encore {libre} ({free_percent}%) espace restant (sur {total}) !", + "diagnosis_dns_missing_record": "Selon la configuration DNS recommandée, vous devez ajouter un enregistrement DNS\nType : {type}\nNom : {name}\nValeur : {value}", + "diagnosis_diskusage_ok": "L’espace de stockage {mountpoint} (sur l’appareil {device}) a encore {libre} ({free_percent}%) espace restant (sur {total}) !", "diagnosis_ram_ok": "Le système dispose encore de {available} ({available_percent}%) de RAM sur {total}.", "diagnosis_regenconf_allgood": "Tous les fichiers de configuration sont conformes à la configuration recommandée !", "diagnosis_security_vulnerable_to_meltdown": "Vous semblez vulnérable à la vulnérabilité de sécurité critique de Meltdown", "diagnosis_basesystem_host": "Le serveur utilise Debian {debian_version}", "diagnosis_basesystem_kernel": "Le serveur utilise le noyau Linux {kernel_version}", - "diagnosis_basesystem_ynh_single_version": "{package} version: {version} ({repo})", + "diagnosis_basesystem_ynh_single_version": "{package} version : {version} ({repo})", "diagnosis_basesystem_ynh_main_version": "Le serveur utilise YunoHost {main_version} ({repo})", - "diagnosis_basesystem_ynh_inconsistent_versions": "Vous exécutez des versions incohérentes des packages YunoHost ... très probablement en raison d'une mise à niveau échouée ou partielle.", + "diagnosis_basesystem_ynh_inconsistent_versions": "Vous exécutez des versions incohérentes des packages YunoHost ... très probablement en raison d’une mise à niveau échouée ou partielle.", "diagnosis_display_tip_cli": "Vous pouvez exécuter 'yunohost diagnosis show --issues' pour afficher les problèmes détectés.", "diagnosis_failed_for_category": "Échec du diagnostic pour la catégorie '{category}': {error}", "diagnosis_cache_still_valid": "(Le cache est encore valide pour le diagnostic {category}. Il ne sera pas re-diagnostiqué pour le moment!)", "diagnosis_ignored_issues": "(+ {nb_ignored} questions ignorée(s))", "diagnosis_found_warnings": "Trouvé {warnings} objet(s) pouvant être amélioré(s) pour {category}.", "diagnosis_everything_ok": "Tout semble bien pour {category} !", - "diagnosis_failed": "Échec de la récupération du résultat du diagnostic pour la catégorie '{category}': {error}", + "diagnosis_failed": "Échec de la récupération du résultat du diagnostic pour la catégorie '{category}' : {error}", "diagnosis_ip_connected_ipv4": "Le serveur est connecté à Internet en IPv4 !", "diagnosis_ip_no_ipv4": "Le serveur ne dispose pas d’une adresse IPv4.", "diagnosis_ip_connected_ipv6": "Le serveur est connecté à Internet en IPv6 !", @@ -535,9 +535,9 @@ "diagnosis_ip_broken_resolvconf": "La résolution du nom de domaine semble être rompue sur votre serveur, ce qui semble lié au fait que /etc/resolv.conf ne pointe pas sur 127.0.0.1.", "diagnosis_dns_good_conf": "Les enregistrements DNS sont correctement configurés pour le domaine {domain} (catégorie {category})", "diagnosis_dns_bad_conf": "Certains enregistrements DNS sont manquants ou incorrects pour le domaine {domain} (catégorie {category})", - "diagnosis_dns_discrepancy": "L’enregistrement DNS de type {type} et nom {name} ne correspond pas à la configuration recommandée.\nValeur actuelle: {current}\nValeur attendue: {value}", + "diagnosis_dns_discrepancy": "L’enregistrement DNS de type {type} et nom {name} ne correspond pas à la configuration recommandée.\nValeur actuelle : {current}\nValeur attendue : {value}", "diagnosis_services_bad_status": "Le service {service} est {status} :-(", - "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l'appareil {device} ) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l'espace !", + "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l’appareil {device} ) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l’espace !", "diagnosis_diskusage_low": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Faites attention.", "diagnosis_ram_verylow": "Le système ne dispose plus que de {available} ({available_percent}%)! (sur {total})", "diagnosis_ram_low": "Le système n’a plus de {available} ({available_percent}%) RAM sur {total}. Faites attention.", @@ -546,10 +546,10 @@ "diagnosis_swap_ok": "Le système dispose de {total} de swap !", "diagnosis_regenconf_manually_modified": "Le fichier de configuration {file} semble avoir été modifié manuellement.", "diagnosis_regenconf_manually_modified_debian": "Le fichier de configuration {file} a été modifié manuellement par rapport à celui par défaut de Debian.", - "diagnosis_regenconf_manually_modified_details": "C'est probablement OK si vous savez ce que vous faites! YunoHost cessera de mettre à jour ce fichier automatiquement ... Mais attention, les mises à jour de YunoHost pourraient contenir d'importantes modifications recommandées. Si vous le souhaitez, vous pouvez inspecter les différences avec les outils yunohost regen-conf {category} --dry-run --with-diff et forcer la réinitialisation à la configuration recommandée avec les outils yunohost regen-conf {category} --force ", + "diagnosis_regenconf_manually_modified_details": "C’est probablement OK si vous savez ce que vous faites ! YunoHost cessera de mettre à jour ce fichier automatiquement ... Mais attention, les mises à jour de YunoHost pourraient contenir d’importantes modifications recommandées. Si vous le souhaitez, vous pouvez inspecter les différences avec les outils yunohost regen-conf {category} --dry-run --with-diff et forcer la réinitialisation à la configuration recommandée avec les outils yunohost regen-conf {category} --force ", "diagnosis_regenconf_manually_modified_debian_details": "Cela peut probablement être OK, mais il faut garder un œil dessus …", "apps_catalog_init_success": "Système de catalogue d’applications initialisé !", - "apps_catalog_failed_to_download": "Impossible de télécharger le catalogue des applications {apps_catalog}:{error}", + "apps_catalog_failed_to_download": "Impossible de télécharger le catalogue des applications {apps_catalog} : {error}", "diagnosis_mail_outgoing_port_25_blocked": "Le port sortant 25 semble être bloqué. Vous devriez essayer de le débloquer dans le panneau de configuration de votre fournisseur de services Internet (ou hébergeur). En attendant, le serveur ne pourra pas envoyer de courrier électronique à d’autres serveurs.", "domain_cannot_remove_main_add_new_one": "Vous ne pouvez pas supprimer '{domain:s}' car il s’agit du domaine principal et de votre seul domaine. Vous devez d’abord ajouter un autre domaine à l’aide de 'yunohost domain add ', puis définir comme domaine principal à l’aide de 'yunohost domain main-domain -n ' et vous pouvez ensuite supprimer le domaine '{domain:s}' à l’aide de 'yunohost domain remove {domain:s}'.'", "diagnosis_security_vulnerable_to_meltdown_details": "Pour résoudre ce problème, vous devez mettre à niveau votre système et redémarrer pour charger le nouveau noyau Linux (ou contacter votre fournisseur de serveur si cela ne fonctionne pas). Voir https://meltdownattack.com/ pour plus d’informations.", @@ -562,19 +562,19 @@ "diagnosis_description_regenconf": "Configurations système", "diagnosis_description_security": "Contrôles de sécurité", "diagnosis_ports_could_not_diagnose": "Impossible de diagnostiquer si les ports sont accessibles de l'extérieur.", - "diagnosis_ports_could_not_diagnose_details": "Erreur: {error}", - "apps_catalog_updating": "Mise à jour du catalogue d'applications…", + "diagnosis_ports_could_not_diagnose_details": "Erreur : {error}", + "apps_catalog_updating": "Mise à jour du catalogue d’applications…", "apps_catalog_obsolete_cache": "Le cache du catalogue d'applications est vide ou obsolète.", "apps_catalog_update_success": "Le catalogue des applications a été mis à jour !", "diagnosis_mail_ougoing_port_25_ok": "Le port sortant 25 n’est pas bloqué et le courrier électronique peut être envoyé à d’autres serveurs.", - "diagnosis_description_mail": "Email", + "diagnosis_description_mail": "E-mail", "diagnosis_ports_unreachable": "Le port {port} n’est pas accessible de l’extérieur.", "diagnosis_ports_ok": "Le port {port} est accessible de l’extérieur.", "diagnosis_http_could_not_diagnose": "Impossible de diagnostiquer si le domaine est accessible de l’extérieur.", - "diagnosis_http_could_not_diagnose_details": "Erreur: {error}", + "diagnosis_http_could_not_diagnose_details": "Erreur : {error}", "diagnosis_http_ok": "Le domaine {domain} est accessible en HTTP depuis l’extérieur.", "diagnosis_http_unreachable": "Le domaine {domain} est inaccessible en HTTP depuis l’extérieur.", - "diagnosis_unknown_categories": "Les catégories suivantes sont inconnues: {categories}", + "diagnosis_unknown_categories": "Les catégories suivantes sont inconnues : {categories}", "migration_description_0013_futureproof_apps_catalog_system": "Migrer vers le nouveau système de catalogue d’applications à l’épreuve du temps", "app_upgrade_script_failed": "Une erreur s’est produite durant l’exécution du script de mise à niveau de l’application", "migration_description_0014_remove_app_status_json": "Supprimer les anciens fichiers d’application status.json", @@ -584,10 +584,10 @@ "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config ", "diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.", "diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie « {category} »", - "yunohost_postinstall_end_tip": "La post-installation terminée! Pour finaliser votre configuration, il est recommendé de :\n - ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l’interface web (ou \"yunohost user create \" en ligne de commande);\n - diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou \"yunohost diagnosis run\" en ligne de commande);\n - lire les parties \"Finalisation de votre configuration\" et \"Découverte de Yunohost\" dans le guide de l’administrateur: https://yunohost.org/admindoc.", + "yunohost_postinstall_end_tip": "La post-installation terminée! Pour finaliser votre configuration, il est recommandé de :\n - ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l’interface web (ou \"yunohost user create \" en ligne de commande) ;\n - diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou \"yunohost diagnosis run\" en ligne de commande) ;\n - lire les parties \"Finalisation de votre configuration\" et \"Découverte de YunoHost\" dans le guide de l’administrateur: https://yunohost.org/admindoc.", "diagnosis_services_bad_status_tip": "Vous pouvez essayer de redémarrer le service, et si cela ne fonctionne pas, consultez les journaux de service dans le webadmin (à partir de la ligne de commande, vous pouvez le faire avec yunohost service restart {service} et yunohost service log {service} ).", - "diagnosis_http_bad_status_code": "Le système de diagnostique n’a pas réussi à contacter votre serveur. Il se peut qu’une autre machine réponde à la place de votre serveur. Vérifiez que le port 80 est correctement redirigé, que votre configuration nginx est à jour et qu’un reverse-proxy n’interfère pas.", - "diagnosis_http_timeout": "Expiration du délai en essayant de contacter votre serveur de l’extérieur. Il semble être inaccessible. Vérifiez que vous transférez correctement le port 80, que nginx est en cours d’exécution et qu’un pare-feu n’interfère pas.", + "diagnosis_http_bad_status_code": "Le système de diagnostique n’a pas réussi à contacter votre serveur. Il se peut qu’une autre machine réponde à la place de votre serveur. Vérifiez que le port 80 est correctement redirigé, que votre configuration Nginx est à jour et qu’un reverse-proxy n’interfère pas.", + "diagnosis_http_timeout": "Expiration du délai en essayant de contacter votre serveur de l’extérieur. Il semble être inaccessible. Vérifiez que vous transférez correctement le port 80, que Nginx est en cours d’exécution et qu’un pare-feu n’interfère pas.", "global_settings_setting_pop3_enabled": "Activer le protocole POP3 pour le serveur de messagerie", "log_app_action_run": "Lancer l’action de l’application '{}'", "log_app_config_show_panel": "Montrer le panneau de configuration de l’application '{}'", @@ -600,42 +600,42 @@ "certmanager_warning_subdomain_dns_record": "Le sous-domaine '{subdomain:s}' ne résout pas vers la même adresse IP que '{domain:s}'. Certaines fonctionnalités seront indisponibles tant que vous n’aurez pas corrigé cela et regénéré le certificat.", "domain_cannot_add_xmpp_upload": "Vous ne pouvez pas ajouter de domaine commençant par 'xmpp-upload.'. Ce type de nom est réservé à la fonctionnalité d’upload XMPP intégrée dans YunoHost.", "diagnosis_mail_outgoing_port_25_ok": "Le serveur de messagerie SMTP peut envoyer des e-mails (le port sortant 25 n'est pas bloqué).", - "diagnosis_mail_outgoing_port_25_blocked_details": "Vous devez d'abord essayer de débloquer le port sortant 25 dans votre interface de routeur Internet ou votre interface d'hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", + "diagnosis_mail_outgoing_port_25_blocked_details": "Vous devez d’abord essayer de débloquer le port sortant 25 dans votre interface de routeur Internet ou votre interface d’hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", "diagnosis_mail_ehlo_bad_answer": "Un service non SMTP a répondu sur le port 25 sur IPv {ipversion}", "diagnosis_mail_ehlo_bad_answer_details": "Cela peut être dû à un autre répondeur au lieu de votre serveur.", "diagnosis_mail_ehlo_wrong": "Un autre serveur de messagerie SMTP répond sur IPv{ipversion}. Il ne sera probablement pas en mesure de recevoir des e-mails.", - "diagnosis_mail_ehlo_could_not_diagnose": "Impossible de diagnostiquer si le serveur de messagerie postfix est accessible de l'extérieur pour IPv {ipversion}.", - "diagnosis_mail_ehlo_could_not_diagnose_details": "Erreur: {error}", - "diagnosis_mail_fcrdns_dns_missing": "Aucun DNS inverse n'est défini dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", + "diagnosis_mail_ehlo_could_not_diagnose": "Impossible de diagnostiquer si le serveur de messagerie postfix est accessible de l’extérieur pour IPv {ipversion}.", + "diagnosis_mail_ehlo_could_not_diagnose_details": "Erreur : {error}", + "diagnosis_mail_fcrdns_dns_missing": "Aucun DNS inverse n’est défini dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", "diagnosis_mail_fcrdns_ok": "Votre DNS inversé est correctement configuré !", - "diagnosis_mail_fcrdns_nok_details": "Vous devez d'abord essayer de configurer le DNS inverse avec {ehlo_domain} dans votre interface de routeur Internet ou votre interface d'hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", + "diagnosis_mail_fcrdns_nok_details": "Vous devez d’abord essayer de configurer le DNS inverse avec {ehlo_domain} dans votre interface de routeur Internet ou votre interface d’hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Le DNS inverse n'est pas correctement configuré dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", "diagnosis_mail_blacklist_ok": "Les adresses IP et les domaines utilisés par ce serveur ne semblent pas être sur liste noire", - "diagnosis_mail_blacklist_reason": "La raison de la liste noire est: {reason}", - "diagnosis_mail_blacklist_website": "Après avoir identifié pourquoi vous êtes répertorié et corrigé, n'hésitez pas à demander la radiation sur {blacklist_website}", + "diagnosis_mail_blacklist_reason": "La raison de la liste noire est : {reason}", + "diagnosis_mail_blacklist_website": "Après avoir identifié pourquoi vous êtes répertorié et corrigé, n’hésitez pas à demander la radiation sur {blacklist_website}", "diagnosis_mail_queue_ok": "{nb_pending} e-mails en attente dans les files d'attente de messagerie", - "diagnosis_mail_queue_unavailable_details": "Erreur: {error}", - "diagnosis_mail_queue_too_big": "Trop d'e-mails en attente dans la file d'attente ({nb_pending} e-mails)", - "global_settings_setting_smtp_allow_ipv6": "Autoriser l'utilisation d'IPv6 pour recevoir et envoyer du courrier", - "diagnosis_security_all_good": "Aucune vulnérabilité de sécurité critique n'a été trouvée.", - "diagnosis_display_tip": "Pour voir les problèmes détectés, vous pouvez accéder à la section Diagnostic du webadmin ou exécuter «yunohost diagnostic show --issues» à partir de la ligne de commande.", - "diagnosis_ip_global": "IP globale: {global} ", - "diagnosis_ip_local": "IP locale: {local} ", - "diagnosis_dns_point_to_doc": "Veuillez consulter la documentation à https://yunohost.org/dns_config si vous avez besoin d'aide pour configurer les enregistrements DNS.", - "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Certains fournisseurs ne vous laisseront pas débloquer le port sortant 25 parce qu'ils ne se soucient pas de la neutralité du Net.
- Certains d'entre eux offrent l'alternative de en utilisant un relais de serveur de messagerie bien que cela implique que le relais sera en mesure d'espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type des limites. Voir https://yunohost.org/#/vpn_advantage
- Vous pouvez également envisager de passer à un fournisseur plus respectueux de la neutralité du net ", + "diagnosis_mail_queue_unavailable_details": "Erreur : {error}", + "diagnosis_mail_queue_too_big": "Trop d’e-mails en attente dans la file d'attente ({nb_pending} e-mails)", + "global_settings_setting_smtp_allow_ipv6": "Autoriser l'utilisation d’IPv6 pour recevoir et envoyer du courrier", + "diagnosis_security_all_good": "Aucune vulnérabilité de sécurité critique n’a été trouvée.", + "diagnosis_display_tip": "Pour voir les problèmes détectés, vous pouvez accéder à la section Diagnostic du webadmin ou exécuter « yunohost diagnostic show --issues » à partir de la ligne de commande.", + "diagnosis_ip_global": "IP globale : {global} ", + "diagnosis_ip_local": "IP locale : {local} ", + "diagnosis_dns_point_to_doc": "Veuillez consulter la documentation à https://yunohost.org/dns_config si vous avez besoin d’aide pour configurer les enregistrements DNS.", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Certains fournisseurs ne vous laisseront pas débloquer le port sortant 25 parce qu’ils ne se soucient pas de la neutralité du Net.
- Certains d’entre eux offrent l’alternative de en utilisant un relais de serveur de messagerie bien que cela implique que le relais sera en mesure d’espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type des limites. Voir https://yunohost.org/#/vpn_advantage
- Vous pouvez également envisager de passer à un fournisseur plus respectueux de la neutralité du net ", "diagnosis_mail_ehlo_ok": "Le serveur de messagerie SMTP est accessible de l'extérieur et peut donc recevoir des e-mails !", - "diagnosis_mail_ehlo_unreachable": "Le serveur de messagerie SMTP est inaccessible de l'extérieur sur IPv {ipversion}. Il ne pourra pas recevoir d'e-mails.", + "diagnosis_mail_ehlo_unreachable": "Le serveur de messagerie SMTP est inaccessible de l’extérieur sur IPv {ipversion}. Il ne pourra pas recevoir d’e-mails.", "diagnosis_mail_ehlo_unreachable_details": "Impossible d'ouvrir une connexion sur le port 25 à votre serveur dans IPv {ipversion}. Il semble inaccessible.
1. La cause la plus courante de ce problème est que le port 25 n'est pas correctement transmis à votre serveur .
2. Vous devez également vous assurer que le suffixe de service est en cours d'exécution.
3. Sur les configurations plus complexes: assurez-vous qu'aucun pare-feu ou proxy inverse n'interfère.", - "diagnosis_mail_ehlo_wrong_details": "L'EHLO reçu par le diagnostiqueur distant dans IPv {ipversion} est différent du domaine de votre serveur.
EHLO reçu: {bad_ehlo}
Attendu: {right_ehlo}
La cause la plus courante ce problème est que le port 25 n'est pas correctement transmis à votre serveur . Vous pouvez également vous assurer qu'aucun pare-feu ou proxy inverse n'interfère.", - "diagnosis_mail_fcrdns_nok_alternatives_4": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée …). Si vous rencontrez des problèmes à cause de cela, envisagez les solutions suivantes:
- Certains FAI fournissent l’alternative de à l’aide d’un relais de serveur de messagerie bien que cela implique que le relais pourra espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Enfin, il est également possible de changement de fournisseur ", + "diagnosis_mail_ehlo_wrong_details": "L’EHLO reçu par le diagnostiqueur distant dans IPv {ipversion} est différent du domaine de votre serveur.
EHLO reçu: {bad_ehlo}
Attendu : {right_ehlo}
La cause la plus courante ce problème est que le port 25 n’est pas correctement transmis à votre serveur . Vous pouvez également vous assurer qu’aucun pare-feu ou proxy inverse n’interfère.", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée …). Si vous rencontrez des problèmes à cause de cela, envisagez les solutions suivantes :
- Certains FAI fournissent l’alternative de à l’aide d’un relais de serveur de messagerie bien que cela implique que le relais pourra espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Enfin, il est également possible de changement de fournisseur ", "diagnosis_mail_fcrdns_nok_alternatives_6": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée ...). Si votre DNS inversé est correctement configuré pour IPv4, vous pouvez essayer de désactiver l'utilisation d'IPv6 lors de l'envoi d'e-mails en exécutant yunohost settings set smtp.allow_ipv6 -v off . Remarque: cette dernière solution signifie que vous ne pourrez pas envoyer ou recevoir de courriels des quelques serveurs IPv6 uniquement disponibles.", - "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS inverse actuel: {rdns_domain}
Valeur attendue: {ehlo_domain} ", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS inverse actuel : {rdns_domain}
Valeur attendue : {ehlo_domain} ", "diagnosis_mail_blacklist_listed_by": "Votre IP ou domaine {item} est sur liste noire sur {blacklist_name}", - "diagnosis_mail_queue_unavailable": "Impossible de consulter le nombre d'e-mails en attente dans la file d'attente", + "diagnosis_mail_queue_unavailable": "Impossible de consulter le nombre d’e-mails en attente dans la file d'attente", "diagnosis_ports_partially_unreachable": "Le port {port} n'est pas accessible de l'extérieur dans IPv {failed}.", - "diagnosis_http_hairpinning_issue": "Votre réseau local ne semble pas avoir activé l'épingle à cheveux.", + "diagnosis_http_hairpinning_issue": "Votre réseau local ne semble pas avoir activé l’épingle à cheveux.", "diagnosis_http_hairpinning_issue_details": "C'est probablement à cause de votre box/routeur ISP. Par conséquent, les personnes extérieures à votre réseau local pourront accéder à votre serveur comme prévu, mais pas les personnes internes au réseau local (comme vous, probablement ?). Vous pourrez peut-être améliorer la situation en consultant https://yunohost.org/dns_local_network", - "diagnosis_http_partially_unreachable": "Le domaine {domain} semble inaccessible via HTTP depuis l'extérieur du réseau local en IPv {failed}, bien qu'il fonctionne en IPv {passed}.", - "diagnosis_http_nginx_conf_not_up_to_date": "La configuration nginx de ce domaine semble avoir été modifiée manuellement et empêche YunoHost de diagnostiquer si elle est accessible sur HTTP.", - "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d'accord, appliquez les modifications avec yunohost tools regen-conf nginx --force." + "diagnosis_http_partially_unreachable": "Le domaine {domain} semble inaccessible via HTTP depuis l’extérieur du réseau local en IPv {failed}, bien qu’il fonctionne en IPv {passed}.", + "diagnosis_http_nginx_conf_not_up_to_date": "La configuration Nginx de ce domaine semble avoir été modifiée manuellement et empêche YunoHost de diagnostiquer si elle est accessible sur HTTP.", + "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d’accord, appliquez les modifications avec yunohost tools regen-conf nginx --force." } From 45bbd061904ba2d0900b14e7cfef042e0787cc50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Quent=C3=AD?= Date: Thu, 23 Apr 2020 08:39:49 +0000 Subject: [PATCH 024/451] Translated using Weblate (Occitan) Currently translated at 60.0% (379 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/oc/ --- locales/oc.json | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/locales/oc.json b/locales/oc.json index 95f581851..cdefd0931 100644 --- a/locales/oc.json +++ b/locales/oc.json @@ -571,5 +571,12 @@ "global_settings_setting_pop3_enabled": "Activar lo protocòl POP3 pel servidor de corrièr", "diagnosis_diskusage_ok": "Lo lòc d’emmagazinatge {mountpoint} (sul periferic {device}) a encara {free} ({free_percent}%) de liure !", "diagnosis_swap_none": "Lo sistèma a pas cap de memòria d’escambi. Auriatz de considerar d’ajustar almens {recommended} d’escambi per evitar las situacions ont lo sistèma manca de memòria.", - "diagnosis_swap_notsomuch": "Lo sistèma a solament {total} de memòria d’escambi. Auriatz de considerar d’ajustar almens {recommended} d’escambi per evitar las situacions ont lo sistèma manca de memòria." + "diagnosis_swap_notsomuch": "Lo sistèma a solament {total} de memòria d’escambi. Auriatz de considerar d’ajustar almens {recommended} d’escambi per evitar las situacions ont lo sistèma manca de memòria.", + "diagnosis_description_web": "Web", + "diagnosis_ip_global": "IP Global  : {global}", + "diagnosis_ip_local": "IP locala : {local}", + "diagnosis_mail_ehlo_could_not_diagnose_details": "Error : {error}", + "diagnosis_mail_queue_unavailable_details": "Error : {error}", + "diagnosis_basesystem_hardware": "L’arquitectura del servidor es {virt} {arch}", + "diagnosis_basesystem_hardware_board": "Lo modèl de carta del servidor es {model}" } From dbcb08a522ba476147fb71e7036e1916132707e3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 24 Apr 2020 01:40:00 +0000 Subject: [PATCH 025/451] Improve wording, fix some weird translation... --- locales/en.json | 8 +++--- locales/fr.json | 72 ++++++++++++++++++++++++------------------------- 2 files changed, 40 insertions(+), 40 deletions(-) diff --git a/locales/en.json b/locales/en.json index c2c087031..f1906e7c6 100644 --- a/locales/en.json +++ b/locales/en.json @@ -193,8 +193,8 @@ "diagnosis_mail_ehlo_unreachable_details": "Could not open a connection on port 25 to your server in IPv{ipversion}. It appears to be unreachable.
1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
2. You should also make sure that service postfix is running.
3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.", "diagnosis_mail_ehlo_bad_answer": "A non-SMTP service answered on port 25 on IPv{ipversion}", "diagnosis_mail_ehlo_bad_answer_details": "It could be due to an other machine answering instead of your server.", - "diagnosis_mail_ehlo_wrong": "A different SMTP mail server answers on IPv{ipversion}. It will probably not be able to receive emails.", - "diagnosis_mail_ehlo_wrong_details": "The EHLO received by the remote diagnoser in IPv{ipversion} is different from your server's domain.
Received EHLO: {wrong_ehlo}
Expected: {right_ehlo}
The most common cause for this issue is that port 25 is not correctly forwarded to your server. Alternatively, make sure that no firewall or reverse-proxy is interfering.", + "diagnosis_mail_ehlo_wrong": "A different SMTP mail server answers on IPv{ipversion}. Your server will probably not be able to receive emails.", + "diagnosis_mail_ehlo_wrong_details": "The EHLO received by the remote diagnoser in IPv{ipversion} is different from your server's domain.
Received EHLO: {wrong_ehlo}
Expected: {right_ehlo}
The most common cause for this issue is that port 25 is not correctly forwarded to your server. Alternatively, make sure that no firewall or reverse-proxy is interfering.", "diagnosis_mail_ehlo_could_not_diagnose": "Could not diagnose if postfix mail server is reachable from outside in IPv{ipversion}.", "diagnosis_mail_ehlo_could_not_diagnose_details": "Error: {error}", "diagnosis_mail_fcrdns_ok": "Your reverse DNS is correctly configured!", @@ -207,7 +207,7 @@ "diagnosis_mail_blacklist_ok": "The IPs and domains used by this server do not appear to be blacklisted", "diagnosis_mail_blacklist_listed_by": "Your IP or domain {item} is blacklisted on {blacklist_name}", "diagnosis_mail_blacklist_reason": "The blacklist reason is: {reason}", - "diagnosis_mail_blacklist_website": "After identifying why you are listed and fixed it, feel free to ask for delisting on {blacklist_website}", + "diagnosis_mail_blacklist_website": "After identifying why you are listed and fixed it, feel free to ask for your IP or domaine to be removed on {blacklist_website}", "diagnosis_mail_queue_ok": "{nb_pending} pending emails in the mail queues", "diagnosis_mail_queue_unavailable": "Can not consult number of pending emails in queue", "diagnosis_mail_queue_unavailable_details": "Error: {error}", @@ -236,7 +236,7 @@ "diagnosis_ports_needed_by": "Exposing this port is needed for {category} features (service {service})", "diagnosis_ports_forwarding_tip": "To fix this issue, you most probably need to configure port forwarding on your internet router as described in https://yunohost.org/isp_box_config", "diagnosis_http_hairpinning_issue": "Your local network does not seem to have hairpinning enabled.", - "diagnosis_http_hairpinning_issue_details": "This is probably because of your ISP box / router. As a result, people from outside your local network will be able to access your server as expected, but not people from inside the local network (like you, probably?). You may be able to improve the situation by having a look at https://yunohost.org/dns_local_network", + "diagnosis_http_hairpinning_issue_details": "This is probably because of your ISP box / router. As a result, people from outside your local network will be able to access your server as expected, but not people from inside the local network (like you, probably?) when using the domain name or global IP. You may be able to improve the situation by having a look at https://yunohost.org/dns_local_network", "diagnosis_http_could_not_diagnose": "Could not diagnose if domains are reachable from outside in IPv{ipversion}.", "diagnosis_http_could_not_diagnose_details": "Error: {error}", "diagnosis_http_ok": "Domain {domain} is reachable through HTTP from outside the local network.", diff --git a/locales/fr.json b/locales/fr.json index 7bc6b1687..614733056 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -41,7 +41,7 @@ "backup_hook_unknown": "Script de sauvegarde '{hook:s}' inconnu", "backup_invalid_archive": "Archive de sauvegarde invalide", "backup_nothings_done": "Il n’y a rien à sauvegarder", - "backup_output_directory_forbidden": "Choisissez un répertoire de sortie différent. Les sauvegardes ne peuvent pas être créées dans les sous-dossiers /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives", + "backup_output_directory_forbidden": "Choisissez un répertoire de destination différent. Les sauvegardes ne peuvent pas être créées dans les sous-dossiers /bin, /boot, /dev, /etc, /lib, /root, /run, /sbin, /sys, /usr, /var ou /home/yunohost.backup/archives", "backup_output_directory_not_empty": "Le répertoire de destination n’est pas vide", "backup_output_directory_required": "Vous devez spécifier un dossier de destination pour la sauvegarde", "backup_running_hooks": "Exécution des scripts de sauvegarde …", @@ -112,7 +112,7 @@ "restore_complete": "Restauré", "restore_confirm_yunohost_installed": "Voulez-vous vraiment restaurer un système déjà installé ? [{answers:s}]", "restore_failed": "Impossible de restaurer le système", - "restore_hook_unavailable": "Script de restauration pour '{part:s}' non disponible sur votre système et non plus dans l'archive", + "restore_hook_unavailable": "Le script de restauration '{part:s}' n’est pas disponible sur votre système, et ne l’est pas non plus dans l’archive", "restore_nothings_done": "Rien n’a été restauré", "restore_running_app_script": "Exécution du script de restauration de l’application '{app:s}'…", "restore_running_hooks": "Exécution des scripts de restauration…", @@ -168,7 +168,7 @@ "certmanager_attempt_to_renew_valid_cert": "Le certificat pour le domaine {domain:s} n’est pas sur le point d’expirer ! (Vous pouvez utiliser --force si vous savez ce que vous faites)", "certmanager_domain_http_not_working": "Il semble que le domaine {domain:s} ne soit pas accessible via HTTP. Veuillez vérifier que vos configuration DNS et Nginx sont correctes", "certmanager_error_no_A_record": "Aucun enregistrement DNS 'A' n’a été trouvé pour {domain:s}. Vous devez faire pointer votre nom de domaine vers votre machine pour être en mesure d’installer un certificat Let’s Encrypt ! (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", - "certmanager_domain_dns_ip_differs_from_public_ip": "L’enregistrement DNS 'A' du domaine {domain:s} est différent de l’adresse IP de ce serveur. Si vous avez récemment modifié votre enregistrement 'A', veuillez attendre sa propagation (quelques vérificateur de propagation DNS sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", + "certmanager_domain_dns_ip_differs_from_public_ip": "L’enregistrement DNS 'A' du domaine {domain:s} est différent de l’adresse IP de ce serveur. Si vous avez récemment modifié votre enregistrement 'A', veuillez attendre sa propagation (des vérificateurs de propagation DNS sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", "certmanager_cannot_read_cert": "Quelque chose s’est mal passé lors de la tentative d’ouverture du certificat actuel pour le domaine {domain:s} (fichier : {file:s}), la cause est : {reason:s}", "certmanager_cert_install_success_selfsigned": "Le certificat auto-signé est maintenant installé pour le domaine « {domain:s} »", "certmanager_cert_install_success": "Le certificat Let’s Encrypt est maintenant installé pour le domaine « {domain:s} »", @@ -326,7 +326,7 @@ "log_user_create": "Ajouter l’utilisateur '{}'", "log_user_delete": "Supprimer l’utilisateur '{}'", "log_user_update": "Mettre à jour les informations de l’utilisateur '{}'", - "log_domain_main_domain": "Faites de '{}' le domaine principal", + "log_domain_main_domain": "Faire de '{}' le domaine principal", "log_tools_migrations_migrate_forward": "Exécuter les migrations", "log_tools_postinstall": "Faire la post-installation de votre serveur YunoHost", "log_tools_upgrade": "Mettre à jour les paquets du système", @@ -380,7 +380,7 @@ "migration_0008_root": "- Vous ne pourrez pas vous connecter en tant que root via SSH. Au lieu de cela, vous devrez utiliser l’utilisateur admin ;", "migration_0008_dsa": "- La clé DSA sera désactivée. Par conséquent, il se peut que vous ayez besoin d’invalider un avertissement effrayant de votre client SSH afin de revérifier l’empreinte de votre serveur ;", "migration_0008_warning": "Si vous comprenez ces avertissements et souhaitez que YunoHost écrase votre configuration actuelle, exécutez la migration. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", - "migration_0008_no_warning": "Remplacer votre configuration SSH devrait être sûr, bien que cela ne puisse pas être promis ! Exécutez la migration pour la remplacer. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", + "migration_0008_no_warning": "Remplacer votre configuration SSH ne devrait pas poser de problème, bien qu'il soit difficile de le promettre ! Exécutez la migration pour la remplacer. Sinon, vous pouvez également ignorer la migration, bien que cela ne soit pas recommandé.", "migrations_success": "Migration {number} {name} réussie !", "pattern_password_app": "Désolé, les mots de passe ne peuvent pas contenir les caractères suivants : {forbidden_chars}", "root_password_replaced_by_admin_password": "Votre mot de passe root a été remplacé par votre mot de passe administrateur.", @@ -510,7 +510,7 @@ "diagnosis_ip_weird_resolvconf": "La résolution DNS semble fonctionner, mais il semble que vous utilisez un /etc/resolv.conf personnalisé.", "diagnosis_ip_weird_resolvconf_details": "Le fichier /etc/resolv.conf doit être un lien symbolique vers /etc/resolvconf/run/resolv.conf lui-même pointant vers 127.0.0.1 (dnsmasq). Si vous souhaitez configurer manuellement les résolveurs DNS, veuillez modifier /etc/resolv.dnsmasq.conf.", "diagnosis_dns_missing_record": "Selon la configuration DNS recommandée, vous devez ajouter un enregistrement DNS\nType : {type}\nNom : {name}\nValeur : {value}", - "diagnosis_diskusage_ok": "L’espace de stockage {mountpoint} (sur l’appareil {device}) a encore {libre} ({free_percent}%) espace restant (sur {total}) !", + "diagnosis_diskusage_ok": "L’espace de stockage {mountpoint} (sur le périphérique {device}) a encore {libre} ({free_percent}%) espace restant (sur {total}) !", "diagnosis_ram_ok": "Le système dispose encore de {available} ({available_percent}%) de RAM sur {total}.", "diagnosis_regenconf_allgood": "Tous les fichiers de configuration sont conformes à la configuration recommandée !", "diagnosis_security_vulnerable_to_meltdown": "Vous semblez vulnérable à la vulnérabilité de sécurité critique de Meltdown", @@ -532,12 +532,12 @@ "diagnosis_ip_no_ipv6": "Le serveur ne dispose pas d’une adresse IPv6.", "diagnosis_ip_dnsresolution_working": "La résolution de nom de domaine fonctionne !", "diagnosis_ip_broken_dnsresolution": "La résolution du nom de domaine semble interrompue pour une raison quelconque … Un pare-feu bloque-t-il les requêtes DNS ?", - "diagnosis_ip_broken_resolvconf": "La résolution du nom de domaine semble être rompue sur votre serveur, ce qui semble lié au fait que /etc/resolv.conf ne pointe pas sur 127.0.0.1.", + "diagnosis_ip_broken_resolvconf": "La résolution du nom de domaine semble être cassée sur votre serveur, ce qui semble lié au fait que /etc/resolv.conf ne pointe pas vers 127.0.0.1.", "diagnosis_dns_good_conf": "Les enregistrements DNS sont correctement configurés pour le domaine {domain} (catégorie {category})", "diagnosis_dns_bad_conf": "Certains enregistrements DNS sont manquants ou incorrects pour le domaine {domain} (catégorie {category})", "diagnosis_dns_discrepancy": "L’enregistrement DNS de type {type} et nom {name} ne correspond pas à la configuration recommandée.\nValeur actuelle : {current}\nValeur attendue : {value}", "diagnosis_services_bad_status": "Le service {service} est {status} :-(", - "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l’appareil {device} ) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l’espace !", + "diagnosis_diskusage_verylow": "L'espace de stockage {mountpoint} (sur l’appareil {device}) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Vous devriez vraiment envisager de nettoyer de l’espace !", "diagnosis_diskusage_low": "L'espace de stockage {mountpoint} (sur l'appareil {device}) ne dispose que de {free} ({free_percent}%) espace restant (sur {total}). Faites attention.", "diagnosis_ram_verylow": "Le système ne dispose plus que de {available} ({available_percent}%)! (sur {total})", "diagnosis_ram_low": "Le système n’a plus de {available} ({available_percent}%) RAM sur {total}. Faites attention.", @@ -546,7 +546,7 @@ "diagnosis_swap_ok": "Le système dispose de {total} de swap !", "diagnosis_regenconf_manually_modified": "Le fichier de configuration {file} semble avoir été modifié manuellement.", "diagnosis_regenconf_manually_modified_debian": "Le fichier de configuration {file} a été modifié manuellement par rapport à celui par défaut de Debian.", - "diagnosis_regenconf_manually_modified_details": "C’est probablement OK si vous savez ce que vous faites ! YunoHost cessera de mettre à jour ce fichier automatiquement ... Mais attention, les mises à jour de YunoHost pourraient contenir d’importantes modifications recommandées. Si vous le souhaitez, vous pouvez inspecter les différences avec les outils yunohost regen-conf {category} --dry-run --with-diff et forcer la réinitialisation à la configuration recommandée avec les outils yunohost regen-conf {category} --force ", + "diagnosis_regenconf_manually_modified_details": "C’est probablement OK si vous savez ce que vous faites ! YunoHost cessera de mettre à jour ce fichier automatiquement ... Mais attention, les mises à jour de YunoHost pourraient contenir d’importantes modifications recommandées. Si vous le souhaitez, vous pouvez inspecter les différences avec yunohost tools regen-conf {category} --dry-run --with-diff et forcer la réinitialisation à la configuration recommandée avec yunohost tools regen-conf {category} --force", "diagnosis_regenconf_manually_modified_debian_details": "Cela peut probablement être OK, mais il faut garder un œil dessus …", "apps_catalog_init_success": "Système de catalogue d’applications initialisé !", "apps_catalog_failed_to_download": "Impossible de télécharger le catalogue des applications {apps_catalog} : {error}", @@ -581,11 +581,11 @@ "diagnosis_services_running": "Le service {service} est en cours de fonctionnement !", "diagnosis_services_conf_broken": "La configuration est cassée pour le service {service} !", "diagnosis_ports_needed_by": "Rendre ce port accessible est nécessaire pour les fonctionnalités de type {category} (service {service})", - "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config ", + "diagnosis_ports_forwarding_tip": "Pour résoudre ce problème, vous devez probablement configurer la redirection de port sur votre routeur Internet comme décrit dans https://yunohost.org/isp_box_config", "diagnosis_http_connection_error": "Erreur de connexion : impossible de se connecter au domaine demandé, il est probablement injoignable.", "diagnosis_no_cache": "Pas encore de cache de diagnostique pour la catégorie « {category} »", "yunohost_postinstall_end_tip": "La post-installation terminée! Pour finaliser votre configuration, il est recommandé de :\n - ajouter un premier utilisateur depuis la section \"Utilisateurs\" de l’interface web (ou \"yunohost user create \" en ligne de commande) ;\n - diagnostiquer les potentiels problèmes dans la section \"Diagnostic\" de l'interface web (ou \"yunohost diagnosis run\" en ligne de commande) ;\n - lire les parties \"Finalisation de votre configuration\" et \"Découverte de YunoHost\" dans le guide de l’administrateur: https://yunohost.org/admindoc.", - "diagnosis_services_bad_status_tip": "Vous pouvez essayer de redémarrer le service, et si cela ne fonctionne pas, consultez les journaux de service dans le webadmin (à partir de la ligne de commande, vous pouvez le faire avec yunohost service restart {service} et yunohost service log {service} ).", + "diagnosis_services_bad_status_tip": "Vous pouvez essayer de redémarrer le service, et si cela ne fonctionne pas, consultez les journaux de service dans le webadmin (à partir de la ligne de commande, vous pouvez le faire avec yunohost service restart {service} et yunohost service log {service} ).", "diagnosis_http_bad_status_code": "Le système de diagnostique n’a pas réussi à contacter votre serveur. Il se peut qu’une autre machine réponde à la place de votre serveur. Vérifiez que le port 80 est correctement redirigé, que votre configuration Nginx est à jour et qu’un reverse-proxy n’interfère pas.", "diagnosis_http_timeout": "Expiration du délai en essayant de contacter votre serveur de l’extérieur. Il semble être inaccessible. Vérifiez que vous transférez correctement le port 80, que Nginx est en cours d’exécution et qu’un pare-feu n’interfère pas.", "global_settings_setting_pop3_enabled": "Activer le protocole POP3 pour le serveur de messagerie", @@ -600,42 +600,42 @@ "certmanager_warning_subdomain_dns_record": "Le sous-domaine '{subdomain:s}' ne résout pas vers la même adresse IP que '{domain:s}'. Certaines fonctionnalités seront indisponibles tant que vous n’aurez pas corrigé cela et regénéré le certificat.", "domain_cannot_add_xmpp_upload": "Vous ne pouvez pas ajouter de domaine commençant par 'xmpp-upload.'. Ce type de nom est réservé à la fonctionnalité d’upload XMPP intégrée dans YunoHost.", "diagnosis_mail_outgoing_port_25_ok": "Le serveur de messagerie SMTP peut envoyer des e-mails (le port sortant 25 n'est pas bloqué).", - "diagnosis_mail_outgoing_port_25_blocked_details": "Vous devez d’abord essayer de débloquer le port sortant 25 dans votre interface de routeur Internet ou votre interface d’hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", - "diagnosis_mail_ehlo_bad_answer": "Un service non SMTP a répondu sur le port 25 sur IPv {ipversion}", - "diagnosis_mail_ehlo_bad_answer_details": "Cela peut être dû à un autre répondeur au lieu de votre serveur.", - "diagnosis_mail_ehlo_wrong": "Un autre serveur de messagerie SMTP répond sur IPv{ipversion}. Il ne sera probablement pas en mesure de recevoir des e-mails.", - "diagnosis_mail_ehlo_could_not_diagnose": "Impossible de diagnostiquer si le serveur de messagerie postfix est accessible de l’extérieur pour IPv {ipversion}.", + "diagnosis_mail_outgoing_port_25_blocked_details": "Vous devez d’abord essayer de débloquer le port sortant 25 dans votre interface de routeur Internet ou votre interface d’hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket de support pour cela).", + "diagnosis_mail_ehlo_bad_answer": "Un service non SMTP a répondu sur le port 25 en IPv{ipversion}", + "diagnosis_mail_ehlo_bad_answer_details": "Cela peut être dû à une autre machine qui répond au lieu de votre serveur.", + "diagnosis_mail_ehlo_wrong": "Un autre serveur de messagerie SMTP répond sur IPv{ipversion}. Votre serveur ne sera probablement pas en mesure de recevoir des e-mails.", + "diagnosis_mail_ehlo_could_not_diagnose": "Impossible de diagnostiquer si le serveur de messagerie postfix est accessible de l’extérieur en IPv{ipversion}.", "diagnosis_mail_ehlo_could_not_diagnose_details": "Erreur : {error}", - "diagnosis_mail_fcrdns_dns_missing": "Aucun DNS inverse n’est défini dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", - "diagnosis_mail_fcrdns_ok": "Votre DNS inversé est correctement configuré !", - "diagnosis_mail_fcrdns_nok_details": "Vous devez d’abord essayer de configurer le DNS inverse avec {ehlo_domain} dans votre interface de routeur Internet ou votre interface d’hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket d'assistance pour cela).", - "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Le DNS inverse n'est pas correctement configuré dans IPv {ipversion}. Certains e-mails peuvent ne pas être livrés ou être signalés comme spam.", + "diagnosis_mail_fcrdns_dns_missing": "Aucun DNS inverse n’est défini pour IPv{ipversion}. Certains e-mails seront peut-être refusés ou considérés comme des spam.", + "diagnosis_mail_fcrdns_ok": "Votre DNS inverse est correctement configuré !", + "diagnosis_mail_fcrdns_nok_details": "Vous devez d’abord essayer de configurer le DNS inverse avec {ehlo_domain} dans votre interface de routeur Internet ou votre interface d’hébergement. (Certains hébergeurs peuvent vous demander de leur envoyer un ticket de support pour cela).", + "diagnosis_mail_fcrdns_different_from_ehlo_domain": "Le DNS inverse n'est pas correctement configuré en IPv{ipversion}. Certains e-mails seront peut-être refusés ou considérés comme des spam.", "diagnosis_mail_blacklist_ok": "Les adresses IP et les domaines utilisés par ce serveur ne semblent pas être sur liste noire", "diagnosis_mail_blacklist_reason": "La raison de la liste noire est : {reason}", - "diagnosis_mail_blacklist_website": "Après avoir identifié pourquoi vous êtes répertorié et corrigé, n’hésitez pas à demander la radiation sur {blacklist_website}", + "diagnosis_mail_blacklist_website": "Après avoir identifié la raison pour laquelle vous êtes répertorié et l'avoir corrigé, n’hésitez pas à demander le retrait de votre IP ou domaine sur {blacklist_website}", "diagnosis_mail_queue_ok": "{nb_pending} e-mails en attente dans les files d'attente de messagerie", "diagnosis_mail_queue_unavailable_details": "Erreur : {error}", "diagnosis_mail_queue_too_big": "Trop d’e-mails en attente dans la file d'attente ({nb_pending} e-mails)", "global_settings_setting_smtp_allow_ipv6": "Autoriser l'utilisation d’IPv6 pour recevoir et envoyer du courrier", "diagnosis_security_all_good": "Aucune vulnérabilité de sécurité critique n’a été trouvée.", "diagnosis_display_tip": "Pour voir les problèmes détectés, vous pouvez accéder à la section Diagnostic du webadmin ou exécuter « yunohost diagnostic show --issues » à partir de la ligne de commande.", - "diagnosis_ip_global": "IP globale : {global} ", - "diagnosis_ip_local": "IP locale : {local} ", - "diagnosis_dns_point_to_doc": "Veuillez consulter la documentation à https://yunohost.org/dns_config si vous avez besoin d’aide pour configurer les enregistrements DNS.", - "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Certains fournisseurs ne vous laisseront pas débloquer le port sortant 25 parce qu’ils ne se soucient pas de la neutralité du Net.
- Certains d’entre eux offrent l’alternative de en utilisant un relais de serveur de messagerie bien que cela implique que le relais sera en mesure d’espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type des limites. Voir https://yunohost.org/#/vpn_advantage
- Vous pouvez également envisager de passer à un fournisseur plus respectueux de la neutralité du net ", + "diagnosis_ip_global": "IP globale : {global}", + "diagnosis_ip_local": "IP locale : {local}", + "diagnosis_dns_point_to_doc": "Veuillez consulter la documentation sur https://yunohost.org/dns_config si vous avez besoin d’aide pour configurer les enregistrements DNS.", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Certains fournisseurs ne vous laisseront pas débloquer le port sortant 25 parce qu’ils ne se soucient pas de la neutralité du Net.
- Certains d’entre eux offrent l’alternative d'utiliser un serveur de messagerie relai bien que cela implique que le relai sera en mesure d’espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN *avec une IP publique dédiée* pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Vous pouvez également envisager de passer à un fournisseur plus respectueux de la neutralité du net", "diagnosis_mail_ehlo_ok": "Le serveur de messagerie SMTP est accessible de l'extérieur et peut donc recevoir des e-mails !", - "diagnosis_mail_ehlo_unreachable": "Le serveur de messagerie SMTP est inaccessible de l’extérieur sur IPv {ipversion}. Il ne pourra pas recevoir d’e-mails.", - "diagnosis_mail_ehlo_unreachable_details": "Impossible d'ouvrir une connexion sur le port 25 à votre serveur dans IPv {ipversion}. Il semble inaccessible.
1. La cause la plus courante de ce problème est que le port 25 n'est pas correctement transmis à votre serveur .
2. Vous devez également vous assurer que le suffixe de service est en cours d'exécution.
3. Sur les configurations plus complexes: assurez-vous qu'aucun pare-feu ou proxy inverse n'interfère.", - "diagnosis_mail_ehlo_wrong_details": "L’EHLO reçu par le diagnostiqueur distant dans IPv {ipversion} est différent du domaine de votre serveur.
EHLO reçu: {bad_ehlo}
Attendu : {right_ehlo}
La cause la plus courante ce problème est que le port 25 n’est pas correctement transmis à votre serveur . Vous pouvez également vous assurer qu’aucun pare-feu ou proxy inverse n’interfère.", - "diagnosis_mail_fcrdns_nok_alternatives_4": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée …). Si vous rencontrez des problèmes à cause de cela, envisagez les solutions suivantes :
- Certains FAI fournissent l’alternative de à l’aide d’un relais de serveur de messagerie bien que cela implique que le relais pourra espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN * avec une IP publique dédiée * pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Enfin, il est également possible de changement de fournisseur ", - "diagnosis_mail_fcrdns_nok_alternatives_6": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée ...). Si votre DNS inversé est correctement configuré pour IPv4, vous pouvez essayer de désactiver l'utilisation d'IPv6 lors de l'envoi d'e-mails en exécutant yunohost settings set smtp.allow_ipv6 -v off . Remarque: cette dernière solution signifie que vous ne pourrez pas envoyer ou recevoir de courriels des quelques serveurs IPv6 uniquement disponibles.", - "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS inverse actuel : {rdns_domain}
Valeur attendue : {ehlo_domain} ", + "diagnosis_mail_ehlo_unreachable": "Le serveur de messagerie SMTP est inaccessible de l’extérieur en IPv{ipversion}. Il ne pourra pas recevoir d’e-mails.", + "diagnosis_mail_ehlo_unreachable_details": "Impossible d'ouvrir une connexion sur le port 25 à votre serveur en IPv{ipversion}. Il semble inaccessible.
1. La cause la plus courante de ce problème est que le port 25 n'est pas correctement redirigé vers votre serveur.
2. Vous devez également vous assurer que le service postfix est en cours d'exécution.
3. Sur les configurations plus complexes: assurez-vous qu'aucun pare-feu ou proxy inversé n'interfère.", + "diagnosis_mail_ehlo_wrong_details": "Le EHLO reçu par le serveur de diagnostique distant en IPv{ipversion} est différent du domaine de votre serveur.
EHLO reçu: {bad_ehlo}
Attendu : {right_ehlo}
La cause la plus courante ce problème est que le port 25 n’est pas correctement redirigé vers votre serveur . Vous pouvez également vous assurer qu’aucun pare-feu ou proxy inversé n’interfère.", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée …). Si vous rencontrez des problèmes à cause de cela, envisagez les solutions suivantes :
- Certains FAI fournissent l’alternative de à l’aide d’un relais de serveur de messagerie bien que cela implique que le relais pourra espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN *avec une IP publique dédiée* pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Enfin, il est également possible de changer de fournisseur", + "diagnosis_mail_fcrdns_nok_alternatives_6": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée ...). Si votre DNS inversé est correctement configuré en IPv4, vous pouvez essayer de désactiver l'utilisation d'IPv6 lors de l'envoi d'e-mails en exécutant yunohost settings set smtp.allow_ipv6 -v off. Remarque: cette dernière solution signifie que vous ne pourrez pas envoyer ou recevoir de courriels avec les quelques serveurs qui ont uniquement de l'IPv6.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS inverse actuel : {rdns_domain}
Valeur attendue : {ehlo_domain}", "diagnosis_mail_blacklist_listed_by": "Votre IP ou domaine {item} est sur liste noire sur {blacklist_name}", "diagnosis_mail_queue_unavailable": "Impossible de consulter le nombre d’e-mails en attente dans la file d'attente", - "diagnosis_ports_partially_unreachable": "Le port {port} n'est pas accessible de l'extérieur dans IPv {failed}.", - "diagnosis_http_hairpinning_issue": "Votre réseau local ne semble pas avoir activé l’épingle à cheveux.", - "diagnosis_http_hairpinning_issue_details": "C'est probablement à cause de votre box/routeur ISP. Par conséquent, les personnes extérieures à votre réseau local pourront accéder à votre serveur comme prévu, mais pas les personnes internes au réseau local (comme vous, probablement ?). Vous pourrez peut-être améliorer la situation en consultant https://yunohost.org/dns_local_network", - "diagnosis_http_partially_unreachable": "Le domaine {domain} semble inaccessible via HTTP depuis l’extérieur du réseau local en IPv {failed}, bien qu’il fonctionne en IPv {passed}.", - "diagnosis_http_nginx_conf_not_up_to_date": "La configuration Nginx de ce domaine semble avoir été modifiée manuellement et empêche YunoHost de diagnostiquer si elle est accessible sur HTTP.", + "diagnosis_ports_partially_unreachable": "Le port {port} n'est pas accessible de l'extérieur en IPv{failed}.", + "diagnosis_http_hairpinning_issue": "Votre réseau local ne semble pas supporter l'hairpinning.", + "diagnosis_http_hairpinning_issue_details": "C'est probablement à cause de la box/routeur de votre fournisseur d'accès internet. Par conséquent, les personnes extérieures à votre réseau local pourront accéder à votre serveur comme prévu, mais pas les personnes internes au réseau local (comme vous, probablement ?) si elles utilisent le nom de domaine ou l'IP globale. Vous pourrez peut-être améliorer la situation en consultant https://yunohost.org/dns_local_network", + "diagnosis_http_partially_unreachable": "Le domaine {domain} semble inaccessible en HTTP depuis l’extérieur du réseau local en IPv{failed}, bien qu’il fonctionne en IPv{passed}.", + "diagnosis_http_nginx_conf_not_up_to_date": "La configuration Nginx de ce domaine semble avoir été modifiée manuellement et empêche YunoHost de diagnostiquer si elle est accessible en HTTP.", "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d’accord, appliquez les modifications avec yunohost tools regen-conf nginx --force." } From 87cf61dd3e49ed86d2cc5443c6344c9501abf54c Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 24 Apr 2020 01:40:59 +0000 Subject: [PATCH 026/451] Fix bad placeholder names... --- locales/eo.json | 4 ++-- locales/es.json | 2 +- locales/fr.json | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/locales/eo.json b/locales/eo.json index 22656188d..d778938e9 100644 --- a/locales/eo.json +++ b/locales/eo.json @@ -312,7 +312,7 @@ "package_unknown": "Nekonata pako '{pkgname}'", "domain_unknown": "Nekonata domajno", "global_settings_setting_security_password_user_strength": "Uzanto pasvorta forto", - "restore_may_be_not_enough_disk_space": "Via sistemo ne ŝajnas havi sufiĉe da spaco (libera: {libera_spaco:d} B, necesa spaco: {necesa_spaco:d} B, sekureca marĝeno: {rando:d} B)", + "restore_may_be_not_enough_disk_space": "Via sistemo ne ŝajnas havi sufiĉe da spaco (libera: {free_space:d} B, necesa spaco: {needed_space:d} B, sekureca marĝeno: {margin:d} B)", "log_corrupted_md_file": "La YAD-metadata dosiero asociita kun protokoloj estas damaĝita: '{md_file}\nEraro: {error} '", "downloading": "Elŝutante …", "user_deleted": "Uzanto forigita", @@ -576,7 +576,7 @@ "diagnosis_services_running": "Servo {service} funkcias!", "diagnosis_ports_unreachable": "Haveno {port} ne atingeblas de ekstere.", "diagnosis_ports_ok": "Haveno {port} atingeblas de ekstere.", - "diagnosis_ports_needed_by": "Eksponi ĉi tiun havenon necesas por {1} funkcioj (servo {0})", + "diagnosis_ports_needed_by": "Eksponi ĉi tiun havenon necesas por {category} funkcioj (servo {service})", "diagnosis_ports_forwarding_tip": "Por solvi ĉi tiun problemon, vi plej verŝajne bezonas agordi havenon en via interreta enkursigilo kiel priskribite en https://yunohost.org/isp_box_config", "diagnosis_http_could_not_diagnose": "Ne povis diagnozi, ĉu atingeblas domajno de ekstere.", "diagnosis_http_could_not_diagnose_details": "Eraro: {error}", diff --git a/locales/es.json b/locales/es.json index f76d722e6..6d77dd2ef 100644 --- a/locales/es.json +++ b/locales/es.json @@ -170,7 +170,7 @@ "certmanager_attempt_to_renew_valid_cert": "¡El certificado para el dominio «{domain:s}» no está a punto de expirar! (Puede usar --force si sabe lo que está haciendo)", "certmanager_domain_http_not_working": "Parece que no se puede acceder al dominio {domain:s} a través de HTTP. Compruebe que la configuración del DNS y de NGINX es correcta", "certmanager_error_no_A_record": "No se ha encontrado un registro DNS «A» para el dominio {domain:s}. Debe hacer que su nombre de dominio apunte a su máquina para poder instalar un certificado de Let's Encrypt. (Si sabe lo que está haciendo, use «--no-checks» para desactivar esas comprobaciones.)", - "certmanager_domain_dns_ip_differs_from_public_ip": "El registro DNS 'A' para el dominio '{dominio:s}' es diferente de la IP de este servidor. Si recientemente modificó su registro A, espere a que se propague (algunos verificadores de propagación de DNS están disponibles en línea). (Si sabe lo que está haciendo, use '--no-checks' para desactivar esos cheques)", + "certmanager_domain_dns_ip_differs_from_public_ip": "El registro DNS 'A' para el dominio '{domain:s}' es diferente de la IP de este servidor. Si recientemente modificó su registro A, espere a que se propague (algunos verificadores de propagación de DNS están disponibles en línea). (Si sabe lo que está haciendo, use '--no-checks' para desactivar esos cheques)", "certmanager_cannot_read_cert": "Se ha producido un error al intentar abrir el certificado actual para el dominio {domain:s} (archivo: {file:s}), razón: {reason:s}", "certmanager_cert_install_success_selfsigned": "Instalado correctamente un certificado autofirmado para el dominio «{domain:s}»", "certmanager_cert_install_success": "Instalado correctamente un certificado de Let's Encrypt para el dominio «{domain:s}»", diff --git a/locales/fr.json b/locales/fr.json index 614733056..764b6bb10 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -510,7 +510,7 @@ "diagnosis_ip_weird_resolvconf": "La résolution DNS semble fonctionner, mais il semble que vous utilisez un /etc/resolv.conf personnalisé.", "diagnosis_ip_weird_resolvconf_details": "Le fichier /etc/resolv.conf doit être un lien symbolique vers /etc/resolvconf/run/resolv.conf lui-même pointant vers 127.0.0.1 (dnsmasq). Si vous souhaitez configurer manuellement les résolveurs DNS, veuillez modifier /etc/resolv.dnsmasq.conf.", "diagnosis_dns_missing_record": "Selon la configuration DNS recommandée, vous devez ajouter un enregistrement DNS\nType : {type}\nNom : {name}\nValeur : {value}", - "diagnosis_diskusage_ok": "L’espace de stockage {mountpoint} (sur le périphérique {device}) a encore {libre} ({free_percent}%) espace restant (sur {total}) !", + "diagnosis_diskusage_ok": "L’espace de stockage {mountpoint} (sur le périphérique {device}) a encore {free} ({free_percent}%) espace restant (sur {total}) !", "diagnosis_ram_ok": "Le système dispose encore de {available} ({available_percent}%) de RAM sur {total}.", "diagnosis_regenconf_allgood": "Tous les fichiers de configuration sont conformes à la configuration recommandée !", "diagnosis_security_vulnerable_to_meltdown": "Vous semblez vulnérable à la vulnérabilité de sécurité critique de Meltdown", @@ -626,7 +626,7 @@ "diagnosis_mail_ehlo_ok": "Le serveur de messagerie SMTP est accessible de l'extérieur et peut donc recevoir des e-mails !", "diagnosis_mail_ehlo_unreachable": "Le serveur de messagerie SMTP est inaccessible de l’extérieur en IPv{ipversion}. Il ne pourra pas recevoir d’e-mails.", "diagnosis_mail_ehlo_unreachable_details": "Impossible d'ouvrir une connexion sur le port 25 à votre serveur en IPv{ipversion}. Il semble inaccessible.
1. La cause la plus courante de ce problème est que le port 25 n'est pas correctement redirigé vers votre serveur.
2. Vous devez également vous assurer que le service postfix est en cours d'exécution.
3. Sur les configurations plus complexes: assurez-vous qu'aucun pare-feu ou proxy inversé n'interfère.", - "diagnosis_mail_ehlo_wrong_details": "Le EHLO reçu par le serveur de diagnostique distant en IPv{ipversion} est différent du domaine de votre serveur.
EHLO reçu: {bad_ehlo}
Attendu : {right_ehlo}
La cause la plus courante ce problème est que le port 25 n’est pas correctement redirigé vers votre serveur . Vous pouvez également vous assurer qu’aucun pare-feu ou proxy inversé n’interfère.", + "diagnosis_mail_ehlo_wrong_details": "Le EHLO reçu par le serveur de diagnostique distant en IPv{ipversion} est différent du domaine de votre serveur.
EHLO reçu: {wrong_ehlo}
Attendu : {right_ehlo}
La cause la plus courante ce problème est que le port 25 n’est pas correctement redirigé vers votre serveur . Vous pouvez également vous assurer qu’aucun pare-feu ou proxy inversé n’interfère.", "diagnosis_mail_fcrdns_nok_alternatives_4": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée …). Si vous rencontrez des problèmes à cause de cela, envisagez les solutions suivantes :
- Certains FAI fournissent l’alternative de à l’aide d’un relais de serveur de messagerie bien que cela implique que le relais pourra espionner votre trafic de messagerie.
- Une alternative respectueuse de la vie privée consiste à utiliser un VPN *avec une IP publique dédiée* pour contourner ce type de limites. Voir https://yunohost.org/#/vpn_advantage
- Enfin, il est également possible de changer de fournisseur", "diagnosis_mail_fcrdns_nok_alternatives_6": "Certains fournisseurs ne vous laisseront pas configurer votre DNS inversé (ou leur fonctionnalité pourrait être cassée ...). Si votre DNS inversé est correctement configuré en IPv4, vous pouvez essayer de désactiver l'utilisation d'IPv6 lors de l'envoi d'e-mails en exécutant yunohost settings set smtp.allow_ipv6 -v off. Remarque: cette dernière solution signifie que vous ne pourrez pas envoyer ou recevoir de courriels avec les quelques serveurs qui ont uniquement de l'IPv6.", "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS inverse actuel : {rdns_domain}
Valeur attendue : {ehlo_domain}", From e044d20802312323489eea7b4ba7868f97702411 Mon Sep 17 00:00:00 2001 From: Christian Wehrli Date: Fri, 24 Apr 2020 20:50:28 +0000 Subject: [PATCH 027/451] Translated using Weblate (German) Currently translated at 34.8% (220 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/de/ --- locales/de.json | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/locales/de.json b/locales/de.json index b354f60c5..5b372edfc 100644 --- a/locales/de.json +++ b/locales/de.json @@ -165,10 +165,10 @@ "mailbox_used_space_dovecot_down": "Der Dovecot Mailbox Dienst muss gestartet sein, wenn du den von der Mailbox belegten Speicher angezeigen lassen willst", "package_unknown": "Unbekanntes Paket '{pkgname}'", "certmanager_attempt_to_replace_valid_cert": "Du versuchst gerade eine richtiges und gültiges Zertifikat der Domain {domain:s} zu überschreiben! (Benutze --force , um diese Nachricht zu umgehen)", - "certmanager_domain_unknown": "Unbekannte Domain {domain:s}", - "certmanager_domain_cert_not_selfsigned": "Das Zertifikat der Domain {domain:s} is kein selbstsigniertes Zertifikat. Bist du dir sicher, dass du es ersetzen willst? (Benutze --force)", + "certmanager_domain_unknown": "Unbekannte Domain '{domain:s}'", + "certmanager_domain_cert_not_selfsigned": "Das Zertifikat der Domain {domain:s} ist kein selbstsigniertes Zertifikat. Bist du dir sicher, dass du es ersetzen willst? (Benutze dafür '--force')", "certmanager_certificate_fetching_or_enabling_failed": "Es scheint so als wäre die Aktivierung des Zertifikats für die Domain {domain:s} fehlgeschlagen...", - "certmanager_attempt_to_renew_nonLE_cert": "Das Zertifikat der Domain {domain:s} wurde nicht von Let's Encrypt ausgestellt. Es kann nicht automatisch erneuert werden!", + "certmanager_attempt_to_renew_nonLE_cert": "Das Zertifikat der Domain '{domain:s}' wurde nicht von Let's Encrypt ausgestellt. Es kann nicht automatisch erneuert werden!", "certmanager_attempt_to_renew_valid_cert": "Das Zertifikat der Domain {domain:s} läuft nicht in Kürze ab! (Benutze --force um diese Nachricht zu umgehen)", "certmanager_domain_http_not_working": "Es scheint so, dass die Domain {domain:s} nicht über HTTP erreicht werden kann. Bitte überprüfe, ob deine DNS und nginx Konfiguration in Ordnung ist", "certmanager_error_no_A_record": "Kein DNS 'A' Eintrag für die Domain {domain:s} gefunden. Dein Domainname muss auf diese Maschine weitergeleitet werden, um ein Let's Encrypt Zertifikat installieren zu können! (Wenn du weißt was du tust, kannst du --no-checks benutzen, um diese Überprüfung zu überspringen. )", @@ -178,15 +178,15 @@ "certmanager_cert_install_success": "Für die Domain {domain:s} wurde erfolgreich ein Let's Encrypt installiert!", "certmanager_cert_renew_success": "Das Let's Encrypt Zertifikat für die Domain {domain:s} wurde erfolgreich erneuert!", "certmanager_hit_rate_limit": "Es wurden innerhalb kurzer Zeit schon zu viele Zertifikate für die exakt gleiche Domain {domain:s} ausgestellt. Bitte versuche es später nochmal. Besuche https://letsencrypt.org/docs/rate-limits/ für mehr Informationen", - "certmanager_cert_signing_failed": "Signieren des neuen Zertifikats ist fehlgeschlagen", + "certmanager_cert_signing_failed": "Das neue Zertifikat konnte nicht signiert werden", "certmanager_no_cert_file": "Die Zertifikatsdatei für die Domain {domain:s} (Datei: {file:s}) konnte nicht gelesen werden", "certmanager_conflicting_nginx_file": "Die Domain konnte nicht für die ACME challenge vorbereitet werden: Die nginx Konfigurationsdatei {filepath:s} verursacht Probleme und sollte vorher entfernt werden", "domain_cannot_remove_main": "Die primäre Domain konnten nicht entfernt werden. Lege zuerst einen neue primäre Domain fest", "certmanager_self_ca_conf_file_not_found": "Die Konfigurationsdatei der Zertifizierungsstelle für selbstsignierte Zertifikate wurde nicht gefunden (Datei {file:s})", - "certmanager_acme_not_configured_for_domain": "Das Zertifikat für die Domain {domain:s} scheint nicht richtig installiert zu sein. Bitte führe den Befehl cert-install für diese Domain nochmals aus.", + "certmanager_acme_not_configured_for_domain": "Das Zertifikat für die Domain '{domain:s}' scheint nicht richtig installiert zu sein. Bitte führe den Befehl cert-install für diese Domain nochmals aus.", "certmanager_unable_to_parse_self_CA_name": "Der Name der Zertifizierungsstelle für selbstsignierte Zertifikate konnte nicht analysiert werden (Datei: {file:s})", - "certmanager_http_check_timeout": "Eine Zeitüberschreitung ist aufgetreten als der Server versuchte sich selbst über HTTP mit der öffentlichen IP (Domain {domain:s} mit der IP {ip:s}) zu erreichen. Möglicherweise ist dafür hairpinning oder eine falsch konfigurierte Firewall/Router deines Servers dafür verantwortlich.", - "certmanager_couldnt_fetch_intermediate_cert": "Eine Zeitüberschreitung ist aufgetreten als der Server versuchte die Teilzertifikate von Let's Encrypt zusammenzusetzen. Die Installation/Erneuerung des Zertifikats wurde abgebrochen - bitte versuche es später erneut.", + "certmanager_http_check_timeout": "Eine Zeitüberschreitung ist aufgetreten, als der Server versuchte sich selbst über HTTP mit der öffentlichen IP (Domain '{domain:s}' mit der IP '{ip:s}') zu erreichen. Möglicherweise ist dafür hairpinning oder eine falsch konfigurierte Firewall/Router deines Servers dafür verantwortlich.", + "certmanager_couldnt_fetch_intermediate_cert": "Eine Zeitüberschreitung ist aufgetreten als der Server versuchte die Teilzertifikate von Let's Encrypt zusammenzusetzen. Die Installation/Erneuerung des Zertifikats wurde abgebrochen — bitte versuche es später erneut.", "domain_hostname_failed": "Erstellen des neuen Hostnamens fehlgeschlagen", "yunohost_ca_creation_success": "Die lokale Zertifizierungs-Authorität wurde angelegt.", "app_already_installed_cant_change_url": "Diese Application ist bereits installiert. Die URL kann durch diese Funktion nicht modifiziert werden. Überprüfe ob `app changeurl` verfügbar ist.", @@ -328,7 +328,7 @@ "diagnosis_cant_run_because_of_dep": "Kann Diagnose für {category} nicht ausführen während wichtige Probleme zu {dep} noch nicht behoben sind.", "diagnosis_found_errors_and_warnings": "Habe {errors} erhebliche(s) Problem(e) (und {warnings} Warnung(en)) in Verbindung mit {category} gefunden!", "diagnosis_ip_broken_dnsresolution": "Domänen-Namens-Auflösung scheint aus einem bestimmten Grund nicht zu funktionieren... Blockiert eine Firewall die DNS Anfragen?", - "diagnosis_ip_broken_resolvconf": "Domänen-Namens-Auflösung scheint nicht zu funktionieren, was daran liegen könnte, dass in /etc/resolv.conf kein Eintrag auf 127.0.0.1 zeigt.", + "diagnosis_ip_broken_resolvconf": "Domänen-Namens-Auflösung scheint nicht zu funktionieren, was daran liegen könnte, dass in /etc/resolv.conf kein Eintrag auf 127.0.0.1 zeigt.", "diagnosis_ip_weird_resolvconf_details": "Stattdessen sollte diese Datei ein Softlink auf /etc/resolvconf/run/resolv.conf sein, die auf sich selbst zu 127.0.0.1 zeigt (dnsmasq). Der eigentlich Auflösende sollte in /etc/resolv.dnsmasq.conf konfiguriert werden.", "diagnosis_dns_good_conf": "Gute DNS Konfiguration für Domäne {domain} (Kategorie {category})", "diagnosis_ignored_issues": "(+ {nb_ignored} ignorierte(s) Problem(e))", @@ -337,5 +337,6 @@ "diagnosis_found_errors": "Habe {errors} erhebliche(s) Problem(e) in Verbindung mit {category} gefunden!", "diagnosis_found_warnings": "Habe {warnings} Ding(e) gefunden, die verbessert werden könnten für {category}.", "diagnosis_ip_dnsresolution_working": "Domänen-Namens-Auflösung funktioniert!", - "diagnosis_ip_weird_resolvconf": "DNS Auflösung scheint zu funktionieren, aber sei vorsichtig wenn du eine eigene /etc/resolv.conf verwendest." + "diagnosis_ip_weird_resolvconf": "DNS Auflösung scheint zu funktionieren, aber sei vorsichtig wenn du eine eigene /etc/resolv.conf verwendest.", + "diagnosis_display_tip": "Um die gefundenen Probleme zu sehen, kannst Du zum Diagnose-Bereich des webadmin gehen, oder 'yunohost diagnosis show --issues' in der Kommandozeile ausführen." } From c0c026613f18de3741d091581ac700e83d026ef1 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 27 Apr 2020 02:15:14 +0200 Subject: [PATCH 028/451] Add wss: to default to get rid of angry CSP on webadmin --- data/templates/nginx/security.conf.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/templates/nginx/security.conf.inc b/data/templates/nginx/security.conf.inc index ff3d2ee99..0a8bd90b6 100644 --- a/data/templates/nginx/security.conf.inc +++ b/data/templates/nginx/security.conf.inc @@ -22,7 +22,7 @@ ssl_prefer_server_ciphers off; # https://wiki.mozilla.org/Security/Guidelines/Web_Security # https://observatory.mozilla.org/ more_set_headers "Content-Security-Policy : upgrade-insecure-requests"; -more_set_headers "Content-Security-Policy-Report-Only : default-src https: data: 'unsafe-inline' 'unsafe-eval'"; +more_set_headers "Content-Security-Policy-Report-Only : default-src https: data: wss: 'unsafe-inline' 'unsafe-eval' "; more_set_headers "X-Content-Type-Options : nosniff"; more_set_headers "X-XSS-Protection : 1; mode=block"; more_set_headers "X-Download-Options : noopen"; From d72156b91f95b5c0ee5283bf3c3ee2c9507406ea Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 20 Apr 2020 01:40:37 +0200 Subject: [PATCH 029/451] [enh] Check domain expiration date --- data/hooks/diagnosis/12-dnsrecords.py | 79 +++++++++++++++++++++++++-- debian/control | 2 +- locales/en.json | 5 ++ 3 files changed, 81 insertions(+), 5 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 53afb2c2d..402f5f994 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -1,6 +1,10 @@ #!/usr/bin/env python import os +import re + +from datetime import datetime, timedelta +from subprocess import Popen, PIPE from moulinette.utils.filesystem import read_file @@ -8,6 +12,7 @@ from yunohost.utils.network import dig from yunohost.diagnosis import Diagnoser from yunohost.domain import domain_list, _build_dns_conf, _get_maindomain +SMALL_SUFFIX_LIST = ['noho.st', 'nohost.me', 'ynh.fr', 'netlib.re'] class DNSRecordsDiagnoser(Diagnoser): @@ -31,10 +36,12 @@ class DNSRecordsDiagnoser(Diagnoser): is_subdomain = domain.split(".",1)[1] in all_domains for report in self.check_domain(domain, domain == main_domain, is_subdomain=is_subdomain): yield report - - # FIXME : somewhere, should implement a check for reverse DNS ... - - # FIXME / TODO : somewhere, could also implement a check for domain expiring soon + + # Check if a domain buy by the user will expire soon + domains_from_registrar = ['.'.join(domain.split('.')[-2:]) for domain in all_domains] + domains_from_registrar = set(domains_from_registrar) - set(SMALL_SUFFIX_LIST) + for report in self.check_expiration_date(domains_from_registrar): + yield report def check_domain(self, domain, is_main_domain, is_subdomain): @@ -137,5 +144,69 @@ class DNSRecordsDiagnoser(Diagnoser): return r["current"] == r["value"] + def check_expiration_date(self, domains): + """ + Alert if expiration date of a domain is soon + """ + + # FIXME find a way to ignore a specific domain without + # create a report by domain each time. We need something small + details = { + "not_found": [], + "error": [], + "warning": [], + "info": [] + } + + for domain in domains: + expire_date = self.get_domain_expiration(domain) + + if not expire_date: + details["not_found"].append(( + "diagnosis_domain_expiration_date_not_found", + {"domain": domain})) + continue + + expire_in = expire_date - datetime.now() + + alert_type = "info" + if expire_in <= timedelta(7): + alert_type = "error" + elif expire_in <= timedelta(30): + alert_type = "warning" + + args = { + "domain": domain, + "days": expire_in.days - 1, + "expire_date": str(expire_date) + } + details[alert_type].append(("diagnosis_domain_expires_in", args)) + + for alert_type in ["error", "warning", "not_found", "info"]: + if details[alert_type]: + yield dict(meta={"category": "expiration"}, + data={}, + status=alert_type.upper() if alert_type != "not_found" else "INFO", + summary="diagnosis_domain_expiration_" + alert_type, + details=details[alert_type]) + + def get_domain_expiration(self, domain): + """ + Return the expiration datetime of a domain or None + """ + + p1 = Popen(['whois', domain], stdout=PIPE) + p2 = Popen(['grep', 'Expir'], stdin=p1.stdout, stdout=PIPE) + out, err = p2.communicate() + out = out.decode("utf-8").split('\n') + p1.terminate() + #p2.terminate() + + for line in out: + match = re.search(r'\d{4}-\d{2}-\d{2}', line) + if match is not None: + return datetime.strptime(match.group(), '%Y-%m-%d') + return None + def main(args, env, loggers): return DNSRecordsDiagnoser(args, env, loggers).diagnose() diff --git a/debian/control b/debian/control index 5bcd78491..fcffa87f6 100644 --- a/debian/control +++ b/debian/control @@ -29,7 +29,7 @@ Depends: ${python:Depends}, ${misc:Depends} , redis-server , metronome , git, curl, wget, cron, unzip, jq - , lsb-release, haveged, fake-hwclock, equivs, lsof + , lsb-release, haveged, fake-hwclock, equivs, lsof, whois Recommends: yunohost-admin , ntp, inetutils-ping | iputils-ping , bash-completion, rsyslog diff --git a/locales/en.json b/locales/en.json index 3607052e3..7f6d9ce34 100644 --- a/locales/en.json +++ b/locales/en.json @@ -172,6 +172,11 @@ "diagnosis_dns_missing_record": "According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: {type}
Name: {name}
Value: {value}", "diagnosis_dns_discrepancy": "The following DNS record does not seem to follow the recommended configuration:
Type: {type}
Name: {name}
Current value: {current}
Excepted value: {value}", "diagnosis_dns_point_to_doc": "Please check the documentation at https://yunohost.org/dns_config if you need help about configuring DNS records.", + "diagnosis_domain_expiration_not_found": "Unable to check the expiration date of some domains", + "diagnosis_domain_expiration_info": "Domains expiration dates", + "diagnosis_domain_expiration_warning": "Some domains expire in less than a month", + "diagnosis_domain_expiration_error": "Some domains expire in less than a week", + "diagnosis_domain_expires_in": "{domain} expires in {days} days.", "diagnosis_services_running": "Service {service} is running!", "diagnosis_services_conf_broken": "Configuration is broken for service {service}!", "diagnosis_services_bad_status": "Service {service} is {status} :(", From c0f27c02353d7007f0ae32823213866c6321fa35 Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 20 Apr 2020 01:47:16 +0200 Subject: [PATCH 030/451] [fix] i18n checks --- tests/test_i18n_keys.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/test_i18n_keys.py b/tests/test_i18n_keys.py index 9125c5d52..e3edc4d48 100644 --- a/tests/test_i18n_keys.py +++ b/tests/test_i18n_keys.py @@ -119,13 +119,16 @@ def find_expected_string_keys(): for level in ["danger", "thirdparty", "warning"]: yield "confirm_app_install_%s" % level + for errortype in ["not_found", "error", "warning", "info"]: + yield "diagnosis_domain_expiration_" % errortype + for errortype in ["bad_status_code", "connection_error", "timeout"]: yield "diagnosis_http_%s" % errortype yield "password_listed" for i in [1, 2, 3, 4]: yield "password_too_simple_%s" % i - + checks = ["outgoing_port_25_ok", "ehlo_ok", "fcrdns_ok", "blacklist_ok", "queue_ok", "ehlo_bad_answer", "ehlo_unreachable", "ehlo_bad_answer_details", From 6954ca9002c808dab7ad3d3b2b3c27f31661850b Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 20 Apr 2020 01:50:04 +0200 Subject: [PATCH 031/451] [fix] i18n checks --- tests/test_i18n_keys.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_i18n_keys.py b/tests/test_i18n_keys.py index e3edc4d48..6dcfd5c70 100644 --- a/tests/test_i18n_keys.py +++ b/tests/test_i18n_keys.py @@ -120,7 +120,7 @@ def find_expected_string_keys(): yield "confirm_app_install_%s" % level for errortype in ["not_found", "error", "warning", "info"]: - yield "diagnosis_domain_expiration_" % errortype + yield "diagnosis_domain_expiration_%s" % errortype for errortype in ["bad_status_code", "connection_error", "timeout"]: yield "diagnosis_http_%s" % errortype From d98d753f521def498bd8300294a3ff7b21b0f16a Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 27 Apr 2020 17:07:38 +0200 Subject: [PATCH 032/451] [fix] Bad i18n key --- data/hooks/diagnosis/12-dnsrecords.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 402f5f994..b6d87aed0 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -163,7 +163,7 @@ class DNSRecordsDiagnoser(Diagnoser): if not expire_date: details["not_found"].append(( - "diagnosis_domain_expiration_date_not_found", + "diagnosis_domain_expiration_not_found", {"domain": domain})) continue From cdb917e5652bc3782ef861272be9ae3acf32d0db Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 27 Apr 2020 18:09:07 +0200 Subject: [PATCH 033/451] [enh] Explain why domain expiration not found --- data/hooks/diagnosis/12-dnsrecords.py | 47 +++++++++++++++------------ locales/en.json | 2 ++ tests/test_i18n_keys.py | 3 +- 3 files changed, 31 insertions(+), 21 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index b6d87aed0..f03e92df3 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -14,6 +14,7 @@ from yunohost.domain import domain_list, _build_dns_conf, _get_maindomain SMALL_SUFFIX_LIST = ['noho.st', 'nohost.me', 'ynh.fr', 'netlib.re'] + class DNSRecordsDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] @@ -33,12 +34,13 @@ class DNSRecordsDiagnoser(Diagnoser): all_domains = domain_list()["domains"] for domain in all_domains: self.logger_debug("Diagnosing DNS conf for %s" % domain) - is_subdomain = domain.split(".",1)[1] in all_domains + is_subdomain = domain.split(".", 1)[1] in all_domains for report in self.check_domain(domain, domain == main_domain, is_subdomain=is_subdomain): yield report - + # Check if a domain buy by the user will expire soon domains_from_registrar = ['.'.join(domain.split('.')[-2:]) for domain in all_domains] + domains_from_registrar = ['ynh.local', 'grimaud.me', 'netlib.re', 'arn-fai.net'] domains_from_registrar = set(domains_from_registrar) - set(SMALL_SUFFIX_LIST) for report in self.check_expiration_date(domains_from_registrar): yield report @@ -74,7 +76,6 @@ class DNSRecordsDiagnoser(Diagnoser): results[id_] = "WRONG" discrepancies.append(("diagnosis_dns_discrepancy", r)) - def its_important(): # Every mail DNS records are important for main domain # For other domain, we only report it as a warning for now... @@ -135,7 +136,7 @@ class DNSRecordsDiagnoser(Diagnoser): if r["name"] == "@": current = {part for part in current if not part.startswith("ip4:") and not part.startswith("ip6:")} return expected == current - elif r["type"] == "MX": + elif r["type"] == "MX": # For MX, we want to ignore the priority expected = r["value"].split()[-1] current = r["current"].split()[-1] @@ -143,14 +144,11 @@ class DNSRecordsDiagnoser(Diagnoser): else: return r["current"] == r["value"] - def check_expiration_date(self, domains): """ Alert if expiration date of a domain is soon """ - # FIXME find a way to ignore a specific domain without - # create a report by domain each time. We need something small details = { "not_found": [], "error": [], @@ -161,9 +159,9 @@ class DNSRecordsDiagnoser(Diagnoser): for domain in domains: expire_date = self.get_domain_expiration(domain) - if not expire_date: + if isinstance(expire_date, str): details["not_found"].append(( - "diagnosis_domain_expiration_not_found", + "diagnosis_%s_details" % (expire_date), {"domain": domain})) continue @@ -184,9 +182,17 @@ class DNSRecordsDiagnoser(Diagnoser): for alert_type in ["error", "warning", "not_found", "info"]: if details[alert_type]: - yield dict(meta={"category": "expiration"}, + if alert_type == "not_found": + meta = {"test": "domain_not_found"} + else: + meta = {"test": "domain_expiration"} + # Allow to ignor specifically a single domain + if len(details[alert_type]) == 1: + meta["domain"] = details[alert_type][0][1]["domain"] + meta["domain"] = details[alert_type][0][1]["domain"] + yield dict(meta=meta, data={}, - status=alert_type.upper() if alert_type != "not_found" else "INFO", + status=alert_type.upper() if alert_type != "not_found" else "WARNING", summary="diagnosis_domain_expiration_" + alert_type, details=details[alert_type]) @@ -194,19 +200,20 @@ class DNSRecordsDiagnoser(Diagnoser): """ Return the expiration datetime of a domain or None """ + # "echo failed" avoid to trigger CalledProcessError + command = "whois -H %s || echo failed" % (domain) + out = check_output(command).strip().split("\n") - p1 = Popen(['whois', domain], stdout=PIPE) - p2 = Popen(['grep', 'Expir'], stdin=p1.stdout, stdout=PIPE) - out, err = p2.communicate() - out = out.decode("utf-8").split('\n') - p1.terminate() - #p2.terminate() + # If there is less 5 lines, it's NOT FOUND response + if len(out) <= 4: + return "domain_not_found" for line in out: - match = re.search(r'\d{4}-\d{2}-\d{2}', line) + match = re.search(r'Expir.+(\d{4}-\d{2}-\d{2})', line) if match is not None: - return datetime.strptime(match.group(), '%Y-%m-%d') - return None + return datetime.strptime(match.group(1), '%Y-%m-%d') + return "domain_expiration_not_found" + def main(args, env, loggers): return DNSRecordsDiagnoser(args, env, loggers).diagnose() diff --git a/locales/en.json b/locales/en.json index 7f6d9ce34..a0e7454f1 100644 --- a/locales/en.json +++ b/locales/en.json @@ -173,6 +173,8 @@ "diagnosis_dns_discrepancy": "The following DNS record does not seem to follow the recommended configuration:
Type: {type}
Name: {name}
Current value: {current}
Excepted value: {value}", "diagnosis_dns_point_to_doc": "Please check the documentation at https://yunohost.org/dns_config if you need help about configuring DNS records.", "diagnosis_domain_expiration_not_found": "Unable to check the expiration date of some domains", + "diagnosis_domain_not_found_details": "The domain {domain} doesn't exist in WHOIS database !", + "diagnosis_domain_expiration_not_found_details": "The WHOIS returns some info about the domain {domain} but we are not able to found the expiration date inside those info.", "diagnosis_domain_expiration_info": "Domains expiration dates", "diagnosis_domain_expiration_warning": "Some domains expire in less than a month", "diagnosis_domain_expiration_error": "Some domains expire in less than a week", diff --git a/tests/test_i18n_keys.py b/tests/test_i18n_keys.py index 6dcfd5c70..6ddfa9c4a 100644 --- a/tests/test_i18n_keys.py +++ b/tests/test_i18n_keys.py @@ -119,8 +119,9 @@ def find_expected_string_keys(): for level in ["danger", "thirdparty", "warning"]: yield "confirm_app_install_%s" % level - for errortype in ["not_found", "error", "warning", "info"]: + for errortype in ["not_found", "error", "warning", "info", "not_found_details"]: yield "diagnosis_domain_expiration_%s" % errortype + yield "diagnosis_domain_not_found_details" for errortype in ["bad_status_code", "connection_error", "timeout"]: yield "diagnosis_http_%s" % errortype From c347e368fc8913e2042ae62589a6775746c6e3e9 Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 27 Apr 2020 18:22:22 +0200 Subject: [PATCH 034/451] [fix] Remove this damn test --- data/hooks/diagnosis/12-dnsrecords.py | 1 - 1 file changed, 1 deletion(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index f03e92df3..003c19cfb 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -40,7 +40,6 @@ class DNSRecordsDiagnoser(Diagnoser): # Check if a domain buy by the user will expire soon domains_from_registrar = ['.'.join(domain.split('.')[-2:]) for domain in all_domains] - domains_from_registrar = ['ynh.local', 'grimaud.me', 'netlib.re', 'arn-fai.net'] domains_from_registrar = set(domains_from_registrar) - set(SMALL_SUFFIX_LIST) for report in self.check_expiration_date(domains_from_registrar): yield report From d1b694447a15e799cd514eb106623e33e86db87b Mon Sep 17 00:00:00 2001 From: ljf Date: Mon, 27 Apr 2020 23:37:45 +0200 Subject: [PATCH 035/451] [enh] Use publicsuffix list to avoid alert on dyndns domain --- data/hooks/diagnosis/12-dnsrecords.py | 40 ++++++++++++++++++--------- debian/control | 2 +- locales/en.json | 2 +- 3 files changed, 29 insertions(+), 15 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 003c19cfb..c92c2648e 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -4,15 +4,16 @@ import os import re from datetime import datetime, timedelta -from subprocess import Popen, PIPE +from publicsuffix import PublicSuffixList from moulinette.utils.filesystem import read_file from yunohost.utils.network import dig from yunohost.diagnosis import Diagnoser from yunohost.domain import domain_list, _build_dns_conf, _get_maindomain +from yunohost.utils.network import dig -SMALL_SUFFIX_LIST = ['noho.st', 'nohost.me', 'ynh.fr', 'netlib.re'] +PENDING_SUFFIX_LIST = ['ynh.fr', 'netlib.re'] class DNSRecordsDiagnoser(Diagnoser): @@ -39,8 +40,11 @@ class DNSRecordsDiagnoser(Diagnoser): yield report # Check if a domain buy by the user will expire soon - domains_from_registrar = ['.'.join(domain.split('.')[-2:]) for domain in all_domains] - domains_from_registrar = set(domains_from_registrar) - set(SMALL_SUFFIX_LIST) + psl = PublicSuffixList() + all_domains = ["grimaud.me", "reflexlibre.net", "netlib.re", "noho.st", "nohost.me", "ynh.fr", "test.noho.st", "hub.netlib.re", "sans-nuage.fr", "yunohost.org", "yunohost.local", "free.fr"] + domains_from_registrar = [psl.get_public_suffix(domain) for domain in all_domains] + domains_from_registrar = [domain for domain in domains_from_registrar if "." in domain] + domains_from_registrar = set(domains_from_registrar) - set(PENDING_SUFFIX_LIST) for report in self.check_expiration_date(domains_from_registrar): yield report @@ -159,9 +163,12 @@ class DNSRecordsDiagnoser(Diagnoser): expire_date = self.get_domain_expiration(domain) if isinstance(expire_date, str): - details["not_found"].append(( - "diagnosis_%s_details" % (expire_date), - {"domain": domain})) + status_ns, _ = dig(domain, "NS", resolvers="force_external") + status_a, _ = dig(domain, "A", resolvers="force_external") + if "ok" not in [status_ns, status_a]: + details["not_found"].append(( + "diagnosis_domain_%s_details" % (expire_date), + {"domain": domain})) continue expire_in = expire_date - datetime.now() @@ -199,19 +206,26 @@ class DNSRecordsDiagnoser(Diagnoser): """ Return the expiration datetime of a domain or None """ - # "echo failed" avoid to trigger CalledProcessError - command = "whois -H %s || echo failed" % (domain) + command = "whois -H %s" % (domain) + + # Reduce output to determine if whois answer is equivalent to NOT FOUND out = check_output(command).strip().split("\n") + filtered_out = [line for line in out + if re.search(r'^\w{4,25}:', line, re.IGNORECASE) and + not re.match(r'>>> Last update of whois', line, re.IGNORECASE) and + not re.match(r'^NOTICE:', line, re.IGNORECASE) and + not re.match(r'^%%', line, re.IGNORECASE) and + not re.match(r'"https?:"', line, re.IGNORECASE)] # If there is less 5 lines, it's NOT FOUND response - if len(out) <= 4: - return "domain_not_found" + if len(filtered_out) <= 6: + return "not_found" for line in out: - match = re.search(r'Expir.+(\d{4}-\d{2}-\d{2})', line) + match = re.search(r'Expir.+(\d{4}-\d{2}-\d{2})', line, re.IGNORECASE) if match is not None: return datetime.strptime(match.group(1), '%Y-%m-%d') - return "domain_expiration_not_found" + return "expiration_not_found" def main(args, env, loggers): diff --git a/debian/control b/debian/control index fcffa87f6..5061ad4f2 100644 --- a/debian/control +++ b/debian/control @@ -29,7 +29,7 @@ Depends: ${python:Depends}, ${misc:Depends} , redis-server , metronome , git, curl, wget, cron, unzip, jq - , lsb-release, haveged, fake-hwclock, equivs, lsof, whois + , lsb-release, haveged, fake-hwclock, equivs, lsof, whois, python-publicsuffix Recommends: yunohost-admin , ntp, inetutils-ping | iputils-ping , bash-completion, rsyslog diff --git a/locales/en.json b/locales/en.json index a0e7454f1..3f957c702 100644 --- a/locales/en.json +++ b/locales/en.json @@ -173,7 +173,7 @@ "diagnosis_dns_discrepancy": "The following DNS record does not seem to follow the recommended configuration:
Type: {type}
Name: {name}
Current value: {current}
Excepted value: {value}", "diagnosis_dns_point_to_doc": "Please check the documentation at https://yunohost.org/dns_config if you need help about configuring DNS records.", "diagnosis_domain_expiration_not_found": "Unable to check the expiration date of some domains", - "diagnosis_domain_not_found_details": "The domain {domain} doesn't exist in WHOIS database !", + "diagnosis_domain_not_found_details": "The domain {domain} doesn't exist in WHOIS database or is expired !", "diagnosis_domain_expiration_not_found_details": "The WHOIS returns some info about the domain {domain} but we are not able to found the expiration date inside those info.", "diagnosis_domain_expiration_info": "Domains expiration dates", "diagnosis_domain_expiration_warning": "Some domains expire in less than a month", From 575aa674015d3a5c343a102d31d807fb4f04a5dd Mon Sep 17 00:00:00 2001 From: ljf Date: Tue, 28 Apr 2020 00:30:38 +0200 Subject: [PATCH 036/451] [fix] whois on co.uk --- data/hooks/diagnosis/12-dnsrecords.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index c92c2648e..d47e33d33 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -7,11 +7,11 @@ from datetime import datetime, timedelta from publicsuffix import PublicSuffixList from moulinette.utils.filesystem import read_file +from moulinette.utils.process import check_output from yunohost.utils.network import dig from yunohost.diagnosis import Diagnoser from yunohost.domain import domain_list, _build_dns_conf, _get_maindomain -from yunohost.utils.network import dig PENDING_SUFFIX_LIST = ['ynh.fr', 'netlib.re'] @@ -41,7 +41,6 @@ class DNSRecordsDiagnoser(Diagnoser): # Check if a domain buy by the user will expire soon psl = PublicSuffixList() - all_domains = ["grimaud.me", "reflexlibre.net", "netlib.re", "noho.st", "nohost.me", "ynh.fr", "test.noho.st", "hub.netlib.re", "sans-nuage.fr", "yunohost.org", "yunohost.local", "free.fr"] domains_from_registrar = [psl.get_public_suffix(domain) for domain in all_domains] domains_from_registrar = [domain for domain in domains_from_registrar if "." in domain] domains_from_registrar = set(domains_from_registrar) - set(PENDING_SUFFIX_LIST) @@ -211,7 +210,7 @@ class DNSRecordsDiagnoser(Diagnoser): # Reduce output to determine if whois answer is equivalent to NOT FOUND out = check_output(command).strip().split("\n") filtered_out = [line for line in out - if re.search(r'^\w{4,25}:', line, re.IGNORECASE) and + if re.search(r'^[a-zA-Z0-9 ]{4,25}:', line, re.IGNORECASE) and not re.match(r'>>> Last update of whois', line, re.IGNORECASE) and not re.match(r'^NOTICE:', line, re.IGNORECASE) and not re.match(r'^%%', line, re.IGNORECASE) and @@ -225,6 +224,11 @@ class DNSRecordsDiagnoser(Diagnoser): match = re.search(r'Expir.+(\d{4}-\d{2}-\d{2})', line, re.IGNORECASE) if match is not None: return datetime.strptime(match.group(1), '%Y-%m-%d') + + match = re.search(r'Expir.+(\d{2}-\w{3}-\d{4})', line, re.IGNORECASE) + if match is not None: + return datetime.strptime(match.group(1), '%d-%b-%Y') + return "expiration_not_found" From b241c2fa1d552c719e83181940893092bef53316 Mon Sep 17 00:00:00 2001 From: ljf Date: Tue, 28 Apr 2020 00:53:23 +0200 Subject: [PATCH 037/451] [enh] Whois not working --- data/hooks/diagnosis/12-dnsrecords.py | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index d47e33d33..7ff791823 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -3,6 +3,7 @@ import os import re +from subprocess import CalledProcessError from datetime import datetime, timedelta from publicsuffix import PublicSuffixList @@ -161,13 +162,15 @@ class DNSRecordsDiagnoser(Diagnoser): for domain in domains: expire_date = self.get_domain_expiration(domain) - if isinstance(expire_date, str): + if isinstance(expire_date, str) and expire_date != "not_working": status_ns, _ = dig(domain, "NS", resolvers="force_external") status_a, _ = dig(domain, "A", resolvers="force_external") if "ok" not in [status_ns, status_a]: details["not_found"].append(( "diagnosis_domain_%s_details" % (expire_date), {"domain": domain})) + else: + self.logger_debug("Dyndns domain: %s" % (domain)) continue expire_in = expire_date - datetime.now() @@ -207,8 +210,13 @@ class DNSRecordsDiagnoser(Diagnoser): """ command = "whois -H %s" % (domain) + try: + out = check_output(command).strip().split("\n") + except CalledProcessError as e: + self.logger_warning("Unable to get whois data for %s . Could be due to a rate limit on whois. Error: %s" % (domain, str(e))) + return "not_working" + # Reduce output to determine if whois answer is equivalent to NOT FOUND - out = check_output(command).strip().split("\n") filtered_out = [line for line in out if re.search(r'^[a-zA-Z0-9 ]{4,25}:', line, re.IGNORECASE) and not re.match(r'>>> Last update of whois', line, re.IGNORECASE) and @@ -216,7 +224,7 @@ class DNSRecordsDiagnoser(Diagnoser): not re.match(r'^%%', line, re.IGNORECASE) and not re.match(r'"https?:"', line, re.IGNORECASE)] - # If there is less 5 lines, it's NOT FOUND response + # If there is less than 7 lines, it's NOT FOUND response if len(filtered_out) <= 6: return "not_found" From 06bc5ba16f61a8ee60abc101699e6adc3f0f46aa Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Tue, 28 Apr 2020 16:15:52 +0200 Subject: [PATCH 038/451] ... --- data/helpers.d/setting | 66 +++++++++++++++++++++--------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index abf6ab3d4..7d388de8b 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -158,20 +158,20 @@ ynh_webpath_register () { # Create a new permission for the app # -# example: ynh_permission_create --permission admin --url /admin --additional_urls 'domain.tld/otherurl /superadmin' --allowed alice bob --label 'My app admin' +# example: ynh_permission_create --permission=admin --url=/admin --additional_urls=domain.tld/otherurl /superadmin --allowed=alice bob --label="My app admin" # -# usage: ynh_permission_create --permission "permission" [--url "url"] [--additional_urls "second-url" [ "other-url" ]] [--auth_header true|false] -# [--allowed group1 [ group2 ]] [--label "label"] [--show_tile true|false] -# [--protected true|false] -# | arg: permission - the name for the permission (by default a permission named "main" already exist) -# | arg: url - (optional) URL for which access will be allowed/forbidden -# | arg: additional_urls - (optional) List of additional URL for which access will be allowed/forbidden -# | arg: auth_header - (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application. Default is true -# | arg: allowed - (optional) A list of group/user to allow for the permission -# | arg: label - (optional) Define a name for the permission. This label will be shown on the SSO and in the admin. -# | Default is "APP_LABEL (permission name)". -# | arg: show_tile - (optional) Define if a tile will be shown in the SSO -# | arg: protected - (optional) Define if this permission is protected. If it is protected the administrator +# usage: ynh_permission_create --permission="permission" [--url="url"] [--additional_urls="second-url" [ "third-url" ]] [--auth_header=true|false] +# [--allowed=group1 [ group2 ]] [--label="label"] [--show_tile=true|false] +# [--protected=true|false] +# | arg: -p, permission= - the name for the permission (by default a permission named "main" already exist) +# | arg: -u, url= - (optional) URL for which access will be allowed/forbidden +# | arg: -A, additional_urls= - (optional) List of additional URL for which access will be allowed/forbidden +# | arg: -h, auth_header= - (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application. Default is true +# | arg: -a, allowed= - (optional) A list of group/user to allow for the permission +# | arg: -l, label= - (optional) Define a name for the permission. This label will be shown on the SSO and in the admin. +# | Default is "APP_LABEL (permission name)". +# | arg: -t, show_tile= - (optional) Define if a tile will be shown in the SSO +# | arg: -P, protected= - (optional) Define if this permission is protected. If it is protected the administrator # | won't be able to add or remove the visitors group of this permission. # | By default it's 'true' (for the permission different than 'main'). # @@ -190,7 +190,7 @@ ynh_webpath_register () { ynh_permission_create() { # Declare an array to define the options of this helper. local legacy_args=puAhaltP - declare -A args_array=( [p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected= ) + local -A args_array=( [p]=permission= [u]=url= [A]=additional_urls= [h]=auth_header= [a]=allowed= [l]=label= [t]=show_tile= [P]=protected= ) local permission local url local additional_urls @@ -294,21 +294,21 @@ ynh_permission_exists() { # Redefine the url associated to a permission # -# usage: ynh_permission_url --permission "permission" [--url "url"] [--add_url "new-url" [ "other-new-url" ]] [--remove_url "old-url" [ "other-old-url"]] -# [--auth_header true|false][--clear_urls] -# | arg: permission - the name for the permission (by default a permission named "main" is removed automatically when the app is removed) -# | arg: url - (optional) URL for which access will be allowed/forbidden. +# usage: ynh_permission_url --permission "permission" [--url="url"] [--add_url="new-url" [ "other-new-url" ]] [--remove_url="old-url" [ "other-old-url" ]] +# [--auth_header=true|false] [--clear_urls] +# | arg: -p, permission= - the name for the permission (by default a permission named "main" is removed automatically when the app is removed) +# | arg: -u, url= - (optional) URL for which access will be allowed/forbidden. # | Note that if you want to remove url you can pass an empty sting as arguments (""). -# | arg: add_url - (optional) List of additional url to add for which access will be allowed/forbidden. -# | arg: remove_url - (optional) List of additional url to remove for which access will be allowed/forbidden -# | arg: auth_header - (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application -# | arg: clear_urls - (optional) Clean all urls (url and additional_urls) +# | arg: -a, add_url= - (optional) List of additional url to add for which access will be allowed/forbidden. +# | arg: -r, remove_url= - (optional) List of additional url to remove for which access will be allowed/forbidden +# | arg: -h, auth_header= - (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application +# | arg: -c, clear_urls - (optional) Clean all urls (url and additional_urls) # # Requires YunoHost version 3.7.0 or higher. ynh_permission_url() { # Declare an array to define the options of this helper. local legacy_args=puarhc - declare -A args_array=([p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls) + local -A args_array=( [p]=permission= [u]=url= [a]=add_url= [r]=remove_url= [h]=auth_header= [c]=clear_urls ) local permission local url local add_url @@ -355,21 +355,21 @@ ynh_permission_url() { # Update a permission for the app # -# usage: ynh_permission_update --permission "permission" [--add "group" ["group" ...]] [--remove "group" ["group" ...]] -# [--label "label"] [--show_tile true|false] [--protected true|false] -# | arg: permission - the name for the permission (by default a permission named "main" already exist) -# | arg: add - the list of group or users to enable add to the permission -# | arg: remove - the list of group or users to remove from the permission -# | arg: label - (optional) Define a name for the permission. This label will be shown on the SSO and in the admin. -# | arg: show_tile - (optional) Define if a tile will be shown in the SSO -# | arg: protected - (optional) Define if this permission is protected. If it is protected the administrator +# usage: ynh_permission_update --permission "permission" [--add="group" ["group" ...]] [--remove="group" ["group" ...]] +# [--label="label"] [--show_tile=true|false] [--protected=true|false] +# | arg: -p, permission= - the name for the permission (by default a permission named "main" already exist) +# | arg: -a, add= - the list of group or users to enable add to the permission +# | arg: -r, remove= - the list of group or users to remove from the permission +# | arg: -l, label= - (optional) Define a name for the permission. This label will be shown on the SSO and in the admin. +# | arg: -t, show_tile= - (optional) Define if a tile will be shown in the SSO +# | arg: -P, protected= - (optional) Define if this permission is protected. If it is protected the administrator # | won't be able to add or remove the visitors group of this permission. # # Requires YunoHost version 3.7.0 or higher. ynh_permission_update() { # Declare an array to define the options of this helper. - local legacy_args=parlsp - declare -A args_array=( [p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected= ) + local legacy_args=parltP + local -A args_array=( [p]=permission= [a]=add= [r]=remove= [l]=label= [t]=show_tile= [P]=protected= ) local permission local add local remove From 2c7a059f1903aeb5cf623af2c83883bc9c12c010 Mon Sep 17 00:00:00 2001 From: "ljf (zamentur)" Date: Tue, 28 Apr 2020 17:01:11 +0200 Subject: [PATCH 039/451] [enh] Add a small comments to explain the pending suffix list --- data/hooks/diagnosis/12-dnsrecords.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 7ff791823..8d59538dc 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -14,6 +14,8 @@ from yunohost.utils.network import dig from yunohost.diagnosis import Diagnoser from yunohost.domain import domain_list, _build_dns_conf, _get_maindomain +# We put here domains we know has dyndns provider, but that are not yet +# registered in the public suffix list PENDING_SUFFIX_LIST = ['ynh.fr', 'netlib.re'] From ba73bd03b4b563c9a0ea4b7992db070bac0bb167 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 28 Apr 2020 17:18:25 +0200 Subject: [PATCH 040/451] Update postgresql --- data/helpers.d/postgresql | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/data/helpers.d/postgresql b/data/helpers.d/postgresql index a4cb50393..954f44d0b 100644 --- a/data/helpers.d/postgresql +++ b/data/helpers.d/postgresql @@ -276,7 +276,13 @@ ynh_psql_test_if_first_run() { local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf local logfile=/var/log/postgresql/postgresql-9.6-main.log else - ynh_die "postgresql shoud be 9.4 or 9.6 or it could be a problem of locale see https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" + if dpkg --list | grep -q "ii postgresql-9." + then + ynh_die "It looks like postgresql was not properly configured ? /etc/postgresql/9.* is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" + else + ynh_die "postgresql shoud be 9.4 or 9.6 or " + fi + fi ynh_systemd_action --service_name=postgresql --action=start From ae98ec1aa7548f13cf99318bdcfdf89853bb2b52 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 28 Apr 2020 18:55:39 +0200 Subject: [PATCH 041/451] Trailing slash in ssowat uris cause issues to access app installed on root, we only need it for app_map ... --- src/yunohost/app.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 25f856c10..f7e4fd435 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -261,6 +261,8 @@ def app_map(app=None, raw=False, user=None): perm_domain, perm_path = perm_url.split("/", 1) perm_path = "/" + perm_path.rstrip("/") + # N.B. : having '/' instead of empty string is needed in app_map + # but should *not* be done in app_ssowatconf (yeah :[) perm_path = perm_path if perm_path.strip() != "" else "/" return perm_domain, perm_path @@ -1291,8 +1293,6 @@ def app_ssowatconf(): perm_domain, perm_path = perm_url.split("/", 1) perm_path = "/" + perm_path.rstrip("/") - perm_path = perm_path if perm_path.strip() != "" else "/" - return perm_domain + perm_path # Skipped From 3582a5a389d1ffff31d5feb28901364ceb857a56 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 28 Apr 2020 18:55:39 +0200 Subject: [PATCH 042/451] Trailing slash in ssowat uris cause issues to access app installed on root, we only need it for app_map ... --- src/yunohost/app.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 8c52f4928..94e453b1d 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -455,6 +455,8 @@ def app_map(app=None, raw=False, user=None): perm_domain, perm_path = perm_url.split("/", 1) perm_path = "/" + perm_path.rstrip("/") + # N.B. : having '/' instead of empty string is needed in app_map + # but should *not* be done in app_ssowatconf (yeah :[) perm_path = perm_path if perm_path.strip() != "" else "/" return perm_domain, perm_path @@ -1638,8 +1640,6 @@ def app_ssowatconf(): perm_domain, perm_path = perm_url.split("/", 1) perm_path = "/" + perm_path.rstrip("/") - perm_path = perm_path if perm_path.strip() != "" else "/" - return perm_domain + perm_path # Skipped From 3c234c7895e8ed82dddff204e6d54db9fdcccd9a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 28 Apr 2020 18:59:19 +0200 Subject: [PATCH 043/451] Update changelog for 3.7.1.3 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index fcef69c4f..eb7af8f4d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +yunohost (3.7.1.3) stable; urgency=low + + - [fix] Fix the hotfix about trailing slash, it was breaking access to app installed on domain root.. + + -- Alexandre Aubin Thu, 28 Apr 2020 19:00:00 +0000 + yunohost (3.7.1.2) stable; urgency=low - [fix] Be more robust against some situation where some archives are corrupted From fd967e08795ae82bd0879a7f31f7da02d2bf1f60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Tue, 28 Apr 2020 22:30:35 +0200 Subject: [PATCH 044/451] Add more comment about list conversion --- data/helpers.d/setting | 79 +++++++++++++++++++++++++++++++++--------- 1 file changed, 63 insertions(+), 16 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 7d388de8b..768f1e005 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -170,7 +170,7 @@ ynh_webpath_register () { # | arg: -a, allowed= - (optional) A list of group/user to allow for the permission # | arg: -l, label= - (optional) Define a name for the permission. This label will be shown on the SSO and in the admin. # | Default is "APP_LABEL (permission name)". -# | arg: -t, show_tile= - (optional) Define if a tile will be shown in the SSO +# | arg: -t, show_tile= - (optional) Define if a tile will be shown in the SSO. Default is false (for the permission different than 'main'). # | arg: -P, protected= - (optional) Define if this permission is protected. If it is protected the administrator # | won't be able to add or remove the visitors group of this permission. # | By default it's 'true' (for the permission different than 'main'). @@ -215,7 +215,13 @@ ynh_permission_create() { if [[ -n $additional_urls ]] then - additional_urls=",additional_urls=['${additional_urls//';'/"','"}']" + # Convert a list from getopts to python list + # Note that getopts separate the args with ';' + # By example: + # --additional_urls /urlA /urlB + # will be: + # additional_urls=['/urlA', '/urlB'] + additional_urls=",additional_urls=['${additional_urls//;/\',\'}']" fi if [[ -n $auth_header ]] @@ -228,8 +234,15 @@ ynh_permission_create() { fi fi - if [[ -n $allowed ]]; then - allowed=",allowed=['${allowed//';'/"','"}']" + if [[ -n $allowed ]] + then + # Convert a list from getopts to python list + # Note that getopts separate the args with ';' + # By example: + # --additional_urls /urlA /urlB + # will be: + # additional_urls=['/urlA', '/urlB'] + allowed=",allowed=['${allowed//;/\',\'}']" fi if [[ -n ${label:-} ]]; then @@ -238,16 +251,20 @@ ynh_permission_create() { label=",label='$YNH_APP_LABEL ($permission)'" fi - if [[ -n ${show_tile:-} ]]; then - if [ $show_tile == "true" ]; then + if [[ -n ${show_tile:-} ]] + then + if [ $show_tile == "true" ] + then show_tile=",show_tile=True" else show_tile=",show_tile=False" fi fi - if [[ -n ${protected:-} ]]; then - if [ $protected == "true" ]; then + if [[ -n ${protected:-} ]] + then + if [ $protected == "true" ] + then protected=",protected=True" else protected=",protected=False" @@ -329,15 +346,30 @@ ynh_permission_url() { if [[ -n $add_url ]] then - add_url=",add_url=['${add_url//';'/"','"}']" + # Convert a list from getopts to python list + # Note that getopts separate the args with ';' + # By example: + # --additional_urls /urlA /urlB + # will be: + # additional_urls=['/urlA', '/urlB'] + add_url=",add_url=['${add_url//;/\',\'}']" fi - if [[ -n $remove_url ]]; then - remove_url=",remove_url=['${remove_url//';'/"','"}']" + if [[ -n $remove_url ]] + then + # Convert a list from getopts to python list + # Note that getopts separate the args with ';' + # By example: + # --additional_urls /urlA /urlB + # will be: + # additional_urls=['/urlA', '/urlB'] + remove_url=",remove_url=['${remove_url//;/\',\'}']" fi - if [[ -n $auth_header ]]; then - if [ $auth_header == "true" ]; then + if [[ -n $auth_header ]] + then + if [ $auth_header == "true" ] + then auth_header=",auth_header=True" else auth_header=",auth_header=False" @@ -385,10 +417,22 @@ ynh_permission_update() { if [[ -n $add ]] then + # Convert a list from getopts to python list + # Note that getopts separate the args with ';' + # By example: + # --additional_urls /urlA /urlB + # will be: + # additional_urls=['/urlA', '/urlB'] add=",add=['${add//';'/"','"}']" fi if [[ -n $remove ]] then + # Convert a list from getopts to python list + # Note that getopts separate the args with ';' + # By example: + # --additional_urls /urlA /urlB + # will be: + # additional_urls=['/urlA', '/urlB'] remove=",remove=['${remove//';'/"','"}']" fi @@ -397,8 +441,10 @@ ynh_permission_update() { label=",label='$label'" fi - if [[ -n $show_tile ]]; then - if [ $show_tile == "true" ]; then + if [[ -n $show_tile ]] + then + if [ $show_tile == "true" ] + then show_tile=",show_tile=True" else show_tile=",show_tile=False" @@ -406,7 +452,8 @@ ynh_permission_update() { fi if [[ -n $protected ]]; then - if [ $protected == "true" ]; then + if [ $protected == "true" ] + then protected=",protected=True" else protected=",protected=False" From 4e84b6368851e0bb03632378a05abec78ca56792 Mon Sep 17 00:00:00 2001 From: ljf Date: Wed, 29 Apr 2020 00:23:33 +0200 Subject: [PATCH 045/451] [fix] Who is the creator of whois ? #consistency --- data/hooks/diagnosis/12-dnsrecords.py | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 7ff791823..90dc2e04b 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -162,7 +162,7 @@ class DNSRecordsDiagnoser(Diagnoser): for domain in domains: expire_date = self.get_domain_expiration(domain) - if isinstance(expire_date, str) and expire_date != "not_working": + if isinstance(expire_date, str): status_ns, _ = dig(domain, "NS", resolvers="force_external") status_a, _ = dig(domain, "A", resolvers="force_external") if "ok" not in [status_ns, status_a]: @@ -208,13 +208,8 @@ class DNSRecordsDiagnoser(Diagnoser): """ Return the expiration datetime of a domain or None """ - command = "whois -H %s" % (domain) - - try: - out = check_output(command).strip().split("\n") - except CalledProcessError as e: - self.logger_warning("Unable to get whois data for %s . Could be due to a rate limit on whois. Error: %s" % (domain, str(e))) - return "not_working" + command = "whois -H %s || echo failed" % (domain) + out = check_output(command).strip().split("\n") # Reduce output to determine if whois answer is equivalent to NOT FOUND filtered_out = [line for line in out From 0fba21f92495668e84591522fd49e7813e38bab9 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 01:07:07 +0200 Subject: [PATCH 046/451] Enforce CSP rules for real on webadmin --- data/templates/nginx/plain/yunohost_admin.conf.inc | 3 +++ data/templates/nginx/security.conf.inc | 2 +- data/templates/nginx/yunohost_admin.conf | 1 - 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/data/templates/nginx/plain/yunohost_admin.conf.inc b/data/templates/nginx/plain/yunohost_admin.conf.inc index 2ab72293d..8b81ab932 100644 --- a/data/templates/nginx/plain/yunohost_admin.conf.inc +++ b/data/templates/nginx/plain/yunohost_admin.conf.inc @@ -6,6 +6,9 @@ location /yunohost/admin/ { default_type text/html; index index.html; + more_set_headers "Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' https://raw.githubusercontent.com https://paste.yunohost.org wss://$host; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval'; object-src 'none';"; + more_set_headers "Content-Security-Policy-Report-Only:"; + # Short cache on handlebars templates location ~* \.(?:ms)$ { expires 5m; diff --git a/data/templates/nginx/security.conf.inc b/data/templates/nginx/security.conf.inc index 0a8bd90b6..dea0f49db 100644 --- a/data/templates/nginx/security.conf.inc +++ b/data/templates/nginx/security.conf.inc @@ -22,7 +22,7 @@ ssl_prefer_server_ciphers off; # https://wiki.mozilla.org/Security/Guidelines/Web_Security # https://observatory.mozilla.org/ more_set_headers "Content-Security-Policy : upgrade-insecure-requests"; -more_set_headers "Content-Security-Policy-Report-Only : default-src https: data: wss: 'unsafe-inline' 'unsafe-eval' "; +more_set_headers "Content-Security-Policy-Report-Only : default-src https: data: 'unsafe-inline' 'unsafe-eval' "; more_set_headers "X-Content-Type-Options : nosniff"; more_set_headers "X-XSS-Protection : 1; mode=block"; more_set_headers "X-Download-Options : noopen"; diff --git a/data/templates/nginx/yunohost_admin.conf b/data/templates/nginx/yunohost_admin.conf index 3df838c4a..d13dbfe90 100644 --- a/data/templates/nginx/yunohost_admin.conf +++ b/data/templates/nginx/yunohost_admin.conf @@ -22,7 +22,6 @@ server { more_set_headers "Strict-Transport-Security : max-age=63072000; includeSubDomains; preload"; more_set_headers "Referrer-Policy : 'same-origin'"; - more_set_headers "Content-Security-Policy : upgrade-insecure-requests; object-src 'none'; script-src https: 'unsafe-eval'"; location / { return 302 https://$http_host/yunohost/admin; From 76de0bb2e9bfd8b0a26ba0123eb6ce754fac0439 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 02:42:23 +0200 Subject: [PATCH 047/451] Remove stale code --- data/hooks/diagnosis/12-dnsrecords.py | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 9db6f88bc..ef720928b 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -3,18 +3,16 @@ import os import re -from subprocess import CalledProcessError from datetime import datetime, timedelta from publicsuffix import PublicSuffixList -from moulinette.utils.filesystem import read_file from moulinette.utils.process import check_output from yunohost.utils.network import dig from yunohost.diagnosis import Diagnoser from yunohost.domain import domain_list, _build_dns_conf, _get_maindomain -# We put here domains we know has dyndns provider, but that are not yet +# We put here domains we know has dyndns provider, but that are not yet # registered in the public suffix list PENDING_SUFFIX_LIST = ['ynh.fr', 'netlib.re'] @@ -27,12 +25,6 @@ class DNSRecordsDiagnoser(Diagnoser): def run(self): - resolvers = read_file("/etc/resolv.dnsmasq.conf").split("\n") - ipv4_resolvers = [r.split(" ")[1] for r in resolvers if r.startswith("nameserver") and ":" not in r] - # FIXME some day ... handle ipv4-only and ipv6-only servers. For now we assume we have at least ipv4 - assert ipv4_resolvers != [], "Uhoh, need at least one IPv4 DNS resolver ..." - - self.resolver = ipv4_resolvers[0] main_domain = _get_maindomain() all_domains = domain_list()["domains"] From f22ac67468ea35a29c42328e16b4298610370d6a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 02:43:37 +0200 Subject: [PATCH 048/451] Success for domains not about to expire --- data/hooks/diagnosis/12-dnsrecords.py | 9 ++++----- tests/test_i18n_keys.py | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index ef720928b..60efcdf9f 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -150,7 +150,7 @@ class DNSRecordsDiagnoser(Diagnoser): "not_found": [], "error": [], "warning": [], - "info": [] + "success": [] } for domain in domains: @@ -169,7 +169,7 @@ class DNSRecordsDiagnoser(Diagnoser): expire_in = expire_date - datetime.now() - alert_type = "info" + alert_type = "success" if expire_in <= timedelta(7): alert_type = "error" elif expire_in <= timedelta(30): @@ -182,16 +182,15 @@ class DNSRecordsDiagnoser(Diagnoser): } details[alert_type].append(("diagnosis_domain_expires_in", args)) - for alert_type in ["error", "warning", "not_found", "info"]: + for alert_type in ["success", "error", "warning", "not_found"]: if details[alert_type]: if alert_type == "not_found": meta = {"test": "domain_not_found"} else: meta = {"test": "domain_expiration"} - # Allow to ignor specifically a single domain + # Allow to ignore specifically a single domain if len(details[alert_type]) == 1: meta["domain"] = details[alert_type][0][1]["domain"] - meta["domain"] = details[alert_type][0][1]["domain"] yield dict(meta=meta, data={}, status=alert_type.upper() if alert_type != "not_found" else "WARNING", diff --git a/tests/test_i18n_keys.py b/tests/test_i18n_keys.py index 6ddfa9c4a..874794e11 100644 --- a/tests/test_i18n_keys.py +++ b/tests/test_i18n_keys.py @@ -119,7 +119,7 @@ def find_expected_string_keys(): for level in ["danger", "thirdparty", "warning"]: yield "confirm_app_install_%s" % level - for errortype in ["not_found", "error", "warning", "info", "not_found_details"]: + for errortype in ["not_found", "error", "warning", "success", "not_found_details"]: yield "diagnosis_domain_expiration_%s" % errortype yield "diagnosis_domain_not_found_details" From b528336fd05f0490a0409940afc186d2ddc68c4a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 02:43:58 +0200 Subject: [PATCH 049/451] Update / improve strings --- locales/en.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/locales/en.json b/locales/en.json index 3f957c702..da37f144c 100644 --- a/locales/en.json +++ b/locales/en.json @@ -172,12 +172,12 @@ "diagnosis_dns_missing_record": "According to the recommended DNS configuration, you should add a DNS record with the following info.
Type: {type}
Name: {name}
Value: {value}", "diagnosis_dns_discrepancy": "The following DNS record does not seem to follow the recommended configuration:
Type: {type}
Name: {name}
Current value: {current}
Excepted value: {value}", "diagnosis_dns_point_to_doc": "Please check the documentation at https://yunohost.org/dns_config if you need help about configuring DNS records.", - "diagnosis_domain_expiration_not_found": "Unable to check the expiration date of some domains", - "diagnosis_domain_not_found_details": "The domain {domain} doesn't exist in WHOIS database or is expired !", - "diagnosis_domain_expiration_not_found_details": "The WHOIS returns some info about the domain {domain} but we are not able to found the expiration date inside those info.", - "diagnosis_domain_expiration_info": "Domains expiration dates", - "diagnosis_domain_expiration_warning": "Some domains expire in less than a month", - "diagnosis_domain_expiration_error": "Some domains expire in less than a week", + "diagnosis_domain_expiration_not_found": "Unable to check the expiration date for some domains", + "diagnosis_domain_not_found_details": "The domain {domain} doesn't exist in WHOIS database or is expired!", + "diagnosis_domain_expiration_not_found_details": "The WHOIS information for domain {domain} doesn't seem to contain the information about the expiration date?", + "diagnosis_domain_expiration_success": "Your domains are registered and not going to expire anytime soon.", + "diagnosis_domain_expiration_warning": "Some domains will expire soon!", + "diagnosis_domain_expiration_error": "Some domains will expire VERY SOON!", "diagnosis_domain_expires_in": "{domain} expires in {days} days.", "diagnosis_services_running": "Service {service} is running!", "diagnosis_services_conf_broken": "Configuration is broken for service {service}!", From 415e805f74cc312ca9752c6075f858a64fe00831 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 02:44:39 +0200 Subject: [PATCH 050/451] Change threshold to warn earlier about soon-to-expire domain --- data/hooks/diagnosis/12-dnsrecords.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/hooks/diagnosis/12-dnsrecords.py b/data/hooks/diagnosis/12-dnsrecords.py index 60efcdf9f..560127bb0 100644 --- a/data/hooks/diagnosis/12-dnsrecords.py +++ b/data/hooks/diagnosis/12-dnsrecords.py @@ -170,9 +170,9 @@ class DNSRecordsDiagnoser(Diagnoser): expire_in = expire_date - datetime.now() alert_type = "success" - if expire_in <= timedelta(7): + if expire_in <= timedelta(15): alert_type = "error" - elif expire_in <= timedelta(30): + elif expire_in <= timedelta(45): alert_type = "warning" args = { From 31e868e82d3cc328705e5278a05c94537708409a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 03:49:37 +0200 Subject: [PATCH 051/451] Enforce permissions for stuff in /etc/yunohost/ --- data/hooks/conf_regen/01-yunohost | 25 +++++++++++++++++++++++++ data/hooks/conf_regen/06-slapd | 3 --- data/hooks/conf_regen/12-metronome | 3 +++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/data/hooks/conf_regen/01-yunohost b/data/hooks/conf_regen/01-yunohost index 236619079..b24689023 100755 --- a/data/hooks/conf_regen/01-yunohost +++ b/data/hooks/conf_regen/01-yunohost @@ -65,6 +65,30 @@ EOF } +do_post_regen() { + regen_conf_files=$1 + + ###################### + # Enfore permissions # + ###################### + + # Certs + # We do this with find because there could be a lot of them... + chown -R root:ssl-cert /etc/yunohost/certs + chmod 750 /etc/yunohost/certs + find /etc/yunohost/certs/ -type f -exec chmod 640 {} \; + find /etc/yunohost/certs/ -type d -exec chmod 750 {} \; + + # Misc configuration / state files + chown root:root $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) + chmod 600 $(ls /etc/yunohost/{*.yml,*.yaml,*.json,mysql,psql} 2>/dev/null) + + # Apps folder, custom hooks folder + [[ ! -e /etc/yunohost/hooks.d ]] || (chown root /etc/yunohost/hooks.d && chmod 700 /etc/yunohost/hooks.d) + [[ ! -e /etc/yunohost/apps ]] || (chown root /etc/yunohost/apps && chmod 700 /etc/yunohost/apps) + +} + _update_services() { python2 - << EOF import yaml @@ -132,6 +156,7 @@ case "$1" in do_pre_regen $4 ;; post) + do_post_regen $4 ;; init) do_init_regen diff --git a/data/hooks/conf_regen/06-slapd b/data/hooks/conf_regen/06-slapd index 9b2c20138..5fd727a2d 100755 --- a/data/hooks/conf_regen/06-slapd +++ b/data/hooks/conf_regen/06-slapd @@ -82,9 +82,6 @@ do_post_regen() { chown root:openldap /etc/ldap/slapd.conf chown -R openldap:openldap /etc/ldap/schema/ chown -R openldap:openldap /etc/ldap/slapd.d/ - chown -R root:ssl-cert /etc/yunohost/certs/yunohost.org/ - chmod o-rwx /etc/yunohost/certs/yunohost.org/ - chmod -R g+rx /etc/yunohost/certs/yunohost.org/ # If we changed the systemd ynh-override conf if echo "$regen_conf_files" | sed 's/,/\n/g' | grep -q "^/etc/systemd/system/slapd.service.d/ynh-override.conf$" diff --git a/data/hooks/conf_regen/12-metronome b/data/hooks/conf_regen/12-metronome index 55433e13c..897463eb0 100755 --- a/data/hooks/conf_regen/12-metronome +++ b/data/hooks/conf_regen/12-metronome @@ -55,6 +55,9 @@ do_post_regen() { done # fix some permissions + + # metronome should be in ssl-cert group to let it access SSL certificates + usermod -aG ssl-cert metronome chown -R metronome: /var/lib/metronome/ chown -R metronome: /etc/metronome/conf.d/ From a3fb329f21e41d9ce5b7d2c9138ef7d9cb7ab6af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Wed, 29 Apr 2020 13:37:38 +0200 Subject: [PATCH 052/451] Improve comments --- data/helpers.d/setting | 45 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 5 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 768f1e005..3c48bf4cc 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -158,34 +158,69 @@ ynh_webpath_register () { # Create a new permission for the app # -# example: ynh_permission_create --permission=admin --url=/admin --additional_urls=domain.tld/otherurl /superadmin --allowed=alice bob --label="My app admin" +# example 1: ynh_permission_create --permission=admin --url=/admin --additional_urls=domain.tld/admin /superadmin --allowed=alice bob \ +# --label="My app admin" --show_tile=true +# +# This example will create a new permission permission with this following effect: +# - A tile named "My app admin" in the SSO will be available for the users alice and bob. This tile will point to the relative url '/admin'. +# - Only the user alice and bob will have the access to theses following url: /admin, domain.tld/admin, /superadmin +# +# +# example 2: ynh_permission_create --permission=api --url=domain.tld/api --auth_header=false --allowed=visitors \ +# --label="MyApp API" --protected=true +# +# This example will create a new protected permission. So the admin won't be able to add/remove the visitors group of this permission. +# In case of an API with need to be always public it avoid that the admin break anything. +# With this permission all client will be allowed to access to the url 'domain.tld/api'. +# Note that in this case no tile will be show on the SSO. +# Note that the auth_header parameter is to 'false'. So no authentication header will be passed to the application. +# Generally the API is requested by an application and enabling the auth_header has no advantage and could bring some issues in some case. +# So in this case it's better to disable this option for all API. +# # # usage: ynh_permission_create --permission="permission" [--url="url"] [--additional_urls="second-url" [ "third-url" ]] [--auth_header=true|false] # [--allowed=group1 [ group2 ]] [--label="label"] [--show_tile=true|false] # [--protected=true|false] # | arg: -p, permission= - the name for the permission (by default a permission named "main" already exist) -# | arg: -u, url= - (optional) URL for which access will be allowed/forbidden +# | arg: -u, url= - (optional) URL for which access will be allowed/forbidden. +# | Not that if 'show_tile' is enabled, this URL will be the URL of the tile. # | arg: -A, additional_urls= - (optional) List of additional URL for which access will be allowed/forbidden # | arg: -h, auth_header= - (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application. Default is true # | arg: -a, allowed= - (optional) A list of group/user to allow for the permission # | arg: -l, label= - (optional) Define a name for the permission. This label will be shown on the SSO and in the admin. # | Default is "APP_LABEL (permission name)". -# | arg: -t, show_tile= - (optional) Define if a tile will be shown in the SSO. Default is false (for the permission different than 'main'). +# | arg: -t, show_tile= - (optional) Define if a tile will be shown in the SSO. If yes the name of the tile will be the 'label' parameter. +# | Default is false (for the permission different than 'main'). # | arg: -P, protected= - (optional) Define if this permission is protected. If it is protected the administrator # | won't be able to add or remove the visitors group of this permission. # | By default it's 'true' (for the permission different than 'main'). # -# If provided, 'url' is assumed to be relative to the app domain/path if they +# If provided, 'url' or 'additional_urls' is assumed to be relative to the app domain/path if they # start with '/'. For example: # / -> domain.tld/app # /admin -> domain.tld/app/admin # domain.tld/app/api -> domain.tld/app/api # -# 'url' can be later treated as a regex if it starts with "re:". +# 'url' or 'additional_urls' can be later treated as a regex if it starts with "re:". # For example: # re:/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ # re:domain.tld/app/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ # +# Note that globally the parameter 'url' and 'additional_urls' are same. The only difference is: +# - 'url' is only one url, 'additional_urls' can be a list of urls. There are no limitation of 'additional_urls' +# - 'url' is used for the url of tile in the SSO (if enabled with the 'show_tile' parameter) +# +# +# About the authentication header (auth_header parameter). +# The SSO pass (by default) to the application theses following HTTP header (linked to the authenticated user) to the application: +# - "Auth-User": username +# - "Remote-User": username +# - "Email": user email +# +# Generally this feature is usefull to authenticate automatically the user in the application but in some case the application don't work with theses header and theses header need to be disabled to have the application to work correctly. +# See https://github.com/YunoHost/issues/issues/1420 for more informations +# +# # Requires YunoHost version 3.7.0 or higher. ynh_permission_create() { # Declare an array to define the options of this helper. From 9757ef2dddf635b9e1a91eafcbf543e351c438d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Wed, 29 Apr 2020 13:38:11 +0200 Subject: [PATCH 053/451] Fix typo --- data/helpers.d/setting | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 3c48bf4cc..5d2db657c 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -274,9 +274,9 @@ ynh_permission_create() { # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: - # --additional_urls /urlA /urlB + # --allowed alice bob # will be: - # additional_urls=['/urlA', '/urlB'] + # allowed=['alice', 'bob'] allowed=",allowed=['${allowed//;/\',\'}']" fi @@ -384,9 +384,9 @@ ynh_permission_url() { # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: - # --additional_urls /urlA /urlB + # --add_url /urlA /urlB # will be: - # additional_urls=['/urlA', '/urlB'] + # add_url=['/urlA', '/urlB'] add_url=",add_url=['${add_url//;/\',\'}']" fi @@ -395,9 +395,9 @@ ynh_permission_url() { # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: - # --additional_urls /urlA /urlB + # --remove_url /urlA /urlB # will be: - # additional_urls=['/urlA', '/urlB'] + # remove_url=['/urlA', '/urlB'] remove_url=",remove_url=['${remove_url//;/\',\'}']" fi @@ -455,9 +455,9 @@ ynh_permission_update() { # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: - # --additional_urls /urlA /urlB + # --add alice bob # will be: - # additional_urls=['/urlA', '/urlB'] + # add=['alice', 'bob'] add=",add=['${add//';'/"','"}']" fi if [[ -n $remove ]] @@ -465,9 +465,9 @@ ynh_permission_update() { # Convert a list from getopts to python list # Note that getopts separate the args with ';' # By example: - # --additional_urls /urlA /urlB + # --remove alice bob # will be: - # additional_urls=['/urlA', '/urlB'] + # remove=['alice', 'bob'] remove=",remove=['${remove//';'/"','"}']" fi From abe421caa87a7d7f99565c51192805f17b1ca344 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Wed, 29 Apr 2020 13:42:14 +0200 Subject: [PATCH 054/451] Change default value for protected permission to 'false' --- data/helpers.d/setting | 2 +- src/yunohost/permission.py | 2 +- src/yunohost/tests/test_permission.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 5d2db657c..c3da11de3 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -193,7 +193,7 @@ ynh_webpath_register () { # | Default is false (for the permission different than 'main'). # | arg: -P, protected= - (optional) Define if this permission is protected. If it is protected the administrator # | won't be able to add or remove the visitors group of this permission. -# | By default it's 'true' (for the permission different than 'main'). +# | By default it's 'false' # # If provided, 'url' or 'additional_urls' is assumed to be relative to the app domain/path if they # start with '/'. For example: diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index 98a3ffd2b..610d18752 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -260,7 +260,7 @@ def user_permission_info(permission): def permission_create(operation_logger, permission, allowed=None, url=None, additional_urls=None, auth_header=True, label=None, show_tile=False, - protected=True, sync_perm=True): + protected=False, sync_perm=True): """ Create a new permission for a specific application diff --git a/src/yunohost/tests/test_permission.py b/src/yunohost/tests/test_permission.py index 659e28667..fc86c8dcc 100644 --- a/src/yunohost/tests/test_permission.py +++ b/src/yunohost/tests/test_permission.py @@ -352,7 +352,7 @@ def test_permission_create_extra(mocker): # all_users is only enabled by default on .main perms assert "all_users" not in res['site.test']['allowed'] assert res['site.test']['corresponding_users'] == [] - assert res['site.test']['protected'] == True + assert res['site.test']['protected'] == False def test_permission_create_with_specific_user(): From 8deb0838305e7b02123ac2892e79ccc7ca242881 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Wed, 29 Apr 2020 14:09:49 +0200 Subject: [PATCH 055/451] Regex should be now available --- data/helpers.d/setting | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index c3da11de3..0276ae351 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -201,7 +201,7 @@ ynh_webpath_register () { # /admin -> domain.tld/app/admin # domain.tld/app/api -> domain.tld/app/api # -# 'url' or 'additional_urls' can be later treated as a regex if it starts with "re:". +# 'url' or 'additional_urls' can be treated as a regex if it starts with "re:". # For example: # re:/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ # re:domain.tld/app/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ From c04d3c38069d79abbec5ee060291624fabfcbd13 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 17:13:47 +0200 Subject: [PATCH 056/451] Remove comment about old lines that got replaced --- data/helpers.d/apt | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 9e3f26b90..82e3ab40c 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -188,12 +188,10 @@ ynh_package_install_from_equivs () { (cd "$TMPDIR" LC_ALL=C equivs-build ./control 1> /dev/null dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1) - # If install fails we use "apt-get check" to try to debug and diagnose possible unmet dependencies - # Note the use of { } which allows to group commands without starting a subshell (otherwise the ynh_die wouldn't exit the current shell). - # Be careful with the syntax : the semicolon + space at the end is important! ynh_package_install --fix-broken || \ - { # If the installation failed + { # If the installation failed + # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) # Get the list of dependencies from the deb local dependencies="$(dpkg --info "$TMPDIR/${pkgname}_${pkgversion}_all.deb" | grep Depends | \ sed 's/^ Depends: //' | sed 's/,//g')" From b78d72278501641c6f93b1d1d6b55103ccc4624c Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 18:01:40 +0200 Subject: [PATCH 057/451] Dirty hack to automatically find custom SSH port --- src/yunohost/service.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index b6c93b5ae..a593aac4f 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -24,6 +24,7 @@ Manage services """ import os +import re import time import yaml import subprocess @@ -33,11 +34,12 @@ from datetime import datetime from moulinette import m18n from yunohost.utils.error import YunohostError -from moulinette.utils import log, filesystem +from moulinette.utils.log import getActionLogger +from moulinette.utils.filesystem import read_file MOULINETTE_LOCK = "/var/run/moulinette_yunohost.lock" -logger = log.getActionLogger('yunohost.service') +logger = getActionLogger('yunohost.service') def service_add(name, description=None, log=None, log_type="file", test_status=None, test_conf=None, needs_exposed_ports=None, need_lock=False, status=None): @@ -552,7 +554,7 @@ def _give_lock(action, service, p): def _remove_lock(PID_to_remove): # FIXME ironically not concurrency safe because it's not atomic... - PIDs = filesystem.read_file(MOULINETTE_LOCK).split("\n") + PIDs = read_file(MOULINETTE_LOCK).split("\n") PIDs_to_keep = [PID for PID in PIDs if int(PID) != PID_to_remove] filesystem.write_to_file(MOULINETTE_LOCK, '\n'.join(PIDs_to_keep)) @@ -574,6 +576,11 @@ def _get_services(): if value is None: del services[key] + # Dirty hack to automatically find custom SSH port ... + ssh_port_line = re.findall(r"\bPort *([0-9]{2,5})\b", read_file("/etc/ssh/sshd_config")) + if len(ssh_port_line) == 1: + services["ssh"]["needs_exposed_ports"] = [int(ssh_port_line[0])] + # Stupid hack for postgresql which ain't an official service ... Can't # really inject that info otherwise. Real service we want to check for # status and log is in fact postgresql@x.y-main (x.y being the version) @@ -654,8 +661,6 @@ def _find_previous_log_file(file): """ Find the previous log file """ - import re - splitext = os.path.splitext(file) if splitext[1] == '.gz': file = splitext[0] From e236a2872a0ef54e7cac365ed7e1ba090ec6aa7b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 18:22:38 +0200 Subject: [PATCH 058/451] Lul I fuckedup import refactoring --- src/yunohost/service.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index a593aac4f..7c6b28b10 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -35,7 +35,7 @@ from datetime import datetime from moulinette import m18n from yunohost.utils.error import YunohostError from moulinette.utils.log import getActionLogger -from moulinette.utils.filesystem import read_file +from moulinette.utils.filesystem import read_file, append_to_file, write_to_file MOULINETTE_LOCK = "/var/run/moulinette_yunohost.lock" @@ -546,7 +546,7 @@ def _give_lock(action, service, p): # Append the PID to the lock file logger.debug("Giving a lock to PID %s for service %s !" % (str(son_PID), service)) - filesystem.append_to_file(MOULINETTE_LOCK, "\n%s" % str(son_PID)) + append_to_file(MOULINETTE_LOCK, "\n%s" % str(son_PID)) return son_PID @@ -556,7 +556,7 @@ def _remove_lock(PID_to_remove): PIDs = read_file(MOULINETTE_LOCK).split("\n") PIDs_to_keep = [PID for PID in PIDs if int(PID) != PID_to_remove] - filesystem.write_to_file(MOULINETTE_LOCK, '\n'.join(PIDs_to_keep)) + write_to_file(MOULINETTE_LOCK, '\n'.join(PIDs_to_keep)) def _get_services(): From 0b75f5d437af69c9777f47489ef2f6dfabd277c3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 19:20:29 +0200 Subject: [PATCH 059/451] IPv6 resolvers make everything super slow on IPv4-only servers --- data/hooks/diagnosis/10-ip.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/hooks/diagnosis/10-ip.py b/data/hooks/diagnosis/10-ip.py index c0d35278c..ac867efb5 100644 --- a/data/hooks/diagnosis/10-ip.py +++ b/data/hooks/diagnosis/10-ip.py @@ -73,7 +73,7 @@ class IPDiagnoser(Diagnoser): network_interfaces = get_network_interfaces() def get_local_ip(version): - local_ip = {iface:addr[version].split("/")[0] + local_ip = {iface: addr[version].split("/")[0] for iface, addr in network_interfaces.items() if version in addr} if not local_ip: return None @@ -92,7 +92,7 @@ class IPDiagnoser(Diagnoser): data={"global": ipv6, "local": get_local_ip("ipv6")}, status="SUCCESS" if ipv6 else "WARNING", summary="diagnosis_ip_connected_ipv6" if ipv6 else "diagnosis_ip_no_ipv6", - details=["diagnosis_ip_global", "diagnosis_ip_local"] if ipv6 else None) + details=["diagnosis_ip_global", "diagnosis_ip_local"] if ipv6 else ["diagnosis_ip_no_ipv6_tip"]) # TODO / FIXME : add some attempt to detect ISP (using whois ?) ? From 426d93825d5e0afaf5bec24e9e056cbe6e1c11e6 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 19:20:54 +0200 Subject: [PATCH 060/451] Add a tip about not having IPv6 --- locales/en.json | 1 + src/yunohost/utils/network.py | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/locales/en.json b/locales/en.json index fcc603f41..1bf83469e 100644 --- a/locales/en.json +++ b/locales/en.json @@ -159,6 +159,7 @@ "diagnosis_ip_no_ipv4": "The server does not have working IPv4.", "diagnosis_ip_connected_ipv6": "The server is connected to the Internet through IPv6 !", "diagnosis_ip_no_ipv6": "The server does not have working IPv6.", + "diagnosis_ip_no_ipv6_tip": "Having a working IPv6 is not mandatory for your server to work, but it is better for the health of the Internet as a whole. IPv6 should usually be automatically configured by the system or your provider if it's available. Otherwise, you might need to configure a few things manually as explained in the documentation here: https://yunohost.org/#/ipv6. If you cannot enable IPv6 or if it seems too technical for you, you can also safely ignore this warning.", "diagnosis_ip_global": "Global IP: {global}", "diagnosis_ip_local": "Local IP: {local}", "diagnosis_ip_not_connected_at_all": "The server does not seem to be connected to the Internet at all!?", diff --git a/src/yunohost/utils/network.py b/src/yunohost/utils/network.py index ef6378692..2da758886 100644 --- a/src/yunohost/utils/network.py +++ b/src/yunohost/utils/network.py @@ -27,7 +27,6 @@ import dns.resolver from moulinette.utils.filesystem import read_file, write_to_file from moulinette.utils.network import download_text from moulinette.utils.process import check_output -from moulinette.utils.filesystem import read_file logger = logging.getLogger('yunohost.utils.network') @@ -113,6 +112,10 @@ def external_resolvers(): if not external_resolvers_: resolv_dnsmasq_conf = read_file("/etc/resolv.dnsmasq.conf").split("\n") external_resolvers_ = [r.split(" ")[1] for r in resolv_dnsmasq_conf if r.startswith("nameserver")] + # We keep only ipv4 resolvers, otherwise on IPv4-only instances, IPv6 + # will be tried anyway resulting in super-slow dig requests that'll wait + # until timeout... + external_resolvers_ = [r for r in external_resolvers_ if ":" not in r] return external_resolvers_ From fd47e45df3589cfbdf5fd9165f29ce4493793c6a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 19:39:46 +0200 Subject: [PATCH 061/451] Wording --- locales/en.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locales/en.json b/locales/en.json index 1bf83469e..25712e8cd 100644 --- a/locales/en.json +++ b/locales/en.json @@ -209,7 +209,7 @@ "diagnosis_mail_fcrdns_ok": "Your reverse DNS is correctly configured!", "diagnosis_mail_fcrdns_dns_missing": "No reverse DNS is defined in IPv{ipversion}. Some emails may fail to get delivered or may get flagged as spam.", "diagnosis_mail_fcrdns_nok_details": "You should first try to configure the reverse DNS with {ehlo_domain} in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).", - "diagnosis_mail_fcrdns_nok_alternatives_4": "Some providers won't let you configure your reverse DNS (or their feature might be broken...). If you are experiencing issues because of this, consider the following solutions:
- Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
- A privacy-friendly alternative is to use a VPN *with a dedicated public IP* to bypass this kind of limits. See https://yunohost.org/#/vpn_advantage
- Finally, it's also possible to change of provider", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Some providers won't let you configure your reverse DNS (or their feature might be broken...). If you are experiencing issues because of this, consider the following solutions:
- Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
- A privacy-friendly alternative is to use a VPN *with a dedicated public IP* to bypass this kind of limits. See https://yunohost.org/#/vpn_advantage
- Or it's possible to switch to a different provider", "diagnosis_mail_fcrdns_nok_alternatives_6": "Some providers won't let you configure your reverse DNS (or their feature might be broken...). If your reverse DNS is correctly configured for IPv4, you can try disabling the use of IPv6 when sending emails by running yunohost settings set smtp.allow_ipv6 -v off. Note: this last solution means that you won't be able to send or receive emails from the few IPv6-only servers out there.", "diagnosis_mail_fcrdns_different_from_ehlo_domain": "The reverse DNS is not correctly configured in IPv{ipversion}. Some emails may fail to get delivered or may get flagged as spam.", "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "Current reverse DNS: {rdns_domain}
Expected value: {ehlo_domain}", From e8ca600bdc77d12b0f5eca58e151b5d5b7cc2644 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Wed, 29 Apr 2020 20:32:07 +0200 Subject: [PATCH 062/451] Permission regex is a PCRE regex --- data/helpers.d/setting | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 0276ae351..031b92610 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -201,7 +201,7 @@ ynh_webpath_register () { # /admin -> domain.tld/app/admin # domain.tld/app/api -> domain.tld/app/api # -# 'url' or 'additional_urls' can be treated as a regex if it starts with "re:". +# 'url' or 'additional_urls' can be treated as a PCRE (lua) regex if it starts with "re:". # For example: # re:/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ # re:domain.tld/app/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ From 554291827fa8f57e0c69f163cebd21ee7cd7c51f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Wed, 29 Apr 2020 21:02:59 +0200 Subject: [PATCH 063/451] Fix typo --- data/helpers.d/setting | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 031b92610..004171e05 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -201,7 +201,7 @@ ynh_webpath_register () { # /admin -> domain.tld/app/admin # domain.tld/app/api -> domain.tld/app/api # -# 'url' or 'additional_urls' can be treated as a PCRE (lua) regex if it starts with "re:". +# 'url' or 'additional_urls' can be treated as a PCRE (not lua) regex if it starts with "re:". # For example: # re:/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ # re:domain.tld/app/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$ From 822c731086ec18a57f192295cb89ebdf5b11ba07 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 21:48:22 +0200 Subject: [PATCH 064/451] Improve default IPv6 route check to cover stuff happening on internet cube --- src/yunohost/utils/network.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/yunohost/utils/network.py b/src/yunohost/utils/network.py index 2da758886..ce2356fcf 100644 --- a/src/yunohost/utils/network.py +++ b/src/yunohost/utils/network.py @@ -58,7 +58,13 @@ def get_public_ip_from_remote_server(protocol=4): # If we are indeed connected in ipv4 or ipv6, we should find a default route routes = check_output("ip -%s route" % protocol).split("\n") - if not any(r.startswith("default") for r in routes): + def is_default_route(r): + # Typically the default route starts with "default" + # But of course IPv6 is more complex ... e.g. on internet cube there's + # no default route but a /3 which acts as a default-like route... + # e.g. 2000:/3 dev tun0 ... + return r.startswith("default") or (":" in r and re.match(r".*/[0-3]$", r.split()[0])) + if not any(is_default_route(r) for r in routes): logger.debug("No default route for IPv%s, so assuming there's no IP address for that version" % protocol) return None From 3d4ef03ad27f8f2c81b6dc305821ca01816373e3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 22:03:58 +0200 Subject: [PATCH 065/451] Dirty hack to check status of ynh-vpnclient for real --- src/yunohost/service.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 7c6b28b10..2f45e28c3 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -581,6 +581,14 @@ def _get_services(): if len(ssh_port_line) == 1: services["ssh"]["needs_exposed_ports"] = [int(ssh_port_line[0])] + # Dirty hack to check the status of ynh-vpnclient + if "ynh-vpnclient" in services: + status_check = "systemctl is-active openvpn@client.service" + if "test_status" not in services["ynh-vpnclient"]: + services["ynh-vpnclient"]["test_status"] = status_check + if "log" not in services["ynh-vpnclient"]: + services["ynh-vpnclient"]["log"] = ["/var/log/ynh-vpnclient.log"] + # Stupid hack for postgresql which ain't an official service ... Can't # really inject that info otherwise. Real service we want to check for # status and log is in fact postgresql@x.y-main (x.y being the version) From 645ed9c211ae026705db4dd1c00be365ea30955a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 29 Apr 2020 23:16:39 +0200 Subject: [PATCH 066/451] Update changelog for 3.8.2 --- debian/changelog | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/debian/changelog b/debian/changelog index abf42446e..37a945919 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,38 @@ +yunohost (3.8.2) testing; urgency=low + + ### Diagnosis + + - [fix] Some DNS queries triggered false negatives about CNAME/A record and email blacklisting (#943) + - [enh] Add a check about domain expiration (#944) + - [enh] Dirty hack to automatically find custom SSH port and diagnose it instead of 22 (b78d722) + - [enh] Add a tip / explanation when IPv6 ain't working / available (426d938) + - [fix] Small false-negative about not having IPv6 when it's actually working (822c731) + + ### Helpers + + - [fix] When setting up a new db, corresponding user should be declared as owner (#813) + - [enh] Add dynamic variables to systemd helper (#937) + - [enh] Clean helpers (#947) + - [fix] getopts behaved in weird way when fed empty parameters (#948) + - [fix] Use ynh_port_available in ynh_find_port (#957) + + ### Others + + - [enh] Setup all XMPP components for each "parent" domains (#916) + - [fix] Previous change in Postfix ciphers broke TLS (#949) + - [fix] Update ACME snippet detection following previous change (#950) + - [fix] Trying to install apps with unpatchable legacy helpers was breaking stuff (#954) + - [fix] Patch usage of old 'yunohost tools diagnosis' (#954) + - [enh] Misc optimizations to speed up regen-conf and other things (#958) + - [enh] When sharing logs, also anonymize folder name containing %2e instead of dot (b392efd) + - [enh] Keep track of yunohost version a backup was made from (54cc684) + - [fix] Re-add 'app fetchlist', 'app list -i', 'app list' filter for backward compatibility... (69938c3) + - [i18n] Improve translations for Catalan, German, French, Esperanto, Spanish, Greek, Nepali, Occitan + + Thanks to all contributors <3 ! (Bram, C. Wehrli, Kay0u, Maniack C., Quentí, Zeik0s, amirale qt, ljf, pitchum, tituspijean, xaloc33, Éric G.) + + -- Alexandre Aubin Wed, 29 Apr 2020 23:15:00 +0000 + yunohost (3.8.1.1) testing; urgency=low - [fix] Stupid issue about path in debian/install ... From 7ce56cd867b0939aabf95fcbab344c3f01083a5e Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 00:18:12 +0200 Subject: [PATCH 067/451] Bad french translation --- locales/fr.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locales/fr.json b/locales/fr.json index 764b6bb10..e9402730d 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -522,7 +522,7 @@ "diagnosis_display_tip_cli": "Vous pouvez exécuter 'yunohost diagnosis show --issues' pour afficher les problèmes détectés.", "diagnosis_failed_for_category": "Échec du diagnostic pour la catégorie '{category}': {error}", "diagnosis_cache_still_valid": "(Le cache est encore valide pour le diagnostic {category}. Il ne sera pas re-diagnostiqué pour le moment!)", - "diagnosis_ignored_issues": "(+ {nb_ignored} questions ignorée(s))", + "diagnosis_ignored_issues": "(+ {nb_ignored} problèmes ignorée(s))", "diagnosis_found_warnings": "Trouvé {warnings} objet(s) pouvant être amélioré(s) pour {category}.", "diagnosis_everything_ok": "Tout semble bien pour {category} !", "diagnosis_failed": "Échec de la récupération du résultat du diagnostic pour la catégorie '{category}' : {error}", From 4f8aa5e338537f211aa459d142b97cfe3585b628 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 02:38:27 +0200 Subject: [PATCH 068/451] Propagate route check to ip diagnoser as well :/ --- data/hooks/diagnosis/10-ip.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/data/hooks/diagnosis/10-ip.py b/data/hooks/diagnosis/10-ip.py index ac867efb5..d4c203e7e 100644 --- a/data/hooks/diagnosis/10-ip.py +++ b/data/hooks/diagnosis/10-ip.py @@ -106,8 +106,15 @@ class IPDiagnoser(Diagnoser): # If we are indeed connected in ipv4 or ipv6, we should find a default route routes = check_output("ip -%s route" % protocol).split("\n") - if not any(r.startswith("default") for r in routes): - return False + def is_default_route(r): + # Typically the default route starts with "default" + # But of course IPv6 is more complex ... e.g. on internet cube there's + # no default route but a /3 which acts as a default-like route... + # e.g. 2000:/3 dev tun0 ... + return r.startswith("default") or (":" in r and re.match(r".*/[0-3]$", r.split()[0])) + if not any(is_default_route(r) for r in routes): + logger.debug("No default route for IPv%s, so assuming there's no IP address for that version" % protocol) + return None # We use the resolver file as a list of well-known, trustable (ie not google ;)) IPs that we can ping resolver_file = "/usr/share/yunohost/templates/dnsmasq/plain/resolv.dnsmasq.conf" From aaccb547750076694af33656126eb04bdf0a3ff5 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 02:40:22 +0200 Subject: [PATCH 069/451] Hmf, comparison return a warning if swap is exactly 512.. --- data/hooks/diagnosis/50-systemresources.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/50-systemresources.py b/data/hooks/diagnosis/50-systemresources.py index 417b88ae7..5007f8ede 100644 --- a/data/hooks/diagnosis/50-systemresources.py +++ b/data/hooks/diagnosis/50-systemresources.py @@ -47,7 +47,7 @@ class SystemResourcesDiagnoser(Diagnoser): if swap.total <= 1 * MB: item["status"] = "ERROR" item["summary"] = "diagnosis_swap_none" - elif swap.total <= 512 * MB: + elif swap.total < 500 * MB: item["status"] = "WARNING" item["summary"] = "diagnosis_swap_notsomuch" else: From 8de8d0ad6fdefafdb641b5aad83396476a7af3ff Mon Sep 17 00:00:00 2001 From: ljf Date: Thu, 30 Apr 2020 02:44:51 +0200 Subject: [PATCH 070/451] [fix] Reverse DNS check --- data/hooks/diagnosis/24-mail.py | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/data/hooks/diagnosis/24-mail.py b/data/hooks/diagnosis/24-mail.py index a60b4f0d4..f325c72da 100644 --- a/data/hooks/diagnosis/24-mail.py +++ b/data/hooks/diagnosis/24-mail.py @@ -2,7 +2,6 @@ import os import dns.resolver -import socket import re from subprocess import CalledProcessError @@ -118,15 +117,25 @@ class MailDiagnoser(Diagnoser): details = ["diagnosis_mail_fcrdns_nok_details", "diagnosis_mail_fcrdns_nok_alternatives_4"] - try: - rdns_domain, _, _ = socket.gethostbyaddr(ip) - except socket.herror: + rev = dns.reversename.from_address(ip) + subdomain = str(rev.split(3)[0]) + query = subdomain + if ipversion == 4: + query += '.in-addr.arpa' + else: + query += '.ip6.arpa' + + # Do the DNS Query + status, value = dig(query, 'PTR') + if status == "nok": yield dict(meta={"test": "mail_fcrdns", "ipversion": ipversion}, data={"ip": ip, "ehlo_domain": self.ehlo_domain}, status="ERROR", summary="diagnosis_mail_fcrdns_dns_missing", details=details) continue + + rdns_domain = value[0] if len(value) > 0 else '' if rdns_domain != self.ehlo_domain: details = ["diagnosis_mail_fcrdns_different_from_ehlo_domain_details"] + details yield dict(meta={"test": "mail_fcrdns", "ipversion": ipversion}, From 1cb330823d3e1348fc1e350105729d6604890648 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 26 Apr 2020 20:49:09 +0200 Subject: [PATCH 071/451] Try to show smarter / more useful logs by filtering irrelevant lines like 'set +x' etc --- data/actionsmap/yunohost.yml | 4 ++++ src/yunohost/app.py | 17 +++++++++++++++++ src/yunohost/log.py | 19 +++++++++++++++++-- src/yunohost/service.py | 10 +++++++++- 4 files changed, 47 insertions(+), 3 deletions(-) diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index 0ad1268f2..6ccd5ebfe 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -1659,6 +1659,10 @@ log: --share: help: Share the full log using yunopaste action: store_true + -f: + full: --filter-irrelevant + help: Do not show some lines deemed not relevant (like set +x or helper argument parsing) + action: store_true ############################# diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 8a29f9dbb..ba3ac4c01 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -914,6 +914,19 @@ def dump_app_log_extract_for_debugging(operation_logger): with open(operation_logger.log_path, "r") as f: lines = f.readlines() + filters = [ + r"set [+-]x$", + r"local \w+$", + r"local legacy_args=.*$", + r".*Helper used in legacy mode.*", + r"args_array=.*$", + r"declare -Ar args_array$", + r"ynh_handle_getopts_args", + r"ynh_script_progression" + ] + + filters = [re.compile(f) for f in filters] + lines_to_display = [] for line in lines: @@ -924,6 +937,10 @@ def dump_app_log_extract_for_debugging(operation_logger): # 2019-10-19 16:10:27,611: DEBUG - + mysql -u piwigo --password=********** -B piwigo # And we just want the part starting by "DEBUG - " line = line.strip().split(": ", 1)[1] + + if any(filter_.search(line) for filter_ in filters): + continue + lines_to_display.append(line) if line.endswith("+ ynh_exit_properly") or " + ynh_die " in line: diff --git a/src/yunohost/log.py b/src/yunohost/log.py index cd08bdfe0..523a10f76 100644 --- a/src/yunohost/log.py +++ b/src/yunohost/log.py @@ -122,7 +122,7 @@ def log_list(category=[], limit=None, with_details=False): return result -def log_display(path, number=None, share=False): +def log_display(path, number=None, share=False, filter_irrelevant=False): """ Display a log file enriched with metadata if any. @@ -202,9 +202,24 @@ def log_display(path, number=None, share=False): # Display logs if exist if os.path.exists(log_path): + + if filter_irrelevant: + filters = [ + r"set [+-]x$", + r"local \w+$", + r"local legacy_args=.*$", + r".*Helper used in legacy mode.*", + r"args_array=.*$", + r"declare -Ar args_array$", + r"ynh_handle_getopts_args", + r"ynh_script_progression" + ] + else: + filters = [] + from yunohost.service import _tail if number: - logs = _tail(log_path, int(number)) + logs = _tail(log_path, int(number), filters=filters) else: logs = read_file(log_path) infos['log_path'] = log_path diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 2f45e28c3..c17eb04c2 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -23,6 +23,8 @@ Manage services """ + +import re import os import re import time @@ -616,7 +618,7 @@ def _save_services(services): raise -def _tail(file, n): +def _tail(file, n, filters=[]): """ Reads a n lines from f with an offset of offset lines. The return value is a tuple in the form ``(lines, has_more)`` where `has_more` is @@ -627,6 +629,9 @@ def _tail(file, n): avg_line_length = 74 to_read = n + if filters: + filters = [re.compile(f) for f in filters] + try: if file.endswith(".gz"): import gzip @@ -647,6 +652,9 @@ def _tail(file, n): pos = f.tell() lines = f.read().splitlines() + for filter_ in filters: + lines = [l for l in lines if not filter_.search(l)] + if len(lines) >= to_read: return lines[-to_read:] From 9a7b9b0b321bb99babc033cc9a3c5b1e8c10a0e4 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 27 Apr 2020 02:24:50 +0200 Subject: [PATCH 072/451] declare -Ar -> local -A --- src/yunohost/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index ba3ac4c01..7d5eccd30 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -920,7 +920,7 @@ def dump_app_log_extract_for_debugging(operation_logger): r"local legacy_args=.*$", r".*Helper used in legacy mode.*", r"args_array=.*$", - r"declare -Ar args_array$", + r"local -A args_array$", r"ynh_handle_getopts_args", r"ynh_script_progression" ] From a51478dc40f3b17ffc73692029a3003970b89d8e Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 27 Apr 2020 02:25:14 +0200 Subject: [PATCH 073/451] declare -Ar -> local -A --- src/yunohost/log.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/log.py b/src/yunohost/log.py index 523a10f76..b15a65943 100644 --- a/src/yunohost/log.py +++ b/src/yunohost/log.py @@ -210,7 +210,7 @@ def log_display(path, number=None, share=False, filter_irrelevant=False): r"local legacy_args=.*$", r".*Helper used in legacy mode.*", r"args_array=.*$", - r"declare -Ar args_array$", + r"local -A args_array$", r"ynh_handle_getopts_args", r"ynh_script_progression" ] From e9f359e5f0bb3682d9a286aa2e39c7ac9296e8d1 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 05:14:29 +0200 Subject: [PATCH 074/451] Call exit 1 directly instead of ynh_die to avoid a full arg parse just to exit.. --- data/helpers.d/utils | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/utils b/data/helpers.d/utils index fb50305ce..0a2967363 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -35,7 +35,7 @@ ynh_exit_properly () { ynh_clean_setup # Call the function to do specific cleaning for the app. fi - ynh_die # Exit with error status + exit 1 # Exit with error status } # Exits if an error occurs during the execution of the script. From bb82c41db64e7a341e4cbcceb52bfb972f59128d Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 05:21:42 +0200 Subject: [PATCH 075/451] Apparently set +x is set +o xtrace now ;P --- src/yunohost/app.py | 1 + src/yunohost/log.py | 1 + 2 files changed, 2 insertions(+) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 7d5eccd30..e2df6ba78 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -916,6 +916,7 @@ def dump_app_log_extract_for_debugging(operation_logger): filters = [ r"set [+-]x$", + r"set [+-]o xtrace$", r"local \w+$", r"local legacy_args=.*$", r".*Helper used in legacy mode.*", diff --git a/src/yunohost/log.py b/src/yunohost/log.py index b15a65943..de84280f0 100644 --- a/src/yunohost/log.py +++ b/src/yunohost/log.py @@ -206,6 +206,7 @@ def log_display(path, number=None, share=False, filter_irrelevant=False): if filter_irrelevant: filters = [ r"set [+-]x$", + r"set [+-]o xtrace$", r"local \w+$", r"local legacy_args=.*$", r".*Helper used in legacy mode.*", From be883c3aef92a207277a1221516b4fea9ffa55bf Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 05:23:23 +0200 Subject: [PATCH 076/451] Let's have the short option be -i instead of -f --- data/actionsmap/yunohost.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index 6ccd5ebfe..a748e4533 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -1659,7 +1659,7 @@ log: --share: help: Share the full log using yunopaste action: store_true - -f: + -i: full: --filter-irrelevant help: Do not show some lines deemed not relevant (like set +x or helper argument parsing) action: store_true From 65d54ba6b90d95d15eb7f01f671248f0f840e7d5 Mon Sep 17 00:00:00 2001 From: ljf Date: Thu, 30 Apr 2020 17:15:48 +0200 Subject: [PATCH 077/451] [fix] Blacklist false positive --- src/yunohost/utils/network.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/yunohost/utils/network.py b/src/yunohost/utils/network.py index ce2356fcf..ccd938fd4 100644 --- a/src/yunohost/utils/network.py +++ b/src/yunohost/utils/network.py @@ -131,6 +131,12 @@ def dig(qname, rdtype="A", timeout=5, resolvers="local", edns_size=1500, full_an Do a quick DNS request and avoid the "search" trap inside /etc/resolv.conf """ + # It's very important to do the request with a qname ended by . + # If we don't and the domain fail, dns resolver try a second request + # by concatenate the qname with the end of the "hostname" + if not qname.endswith("."): + qname += "." + if resolvers == "local": resolvers = ["127.0.0.1"] elif resolvers == "force_external": From c33e61ab2ede8a467019d347edae8a99d19ec36a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 17:32:29 +0200 Subject: [PATCH 078/451] Update changelog for 3.8.2.1 --- debian/changelog | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/debian/changelog b/debian/changelog index 37a945919..d79900fae 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,13 @@ +yunohost (3.8.2.1) testing; urgency=low + + - [fix] Make sure DNS queries are dong using absolute names to avoid stupid issues + - [fix] More reliable way to fetch PTR record / reverse DNS + - [fix] Propagate IPv6 default route check to ip diagnoser code as well + + Thanks to ljf for the tests and fixes ! + + -- Alexandre Aubin Thu, 30 Apr 2020 17:30:00 +0000 + yunohost (3.8.2) testing; urgency=low ### Diagnosis From e63679684a31dda638b98396e9dd59640d9622d9 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Sun, 12 Apr 2020 23:28:49 +0200 Subject: [PATCH 079/451] rework backup --- src/yunohost/backup.py | 79 ++++++++++++++++++++++-------------------- 1 file changed, 42 insertions(+), 37 deletions(-) diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index 51aa7d6cd..4501b9078 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -752,7 +752,7 @@ class BackupManager(): for method in self.methods: logger.debug(m18n.n('backup_applying_method_' + method.method_name)) - method.mount_and_backup(self) + method.mount_and_backup() logger.debug(m18n.n('backup_method_' + method.method_name + '_finished')) def _compute_backup_size(self): @@ -851,7 +851,7 @@ class RestoreManager(): self.info = backup_info(name, with_details=True) self.archive_path = self.info['path'] self.name = name - self.method = BackupMethod.create(method) + self.method = BackupMethod.create(method, self) self.targets = BackupRestoreTargetsManager() # @@ -956,6 +956,9 @@ class RestoreManager(): # These are the hooks on the current installation available_restore_system_hooks = hook_list("restore")["hooks"] + custom_restore_hook_folder = os.path.join(CUSTOM_HOOK_FOLDER, 'restore') + filesystem.mkdir(custom_restore_hook_folder, 755, parents=True, force=True) + for system_part in target_list: # By default, we'll use the restore hooks on the current install # if available @@ -967,24 +970,23 @@ class RestoreManager(): continue # Otherwise, attempt to find it (or them?) in the archive - hook_paths = '{:s}/hooks/restore/*-{:s}'.format(self.work_dir, system_part) - hook_paths = glob(hook_paths) # If we didn't find it, we ain't gonna be able to restore it - if len(hook_paths) == 0: + if system_part not in self.info['system'] or len(self.info['system'][system_part]['paths']) == 0: logger.exception(m18n.n('restore_hook_unavailable', part=system_part)) self.targets.set_result("system", system_part, "Skipped") continue + hook_paths = self.info['system'][system_part]['paths'] + hook_paths = [ 'hooks/restore/%s' % os.path.basename(p) for p in hook_paths ] + # Otherwise, add it from the archive to the system # FIXME: Refactor hook_add and use it instead - custom_restore_hook_folder = os.path.join(CUSTOM_HOOK_FOLDER, 'restore') - filesystem.mkdir(custom_restore_hook_folder, 755, True) for hook_path in hook_paths: logger.debug("Adding restoration script '%s' to the system " "from the backup archive '%s'", hook_path, self.archive_path) - shutil.copy(hook_path, custom_restore_hook_folder) + self.method.copy(hook_path, custom_restore_hook_folder) def set_apps_targets(self, apps=[]): """ @@ -1044,7 +1046,7 @@ class RestoreManager(): filesystem.mkdir(self.work_dir, parents=True) - self.method.mount(self) + self.method.mount() self._read_info_files() @@ -1499,19 +1501,19 @@ class BackupMethod(object): method_name Public methods: - mount_and_backup(self, backup_manager) - mount(self, restore_manager) + mount_and_backup(self) + mount(self) create(cls, method, **kwargs) Usage: method = BackupMethod.create("tar") - method.mount_and_backup(backup_manager) + method.mount_and_backup() #or method = BackupMethod.create("copy") method.mount(restore_manager) """ - def __init__(self, repo=None): + def __init__(self, manager, repo=None): """ BackupMethod constructors @@ -1524,6 +1526,7 @@ class BackupMethod(object): BackupRepository object. If None, the default repo is used : /home/yunohost.backup/archives/ """ + self.manager = manager self.repo = ARCHIVES_PATH if repo is None else repo @property @@ -1569,18 +1572,13 @@ class BackupMethod(object): """ return False - def mount_and_backup(self, backup_manager): + def mount_and_backup(self): """ Run the backup on files listed by the BackupManager instance This method shouldn't be overrided, prefer overriding self.backup() and self.clean() - - Args: - backup_manager -- (BackupManager) A backup manager instance that has - already done the files collection step. """ - self.manager = backup_manager if self.need_mount(): self._organize_files() @@ -1589,17 +1587,13 @@ class BackupMethod(object): finally: self.clean() - def mount(self, restore_manager): + def mount(self): """ Mount the archive from RestoreManager instance in the working directory This method should be extended. - - Args: - restore_manager -- (RestoreManager) A restore manager instance - contains an archive to restore. """ - self.manager = restore_manager + pass def clean(self): """ @@ -1781,8 +1775,8 @@ class CopyBackupMethod(BackupMethod): could be the inverse for restoring """ - def __init__(self, repo=None): - super(CopyBackupMethod, self).__init__(repo) + def __init__(self, manager, repo=None): + super(CopyBackupMethod, self).__init__(manager, repo) @property def method_name(self): @@ -1836,6 +1830,9 @@ class CopyBackupMethod(BackupMethod): "&&", "umount", "-R", self.work_dir]) raise YunohostError('backup_cant_mount_uncompress_archive') + def copy(self, file, target): + shutil.copy(file, target) + class TarBackupMethod(BackupMethod): @@ -1843,8 +1840,8 @@ class TarBackupMethod(BackupMethod): This class compress all files to backup in archive. """ - def __init__(self, repo=None): - super(TarBackupMethod, self).__init__(repo) + def __init__(self, manager, repo=None): + super(TarBackupMethod, self).__init__(manager, repo) @property def method_name(self): @@ -1904,7 +1901,7 @@ class TarBackupMethod(BackupMethod): if not os.path.isfile(link): os.symlink(self._archive_file, link) - def mount(self, restore_manager): + def mount(self): """ Mount the archive. We avoid copy to be able to restore on system without too many space. @@ -1914,7 +1911,7 @@ class TarBackupMethod(BackupMethod): backup_archive_corrupted -- Raised if the archive appears corrupted backup_archive_cant_retrieve_info_json -- If the info.json file can't be retrieved """ - super(TarBackupMethod, self).mount(restore_manager) + super(TarBackupMethod, self).mount() # Check the archive can be open try: @@ -1994,6 +1991,11 @@ class TarBackupMethod(BackupMethod): # FIXME : Don't we want to close the tar archive here or at some point ? + def copy(self, file, target): + tar = tarfile.open(self._archive_file, "r:gz") + tar.extract(file, path=target) + tar.close() + class BorgBackupMethod(BackupMethod): @@ -2011,6 +2013,9 @@ class BorgBackupMethod(BackupMethod): def mount(self, mnt_path): raise YunohostError('backup_borg_not_implemented') + def copy(self, file, target): + raise YunohostError('backup_borg_not_implemented') + class CustomBackupMethod(BackupMethod): @@ -2020,8 +2025,8 @@ class CustomBackupMethod(BackupMethod): /etc/yunohost/hooks.d/backup_method/ """ - def __init__(self, repo=None, method=None, **kwargs): - super(CustomBackupMethod, self).__init__(repo) + def __init__(self, manager, repo=None, method=None, **kwargs): + super(CustomBackupMethod, self).__init__(manager, repo) self.args = kwargs self.method = method self._need_mount = None @@ -2062,14 +2067,14 @@ class CustomBackupMethod(BackupMethod): if ret_failed: raise YunohostError('backup_custom_backup_error') - def mount(self, restore_manager): + def mount(self): """ Launch a custom script to mount the custom archive Exceptions: backup_custom_mount_error -- Raised if the custom script failed """ - super(CustomBackupMethod, self).mount(restore_manager) + super(CustomBackupMethod, self).mount() ret = hook_callback('backup_method', [self.method], args=self._get_args('mount')) @@ -2160,9 +2165,9 @@ def backup_create(name=None, description=None, methods=[], # Add backup methods if output_directory: - methods = BackupMethod.create(methods, output_directory) + methods = BackupMethod.create(methods, backup_manager, output_directory) else: - methods = BackupMethod.create(methods) + methods = BackupMethod.create(methods, backup_manager) for method in methods: backup_manager.add(method) From 7de8417fb2262c38c1ff945f5d47aa981571f177 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 13 Apr 2020 00:07:54 +0200 Subject: [PATCH 080/451] update comments + fix mock --- src/yunohost/backup.py | 37 ++++++++++-------------- src/yunohost/tests/test_backuprestore.py | 3 +- 2 files changed, 17 insertions(+), 23 deletions(-) diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index 4501b9078..db689125d 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -219,8 +219,8 @@ class BackupManager(): backup_manager = BackupManager(name="mybackup", description="bkp things") # Add backup method to apply - backup_manager.add(BackupMethod.create('copy','/mnt/local_fs')) - backup_manager.add(BackupMethod.create('tar','/mnt/remote_fs')) + backup_manager.add(BackupMethod.create('copy', backup_manager, '/mnt/local_fs')) + backup_manager.add(BackupMethod.create('tar', backup_manager, '/mnt/remote_fs')) # Define targets to be backuped backup_manager.set_system_targets(["data"]) @@ -972,7 +972,9 @@ class RestoreManager(): # Otherwise, attempt to find it (or them?) in the archive # If we didn't find it, we ain't gonna be able to restore it - if system_part not in self.info['system'] or len(self.info['system'][system_part]['paths']) == 0: + if system_part not in self.info['system'] or\ + 'paths' not in self.info['system'][system_part] or\ + len(self.info['system'][system_part]['paths']) == 0: logger.exception(m18n.n('restore_hook_unavailable', part=system_part)) self.targets.set_result("system", system_part, "Skipped") continue @@ -1506,11 +1508,11 @@ class BackupMethod(object): create(cls, method, **kwargs) Usage: - method = BackupMethod.create("tar") + method = BackupMethod.create("tar", backup_manager) method.mount_and_backup() #or - method = BackupMethod.create("copy") - method.mount(restore_manager) + method = BackupMethod.create("copy", restore_manager) + method.mount() """ def __init__(self, manager, repo=None): @@ -1738,7 +1740,7 @@ class BackupMethod(object): shutil.copy(path['source'], dest) @classmethod - def create(cls, method, *args): + def create(cls, method, manager, *args): """ Factory method to create instance of BackupMethod @@ -1754,7 +1756,7 @@ class BackupMethod(object): if not isinstance(method, basestring): methods = [] for m in method: - methods.append(BackupMethod.create(m, *args)) + methods.append(BackupMethod.create(m, manager, *args)) return methods bm_class = { @@ -1763,9 +1765,9 @@ class BackupMethod(object): 'borg': BorgBackupMethod } if method in ["copy", "tar", "borg"]: - return bm_class[method](*args) + return bm_class[method](manager, *args) else: - return CustomBackupMethod(method=method, *args) + return CustomBackupMethod(manager, method=method, *args) class CopyBackupMethod(BackupMethod): @@ -1913,7 +1915,8 @@ class TarBackupMethod(BackupMethod): """ super(TarBackupMethod, self).mount() - # Check the archive can be open + # Mount the tarball + logger.debug(m18n.n("restore_extracting")) try: tar = tarfile.open(self._archive_file, "r:gz") except: @@ -1926,15 +1929,7 @@ class TarBackupMethod(BackupMethod): except IOError as e: raise YunohostError("backup_archive_corrupted", archive=self._archive_file, error=str(e)) - # FIXME : Is this really useful to close the archive just to - # reopen it right after this with the same options ...? - tar.close() - - # Mount the tarball - logger.debug(m18n.n("restore_extracting")) - tar = tarfile.open(self._archive_file, "r:gz") - - if "info.json" in files_in_archive: + if "info.json" in tar.getnames(): leading_dot = "" tar.extract('info.json', path=self.work_dir) elif "./info.json" in files_in_archive: @@ -1989,7 +1984,7 @@ class TarBackupMethod(BackupMethod): ] tar.extractall(members=subdir_and_files, path=self.work_dir) - # FIXME : Don't we want to close the tar archive here or at some point ? + tar.close() def copy(self, file, target): tar = tarfile.open(self._archive_file, "r:gz") diff --git a/src/yunohost/tests/test_backuprestore.py b/src/yunohost/tests/test_backuprestore.py index c7a4f9016..d016fb529 100644 --- a/src/yunohost/tests/test_backuprestore.py +++ b/src/yunohost/tests/test_backuprestore.py @@ -593,8 +593,7 @@ def test_restore_archive_with_bad_archive(mocker): def test_backup_binds_are_readonly(mocker, monkeypatch): - def custom_mount_and_backup(self, backup_manager): - self.manager = backup_manager + def custom_mount_and_backup(self): self._organize_files() confssh = os.path.join(self.work_dir, "conf/ssh") From 5901cb9993e8d6dde51c532fa8c9ca24994e3b86 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Tue, 28 Apr 2020 21:05:36 +0200 Subject: [PATCH 081/451] remove the path of the tarfile --- src/yunohost/backup.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index db689125d..65659c302 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -1988,7 +1988,10 @@ class TarBackupMethod(BackupMethod): def copy(self, file, target): tar = tarfile.open(self._archive_file, "r:gz") - tar.extract(file, path=target) + file_to_extract = tar.getmember(file) + # Remove the path + file_to_extract.name = os.path.basename(file_to_extract.name) + tar.extract(file_to_extract, path=target) tar.close() From 86810fb68a1729a069b1ac3175790ca2727fcf6d Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 18:03:44 +0200 Subject: [PATCH 082/451] Goddamit Aleks, check your damn code before release yo --- data/hooks/diagnosis/10-ip.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/10-ip.py b/data/hooks/diagnosis/10-ip.py index d4c203e7e..fe4993935 100644 --- a/data/hooks/diagnosis/10-ip.py +++ b/data/hooks/diagnosis/10-ip.py @@ -1,5 +1,6 @@ #!/usr/bin/env python +import re import os import random @@ -10,6 +11,7 @@ from moulinette.utils.filesystem import read_file from yunohost.diagnosis import Diagnoser from yunohost.utils.network import get_network_interfaces + class IPDiagnoser(Diagnoser): id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] @@ -72,6 +74,7 @@ class IPDiagnoser(Diagnoser): ipv6 = self.get_public_ip(6) if can_ping_ipv6 else None network_interfaces = get_network_interfaces() + def get_local_ip(version): local_ip = {iface: addr[version].split("/")[0] for iface, addr in network_interfaces.items() if version in addr} @@ -106,6 +109,7 @@ class IPDiagnoser(Diagnoser): # If we are indeed connected in ipv4 or ipv6, we should find a default route routes = check_output("ip -%s route" % protocol).split("\n") + def is_default_route(r): # Typically the default route starts with "default" # But of course IPv6 is more complex ... e.g. on internet cube there's @@ -113,7 +117,7 @@ class IPDiagnoser(Diagnoser): # e.g. 2000:/3 dev tun0 ... return r.startswith("default") or (":" in r and re.match(r".*/[0-3]$", r.split()[0])) if not any(is_default_route(r) for r in routes): - logger.debug("No default route for IPv%s, so assuming there's no IP address for that version" % protocol) + self.logger_debug("No default route for IPv%s, so assuming there's no IP address for that version" % protocol) return None # We use the resolver file as a list of well-known, trustable (ie not google ;)) IPs that we can ping From 15807c411c3cea86743ac3177de694ad4c182ccc Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 17:45:39 +0200 Subject: [PATCH 083/451] Bad parenthesis positioning --- src/yunohost/tools.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index 3208bda60..abfc3b7af 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -598,8 +598,8 @@ def tools_upgrade(operation_logger, apps=None, system=False): ) returncode = call_async_output(dist_upgrade, callbacks, shell=True) if returncode != 0: - logger.warning(m18n.n('tools_upgrade_regular_packages_failed'), - packages_list=', '.join(noncritical_packages_upgradable)) + logger.warning(m18n.n('tools_upgrade_regular_packages_failed', + packages_list=', '.join(noncritical_packages_upgradable))) operation_logger.error(m18n.n('packages_upgrade_failed')) raise YunohostError(m18n.n('packages_upgrade_failed')) From f358bdde19ab0a0f9678a1d43bb8fcd49caaa51a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 30 Apr 2020 18:04:35 +0200 Subject: [PATCH 084/451] Update changelog for 3.8.2.2 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index d79900fae..c119d57e7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +yunohost (3.8.2.2) testing; urgency=low + + Aleks broke everything /again/ *.* + + -- Alexandre Aubin Thu, 30 Apr 2020 18:05:00 +0000 + yunohost (3.8.2.1) testing; urgency=low - [fix] Make sure DNS queries are dong using absolute names to avoid stupid issues From fd5ba7b1e50b47b45adec14a0913399063c33dec Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 29 Apr 2020 11:18:01 +0200 Subject: [PATCH 085/451] test custom hooks --- src/yunohost/tests/test_backuprestore.py | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/src/yunohost/tests/test_backuprestore.py b/src/yunohost/tests/test_backuprestore.py index d016fb529..790d27d6c 100644 --- a/src/yunohost/tests/test_backuprestore.py +++ b/src/yunohost/tests/test_backuprestore.py @@ -11,6 +11,7 @@ from yunohost.backup import backup_create, backup_restore, backup_list, backup_i from yunohost.domain import _get_maindomain from yunohost.user import user_permission_list, user_create, user_list, user_delete from yunohost.tests.test_permission import check_LDAP_db_integrity, check_permission_for_apps +from yunohost.hook import CUSTOM_HOOK_FOLDER # Get main domain maindomain = "" @@ -591,6 +592,27 @@ def test_restore_archive_with_bad_archive(mocker): clean_tmp_backup_directory() +def test_restore_archive_with_custom_hook(mocker): + + custom_restore_hook_folder = os.path.join(CUSTOM_HOOK_FOLDER, 'restore') + os.system("touch %s/99-yolo" % custom_restore_hook_folder) + + # Backup with custom hook system + with message(mocker, "backup_created"): + backup_create(system=[], apps=None) + archives = backup_list()["archives"] + assert len(archives) == 1 + + # Restore system with custom hook + with message(mocker, "restore_complete"): + backup_restore(name=backup_list()["archives"][0], + system=[], + apps=None, + force=True) + + os.system("rm %s/99-yolo" % custom_restore_hook_folder) + + def test_backup_binds_are_readonly(mocker, monkeypatch): def custom_mount_and_backup(self): From 572feafc805165419065b1687366a32b3cd4a620 Mon Sep 17 00:00:00 2001 From: ljf Date: Thu, 30 Apr 2020 20:06:43 +0200 Subject: [PATCH 086/451] [fix] Remove point in reverse DNS --- data/hooks/diagnosis/24-mail.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/24-mail.py b/data/hooks/diagnosis/24-mail.py index f325c72da..bc159c3b7 100644 --- a/data/hooks/diagnosis/24-mail.py +++ b/data/hooks/diagnosis/24-mail.py @@ -135,7 +135,9 @@ class MailDiagnoser(Diagnoser): details=details) continue - rdns_domain = value[0] if len(value) > 0 else '' + rdns_domain = '' + if len(value) > 0: + rdns_domain = value[0][:-1] if value[0].endswith('.') else value[0] if rdns_domain != self.ehlo_domain: details = ["diagnosis_mail_fcrdns_different_from_ehlo_domain_details"] + details yield dict(meta={"test": "mail_fcrdns", "ipversion": ipversion}, From d6095a3c0f79c44826539ededdbedf2a3e4db8a3 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 30 Apr 2020 20:10:20 +0200 Subject: [PATCH 087/451] Add linter --- .gitlab-ci.yml | 83 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 56 insertions(+), 27 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 05aafe43b..6aac589c1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,9 +1,25 @@ stages: - postinstall - tests + - lint -.tests: +######################################## +# POSTINSTALL +######################################## + +postinstall: + image: before-postinstall + stage: postinstall + script: + - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns + +######################################## +# TESTS +######################################## + +.test-stage: image: after-postinstall + stage: tests before_script: - apt-get install python-pip -y - mkdir -p .pip @@ -25,77 +41,90 @@ stages: - src/yunohost/tests/apps key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" -postinstall: - image: before-postinstall - stage: postinstall - script: - - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns - root-tests: - extends: .tests - stage: tests + extends: .test-stage script: - py.test tests test-apps: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_apps.py test-appscatalog: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_appscatalog.py test-appurl: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_appurl.py test-backuprestore: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_backuprestore.py test-changeurl: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_changeurl.py test-permission: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_permission.py test-settings: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_settings.py test-user-group: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_user-group.py test-regenconf: - extends: .tests - stage: tests + extends: .test-stage script: - cd src/yunohost - py.test tests/test_regenconf.py + +######################################## +# LINTER +######################################## + +.lint-stage: + image: before-postinstall + stage: lint + before_script: + - apt-get install python-pip -y + - mkdir -p .pip + - pip install -U pip + - hash -d pip + - pip --cache-dir=.pip install flake8 blake + cache: + paths: + - .pip + - src/yunohost/tests/apps + key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" + +lint: + extends: .lint-stage + script: + - flake8 src tests data + +format-check: + extends: .lint-stage + script: + - black {posargs:--check --diff} src tests data \ No newline at end of file From 18580803e61b09ace3ba9b8279538a7b5cb63241 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 30 Apr 2020 23:40:58 +0200 Subject: [PATCH 088/451] use python3 for linter --- .gitlab-ci.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6aac589c1..bd5a320e7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -108,15 +108,14 @@ test-regenconf: image: before-postinstall stage: lint before_script: - - apt-get install python-pip -y - - mkdir -p .pip - - pip install -U pip - - hash -d pip - - pip --cache-dir=.pip install flake8 blake + - apt-get install python3-pip -y + - mkdir -p .pip3 + - pip3 install -U pip + - hash -d pip3 + - pip3 --cache-dir=.pip3 install flake8 black cache: paths: - - .pip - - src/yunohost/tests/apps + - .pip3 key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" lint: From 81bdb3382465e30c1d44b9bbbcdf5aabe112d453 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 1 May 2020 00:41:50 +0200 Subject: [PATCH 089/451] disable black until buster --- .gitlab-ci.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index bd5a320e7..8248d6caf 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -112,7 +112,7 @@ test-regenconf: - mkdir -p .pip3 - pip3 install -U pip - hash -d pip3 - - pip3 --cache-dir=.pip3 install flake8 black + - pip3 --cache-dir=.pip3 install flake8 # black cache: paths: - .pip3 @@ -123,7 +123,8 @@ lint: script: - flake8 src tests data -format-check: - extends: .lint-stage - script: - - black {posargs:--check --diff} src tests data \ No newline at end of file +# Disabled, waiting for buster +#format-check: +# extends: .lint-stage +# script: +# - black {posargs:--check --diff} src tests data \ No newline at end of file From 4dccab981971052b16bc8776e57527cf3f09c7f5 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 1 May 2020 00:45:13 +0200 Subject: [PATCH 090/451] linter on all the repo --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8248d6caf..d55b02d3a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -121,10 +121,10 @@ test-regenconf: lint: extends: .lint-stage script: - - flake8 src tests data + - flake8 # Disabled, waiting for buster #format-check: # extends: .lint-stage # script: -# - black {posargs:--check --diff} src tests data \ No newline at end of file +# - black --check --diff \ No newline at end of file From 3b93ba47721d0a3234e88b06f6c320ac98405ae7 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Fri, 1 May 2020 01:27:31 +0200 Subject: [PATCH 091/451] use tox --- .gitlab-ci.yml | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d55b02d3a..7459ae982 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -108,20 +108,22 @@ test-regenconf: image: before-postinstall stage: lint before_script: - - apt-get install python3-pip -y - - mkdir -p .pip3 - - pip3 install -U pip - - hash -d pip3 - - pip3 --cache-dir=.pip3 install flake8 # black + - apt-get install python-pip -y + - mkdir -p .pip + - pip install -U pip + - hash -d pip + - pip --cache-dir=.pip install tox cache: paths: - - .pip3 + - .pip + - .tox key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" lint: extends: .lint-stage + allow_failure: true script: - - flake8 + - tox -e lint # Disabled, waiting for buster #format-check: From 6bd7eb64bd3aa4d57e3656afa6d519174138c455 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 1 May 2020 17:53:07 +0200 Subject: [PATCH 092/451] Assert slapd is running to avoid miserably crashing with weird ldap errors --- src/yunohost/utils/ldap.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/yunohost/utils/ldap.py b/src/yunohost/utils/ldap.py index 22e95ad07..b7111a6cd 100644 --- a/src/yunohost/utils/ldap.py +++ b/src/yunohost/utils/ldap.py @@ -19,8 +19,10 @@ """ +import os import atexit from moulinette.authenticators import ldap +from yunohost.utils.error import YunohostError # We use a global variable to do some caching # to avoid re-authenticating in case we call _get_ldap_authenticator multiple times @@ -32,6 +34,8 @@ def _get_ldap_interface(): if _ldap_interface is None: + assert_slapd_is_running() + conf = { "vendor": "ldap", "name": "as-root", "parameters": { 'uri': 'ldapi://%2Fvar%2Frun%2Fslapd%2Fldapi', @@ -45,6 +49,13 @@ def _get_ldap_interface(): return _ldap_interface +def assert_slapd_is_running(): + + # Assert slapd is running... + if not os.system("pgrep slapd >dev/null") == 0: + raise YunohostError("Service slapd is not running but is required to perform this action ... You can try to investigate what's happening with 'systemctl status slapd'") + + # We regularly want to extract stuff like 'bar' in ldap path like # foo=bar,dn=users.example.org,ou=example.org,dc=org so this small helper allow # to do this without relying of dozens of mysterious string.split()[0] From acba1c4bc82203b9f6fa1b5b168f36e6ce45bcfb Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 2 May 2020 02:13:09 +0200 Subject: [PATCH 093/451] Comment about why not using ynh_die --- data/helpers.d/utils | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/data/helpers.d/utils b/data/helpers.d/utils index 0a2967363..bad157fe1 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -35,7 +35,10 @@ ynh_exit_properly () { ynh_clean_setup # Call the function to do specific cleaning for the app. fi - exit 1 # Exit with error status + # Exit with error status + # We don't call ynh_die basically to avoid unecessary 10-ish + # debug lines about parsing args and stuff just to exit 1.. + exit 1 } # Exits if an error occurs during the execution of the script. From e85a29fbf3ee64ce3018a4eb77aa956e5dfd2b28 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 2 May 2020 02:34:28 +0200 Subject: [PATCH 094/451] Typo zblerg ~.~ --- src/yunohost/utils/ldap.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/utils/ldap.py b/src/yunohost/utils/ldap.py index b7111a6cd..fd984ce56 100644 --- a/src/yunohost/utils/ldap.py +++ b/src/yunohost/utils/ldap.py @@ -52,7 +52,7 @@ def _get_ldap_interface(): def assert_slapd_is_running(): # Assert slapd is running... - if not os.system("pgrep slapd >dev/null") == 0: + if not os.system("pgrep slapd >/dev/null") == 0: raise YunohostError("Service slapd is not running but is required to perform this action ... You can try to investigate what's happening with 'systemctl status slapd'") From fc07468051b831286661905b4882f7ac36af356e Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 2 May 2020 06:08:54 +0200 Subject: [PATCH 095/451] Simplify / optimize reading version of yunohost packages... --- debian/control | 2 +- .../0003_migrate_to_stretch.py | 4 +- src/yunohost/utils/packages.py | 89 +++++-------------- 3 files changed, 27 insertions(+), 68 deletions(-) diff --git a/debian/control b/debian/control index 5061ad4f2..8274197ae 100644 --- a/debian/control +++ b/debian/control @@ -13,7 +13,7 @@ Architecture: all Depends: ${python:Depends}, ${misc:Depends} , moulinette (>= 3.7), ssowat (>= 3.7) , python-psutil, python-requests, python-dnspython, python-openssl - , python-apt, python-miniupnpc, python-dbus, python-jinja2 + , python-miniupnpc, python-dbus, python-jinja2 , python-toml , apt, apt-transport-https , nginx, nginx-extras (>=1.6.2) diff --git a/src/yunohost/data_migrations/0003_migrate_to_stretch.py b/src/yunohost/data_migrations/0003_migrate_to_stretch.py index 60b26169a..e916b1ae8 100644 --- a/src/yunohost/data_migrations/0003_migrate_to_stretch.py +++ b/src/yunohost/data_migrations/0003_migrate_to_stretch.py @@ -14,7 +14,7 @@ from yunohost.service import _run_service_command from yunohost.regenconf import (manually_modified_files, manually_modified_files_compared_to_debian_default) from yunohost.utils.filesystem import free_space_in_directory -from yunohost.utils.packages import get_installed_version +from yunohost.utils.packages import get_ynh_package_version from yunohost.utils.network import get_network_interfaces from yunohost.firewall import firewall_allow, firewall_disallow @@ -94,7 +94,7 @@ class MyMigration(Migration): return int(check_output("grep VERSION_ID /etc/os-release | head -n 1 | tr '\"' ' ' | cut -d ' ' -f2")) def yunohost_major_version(self): - return int(get_installed_version("yunohost").split('.')[0]) + return int(get_ynh_package_version("yunohost")["version"].split('.')[0]) def check_assertions(self): diff --git a/src/yunohost/utils/packages.py b/src/yunohost/utils/packages.py index debba70f4..23da08129 100644 --- a/src/yunohost/utils/packages.py +++ b/src/yunohost/utils/packages.py @@ -21,15 +21,12 @@ import re import os import logging -from collections import OrderedDict -import apt -from apt_pkg import version_compare - -from moulinette import m18n +from moulinette.utils.process import check_output logger = logging.getLogger('yunohost.utils.packages') +YUNOHOST_PACKAGES = ['yunohost', 'yunohost-admin', 'moulinette', 'ssowat'] # Exceptions ----------------------------------------------------------------- @@ -368,66 +365,29 @@ class SpecifierSet(object): # Packages and cache helpers ------------------------------------------------- -def get_installed_version(*pkgnames, **kwargs): - """Get the installed version of package(s) +def get_ynh_package_version(package): - Retrieve one or more packages named `pkgnames` and return their installed - version as a dict or as a string if only one is requested. + # Returns the installed version and release version ('stable' or 'testing' + # or 'unstable') - """ - versions = OrderedDict() - cache = apt.Cache() - - # Retrieve options - with_repo = kwargs.get('with_repo', False) - - for pkgname in pkgnames: - try: - pkg = cache[pkgname] - except KeyError: - logger.warning(m18n.n('package_unknown', pkgname=pkgname)) - if with_repo: - versions[pkgname] = { - "version": None, - "repo": None, - } - else: - versions[pkgname] = None - continue - - try: - version = pkg.installed.version - except AttributeError: - version = None - - try: - # stable, testing, unstable - repo = pkg.installed.origins[0].component - except AttributeError: - repo = "" - - if repo == "now": - repo = "local" - - if with_repo: - versions[pkgname] = { - "version": version, - # when we don't have component it's because it's from a local - # install or from an image (like in vagrant) - "repo": repo if repo else "local", - } - else: - versions[pkgname] = version - - if len(pkgnames) == 1: - return versions[pkgnames[0]] - return versions + # NB: this is designed for yunohost packages only ! + # Not tested for any arbitrary packages that + # may handle changelog differently ! + changelog = "/usr/share/doc/%s/changelog.gz" % package + cmd = "gzip -cd %s | head -n1" % changelog + if not os.path.exists(changelog): + return {"version": "?", "repo": "?"} + out = check_output(cmd).split() + # Output looks like : "yunohost (1.2.3) testing; urgency=medium" + return {"version": out[1].strip("()"), + "repo": out[2].strip(";")} def meets_version_specifier(pkgname, specifier): """Check if a package installed version meets specifier""" - spec = SpecifierSet(specifier) - return get_installed_version(pkgname) in spec + # In practice, this function is only used to check the yunohost version installed + assert pkgname in YUNOHOST_PACKAGES + return get_ynh_package_version(pkgname) in SpecifierSet(specifier) # YunoHost related methods --------------------------------------------------- @@ -437,10 +397,11 @@ def ynh_packages_version(*args, **kwargs): # (Namespace(_callbacks=deque([]), _tid='_global', _to_return={}), []) {} # they don't seem to serve any purpose """Return the version of each YunoHost package""" - return get_installed_version( - 'yunohost', 'yunohost-admin', 'moulinette', 'ssowat', - with_repo=True - ) + from collections import OrderedDict + packages = OrderedDict() + for package in YUNOHOST_PACKAGES: + packages[package] = get_ynh_package_version(package) + return packages def dpkg_is_broken(): @@ -457,8 +418,6 @@ def dpkg_lock_available(): def _list_upgradable_apt_packages(): - from moulinette.utils.process import check_output - # List upgradable packages # LC_ALL=C is here to make sure the results are in english upgradable_raw = check_output("LC_ALL=C apt list --upgradable") From 8559fb646559fa9099f6e28c8e1bf36532c2c569 Mon Sep 17 00:00:00 2001 From: Kayou Date: Sat, 2 May 2020 14:21:29 +0200 Subject: [PATCH 096/451] [enh] ynh_get_ram --- data/helpers.d/hardware | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/data/helpers.d/hardware b/data/helpers.d/hardware index 6702a8548..0771c81d8 100644 --- a/data/helpers.d/hardware +++ b/data/helpers.d/hardware @@ -25,17 +25,17 @@ ynh_get_ram () { free=${free:-0} total=${total:-0} - local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') - local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') - local total_ram_swap=$(( total_ram + total_swap )) - - local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') - local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') - local free_ram_swap=$(( free_ram + free_swap )) - - # Use the total amount of ram - if [ $free -eq 1 ] + if [ $free -eq $total ] then + ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram" + ram=0 + # Use the total amount of ram + elif [ $free -eq 1 ] + then + local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') + local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') + local free_ram_swap=$(( free_ram + free_swap )) + # Use the total amount of free ram local ram=$free_ram_swap if [ $ignore_swap -eq 1 ] @@ -49,6 +49,10 @@ ynh_get_ram () { fi elif [ $total -eq 1 ] then + local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') + local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') + local total_ram_swap=$(( total_ram + total_swap )) + local ram=$total_ram_swap if [ $ignore_swap -eq 1 ] then @@ -59,9 +63,6 @@ ynh_get_ram () { # Use only the amount of free swap ram=$total_swap fi - else - ynh_print_warn --message="You have to choose --free or --total when using ynh_get_ram" - ram=0 fi echo $ram From 843e88c67d1daad426489154a64790691db5f907 Mon Sep 17 00:00:00 2001 From: Kayou Date: Sat, 2 May 2020 14:50:00 +0200 Subject: [PATCH 097/451] [Epic Fix] ynh_install_app_dependencies --- data/helpers.d/apt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 82e3ab40c..45e03b3cb 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -264,7 +264,7 @@ ynh_install_app_dependencies () { # Pin this sury repository to prevent sury of doing shit ynh_pin_repo --package="*" --pin="origin \"packages.sury.org\"" --priority=200 --name=extra_php_version - ynh_pin_repo --package="php${$YNH_DEFAULT_PHP_VERSION}*" --pin="origin \"packages.sury.org\"" --priority=600 --name=extra_php_version --append + ynh_pin_repo --package="php${YNH_DEFAULT_PHP_VERSION}*" --pin="origin \"packages.sury.org\"" --priority=600 --name=extra_php_version --append fi fi fi From 25a1e569213b429e55ba6eb9fb2ad0aab7782f22 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 3 May 2020 00:17:01 +0200 Subject: [PATCH 098/451] Misc tweak for disk usage diagnosis, some values were inconsistent / bad UX / ... --- data/hooks/diagnosis/50-systemresources.py | 44 ++++++++++------------ 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/data/hooks/diagnosis/50-systemresources.py b/data/hooks/diagnosis/50-systemresources.py index 5007f8ede..66d27866a 100644 --- a/data/hooks/diagnosis/50-systemresources.py +++ b/data/hooks/diagnosis/50-systemresources.py @@ -61,40 +61,36 @@ class SystemResourcesDiagnoser(Diagnoser): # Disks usage # - disk_partitions = psutil.disk_partitions() + disk_partitions = sorted(psutil.disk_partitions(), key=lambda k: k.mountpoint) for disk_partition in disk_partitions: device = disk_partition.device mountpoint = disk_partition.mountpoint usage = psutil.disk_usage(mountpoint) - free_percent = round_(100 - usage.percent) + free_percent = 100 - round_(usage.percent) item = dict(meta={"test": "diskusage", "mountpoint": mountpoint}, - data={"device": device, "total": human_size(usage.total), "free": human_size(usage.free), "free_percent": free_percent}) + data={"device": device, + # N.B.: we do not use usage.total because we want + # to take into account the 5% security margin + # correctly (c.f. the doc of psutil ...) + "total": human_size(usage.used+usage.free), + "free": human_size(usage.free), + "free_percent": free_percent}) - # Special checks for /boot partition because they sometimes are - # pretty small and that's kind of okay... (for example on RPi) - if mountpoint.startswith("/boot"): - if usage.free < 10 * MB or free_percent < 10: - item["status"] = "ERROR" - item["summary"] = "diagnosis_diskusage_verylow" - elif usage.free < 20 * MB or free_percent < 20: - item["status"] = "WARNING" - item["summary"] = "diagnosis_diskusage_low" - else: - item["status"] = "SUCCESS" - item["summary"] = "diagnosis_diskusage_ok" + # We have an additional absolute constrain on / and /var because + # system partitions are critical, having them full may prevent + # upgrades etc... + if free_percent < 2.5 or (mountpoint in ["/", "/var"] and usage.free < 1 * GB): + item["status"] = "ERROR" + item["summary"] = "diagnosis_diskusage_verylow" + elif free_percent < 5 or (mountpoint in ["/", "/var"] and usage.free < 2 * GB): + item["status"] = "WARNING" + item["summary"] = "diagnosis_diskusage_low" else: - if usage.free < 1 * GB or free_percent < 5: - item["status"] = "ERROR" - item["summary"] = "diagnosis_diskusage_verylow" - elif usage.free < 2 * GB or free_percent < 10: - item["status"] = "WARNING" - item["summary"] = "diagnosis_diskusage_low" - else: - item["status"] = "SUCCESS" - item["summary"] = "diagnosis_diskusage_ok" + item["status"] = "SUCCESS" + item["summary"] = "diagnosis_diskusage_ok" yield item From 71e30f5b1be5411846e7f12692d71fe7b0a05cf8 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 3 May 2020 00:55:53 +0200 Subject: [PATCH 099/451] Simplify / improve robustness of backup list, follow-up of issue reported on the forum... --- src/yunohost/backup.py | 33 ++++++++++++--------------------- 1 file changed, 12 insertions(+), 21 deletions(-) diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index 51aa7d6cd..d059170e9 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -2270,34 +2270,25 @@ def backup_list(with_info=False, human_readable=False): human_readable -- Print sizes in human readable format """ - result = [] + # Get local archives sorted according to last modification time + archives = sorted(glob("%s/*.tar.gz" % ARCHIVES_PATH), key=lambda x: os.path.getctime(x)) + # Extract only filename without the extension + archives = [os.path.basename(f)[:-len(".tar.gz")] for f in archives] - try: - # Retrieve local archives - archives = os.listdir(ARCHIVES_PATH) - except OSError: - logger.debug("unable to iterate over local archives", exc_info=1) - else: - # Iterate over local archives - for f in archives: - try: - name = f[:f.rindex('.tar.gz')] - except ValueError: - continue - result.append(name) - result.sort(key=lambda x: os.path.getctime(os.path.join(ARCHIVES_PATH, x + ".tar.gz"))) - - if result and with_info: + if with_info: d = OrderedDict() - for a in result: + for archive in archives: try: - d[a] = backup_info(a, human_readable=human_readable) + d[archive] = backup_info(archive, human_readable=human_readable) except YunohostError as e: logger.warning(str(e)) + except Exception as e: + import traceback + logger.warning("Could not check infos for archive %s: %s" % (archive, '\n'+traceback.format_exc())) - result = d + archives = d - return {'archives': result} + return {'archives': archives} def backup_info(name, with_details=False, human_readable=False): From cab6fb8b782be15e0f84b758cfb8d53bbf2cc0e5 Mon Sep 17 00:00:00 2001 From: Kayou Date: Sun, 3 May 2020 12:11:47 +0200 Subject: [PATCH 100/451] Update logging --- data/helpers.d/logging | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/helpers.d/logging b/data/helpers.d/logging index c79090e25..d5f4f5eec 100644 --- a/data/helpers.d/logging +++ b/data/helpers.d/logging @@ -216,7 +216,7 @@ base_time=$(date +%s) # | arg: -m, --message= - The text to print # | arg: -w, --weight= - The weight for this progression. This value is 1 by default. Use a bigger value for a longer part of the script. # | arg: -t, --time - Print the execution time since the last call to this helper. Especially usefull to define weights. The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. -# | arg: -l, --last - Use for the last call of the helper, to fill te progression bar. +# | arg: -l, --last - Use for the last call of the helper, to fill the progression bar. # # Requires YunoHost version 3.5.0 or higher. ynh_script_progression () { From 0b1103faf85019696d0e4bf5b660c5303f7fac2f Mon Sep 17 00:00:00 2001 From: Marco Cirillo Date: Sun, 3 May 2020 16:40:24 +0200 Subject: [PATCH 101/451] mod_storage_ldap: change :users() to :nodes(). That reflects changes to storagemanager API in 3.14.0. --- lib/metronome/modules/mod_storage_ldap.lua | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/metronome/modules/mod_storage_ldap.lua b/lib/metronome/modules/mod_storage_ldap.lua index 83fb4d003..87092382c 100644 --- a/lib/metronome/modules/mod_storage_ldap.lua +++ b/lib/metronome/modules/mod_storage_ldap.lua @@ -228,7 +228,7 @@ function driver:stores(username, type, pattern) return nil, "not implemented"; end -function driver:store_exists(username, datastore, type) +function driver:store_exists(username, type) return nil, "not implemented"; end @@ -236,7 +236,7 @@ function driver:purge(username) return nil, "not implemented"; end -function driver:users() +function driver:nodes(type) return nil, "not implemented"; end From d29bf04e7c4840e35b993a280dad1d81aeb7c534 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 3 May 2020 17:37:33 +0200 Subject: [PATCH 102/451] Add a timeout to wget in helpers --- data/helpers.d/apt | 3 ++- data/helpers.d/utils | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 82e3ab40c..5c7c5454b 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -436,7 +436,8 @@ ynh_install_extra_repo () { if [ -n "$key" ] then mkdir --parents "/etc/apt/trusted.gpg.d" - wget --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null + # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget) + wget --timeout 900 --quiet "$key" --output-document=- | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null fi # Update the list of package with the new repo diff --git a/data/helpers.d/utils b/data/helpers.d/utils index bad157fe1..9c2f40618 100644 --- a/data/helpers.d/utils +++ b/data/helpers.d/utils @@ -144,7 +144,8 @@ ynh_setup_source () { then # Use the local source file if it is present cp $local_src $src_filename else # If not, download the source - local out=`wget --no-verbose --output-document=$src_filename $src_url 2>&1` || ynh_print_err --message="$out" + # Timeout option is here to enforce the timeout on dns query and tcp connect (c.f. man wget) + local out=`wget --timeout 900 --no-verbose --output-document=$src_filename $src_url 2>&1` || ynh_print_err --message="$out" fi # Check the control sum From 9c0ccd0b4f8a6f0820165faa96bbcad3dc0c7630 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 3 May 2020 19:46:21 +0200 Subject: [PATCH 103/451] That whole thing about Specifier is completely overengineered, let's have a more simple check for version requirements... --- debian/control | 2 +- src/yunohost/utils/packages.py | 376 +++------------------------------ 2 files changed, 35 insertions(+), 343 deletions(-) diff --git a/debian/control b/debian/control index 8274197ae..5070b2050 100644 --- a/debian/control +++ b/debian/control @@ -14,7 +14,7 @@ Depends: ${python:Depends}, ${misc:Depends} , moulinette (>= 3.7), ssowat (>= 3.7) , python-psutil, python-requests, python-dnspython, python-openssl , python-miniupnpc, python-dbus, python-jinja2 - , python-toml + , python-toml, python-packaging , apt, apt-transport-https , nginx, nginx-extras (>=1.6.2) , php-fpm, php-ldap, php-intl diff --git a/src/yunohost/utils/packages.py b/src/yunohost/utils/packages.py index 23da08129..3f352f288 100644 --- a/src/yunohost/utils/packages.py +++ b/src/yunohost/utils/packages.py @@ -23,347 +23,12 @@ import os import logging from moulinette.utils.process import check_output +from packaging import version logger = logging.getLogger('yunohost.utils.packages') YUNOHOST_PACKAGES = ['yunohost', 'yunohost-admin', 'moulinette', 'ssowat'] -# Exceptions ----------------------------------------------------------------- - -class InvalidSpecifier(ValueError): - - """An invalid specifier was found.""" - - -# Version specifier ---------------------------------------------------------- -# The packaging package has been a nice inspiration for the following classes. -# See: https://github.com/pypa/packaging - -class Specifier(object): - - """Unique package version specifier - - Restrict a package version according to the `spec`. It must be a string - containing a relation from the list below followed by a version number - value. The relations allowed are, as defined by the Debian Policy Manual: - - - `<<` for strictly lower - - `<=` for lower or equal - - `=` for exactly equal - - `>=` for greater or equal - - `>>` for strictly greater - - """ - _regex_str = ( - r""" - (?P(<<|<=|=|>=|>>)) - \s* - (?P[^,;\s)]*) - """ - ) - _regex = re.compile( - r"^\s*" + _regex_str + r"\s*$", re.VERBOSE | re.IGNORECASE) - - _relations = { - "<<": "lower_than", - "<=": "lower_or_equal_than", - "=": "equal", - ">=": "greater_or_equal_than", - ">>": "greater_than", - } - - def __init__(self, spec): - if isinstance(spec, basestring): - match = self._regex.search(spec) - if not match: - raise InvalidSpecifier("Invalid specifier: '{0}'".format(spec)) - - self._spec = ( - match.group("relation").strip(), - match.group("version").strip(), - ) - elif isinstance(spec, self.__class__): - self._spec = spec._spec - else: - return NotImplemented - - def __repr__(self): - return "".format(str(self)) - - def __str__(self): - return "{0}{1}".format(*self._spec) - - def __hash__(self): - return hash(self._spec) - - def __eq__(self, other): - if isinstance(other, basestring): - try: - other = self.__class__(other) - except InvalidSpecifier: - return NotImplemented - elif not isinstance(other, self.__class__): - return NotImplemented - - return self._spec == other._spec - - def __ne__(self, other): - if isinstance(other, basestring): - try: - other = self.__class__(other) - except InvalidSpecifier: - return NotImplemented - elif not isinstance(other, self.__class__): - return NotImplemented - - return self._spec != other._spec - - def __and__(self, other): - return self.intersection(other) - - def __or__(self, other): - return self.union(other) - - def _get_relation(self, op): - return getattr(self, "_compare_{0}".format(self._relations[op])) - - def _compare_lower_than(self, version, spec): - return version_compare(version, spec) < 0 - - def _compare_lower_or_equal_than(self, version, spec): - return version_compare(version, spec) <= 0 - - def _compare_equal(self, version, spec): - return version_compare(version, spec) == 0 - - def _compare_greater_or_equal_than(self, version, spec): - return version_compare(version, spec) >= 0 - - def _compare_greater_than(self, version, spec): - return version_compare(version, spec) > 0 - - @property - def relation(self): - return self._spec[0] - - @property - def version(self): - return self._spec[1] - - def __contains__(self, item): - return self.contains(item) - - def intersection(self, other): - """Make the intersection of two specifiers - - Return a new `SpecifierSet` with version specifier(s) common to the - specifier and the other. - - Example: - >>> Specifier('>= 2.2') & '>> 2.2.1' == '>> 2.2.1' - >>> Specifier('>= 2.2') & '<< 2.3' == '>= 2.2, << 2.3' - - """ - if isinstance(other, basestring): - try: - other = self.__class__(other) - except InvalidSpecifier: - return NotImplemented - elif not isinstance(other, self.__class__): - return NotImplemented - - # store spec parts for easy access - rel1, v1 = self.relation, self.version - rel2, v2 = other.relation, other.version - result = [] - - if other == self: - result = [other] - elif rel1 == '=': - result = [self] if v1 in other else None - elif rel2 == '=': - result = [other] if v2 in self else None - elif v1 == v2: - result = [other if rel1[1] == '=' else self] - elif v2 in self or v1 in other: - is_self_greater = version_compare(v1, v2) > 0 - if rel1[0] == rel2[0]: - if rel1[0] == '>': - result = [self if is_self_greater else other] - else: - result = [other if is_self_greater else self] - else: - result = [self, other] - return SpecifierSet(result if result is not None else '') - - def union(self, other): - """Make the union of two version specifiers - - Return a new `SpecifierSet` with version specifiers from the - specifier and the other. - - Example: - >>> Specifier('>= 2.2') | '<< 2.3' == '>= 2.2, << 2.3' - - """ - if isinstance(other, basestring): - try: - other = self.__class__(other) - except InvalidSpecifier: - return NotImplemented - elif not isinstance(other, self.__class__): - return NotImplemented - - return SpecifierSet([self, other]) - - def contains(self, item): - """Check if the specifier contains an other - - Return whether the item is contained in the version specifier. - - Example: - >>> '2.2.1' in Specifier('<< 2.3') - >>> '2.4' not in Specifier('<< 2.3') - - """ - return self._get_relation(self.relation)(item, self.version) - - -class SpecifierSet(object): - - """A set of package version specifiers - - Combine several Specifier separated by a comma. It allows to restrict - more precisely a package version. Each package version specifier must be - meet. Note than an empty set of specifiers will always be meet. - - """ - - def __init__(self, specifiers): - if isinstance(specifiers, basestring): - specifiers = [s.strip() for s in specifiers.split(",") - if s.strip()] - - parsed = set() - for specifier in specifiers: - parsed.add(Specifier(specifier)) - - self._specs = frozenset(parsed) - - def __repr__(self): - return "".format(str(self)) - - def __str__(self): - return ",".join(sorted(str(s) for s in self._specs)) - - def __hash__(self): - return hash(self._specs) - - def __and__(self, other): - return self.intersection(other) - - def __or__(self, other): - return self.union(other) - - def __eq__(self, other): - if isinstance(other, basestring): - other = SpecifierSet(other) - elif isinstance(other, Specifier): - other = SpecifierSet(str(other)) - elif not isinstance(other, SpecifierSet): - return NotImplemented - - return self._specs == other._specs - - def __ne__(self, other): - if isinstance(other, basestring): - other = SpecifierSet(other) - elif isinstance(other, Specifier): - other = SpecifierSet(str(other)) - elif not isinstance(other, SpecifierSet): - return NotImplemented - - return self._specs != other._specs - - def __len__(self): - return len(self._specs) - - def __iter__(self): - return iter(self._specs) - - def __contains__(self, item): - return self.contains(item) - - def intersection(self, other): - """Make the intersection of two specifiers sets - - Return a new `SpecifierSet` with version specifier(s) common to the - set and the other. - - Example: - >>> SpecifierSet('>= 2.2') & '>> 2.2.1' == '>> 2.2.1' - >>> SpecifierSet('>= 2.2, << 2.4') & '<< 2.3' == '>= 2.2, << 2.3' - >>> SpecifierSet('>= 2.2, << 2.3') & '>= 2.4' == '' - - """ - if isinstance(other, basestring): - other = SpecifierSet(other) - elif not isinstance(other, SpecifierSet): - return NotImplemented - - specifiers = set(self._specs | other._specs) - intersection = [specifiers.pop()] if specifiers else [] - - for specifier in specifiers: - parsed = set() - for spec in intersection: - inter = spec & specifier - if not inter: - parsed.clear() - break - # TODO: validate with other specs in parsed - parsed.update(inter._specs) - intersection = parsed - if not intersection: - break - return SpecifierSet(intersection) - - def union(self, other): - """Make the union of two specifiers sets - - Return a new `SpecifierSet` with version specifiers from the set - and the other. - - Example: - >>> SpecifierSet('>= 2.2') | '<< 2.3' == '>= 2.2, << 2.3' - - """ - if isinstance(other, basestring): - other = SpecifierSet(other) - elif not isinstance(other, SpecifierSet): - return NotImplemented - - specifiers = SpecifierSet([]) - specifiers._specs = frozenset(self._specs | other._specs) - return specifiers - - def contains(self, item): - """Check if the set contains a version specifier - - Return whether the item is contained in all version specifiers. - - Example: - >>> '2.2.1' in SpecifierSet('>= 2.2, << 2.3') - >>> '2.4' not in SpecifierSet('>= 2.2, << 2.3') - - """ - return all( - s.contains(item) - for s in self._specs - ) - - -# Packages and cache helpers ------------------------------------------------- def get_ynh_package_version(package): @@ -383,14 +48,39 @@ def get_ynh_package_version(package): return {"version": out[1].strip("()"), "repo": out[2].strip(";")} -def meets_version_specifier(pkgname, specifier): - """Check if a package installed version meets specifier""" - # In practice, this function is only used to check the yunohost version installed - assert pkgname in YUNOHOST_PACKAGES - return get_ynh_package_version(pkgname) in SpecifierSet(specifier) +def meets_version_specifier(pkg_name, specifier): + """ + Check if a package installed version meets specifier + + specifier is something like ">> 1.2.3" + """ + + # In practice, this function is only used to check the yunohost version + # installed. + # We'll trim any ~foobar in the current installed version because it's not + # handled correctly by version.parse, but we don't care so much in that + # context + assert pkg_name in YUNOHOST_PACKAGES + pkg_version = get_ynh_package_version(pkg_name)["version"] + pkg_version = pkg_version.split("~")[0] + pkg_version = version.parse(pkg_version) + + # Extract operator and version specifier + op, req_version = re.search(r'(<<|<=|=|>=|>>) *([\d\.]+)', specifier).groups() + req_version = version.parse(req_version) + + # cmp is a python builtin that returns (-1, 0, 1) depending on comparison + deb_operators = { + "<<": lambda v1, v2: cmp(v1, v2) in [-1], + "<=": lambda v1, v2: cmp(v1, v2) in [-1, 0], + "=": lambda v1, v2: cmp(v1, v2) in [0], + ">=": lambda v1, v2: cmp(v1, v2) in [0, 1], + ">>": lambda v1, v2: cmp(v1, v2) in [1] + } + + return deb_operators[op](pkg_version, req_version) -# YunoHost related methods --------------------------------------------------- def ynh_packages_version(*args, **kwargs): # from cli the received arguments are: @@ -413,9 +103,11 @@ def dpkg_is_broken(): return any(re.match("^[0-9]+$", f) for f in os.listdir("/var/lib/dpkg/updates/")) + def dpkg_lock_available(): return os.system("lsof /var/lib/dpkg/lock >/dev/null") != 0 + def _list_upgradable_apt_packages(): # List upgradable packages From 5d811e2b39b987944d68732fa4a06674186440b6 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 3 May 2020 19:52:12 +0200 Subject: [PATCH 104/451] Remove stale string --- locales/en.json | 1 - 1 file changed, 1 deletion(-) diff --git a/locales/en.json b/locales/en.json index 25712e8cd..652a602f7 100644 --- a/locales/en.json +++ b/locales/en.json @@ -486,7 +486,6 @@ "no_internet_connection": "The server is not connected to the Internet", "not_enough_disk_space": "Not enough free space on '{path:s}'", "operation_interrupted": "The operation was manually interrupted?", - "package_unknown": "Unknown package '{pkgname}'", "packages_upgrade_failed": "Could not upgrade all the packages", "password_listed": "This password is among the most used passwords in the world. Please choose something more unique.", "password_too_simple_1": "The password needs to be at least 8 characters long", From b4447bf2b790ce1eeddfc08bf8c65588bd7e7b80 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Sun, 3 May 2020 20:14:42 +0200 Subject: [PATCH 105/451] [pep8] black test_apps.py --- src/yunohost/tests/test_apps.py | 113 ++++++++++++++++++++++---------- 1 file changed, 79 insertions(+), 34 deletions(-) diff --git a/src/yunohost/tests/test_apps.py b/src/yunohost/tests/test_apps.py index 7c0861aa1..2b41d5ef5 100644 --- a/src/yunohost/tests/test_apps.py +++ b/src/yunohost/tests/test_apps.py @@ -9,10 +9,20 @@ from conftest import message, raiseYunohostError from moulinette import m18n from moulinette.utils.filesystem import mkdir -from yunohost.app import app_install, app_remove, app_ssowatconf, _is_installed, app_upgrade, app_map +from yunohost.app import ( + app_install, + app_remove, + app_ssowatconf, + _is_installed, + app_upgrade, + app_map, +) from yunohost.domain import _get_maindomain, domain_add, domain_remove, domain_list from yunohost.utils.error import YunohostError -from yunohost.tests.test_permission import check_LDAP_db_integrity, check_permission_for_apps +from yunohost.tests.test_permission import ( + check_LDAP_db_integrity, + check_permission_for_apps, +) from yunohost.permission import user_permission_list, permission_delete @@ -20,10 +30,12 @@ def setup_function(function): clean() + def teardown_function(function): clean() + def clean(): # Make sure we have a ssowat @@ -44,10 +56,18 @@ def clean(): for folderpath in glob.glob("/var/www/*%s*" % test_app): shutil.rmtree(folderpath, ignore_errors=True) - os.system("bash -c \"mysql -u root --password=$(cat /etc/yunohost/mysql) 2>/dev/null <<< 'DROP DATABASE %s' \"" % test_app) - os.system("bash -c \"mysql -u root --password=$(cat /etc/yunohost/mysql) 2>/dev/null <<< 'DROP USER %s@localhost'\"" % test_app) + os.system( + "bash -c \"mysql -u root --password=$(cat /etc/yunohost/mysql) 2>/dev/null <<< 'DROP DATABASE %s' \"" + % test_app + ) + os.system( + "bash -c \"mysql -u root --password=$(cat /etc/yunohost/mysql) 2>/dev/null <<< 'DROP USER %s@localhost'\"" + % test_app + ) - os.system("systemctl reset-failed nginx") # Reset failed quota for service to avoid running into start-limit rate ? + os.system( + "systemctl reset-failed nginx" + ) # Reset failed quota for service to avoid running into start-limit rate ? os.system("systemctl start nginx") # Clean permissions @@ -55,6 +75,7 @@ def clean(): if any(test_app in permission_name for test_app in test_apps): permission_delete(permission_name, force=True) + @pytest.fixture(autouse=True) def check_LDAP_db_integrity_call(): check_LDAP_db_integrity() @@ -68,6 +89,7 @@ def check_permission_for_apps_call(): yield check_permission_for_apps() + @pytest.fixture(scope="module") def secondary_domain(request): @@ -76,6 +98,7 @@ def secondary_domain(request): def remove_example_domain(): domain_remove("example.test") + request.addfinalizer(remove_example_domain) return "example.test" @@ -85,6 +108,7 @@ def secondary_domain(request): # Helpers # # + def app_expected_files(domain, app): yield "/etc/nginx/conf.d/%s.d/%s.conf" % (domain, app) @@ -98,18 +122,27 @@ def app_expected_files(domain, app): def app_is_installed(domain, app): - return _is_installed(app) and all(os.path.exists(f) for f in app_expected_files(domain, app)) + return _is_installed(app) and all( + os.path.exists(f) for f in app_expected_files(domain, app) + ) def app_is_not_installed(domain, app): - return not _is_installed(app) and not all(os.path.exists(f) for f in app_expected_files(domain, app)) + return not _is_installed(app) and not all( + os.path.exists(f) for f in app_expected_files(domain, app) + ) def app_is_exposed_on_http(domain, path, message_in_page): try: - r = requests.get("http://127.0.0.1" + path + "/", headers={"Host": domain}, timeout=10, verify=False) + r = requests.get( + "http://127.0.0.1" + path + "/", + headers={"Host": domain}, + timeout=10, + verify=False, + ) return r.status_code == 200 and message_in_page in r.text except Exception as e: return False @@ -117,23 +150,27 @@ def app_is_exposed_on_http(domain, path, message_in_page): def install_legacy_app(domain, path, public=True): - app_install("./tests/apps/legacy_app_ynh", - args="domain=%s&path=%s&is_public=%s" % (domain, path, 1 if public else 0), - force=True) + app_install( + "./tests/apps/legacy_app_ynh", + args="domain=%s&path=%s&is_public=%s" % (domain, path, 1 if public else 0), + force=True, + ) def install_full_domain_app(domain): - app_install("./tests/apps/full_domain_app_ynh", - args="domain=%s" % domain, - force=True) + app_install( + "./tests/apps/full_domain_app_ynh", args="domain=%s" % domain, force=True + ) def install_break_yo_system(domain, breakwhat): - app_install("./tests/apps/break_yo_system_ynh", - args="domain=%s&breakwhat=%s" % (domain, breakwhat), - force=True) + app_install( + "./tests/apps/break_yo_system_ynh", + args="domain=%s&breakwhat=%s" % (domain, breakwhat), + force=True, + ) def test_legacy_app_install_main_domain(): @@ -144,9 +181,9 @@ def test_legacy_app_install_main_domain(): app_map_ = app_map(raw=True) assert main_domain in app_map_ - assert '/legacy' in app_map_[main_domain] - assert 'id' in app_map_[main_domain]['/legacy'] - assert app_map_[main_domain]['/legacy']['id'] == 'legacy_app' + assert "/legacy" in app_map_[main_domain] + assert "id" in app_map_[main_domain]["/legacy"] + assert app_map_[main_domain]["/legacy"]["id"] == "legacy_app" assert app_is_installed(main_domain, "legacy_app") assert app_is_exposed_on_http(main_domain, "/legacy", "This is a dummy app") @@ -174,9 +211,9 @@ def test_legacy_app_install_secondary_domain_on_root(secondary_domain): app_map_ = app_map(raw=True) assert secondary_domain in app_map_ - assert '/' in app_map_[secondary_domain] - assert 'id' in app_map_[secondary_domain]['/'] - assert app_map_[secondary_domain]['/']['id'] == 'legacy_app' + assert "/" in app_map_[secondary_domain] + assert "id" in app_map_[secondary_domain]["/"] + assert app_map_[secondary_domain]["/"]["id"] == "legacy_app" assert app_is_installed(secondary_domain, "legacy_app") assert app_is_exposed_on_http(secondary_domain, "/", "This is a dummy app") @@ -191,7 +228,9 @@ def test_legacy_app_install_private(secondary_domain): install_legacy_app(secondary_domain, "/legacy", public=False) assert app_is_installed(secondary_domain, "legacy_app") - assert not app_is_exposed_on_http(secondary_domain, "/legacy", "This is a dummy app") + assert not app_is_exposed_on_http( + secondary_domain, "/legacy", "This is a dummy app" + ) app_remove("legacy_app") @@ -246,7 +285,9 @@ def test_legacy_app_install_with_nginx_down(mocker, secondary_domain): os.system("systemctl stop nginx") - with raiseYunohostError(mocker, "app_action_cannot_be_ran_because_required_services_down"): + with raiseYunohostError( + mocker, "app_action_cannot_be_ran_because_required_services_down" + ): install_legacy_app(secondary_domain, "/legacy") @@ -257,7 +298,7 @@ def test_legacy_app_failed_install(mocker, secondary_domain): mkdir("/var/www/legacy_app/", 0o750) with pytest.raises(YunohostError): - with message(mocker, 'app_install_script_failed'): + with message(mocker, "app_install_script_failed"): install_legacy_app(secondary_domain, "/legacy") assert app_is_not_installed(secondary_domain, "legacy_app") @@ -302,7 +343,7 @@ def test_systemfuckedup_during_app_install(mocker, secondary_domain): with pytest.raises(YunohostError): with message(mocker, "app_install_failed"): - with message(mocker, 'app_action_broke_system'): + with message(mocker, "app_action_broke_system"): install_break_yo_system(secondary_domain, breakwhat="install") assert app_is_not_installed(secondary_domain, "break_yo_system") @@ -313,8 +354,8 @@ def test_systemfuckedup_during_app_remove(mocker, secondary_domain): install_break_yo_system(secondary_domain, breakwhat="remove") with pytest.raises(YunohostError): - with message(mocker, 'app_action_broke_system'): - with message(mocker, 'app_removed'): + with message(mocker, "app_action_broke_system"): + with message(mocker, "app_removed"): app_remove("break_yo_system") assert app_is_not_installed(secondary_domain, "break_yo_system") @@ -324,7 +365,7 @@ def test_systemfuckedup_during_app_install_and_remove(mocker, secondary_domain): with pytest.raises(YunohostError): with message(mocker, "app_install_failed"): - with message(mocker, 'app_action_broke_system'): + with message(mocker, "app_action_broke_system"): install_break_yo_system(secondary_domain, breakwhat="everything") assert app_is_not_installed(secondary_domain, "break_yo_system") @@ -335,7 +376,7 @@ def test_systemfuckedup_during_app_upgrade(mocker, secondary_domain): install_break_yo_system(secondary_domain, breakwhat="upgrade") with pytest.raises(YunohostError): - with message(mocker, 'app_action_broke_system'): + with message(mocker, "app_action_broke_system"): app_upgrade("break_yo_system", file="./tests/apps/break_yo_system_ynh") @@ -346,6 +387,10 @@ def test_failed_multiple_app_upgrade(mocker, secondary_domain): with pytest.raises(YunohostError): with message(mocker, "app_not_upgraded"): - app_upgrade(["break_yo_system", "legacy_app"], - file={"break_yo_system": "./tests/apps/break_yo_system_ynh", - "legacy": "./tests/apps/legacy_app_ynh"}) + app_upgrade( + ["break_yo_system", "legacy_app"], + file={ + "break_yo_system": "./tests/apps/break_yo_system_ynh", + "legacy": "./tests/apps/legacy_app_ynh", + }, + ) From 67fe8545dc1bf53c6af88021caf6cddb6b23a1ae Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Sun, 3 May 2020 20:14:54 +0200 Subject: [PATCH 106/451] [mod] remove useless import --- src/yunohost/tests/test_apps.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/yunohost/tests/test_apps.py b/src/yunohost/tests/test_apps.py index 2b41d5ef5..4af29912c 100644 --- a/src/yunohost/tests/test_apps.py +++ b/src/yunohost/tests/test_apps.py @@ -6,7 +6,6 @@ import requests from conftest import message, raiseYunohostError -from moulinette import m18n from moulinette.utils.filesystem import mkdir from yunohost.app import ( From f760d6aa0f88f9a9bc340884389bc04b4174c8ed Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Sun, 3 May 2020 20:15:33 +0200 Subject: [PATCH 107/451] [mod] remove unused import --- src/yunohost/tests/test_apps.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/tests/test_apps.py b/src/yunohost/tests/test_apps.py index 4af29912c..c2c7b8415 100644 --- a/src/yunohost/tests/test_apps.py +++ b/src/yunohost/tests/test_apps.py @@ -143,7 +143,7 @@ def app_is_exposed_on_http(domain, path, message_in_page): verify=False, ) return r.status_code == 200 and message_in_page in r.text - except Exception as e: + except Exception: return False From e80fe075e640c595be409fa0ac1d1f7ea5a89fcc Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Sun, 3 May 2020 22:17:15 +0200 Subject: [PATCH 108/451] [tests/mod] auto clone/pull the test app when running tests --- .gitlab-ci.yml | 10 +--------- src/yunohost/tests/conftest.py | 10 ++++++++++ 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7459ae982..ac3584630 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -26,14 +26,6 @@ postinstall: - pip install -U pip - hash -d pip - pip --cache-dir=.pip install pytest pytest-sugar pytest-mock requests-mock mock - - pushd src/yunohost/tests - - > - if [ ! -d "./apps" ]; then - git clone https://github.com/YunoHost/test_apps ./apps - fi - - cd apps - - git pull > /dev/null 2>&1 - - popd - export PYTEST_ADDOPTS="--color=yes" cache: paths: @@ -129,4 +121,4 @@ lint: #format-check: # extends: .lint-stage # script: -# - black --check --diff \ No newline at end of file +# - black --check --diff diff --git a/src/yunohost/tests/conftest.py b/src/yunohost/tests/conftest.py index bd1702571..073c880f8 100644 --- a/src/yunohost/tests/conftest.py +++ b/src/yunohost/tests/conftest.py @@ -1,3 +1,4 @@ +import os import pytest import sys import moulinette @@ -9,6 +10,15 @@ from contextlib import contextmanager sys.path.append("..") +@pytest.fixture(scope="session", autouse=True) +def clone_test_app(request): + cwd = os.path.split(os.path.realpath(__file__))[0] + + if not os.path.exists(cwd + "/apps"): + os.system("git clone https://github.com/YunoHost/test_apps %s/apps" % cwd) + else: + os.system("cd %s/apps && git pull > /dev/null 2>&1" % cwd) + @contextmanager def message(mocker, key, **kwargs): From 121b40879fc3d84a1eed07af392f0cefd76ccee7 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Mon, 4 May 2020 00:21:02 +0200 Subject: [PATCH 109/451] [tests/fix] add markers to pytest.ini to please pytest --- pytest.ini | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pytest.ini b/pytest.ini index f9200ab9c..fb4d5b265 100644 --- a/pytest.ini +++ b/pytest.ini @@ -2,3 +2,11 @@ addopts = -s -v norecursedirs = dist doc build .tox .eggs testpaths = tests/ +markers = + with_system_archive_from_2p4 + with_backup_recommended_app_installed + clean_opt_dir + with_wordpress_archive_from_2p4 + with_legacy_app_installed + with_backup_recommended_app_installed_with_ynh_restore + with_permission_app_installed From 82c4357421de8a422fc3ba7df5eaa639f2ee5990 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Mon, 4 May 2020 14:00:22 +0200 Subject: [PATCH 110/451] [fix] handle new auto restart of ldap in moulinette --- src/yunohost/utils/ldap.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/yunohost/utils/ldap.py b/src/yunohost/utils/ldap.py index fd984ce56..b1f49e287 100644 --- a/src/yunohost/utils/ldap.py +++ b/src/yunohost/utils/ldap.py @@ -21,6 +21,7 @@ import os import atexit +from moulinette.core import MoulinetteLdapIsDownError from moulinette.authenticators import ldap from yunohost.utils.error import YunohostError @@ -34,8 +35,6 @@ def _get_ldap_interface(): if _ldap_interface is None: - assert_slapd_is_running() - conf = { "vendor": "ldap", "name": "as-root", "parameters": { 'uri': 'ldapi://%2Fvar%2Frun%2Fslapd%2Fldapi', @@ -44,7 +43,12 @@ def _get_ldap_interface(): "extra": {} } - _ldap_interface = ldap.Authenticator(**conf) + try: + _ldap_interface = ldap.Authenticator(**conf) + except MoulinetteLdapIsDownError: + raise YunohostError("Service slapd is not running but is required to perform this action ... You can try to investigate what's happening with 'systemctl status slapd'") + + assert_slapd_is_running() return _ldap_interface From cf57b77d6a03f48a5f6be461c76c8570806368bf Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 4 May 2020 18:28:05 +0200 Subject: [PATCH 111/451] [fix] multi instance upgrade --- src/yunohost/app.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index e2df6ba78..c5feaf452 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -172,7 +172,7 @@ def app_info(app, full=False): ret["manifest"] = local_manifest ret['settings'] = settings - absolute_app_name = app if "__" not in app else app[:app.index('__')] # idk this is the name of the app even for multiinstance apps (so wordpress__2 -> wordpress) + absolute_app_name, _ = _parse_app_instance_name(app) ret["from_catalog"] = _load_apps_catalog()["apps"].get(absolute_app_name, {}) ret['upgradable'] = _app_upgradable(ret) ret['supports_change_url'] = os.path.exists(os.path.join(APPS_SETTING_PATH, app, "scripts", "change_url")) @@ -2177,12 +2177,14 @@ def _fetch_app_from_git(app): else: app_dict = _load_apps_catalog()["apps"] - if app not in app_dict: + app_id, _ = _parse_app_instance_name(app) + + if app_id not in app_dict: raise YunohostError('app_unknown') - elif 'git' not in app_dict[app]: + elif 'git' not in app_dict[app_id]: raise YunohostError('app_unsupported_remote_type') - app_info = app_dict[app] + app_info = app_dict[app_id] app_info['manifest']['lastUpdate'] = app_info['lastUpdate'] manifest = app_info['manifest'] url = app_info['git']['url'] From a11654e0cfb4cb72ddb6514d39eaa7782c608e18 Mon Sep 17 00:00:00 2001 From: Kayou Date: Wed, 6 May 2020 11:57:28 +0200 Subject: [PATCH 112/451] [fix] domain remove if an app without a domain is installed --- src/yunohost/domain.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/domain.py b/src/yunohost/domain.py index f1dcefba9..0c1e58e54 100644 --- a/src/yunohost/domain.py +++ b/src/yunohost/domain.py @@ -180,7 +180,7 @@ def domain_remove(operation_logger, domain, force=False): # Check if apps are installed on the domain app_settings = [_get_app_settings(app) for app in _installed_apps()] - if any(s["domain"] == domain for s in app_settings): + if any("domain" in s and s["domain"] == domain for s in app_settings): raise YunohostError('domain_uninstall_app_first') operation_logger.start() From 199258166e36a0d79de20b6db6581711af5c6acd Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 18:12:55 +0200 Subject: [PATCH 113/451] services[name] -> service --- src/yunohost/service.py | 42 +++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index c17eb04c2..aec754bd4 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -61,27 +61,27 @@ def service_add(name, description=None, log=None, log_type="file", test_status=N """ services = _get_services() - services[name] = {} + services[name] = service = {} if log is not None: if not isinstance(log, list): log = [log] - services[name]['log'] = log + service['log'] = log if not isinstance(log_type, list): log_type = [log_type] if len(log_type) < len(log): - log_type.extend([log_type[-1]] * (len(log) - len(log_type))) # extend list to have the same size as log + log_type.extend([log_type[-1]] * (len(log) - len(log_type))) # extend list to have the same size as log if len(log_type) == len(log): - services[name]['log_type'] = log_type + service['log_type'] = log_type else: raise YunohostError('service_add_failed', service=name) if description: - services[name]['description'] = description + service['description'] = description else: # Try to get the description from systemd service out = subprocess.check_output("systemctl show %s | grep '^Description='" % name, shell=True).strip() @@ -92,23 +92,23 @@ def service_add(name, description=None, log=None, log_type="file", test_status=N if out == name + ".service": logger.warning("/!\\ Packager ! You added a custom service without specifying a description. Please add a proper Description in the systemd configuration, or use --description to explain what the service does in a similar fashion to existing services.") else: - services[name]['description'] = out + service['description'] = out if need_lock: - services[name]['need_lock'] = True + service['need_lock'] = True if test_status: - services[name]["test_status"] = test_status + service["test_status"] = test_status if test_conf: - services[name]["test_conf"] = test_conf + service["test_conf"] = test_conf if needs_exposed_ports: - services[name]["needs_exposed_ports"] = needs_exposed_ports + service["needs_exposed_ports"] = needs_exposed_ports try: _save_services(services) - except: + except Exception: # we'll get a logger.warning with more details in _save_services raise YunohostError('service_add_failed', service=name) @@ -288,6 +288,8 @@ def service_status(names=[]): if check_names and name not in services.keys(): raise YunohostError('service_unknown', service=name) + service = services[name] + # this "service" isn't a service actually so we skip it # # the historical reason is because regenconf has been hacked into the @@ -296,10 +298,10 @@ def service_status(names=[]): # the hack was to add fake services... # we need to extract regenconf from service at some point, also because # some app would really like to use it - if services[name].get("status", "") is None: + if service.get("status", "") is None: continue - systemd_service = services[name].get("actual_systemd_service", name) + systemd_service = service.get("actual_systemd_service", name) status = _get_service_information_from_systemd(systemd_service) if status is None: @@ -314,8 +316,8 @@ def service_status(names=[]): else: translation_key = "service_description_%s" % name - if "description" in services[name] is not None: - description = services[name].get("description") + if "description" in service is not None: + description = service.get("description") else: description = m18n.n(translation_key) @@ -336,7 +338,7 @@ def service_status(names=[]): # Fun stuff™ : to obtain the enabled/disabled status for sysv services, # gotta do this ... cf code of /lib/systemd/systemd-sysv-install if result[name]["start_on_boot"] == "generated": - result[name]["start_on_boot"] = "enabled" if glob("/etc/rc[S5].d/S??"+name) else "disabled" + result[name]["start_on_boot"] = "enabled" if glob("/etc/rc[S5].d/S??" + name) else "disabled" elif os.path.exists("/etc/systemd/system/multi-user.target.wants/%s.service" % name): result[name]["start_on_boot"] = "enabled" @@ -344,8 +346,8 @@ def service_status(names=[]): result[name]['last_state_change'] = datetime.utcfromtimestamp(status["StateChangeTimestamp"] / 1000000) # 'test_status' is an optional field to test the status of the service using a custom command - if "test_status" in services[name]: - p = subprocess.Popen(services[name]["test_status"], + if "test_status" in service: + p = subprocess.Popen(service["test_status"], shell=True, executable='/bin/bash', stdout=subprocess.PIPE, @@ -356,8 +358,8 @@ def service_status(names=[]): result[name]["status"] = "running" if p.returncode == 0 else "failed" # 'test_status' is an optional field to test the status of the service using a custom command - if "test_conf" in services[name]: - p = subprocess.Popen(services[name]["test_conf"], + if "test_conf" in service: + p = subprocess.Popen(service["test_conf"], shell=True, executable='/bin/bash', stdout=subprocess.PIPE, From 95dd1e2707e9504e114b33f6586a6ba925866f3c Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 18:20:03 +0200 Subject: [PATCH 114/451] service -> infos ... + misc small syntax improvements --- src/yunohost/service.py | 53 ++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 25 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index aec754bd4..00dfaab1f 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -125,14 +125,13 @@ def service_remove(name): """ services = _get_services() - try: - del services[name] - except KeyError: + if name not in services: raise YunohostError('service_unknown', service=name) + del services[name] try: _save_services(services) - except: + except Exception: # we'll get a logger.warning with more details in _save_services raise YunohostError('service_remove_failed', service=name) @@ -275,20 +274,24 @@ def service_status(names=[]): """ services = _get_services() - check_names = True + + # If function was called with a specific list of service + if names != []: + # If user wanna check the status of a single service + if isinstance(names, str): + names = [names] + + # Validate service names requested + for name in names: + if name not in services.keys(): + raise YunohostError('service_unknown', service=name) + + # Filter only requested servivces + services = {k: v for k, v in services.items() if k in names} + result = {} - if isinstance(names, str): - names = [names] - elif len(names) == 0: - names = services.keys() - check_names = False - - for name in names: - if check_names and name not in services.keys(): - raise YunohostError('service_unknown', service=name) - - service = services[name] + for name, infos in services.items(): # this "service" isn't a service actually so we skip it # @@ -298,10 +301,10 @@ def service_status(names=[]): # the hack was to add fake services... # we need to extract regenconf from service at some point, also because # some app would really like to use it - if service.get("status", "") is None: + if infos.get("status", "") is None: continue - systemd_service = service.get("actual_systemd_service", name) + systemd_service = infos.get("actual_systemd_service", name) status = _get_service_information_from_systemd(systemd_service) if status is None: @@ -316,8 +319,8 @@ def service_status(names=[]): else: translation_key = "service_description_%s" % name - if "description" in service is not None: - description = service.get("description") + if "description" in infos is not None: + description = infos.get("description") else: description = m18n.n(translation_key) @@ -346,8 +349,8 @@ def service_status(names=[]): result[name]['last_state_change'] = datetime.utcfromtimestamp(status["StateChangeTimestamp"] / 1000000) # 'test_status' is an optional field to test the status of the service using a custom command - if "test_status" in service: - p = subprocess.Popen(service["test_status"], + if "test_status" in infos: + p = subprocess.Popen(infos["test_status"], shell=True, executable='/bin/bash', stdout=subprocess.PIPE, @@ -358,8 +361,8 @@ def service_status(names=[]): result[name]["status"] = "running" if p.returncode == 0 else "failed" # 'test_status' is an optional field to test the status of the service using a custom command - if "test_conf" in service: - p = subprocess.Popen(service["test_conf"], + if "test_conf" in infos: + p = subprocess.Popen(infos["test_conf"], shell=True, executable='/bin/bash', stdout=subprocess.PIPE, @@ -422,7 +425,7 @@ def service_log(name, number=50): if not isinstance(log_list, list): log_list = [log_list] if len(log_type_list) < len(log_list): - log_type_list.extend(["file"] * (len(log_list)-len(log_type_list))) + log_type_list.extend(["file"] * (len(log_list) - len(log_type_list))) result = {} From e74f49f0016f1c99fa006cc80a7b1d4dbf630266 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 18:46:44 +0200 Subject: [PATCH 115/451] Simplify log list management because log type is deprecated now that we always fetch journalctl --- src/yunohost/service.py | 61 ++++++++++++++++------------------------- 1 file changed, 24 insertions(+), 37 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 00dfaab1f..1fe65c102 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -44,7 +44,7 @@ MOULINETTE_LOCK = "/var/run/moulinette_yunohost.lock" logger = getActionLogger('yunohost.service') -def service_add(name, description=None, log=None, log_type="file", test_status=None, test_conf=None, needs_exposed_ports=None, need_lock=False, status=None): +def service_add(name, description=None, log=None, log_type=None, test_status=None, test_conf=None, needs_exposed_ports=None, need_lock=False, status=None): """ Add a custom service @@ -52,7 +52,7 @@ def service_add(name, description=None, log=None, log_type="file", test_status=N name -- Service name to add description -- description of the service log -- Absolute path to log file to display - log_type -- Specify if the corresponding log is a file or a systemd log + log_type -- (deprecated) Specify if the corresponding log is a file or a systemd log test_status -- Specify a custom bash command to check the status of the service. N.B. : it only makes sense to specify this if the corresponding systemd service does not return the proper information. test_conf -- Specify a custom bash command to check if the configuration of the service is valid or broken, similar to nginx -t. needs_exposed_ports -- A list of ports that needs to be publicly exposed for the service to work as intended. @@ -67,19 +67,14 @@ def service_add(name, description=None, log=None, log_type="file", test_status=N if not isinstance(log, list): log = [log] + # Deprecated log_type stuff + if log_type is not None: + logger.warning("/!\\ Packagers! --log_type is deprecated. You do not need to specify --log_type systemd anymore ... Yunohost now automatically fetch the journalctl of the systemd service by default.") + # Usually when adding such a service, the service name will be provided so we remove it as it's not a log file path + log.remove(name) + service['log'] = log - if not isinstance(log_type, list): - log_type = [log_type] - - if len(log_type) < len(log): - log_type.extend([log_type[-1]] * (len(log) - len(log_type))) # extend list to have the same size as log - - if len(log_type) == len(log): - service['log_type'] = log_type - else: - raise YunohostError('service_add_failed', service=name) - if description: service['description'] = description else: @@ -420,41 +415,33 @@ def service_log(name, number=50): raise YunohostError('service_unknown', service=name) log_list = services[name].get('log', []) - log_type_list = services[name].get('log_type', []) - if not isinstance(log_list, list): - log_list = [log_list] - if len(log_type_list) < len(log_list): - log_type_list.extend(["file"] * (len(log_list) - len(log_type_list))) + # Legacy stuff related to --log_type where we'll typically have the service + # name in the log list but it's not an actual logfile. Nowadays journalctl + # is automatically fetch as well as regular log files. + log_list.remove(name) result = {} # First we always add the logs from journalctl / systemd result["journalctl"] = _get_journalctl_logs(name, number).splitlines() - for index, log_path in enumerate(log_list): - log_type = log_type_list[index] + for log_path in log_list: + # log is a file, read it + if not os.path.isdir(log_path): + result[log_path] = _tail(log_path, number) if os.path.exists(log_path) else [] + continue - if log_type == "file": - # log is a file, read it - if not os.path.isdir(log_path): - result[log_path] = _tail(log_path, number) if os.path.exists(log_path) else [] + for log_file in os.listdir(log_path): + log_file_path = os.path.join(log_path, log_file) + # not a file : skip + if not os.path.isfile(log_file_path): continue - for log_file in os.listdir(log_path): - log_file_path = os.path.join(log_path, log_file) - # not a file : skip - if not os.path.isfile(log_file_path): - continue + if not log_file.endswith(".log"): + continue - if not log_file.endswith(".log"): - continue - - result[log_file_path] = _tail(log_file_path, number) if os.path.exists(log_file_path) else [] - else: - # N.B. : this is legacy code that can probably be removed ... to be confirmed - # get log with journalctl - result[log_path] = _get_journalctl_logs(log_path, number).splitlines() + result[log_file_path] = _tail(log_file_path, number) if os.path.exists(log_file_path) else [] return result From 6fc5b413025c18f2da79af0acbfe917581e92b4a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 18:53:06 +0200 Subject: [PATCH 116/451] Add a few tests for services add/remove/status ... --- .gitlab-ci.yml | 6 ++ src/yunohost/tests/test_service.py | 97 ++++++++++++++++++++++++++++++ 2 files changed, 103 insertions(+) create mode 100644 src/yunohost/tests/test_service.py diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ac3584630..3ebbaecd5 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -92,6 +92,12 @@ test-regenconf: - cd src/yunohost - py.test tests/test_regenconf.py +test-service: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_service.py + ######################################## # LINTER ######################################## diff --git a/src/yunohost/tests/test_service.py b/src/yunohost/tests/test_service.py new file mode 100644 index 000000000..d8660c1e5 --- /dev/null +++ b/src/yunohost/tests/test_service.py @@ -0,0 +1,97 @@ +import os + +from conftest import message, raiseYunohostError + +from yunohost.service import _get_services, _save_services, service_status, service_add, service_remove + + +def setup_function(function): + + clean() + + +def teardown_function(function): + + clean() + + +def clean(): + + # To run these tests, we assume ssh(d) service exists and is running + assert os.system("pgrep sshd >/dev/null") == 0 + + services = _get_services() + assert "ssh" in services + + if "dummyservice" in services: + del services["dummyservice"] + _save_services(services) + + +def test_service_status_all(): + + status = service_status() + assert "ssh" in status.keys() + assert status["ssh"]["status"] == "running" + + +def test_service_status_single(): + + status = service_status("ssh") + assert "status" in status.keys() + assert status["status"] == "running" + + +def test_service_status_unknown_service(mocker): + + with raiseYunohostError(mocker, 'service_unknown'): + service_status(["ssh", "doesnotexists"]) + + +def test_service_add(): + + service_add("dummyservice", description="A dummy service to run tests") + assert "dummyservice" in service_status().keys() + + +def test_service_remove(): + + service_add("dummyservice", description="A dummy service to run tests") + assert "dummyservice" in service_status().keys() + service_remove("dummyservice") + assert "dummyservice" not in service_status().keys() + + +def test_service_remove_service_that_doesnt_exists(mocker): + + assert "dummyservice" not in service_status().keys() + + with raiseYunohostError(mocker, 'service_unknown'): + service_remove("dummyservice") + + assert "dummyservice" not in service_status().keys() + + +def test_service_update_to_add_properties(): + + service_add("dummyservice", description="") + assert not _get_services()["dummyservice"].get("test_status") + service_add("dummyservice", description="", test_status="true") + assert _get_services()["dummyservice"].get("test_status") == "true" + + +def test_service_update_to_change_properties(): + + service_add("dummyservice", description="", test_status="false") + assert _get_services()["dummyservice"].get("test_status") == "false" + service_add("dummyservice", description="", test_status="true") + assert _get_services()["dummyservice"].get("test_status") == "true" + + +def test_service_update_to_remove_properties(): + + service_add("dummyservice", description="", test_status="false") + assert _get_services()["dummyservice"].get("test_status") == "false" + service_add("dummyservice", description="", test_status="") + assert not _get_services()["dummyservice"].get("test_status") + From c721aaf258d96d86518d6ba04dc29ba0535cb3b0 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 19:01:07 +0200 Subject: [PATCH 117/451] version was not defined... --- src/yunohost/app.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index e2df6ba78..ffc1de378 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2331,6 +2331,7 @@ def _check_manifest_requirements(manifest, app_instance_name): # Iterate over requirements for pkgname, spec in requirements.items(): if not packages.meets_version_specifier(pkgname, spec): + version = packages.ynh_packages_version()[pkgname]["version"] raise YunohostError('app_requirements_unmeet', pkgname=pkgname, version=version, spec=spec, app=app_instance_name) From 582a63bc0cf12fe9de36b927101cdeef5229ddec Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 19:45:00 +0200 Subject: [PATCH 118/451] Add at least a check to detect epic python errors --- .gitlab-ci.yml | 5 +++++ tox.ini | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ac3584630..4d4bd798a 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -117,6 +117,11 @@ lint: script: - tox -e lint +invalidcode: + extends: .lint-stage + script: + - tox -e invalidcode + # Disabled, waiting for buster #format-check: # extends: .lint-stage diff --git a/tox.ini b/tox.ini index ac109609c..8d033367b 100644 --- a/tox.ini +++ b/tox.ini @@ -9,6 +9,7 @@ skip_install=True deps = pytest >= 4.6.3, < 5.0 pyyaml >= 5.1.2, < 6.0 + flake8 >= 3.7.9, < 3.8 commands = pytest {posargs} @@ -16,3 +17,8 @@ commands = skip_install=True commands = flake8 src doc data tests deps = flake8 + +[testenv:invalidcode] +skip_install=True +commands = flake8 src data --exclude src/yunohost/tests --select F --ignore F401,F841 +deps = flake8 From 40eaec605e3d8f31fd2e45b829217a0f6b3f7e0b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 19:45:16 +0200 Subject: [PATCH 119/451] Make flake8 happy (c.f. previous commit) --- src/yunohost/app.py | 4 ++-- src/yunohost/domain.py | 8 ++++---- src/yunohost/service.py | 1 - 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index ffc1de378..8e1d55671 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -926,12 +926,12 @@ def dump_app_log_extract_for_debugging(operation_logger): r"ynh_script_progression" ] - filters = [re.compile(f) for f in filters] + filters = [re.compile(f_) for f_ in filters] lines_to_display = [] for line in lines: - if not ": " in line.strip(): + if ": " not in line.strip(): continue # A line typically looks like diff --git a/src/yunohost/domain.py b/src/yunohost/domain.py index f1dcefba9..b63a269c6 100644 --- a/src/yunohost/domain.py +++ b/src/yunohost/domain.py @@ -528,10 +528,10 @@ def _build_dns_conf(domain, ttl=3600, include_empty_AAAA_if_no_ipv6=False): #################### records = { - "basic": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in basic], - "xmpp": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in xmpp], - "mail": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in mail], - "extra": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in extra], + "basic": [{"name": name, "ttl": ttl_, "type": type_, "value": value} for name, ttl_, type_, value in basic], + "xmpp": [{"name": name, "ttl": ttl_, "type": type_, "value": value} for name, ttl_, type_, value in xmpp], + "mail": [{"name": name, "ttl": ttl_, "type": type_, "value": value} for name, ttl_, type_, value in mail], + "extra": [{"name": name, "ttl": ttl_, "type": type_, "value": value} for name, ttl_, type_, value in extra], } ################## diff --git a/src/yunohost/service.py b/src/yunohost/service.py index c17eb04c2..029ecf77c 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -26,7 +26,6 @@ import re import os -import re import time import yaml import subprocess From 58a29f218e93b5537d7ac0858f909395a3c9fd19 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 20:06:16 +0200 Subject: [PATCH 120/451] Update src/yunohost/service.py Co-authored-by: Kayou --- src/yunohost/service.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 1fe65c102..a818d9fbd 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -314,9 +314,8 @@ def service_status(names=[]): else: translation_key = "service_description_%s" % name - if "description" in infos is not None: - description = infos.get("description") - else: + description = infos.get("description") + if not description: description = m18n.n(translation_key) # that mean that we don't have a translation for this string From f25e07fd829cd179393762d5c23a6f9f2670ed1c Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 20:18:49 +0200 Subject: [PATCH 121/451] Update src/yunohost/service.py --- src/yunohost/service.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index a818d9fbd..4a86043b3 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -427,8 +427,11 @@ def service_log(name, number=50): for log_path in log_list: # log is a file, read it - if not os.path.isdir(log_path): - result[log_path] = _tail(log_path, number) if os.path.exists(log_path) else [] + if os.path.isfile(log_path): + result[log_path] = _tail(log_path, number) + continue + elif not os.path.isdir(log_path): + result[log_path] = [] continue for log_file in os.listdir(log_path): From 9e86014636902ec5267c1f44692a26066b087718 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Wed, 6 May 2020 20:20:38 +0200 Subject: [PATCH 122/451] [mod] improve error message when apps are still installed on a domain --- locales/en.json | 2 +- src/yunohost/domain.py | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/locales/en.json b/locales/en.json index 25712e8cd..5d49baf23 100644 --- a/locales/en.json +++ b/locales/en.json @@ -271,7 +271,7 @@ "domain_dyndns_root_unknown": "Unknown DynDNS root domain", "domain_exists": "The domain already exists", "domain_hostname_failed": "Could not set new hostname. This might cause an issue later (it might be fine).", - "domain_uninstall_app_first": "One or more apps are installed on this domain. Please uninstall them before proceeding to domain removal", + "domain_uninstall_app_first": "Those applications are still installed on your domain: {apps}. Please uninstall them before proceeding to domain removal", "domain_unknown": "Unknown domain", "domains_available": "Available domains:", "done": "Done", diff --git a/src/yunohost/domain.py b/src/yunohost/domain.py index 0c1e58e54..2440d8702 100644 --- a/src/yunohost/domain.py +++ b/src/yunohost/domain.py @@ -179,9 +179,15 @@ def domain_remove(operation_logger, domain, force=False): raise YunohostError('domain_cannot_remove_main_add_new_one', domain=domain) # Check if apps are installed on the domain - app_settings = [_get_app_settings(app) for app in _installed_apps()] - if any("domain" in s and s["domain"] == domain for s in app_settings): - raise YunohostError('domain_uninstall_app_first') + apps_on_that_domain = [] + + for app in _installed_apps(): + settings = _get_app_settings(app) + if settings.get("domain") == domain: + apps_on_that_domain.append("%s (on https://%s%s)" % (app, domain, settings.get("path"))) + + if apps_on_that_domain: + raise YunohostError('domain_uninstall_app_first', apps=", ".join(apps_on_that_domain)) operation_logger.start() ldap = _get_ldap_interface() From 0b035782d07a8c25c355eee8a20cfd2b6842e608 Mon Sep 17 00:00:00 2001 From: Bram Date: Wed, 6 May 2020 20:35:32 +0200 Subject: [PATCH 123/451] Update src/yunohost/domain.py Co-authored-by: Alexandre Aubin --- src/yunohost/domain.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/domain.py b/src/yunohost/domain.py index 2440d8702..700505d54 100644 --- a/src/yunohost/domain.py +++ b/src/yunohost/domain.py @@ -184,7 +184,7 @@ def domain_remove(operation_logger, domain, force=False): for app in _installed_apps(): settings = _get_app_settings(app) if settings.get("domain") == domain: - apps_on_that_domain.append("%s (on https://%s%s)" % (app, domain, settings.get("path"))) + apps_on_that_domain.append("%s (on https://%s%s)" % (app, domain, settings["path"]) if "path" in settings else app) if apps_on_that_domain: raise YunohostError('domain_uninstall_app_first', apps=", ".join(apps_on_that_domain)) From f202e8d4b80e3a8471c179ed0ddd1da74f1ae4fa Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 May 2020 04:10:32 +0200 Subject: [PATCH 124/451] Enforce metronome >= 3.14.0 --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index 5061ad4f2..bc31d6211 100644 --- a/debian/control +++ b/debian/control @@ -27,7 +27,7 @@ Depends: ${python:Depends}, ${misc:Depends} , dovecot-core, dovecot-ldap, dovecot-lmtpd, dovecot-managesieved, dovecot-antispam , rspamd (>= 1.6.0), opendkim-tools, postsrsd, procmail, mailutils , redis-server - , metronome + , metronome (>=3.14.0) , git, curl, wget, cron, unzip, jq , lsb-release, haveged, fake-hwclock, equivs, lsof, whois, python-publicsuffix Recommends: yunohost-admin From 22e03dc10e2d34f45fc31ddd819db6edcfecdb49 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 May 2020 04:13:30 +0200 Subject: [PATCH 125/451] Update changelog for 3.8.3 --- debian/changelog | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/debian/changelog b/debian/changelog index c119d57e7..40109eff9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,22 @@ +yunohost (3.8.3) testing; urgency=low + + - [fix] Remove dot in reverse DNS check + - [fix] Upgrade of multi-instance apps was broken (#976) + - [fix] Check was broken if an apps with no domain setting was installed (#978) + - [enh] Add a timeout to wget (#972) + - [fix] ynh_get_ram: Enforce choosing --free or --total (#972) + - [fix] Simplify / improve robustness of backup list + - [enh] Make nodejs helpers easier to use (#939) + - [fix] Misc tweak for disk usage diagnosis, some values were inconsistent / bad UX / ... + - [enh] Assert slapd is running to avoid miserably crashing with weird ldap errors + - [enh] Try to show smarter / more useful logs by filtering irrelevant lines like set +x etc + - Technical tweaks for metronome 3.14.0 support + - Misc improvements for tests and linters + + Thanks to all contributors <3 ! (Bram, Kay0u, Maniack C., ljf, Maranda) + + -- Alexandre Aubin Thu, 07 Apr 2020 04:00:00 +0000 + yunohost (3.8.2.2) testing; urgency=low Aleks broke everything /again/ *.* From 0b24aa68d504f2ab53daacff0ad982aa9ba6b650 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 May 2020 18:08:12 +0200 Subject: [PATCH 126/451] Ugly hack to install new deps in debian/control --- .gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7459ae982..0ce234c6b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -11,6 +11,7 @@ postinstall: image: before-postinstall stage: postinstall script: + - apt install --no-install-recommends -y $(cat debian/control | grep "^Depends" -A50 | grep "Recommends:" -B50 | grep "^ *," | grep -o -P "[\w\-]{3,}") - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns ######################################## @@ -129,4 +130,4 @@ lint: #format-check: # extends: .lint-stage # script: -# - black --check --diff \ No newline at end of file +# - black --check --diff From 3a62d828ba9b2b3774f606f19f8c2a6ead63bfbf Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 6 May 2020 19:01:07 +0200 Subject: [PATCH 127/451] version was not defined... --- src/yunohost/app.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index e2df6ba78..ffc1de378 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2331,6 +2331,7 @@ def _check_manifest_requirements(manifest, app_instance_name): # Iterate over requirements for pkgname, spec in requirements.items(): if not packages.meets_version_specifier(pkgname, spec): + version = packages.ynh_packages_version()[pkgname]["version"] raise YunohostError('app_requirements_unmeet', pkgname=pkgname, version=version, spec=spec, app=app_instance_name) From 8bcf7530811c947093f56c8c2ad63db2537d8ca8 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 May 2020 18:34:51 +0200 Subject: [PATCH 128/451] Also split + and - --- src/yunohost/utils/packages.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/utils/packages.py b/src/yunohost/utils/packages.py index 3f352f288..6103206e5 100644 --- a/src/yunohost/utils/packages.py +++ b/src/yunohost/utils/packages.py @@ -63,7 +63,7 @@ def meets_version_specifier(pkg_name, specifier): # context assert pkg_name in YUNOHOST_PACKAGES pkg_version = get_ynh_package_version(pkg_name)["version"] - pkg_version = pkg_version.split("~")[0] + pkg_version = re.split(r'\~|\+|\-', pkg_version)[0] pkg_version = version.parse(pkg_version) # Extract operator and version specifier From 2f31cb6463c51a0cf6965f86dc5e3733aa3f5962 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 7 May 2020 22:37:57 +0200 Subject: [PATCH 129/451] Make sure to handle symlinks when fetching logfiles --- src/yunohost/service.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 4a86043b3..f905d3906 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -426,6 +426,13 @@ def service_log(name, number=50): result["journalctl"] = _get_journalctl_logs(name, number).splitlines() for log_path in log_list: + + if not os.path.exists(log_path): + continue + + # Make sure to resolve symlinks + log_path = os.path.realpath(log_path) + # log is a file, read it if os.path.isfile(log_path): result[log_path] = _tail(log_path, number) From bcb16416b2c259b04ef97da74ed5b141209911a3 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Fri, 8 May 2020 17:59:46 +0200 Subject: [PATCH 130/451] Remove default value for deprecated log_type args The service_add method check if the argument is empty, but what it really wants to do is checking if the args is not systemd (as far as I understand). As this value is deprecated, better remove the default to fix this logic. --- data/actionsmap/yunohost.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index a748e4533..e2b4447cf 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -996,7 +996,6 @@ service: choices: - file - systemd - default: file --test_status: help: Specify a custom bash command to check the status of the service. Note that it only makes sense to specify this if the corresponding systemd service does not return the proper information already. --test_conf: From a8d52eb1d4343c205a55b10e85445b8a87df9072 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Fri, 8 May 2020 18:05:49 +0200 Subject: [PATCH 131/451] Avoid crashing when service name is not provided as log source --- src/yunohost/service.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index a048c5a41..40a0fcc0b 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -70,7 +70,8 @@ def service_add(name, description=None, log=None, log_type=None, test_status=Non if log_type is not None: logger.warning("/!\\ Packagers! --log_type is deprecated. You do not need to specify --log_type systemd anymore ... Yunohost now automatically fetch the journalctl of the systemd service by default.") # Usually when adding such a service, the service name will be provided so we remove it as it's not a log file path - log.remove(name) + if name in log: + log.remove(name) service['log'] = log From 03de14df5323c47f0834deb6e0c7470ffbf4244e Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 8 May 2020 21:45:11 +0200 Subject: [PATCH 132/451] Tweak test if domain is ready for ACME challenge --- locales/en.json | 5 +++-- src/yunohost/certificate.py | 14 ++++++++++---- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/locales/en.json b/locales/en.json index 358ed64c3..dea03fe53 100644 --- a/locales/en.json +++ b/locales/en.json @@ -122,9 +122,10 @@ "certmanager_cert_signing_failed": "Could not sign the new certificate", "certmanager_certificate_fetching_or_enabling_failed": "Trying to use the new certificate for {domain:s} did not work…", "certmanager_couldnt_fetch_intermediate_cert": "Timed out when trying to fetch intermediate certificate from Let's Encrypt. Certificate installation/renewal aborted—please try again later.", + "certmanager_domain_not_diagnosed_yet": "There is no diagnosis result for domain %s yet. Please re-run a diagnosis for categories 'DNS records' and 'Web' in the diagnosis section to check if the domain is ready for Let's Encrypt. (Or if you know what you are doing, use '--no-checks' to turn off those checks.)", "certmanager_domain_cert_not_selfsigned": "The certificate for domain {domain:s} is not self-signed. Are you sure you want to replace it? (Use '--force' to do so.)", - "certmanager_domain_dns_ip_differs_from_public_ip": "The DNS 'A' record for the domain '{domain:s}' is different from this server's IP. If you recently modified your A record, please wait for it to propagate (some DNS propagation checkers are available online). (If you know what you are doing, use '--no-checks' to turn off those checks.)", - "certmanager_domain_http_not_working": "It seems the domain {domain:s} cannot be accessed through HTTP. Check that your DNS and NGINX configuration is correct", + "certmanager_domain_dns_ip_differs_from_public_ip": "The DNS records for domain '{domain:s}' is different from this server's IP. Please check the 'DNS records' (basic) category in the diagnosis for more info. If you recently modified your A record, please wait for it to propagate (some DNS propagation checkers are available online). (If you know what you are doing, use '--no-checks' to turn off those checks.)", + "certmanager_domain_http_not_working": "Domain {domain:s} does not seem to be accessible through HTTP. Please check the 'Web' category in the diagnosis for more info. (If you know what you are doing, use '--no-checks' to turn off those checks.)", "certmanager_domain_unknown": "Unknown domain '{domain:s}'", "certmanager_error_no_A_record": "No DNS 'A' record found for '{domain:s}'. You need to make your domain name point to your machine to be able to install a Let's Encrypt certificate. (If you know what you are doing, use '--no-checks' to turn off those checks.)", "certmanager_warning_subdomain_dns_record": "Subdomain '{subdomain:s}' does not resolve to the same IP address as '{domain:s}'. Some features will not be available until you fix this and regenerate the certificate.", diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index f3971be06..c1f18714c 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -40,8 +40,9 @@ from moulinette.utils.filesystem import read_file from yunohost.vendor.acme_tiny.acme_tiny import get_crt as sign_certificate from yunohost.utils.error import YunohostError -from yunohost.utils.network import get_public_ip +from yunohost.utils.network import get_public_ip, dig +from yunohost.diagnosis import Diagnoser from yunohost.service import _run_service_command from yunohost.regenconf import regen_conf from yunohost.log import OperationLogger @@ -790,14 +791,19 @@ def _backup_current_cert(domain): def _check_domain_is_ready_for_ACME(domain): - public_ip = get_public_ip() + + dnsrecords = Diagnoser.get_cached_report("dnsrecords", item={"domain": domain, "category": "basic"}) or {} + httpreachable = Diagnoser.get_cached_report("web", item={"domain": domain}) or {} + + if not dnsrecords or not httpreachable: + raise YunohostError('certmanager_domain_not_diagnosed_yet', domain=domain) # Check if IP from DNS matches public IP - if not _dns_ip_match_public_ip(public_ip, domain): + if not dnsrecords.get("status") in ["SUCCESS", "WARNING"]: # Warning is for missing IPv6 record which ain't critical for ACME raise YunohostError('certmanager_domain_dns_ip_differs_from_public_ip', domain=domain) # Check if domain seems to be accessible through HTTP? - if not _domain_is_accessible_through_HTTP(public_ip, domain): + if not httpreachable.get("status") == "SUCCESS": raise YunohostError('certmanager_domain_http_not_working', domain=domain) From 333347dbcd498900dd8d760e61409d8fe3ccf4c6 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 8 May 2020 21:48:36 +0200 Subject: [PATCH 133/451] Clarify the steps : first validate, then start logger, then run the actual install/renew --- src/yunohost/certificate.py | 71 ++++++++++++++++++++++--------------- 1 file changed, 42 insertions(+), 29 deletions(-) diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index c1f18714c..cf11d9639 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -273,30 +273,36 @@ def _certificate_install_letsencrypt(domain_list, force=False, no_checks=False, # Actual install steps for domain in domain_list: - operation_logger = OperationLogger('letsencrypt_cert_install', [('domain', domain)], - args={'force': force, 'no_checks': no_checks, - 'staging': staging}) + if not no_checks: + try: + _check_domain_is_ready_for_ACME(domain) + except Exception as e: + logger.error(e) + continue + logger.info( "Now attempting install of certificate for domain %s!", domain) + operation_logger = OperationLogger('letsencrypt_cert_install', [('domain', domain)], + args={'force': force, 'no_checks': no_checks, + 'staging': staging}) + operation_logger.start() + try: - if not no_checks: - _check_domain_is_ready_for_ACME(domain) - - operation_logger.start() - _fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks) + except Exception as e: + msg = "Certificate installation for %s failed !\nException: %s" % (domain, e) + logger.error(msg) + operation_logger.error(msg) + if no_checks: + logger.error("Please consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain %s." % domain) + else: _install_cron(no_checks=no_checks) logger.success( m18n.n("certmanager_cert_install_success", domain=domain)) operation_logger.success() - except Exception as e: - _display_debug_information(domain) - msg = "Certificate installation for %s failed !\nException: %s" % (domain, e) - logger.error(msg) - operation_logger.error(msg) def certificate_renew(domain_list, force=False, no_checks=False, email=False, staging=False): @@ -367,32 +373,35 @@ def certificate_renew(domain_list, force=False, no_checks=False, email=False, st # Actual renew steps for domain in domain_list: - operation_logger = OperationLogger('letsencrypt_cert_renew', [('domain', domain)], - args={'force': force, 'no_checks': no_checks, - 'staging': staging, 'email': email}) + if not no_checks: + try: + _check_domain_is_ready_for_ACME(domain) + except: + msg = "Certificate renewing for %s failed !" % (domain) + logger.error(msg) + if email: + logger.error("Sending email with details to root ...") + _email_renewing_failed(domain, msg) + continue logger.info( "Now attempting renewing of certificate for domain %s !", domain) + operation_logger = OperationLogger('letsencrypt_cert_renew', [('domain', domain)], + args={'force': force, 'no_checks': no_checks, + 'staging': staging, 'email': email}) + operation_logger.start() + try: - if not no_checks: - _check_domain_is_ready_for_ACME(domain) - - operation_logger.start() - _fetch_and_enable_new_certificate(domain, staging, no_checks=no_checks) - - logger.success( - m18n.n("certmanager_cert_renew_success", domain=domain)) - - operation_logger.success() - except Exception as e: import traceback from StringIO import StringIO stack = StringIO() traceback.print_exc(file=stack) msg = "Certificate renewing for %s failed !" % (domain) + if no_checks: + msg += "\nPlease consider checking the 'DNS records' (basic) and 'Web' categories of the diagnosis to check for possible issues that may prevent installing a Let's Encrypt certificate on domain %s." % domain logger.error(msg) operation_logger.error(msg) logger.error(stack.getvalue()) @@ -400,7 +409,11 @@ def certificate_renew(domain_list, force=False, no_checks=False, email=False, st if email: logger.error("Sending email with details to root ...") - _email_renewing_failed(domain, e, stack.getvalue()) + _email_renewing_failed(domain, msg + "\n" + e, stack.getvalue()) + else: + logger.success( + m18n.n("certmanager_cert_renew_success", domain=domain)) + operation_logger.success() # # Back-end stuff # @@ -432,7 +445,7 @@ def _install_cron(no_checks=False): _set_permissions(cron_job_file, "root", "root", 0o755) -def _email_renewing_failed(domain, exception_message, stack): +def _email_renewing_failed(domain, exception_message, stack=""): from_ = "certmanager@%s (Certificate Manager)" % domain to_ = "root" subject_ = "Certificate renewing attempt for %s failed!" % domain From 713d4926c938a183c0094319b274a541065b2dcb Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 8 May 2020 21:50:23 +0200 Subject: [PATCH 134/451] Fix the way we check the A record for xmpp --- src/yunohost/certificate.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index cf11d9639..11d066ff2 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -610,10 +610,9 @@ def _prepare_certificate_signing_request(domain, key_file, output_folder): # For "parent" domains, include xmpp-upload subdomain in subject alternate names if domain in domain_list(exclude_subdomains=True)["domains"]: subdomain = "xmpp-upload." + domain - try: - _dns_ip_match_public_ip(get_public_ip(), subdomain) + if dig(subdomain, "A", resolvers="force_external") == ("ok", [get_public_ip()]): csr.add_extensions([crypto.X509Extension("subjectAltName", False, "DNS:" + subdomain)]) - except YunohostError: + else: logger.warning(m18n.n('certmanager_warning_subdomain_dns_record', subdomain=subdomain, domain=domain)) # Set the key From 33caf9cf330563a93036e34debf321f6c50f6c85 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 8 May 2020 21:50:41 +0200 Subject: [PATCH 135/451] Cleanup, we don't really need this anymore --- locales/en.json | 2 -- src/yunohost/certificate.py | 67 ------------------------------------- 2 files changed, 69 deletions(-) diff --git a/locales/en.json b/locales/en.json index dea03fe53..ed46b1b6b 100644 --- a/locales/en.json +++ b/locales/en.json @@ -127,10 +127,8 @@ "certmanager_domain_dns_ip_differs_from_public_ip": "The DNS records for domain '{domain:s}' is different from this server's IP. Please check the 'DNS records' (basic) category in the diagnosis for more info. If you recently modified your A record, please wait for it to propagate (some DNS propagation checkers are available online). (If you know what you are doing, use '--no-checks' to turn off those checks.)", "certmanager_domain_http_not_working": "Domain {domain:s} does not seem to be accessible through HTTP. Please check the 'Web' category in the diagnosis for more info. (If you know what you are doing, use '--no-checks' to turn off those checks.)", "certmanager_domain_unknown": "Unknown domain '{domain:s}'", - "certmanager_error_no_A_record": "No DNS 'A' record found for '{domain:s}'. You need to make your domain name point to your machine to be able to install a Let's Encrypt certificate. (If you know what you are doing, use '--no-checks' to turn off those checks.)", "certmanager_warning_subdomain_dns_record": "Subdomain '{subdomain:s}' does not resolve to the same IP address as '{domain:s}'. Some features will not be available until you fix this and regenerate the certificate.", "certmanager_hit_rate_limit": "Too many certificates already issued for this exact set of domains {domain:s} recently. Please try again later. See https://letsencrypt.org/docs/rate-limits/ for more details", - "certmanager_http_check_timeout": "Timed out when server tried to contact itself through HTTP using a public IP address (domain '{domain:s}' with IP '{ip:s}'). You may be experiencing a hairpinning issue, or the firewall/router ahead of your server is misconfigured.", "certmanager_no_cert_file": "Could not read the certificate file for the domain {domain:s} (file: {file:s})", "certmanager_self_ca_conf_file_not_found": "Could not find configuration file for self-signing authority (file: {file:s})", "certmanager_unable_to_parse_self_CA_name": "Could not parse name of self-signing authority (file: {file:s})", diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index 11d066ff2..35d019ec8 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -29,7 +29,6 @@ import pwd import grp import smtplib import subprocess -import dns.resolver import glob from datetime import datetime @@ -69,18 +68,6 @@ PRODUCTION_CERTIFICATION_AUTHORITY = "https://acme-v02.api.letsencrypt.org" INTERMEDIATE_CERTIFICATE_URL = "https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem" -DNS_RESOLVERS = [ - # FFDN DNS resolvers - # See https://www.ffdn.org/wiki/doku.php?id=formations:dns - "80.67.169.12", # FDN - "80.67.169.40", # - "89.234.141.66", # ARN - "141.255.128.100", # Aquilenet - "141.255.128.101", - "89.234.186.18", # Grifon - "80.67.188.188" # LDN -] - # # Front-end stuff # # @@ -540,7 +527,6 @@ def _fetch_and_enable_new_certificate(domain, staging=False, no_checks=False): raise YunohostError('certmanager_hit_rate_limit', domain=domain) else: logger.error(str(e)) - _display_debug_information(domain) raise YunohostError('certmanager_cert_signing_failed') except Exception as e: @@ -819,59 +805,6 @@ def _check_domain_is_ready_for_ACME(domain): raise YunohostError('certmanager_domain_http_not_working', domain=domain) -def _get_dns_ip(domain): - try: - resolver = dns.resolver.Resolver() - resolver.nameservers = DNS_RESOLVERS - answers = resolver.query(domain, "A") - except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN): - raise YunohostError('certmanager_error_no_A_record', domain=domain) - - return str(answers[0]) - - -def _dns_ip_match_public_ip(public_ip, domain): - return _get_dns_ip(domain) == public_ip - - -def _domain_is_accessible_through_HTTP(ip, domain): - import requests # lazy loading this module for performance reasons - try: - requests.head("http://" + ip, headers={"Host": domain}, timeout=10) - except requests.exceptions.Timeout as e: - logger.warning(m18n.n('certmanager_http_check_timeout', domain=domain, ip=ip)) - return False - except Exception as e: - logger.debug("Couldn't reach domain '%s' by requesting this ip '%s' because: %s" % (domain, ip, e)) - return False - - return True - - -def _get_local_dns_ip(domain): - try: - resolver = dns.resolver.Resolver() - answers = resolver.query(domain, "A") - except (dns.resolver.NoAnswer, dns.resolver.NXDOMAIN): - logger.warning("Failed to resolved domain '%s' locally", domain) - return None - - return str(answers[0]) - - -def _display_debug_information(domain): - dns_ip = _get_dns_ip(domain) - public_ip = get_public_ip() - local_dns_ip = _get_local_dns_ip(domain) - - logger.warning("""\ -Debug information: - - domain ip from DNS %s - - domain ip from local DNS %s - - public ip of the server %s -""", dns_ip, local_dns_ip, public_ip) - - # FIXME / TODO : ideally this should not be needed. There should be a proper # mechanism to regularly check the value of the public IP and trigger # corresponding hooks (e.g. dyndns update and dnsmasq regen-conf) From a799740afa7feeb37f6fe25d9f49434ad93f5794 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 8 May 2020 23:47:18 +0200 Subject: [PATCH 136/451] Move meltdown check to base system --- data/hooks/diagnosis/00-basesystem.py | 74 +++++++++++++++++++- data/hooks/diagnosis/90-security.py | 98 --------------------------- locales/en.json | 2 - 3 files changed, 73 insertions(+), 101 deletions(-) delete mode 100644 data/hooks/diagnosis/90-security.py diff --git a/data/hooks/diagnosis/00-basesystem.py b/data/hooks/diagnosis/00-basesystem.py index 51926924a..dbb0ccf08 100644 --- a/data/hooks/diagnosis/00-basesystem.py +++ b/data/hooks/diagnosis/00-basesystem.py @@ -1,9 +1,11 @@ #!/usr/bin/env python import os +import json +import subprocess from moulinette.utils.process import check_output -from moulinette.utils.filesystem import read_file +from moulinette.utils.filesystem import read_file, read_json, write_to_json from yunohost.diagnosis import Diagnoser from yunohost.utils.packages import ynh_packages_version @@ -74,5 +76,75 @@ class BaseSystemDiagnoser(Diagnoser): details=ynh_version_details) + if self.is_vulnerable_to_meltdown(): + yield dict(meta={"test": "meltdown"}, + status="ERROR", + summary="diagnosis_security_vulnerable_to_meltdown", + details=["diagnosis_security_vulnerable_to_meltdown_details"] + ) + + def is_vulnerable_to_meltdown(self): + # meltdown CVE: https://security-tracker.debian.org/tracker/CVE-2017-5754 + + # We use a cache file to avoid re-running the script so many times, + # which can be expensive (up to around 5 seconds on ARM) + # and make the admin appear to be slow (c.f. the calls to diagnosis + # from the webadmin) + # + # The cache is in /tmp and shall disappear upon reboot + # *or* we compare it to dpkg.log modification time + # such that it's re-ran if there was package upgrades + # (e.g. from yunohost) + cache_file = "/tmp/yunohost-meltdown-diagnosis" + dpkg_log = "/var/log/dpkg.log" + if os.path.exists(cache_file): + if not os.path.exists(dpkg_log) or os.path.getmtime(cache_file) > os.path.getmtime(dpkg_log): + self.logger_debug("Using cached results for meltdown checker, from %s" % cache_file) + return read_json(cache_file)[0]["VULNERABLE"] + + # script taken from https://github.com/speed47/spectre-meltdown-checker + # script commit id is store directly in the script + SCRIPT_PATH = "/usr/lib/moulinette/yunohost/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh" + + # '--variant 3' corresponds to Meltdown + # example output from the script: + # [{"NAME":"MELTDOWN","CVE":"CVE-2017-5754","VULNERABLE":false,"INFOS":"PTI mitigates the vulnerability"}] + try: + self.logger_debug("Running meltdown vulnerability checker") + call = subprocess.Popen("bash %s --batch json --variant 3" % + SCRIPT_PATH, shell=True, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE) + + # TODO / FIXME : here we are ignoring error messages ... + # in particular on RPi2 and other hardware, the script complains about + # "missing some kernel info (see -v), accuracy might be reduced" + # Dunno what to do about that but we probably don't want to harass + # users with this warning ... + output, err = call.communicate() + assert call.returncode in (0, 2, 3), "Return code: %s" % call.returncode + + # If there are multiple lines, sounds like there was some messages + # in stdout that are not json >.> ... Try to get the actual json + # stuff which should be the last line + output = output.strip() + if "\n" in output: + self.logger_debug("Original meltdown checker output : %s" % output) + output = output.split("\n")[-1] + + CVEs = json.loads(output) + assert len(CVEs) == 1 + assert CVEs[0]["NAME"] == "MELTDOWN" + except Exception as e: + import traceback + traceback.print_exc() + self.logger_warning("Something wrong happened when trying to diagnose Meltdown vunerability, exception: %s" % e) + raise Exception("Command output for failed meltdown check: '%s'" % output) + + self.logger_debug("Writing results from meltdown checker to cache file, %s" % cache_file) + write_to_json(cache_file, CVEs) + return CVEs[0]["VULNERABLE"] + + def main(args, env, loggers): return BaseSystemDiagnoser(args, env, loggers).diagnose() diff --git a/data/hooks/diagnosis/90-security.py b/data/hooks/diagnosis/90-security.py deleted file mode 100644 index d281042b0..000000000 --- a/data/hooks/diagnosis/90-security.py +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/bin/env python - -import os -import json -import subprocess - -from yunohost.diagnosis import Diagnoser -from moulinette.utils.filesystem import read_json, write_to_json - - -class SecurityDiagnoser(Diagnoser): - - id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1] - cache_duration = 3600 - dependencies = [] - - def run(self): - - "CVE-2017-5754" - - if self.is_vulnerable_to_meltdown(): - yield dict(meta={"test": "meltdown"}, - status="ERROR", - summary="diagnosis_security_vulnerable_to_meltdown", - details=["diagnosis_security_vulnerable_to_meltdown_details"] - ) - else: - yield dict(meta={}, - status="SUCCESS", - summary="diagnosis_security_all_good" - ) - - - def is_vulnerable_to_meltdown(self): - # meltdown CVE: https://security-tracker.debian.org/tracker/CVE-2017-5754 - - # We use a cache file to avoid re-running the script so many times, - # which can be expensive (up to around 5 seconds on ARM) - # and make the admin appear to be slow (c.f. the calls to diagnosis - # from the webadmin) - # - # The cache is in /tmp and shall disappear upon reboot - # *or* we compare it to dpkg.log modification time - # such that it's re-ran if there was package upgrades - # (e.g. from yunohost) - cache_file = "/tmp/yunohost-meltdown-diagnosis" - dpkg_log = "/var/log/dpkg.log" - if os.path.exists(cache_file): - if not os.path.exists(dpkg_log) or os.path.getmtime(cache_file) > os.path.getmtime(dpkg_log): - self.logger_debug("Using cached results for meltdown checker, from %s" % cache_file) - return read_json(cache_file)[0]["VULNERABLE"] - - # script taken from https://github.com/speed47/spectre-meltdown-checker - # script commit id is store directly in the script - SCRIPT_PATH = "/usr/lib/moulinette/yunohost/vendor/spectre-meltdown-checker/spectre-meltdown-checker.sh" - - # '--variant 3' corresponds to Meltdown - # example output from the script: - # [{"NAME":"MELTDOWN","CVE":"CVE-2017-5754","VULNERABLE":false,"INFOS":"PTI mitigates the vulnerability"}] - try: - self.logger_debug("Running meltdown vulnerability checker") - call = subprocess.Popen("bash %s --batch json --variant 3" % - SCRIPT_PATH, shell=True, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE) - - # TODO / FIXME : here we are ignoring error messages ... - # in particular on RPi2 and other hardware, the script complains about - # "missing some kernel info (see -v), accuracy might be reduced" - # Dunno what to do about that but we probably don't want to harass - # users with this warning ... - output, err = call.communicate() - assert call.returncode in (0, 2, 3), "Return code: %s" % call.returncode - - # If there are multiple lines, sounds like there was some messages - # in stdout that are not json >.> ... Try to get the actual json - # stuff which should be the last line - output = output.strip() - if "\n" in output: - self.logger_debug("Original meltdown checker output : %s" % output) - output = output.split("\n")[-1] - - CVEs = json.loads(output) - assert len(CVEs) == 1 - assert CVEs[0]["NAME"] == "MELTDOWN" - except Exception as e: - import traceback - traceback.print_exc() - self.logger_warning("Something wrong happened when trying to diagnose Meltdown vunerability, exception: %s" % e) - raise Exception("Command output for failed meltdown check: '%s'" % output) - - self.logger_debug("Writing results from meltdown checker to cache file, %s" % cache_file) - write_to_json(cache_file, CVEs) - return CVEs[0]["VULNERABLE"] - - -def main(args, env, loggers): - return SecurityDiagnoser(args, env, loggers).diagnose() diff --git a/locales/en.json b/locales/en.json index 358ed64c3..1be70d24b 100644 --- a/locales/en.json +++ b/locales/en.json @@ -224,7 +224,6 @@ "diagnosis_regenconf_allgood": "All configurations files are in line with the recommended configuration!", "diagnosis_regenconf_manually_modified": "Configuration file {file} appears to have been manually modified.", "diagnosis_regenconf_manually_modified_details": "This is probably OK if you know what you're doing! YunoHost will stop updating this file automatically... But beware that YunoHost upgrades could contain important recommended changes. If you want to, you can inspect the differences with yunohost tools regen-conf {category} --dry-run --with-diff and force the reset to the recommended configuration with yunohost tools regen-conf {category} --force", - "diagnosis_security_all_good": "No critical security vulnerability was found.", "diagnosis_security_vulnerable_to_meltdown": "You appear vulnerable to the Meltdown criticial security vulnerability", "diagnosis_security_vulnerable_to_meltdown_details": "To fix this, you should upgrade your system and reboot to load the new linux kernel (or contact your server provider if this doesn't work). See https://meltdownattack.com/ for more infos.", "diagnosis_description_basesystem": "Base system", @@ -236,7 +235,6 @@ "diagnosis_description_web": "Web", "diagnosis_description_mail": "Email", "diagnosis_description_regenconf": "System configurations", - "diagnosis_description_security": "Security checks", "diagnosis_ports_could_not_diagnose": "Could not diagnose if ports are reachable from outside in IPv{ipversion}.", "diagnosis_ports_could_not_diagnose_details": "Error: {error}", "diagnosis_ports_unreachable": "Port {port} is not reachable from outside.", From 23147161d68f3e8214c28759702c26b08cb446d1 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 8 May 2020 23:56:23 +0200 Subject: [PATCH 137/451] Change warning/errors about swap as info instead ... add a tip about the fact that having swap on SD or SSD is dangerous --- data/hooks/diagnosis/50-systemresources.py | 5 +++-- locales/en.json | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/data/hooks/diagnosis/50-systemresources.py b/data/hooks/diagnosis/50-systemresources.py index 66d27866a..50f69f9ed 100644 --- a/data/hooks/diagnosis/50-systemresources.py +++ b/data/hooks/diagnosis/50-systemresources.py @@ -45,14 +45,15 @@ class SystemResourcesDiagnoser(Diagnoser): item = dict(meta={"test": "swap"}, data={"total": human_size(swap.total), "recommended": "512 MiB"}) if swap.total <= 1 * MB: - item["status"] = "ERROR" + item["status"] = "INFO" item["summary"] = "diagnosis_swap_none" elif swap.total < 500 * MB: - item["status"] = "WARNING" + item["status"] = "INFO" item["summary"] = "diagnosis_swap_notsomuch" else: item["status"] = "SUCCESS" item["summary"] = "diagnosis_swap_ok" + item["details"] = ["diagnosis_swap_tip"] yield item # FIXME : add a check that swapiness is low if swap is on a sdcard... diff --git a/locales/en.json b/locales/en.json index 1be70d24b..6f4fcac1d 100644 --- a/locales/en.json +++ b/locales/en.json @@ -193,6 +193,7 @@ "diagnosis_swap_none": "The system has no swap at all. You should consider adding at least {recommended} of swap to avoid situations where the system runs out of memory.", "diagnosis_swap_notsomuch": "The system has only {total} swap. You should consider having at least {recommended} to avoid situations where the system runs out of memory.", "diagnosis_swap_ok": "The system has {total} of swap!", + "diagnosis_swap_tip": "Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device`.", "diagnosis_mail_outgoing_port_25_ok": "The SMTP mail server is able to send emails (outgoing port 25 is not blocked).", "diagnosis_mail_outgoing_port_25_blocked": "The SMTP mail server cannot send emails to other servers because outgoing port 25 is blocked in IPv{ipversion}.", "diagnosis_mail_outgoing_port_25_blocked_details": "You should first try to unblock outgoing port 25 in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).", From aecbb14aa4ccec48ccb2fe62ca1aa9337e85a618 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 01:46:28 +0200 Subject: [PATCH 138/451] Add a --human-readable option to diagnosis_show() and a --email to diagnosis_run() to email issues found by cron job --- data/actionsmap/yunohost.yml | 6 +++ data/hooks/conf_regen/01-yunohost | 2 +- src/yunohost/diagnosis.py | 61 +++++++++++++++++++++++++------ 3 files changed, 56 insertions(+), 13 deletions(-) diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index e2b4447cf..d61538c5c 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -1691,6 +1691,9 @@ diagnosis: --share: help: Share the logs using yunopaste action: store_true + --human-readable: + help: Show a human-readable output + action: store_true run: action_help: Run diagnosis @@ -1705,6 +1708,9 @@ diagnosis: --except-if-never-ran-yet: help: Don't run anything if diagnosis never ran yet ... (this is meant to be used by the webadmin) action: store_true + --email: + help: Send an email to root with issues found (this is meant to be used by cron job) + action: store_true ignore: action_help: Configure some diagnosis results to be ignored and therefore not considered as actual issues diff --git a/data/hooks/conf_regen/01-yunohost b/data/hooks/conf_regen/01-yunohost index b24689023..4bd763b70 100755 --- a/data/hooks/conf_regen/01-yunohost +++ b/data/hooks/conf_regen/01-yunohost @@ -60,7 +60,7 @@ do_pre_regen() { mkdir -p $pending_dir/etc/cron.d/ cat > $pending_dir/etc/cron.d/yunohost-diagnosis << EOF SHELL=/bin/bash -0 7,19 * * * root : YunoHost Diagnosis; sleep \$((RANDOM\\%600)); yunohost diagnosis run > /dev/null +0 7,19 * * * root : YunoHost Automatic Diagnosis; sleep \$((RANDOM\\%600)); yunohost diagnosis run --email > /dev/null 2>/dev/null || echo "Running the automatic diagnosis failed miserably" EOF } diff --git a/src/yunohost/diagnosis.py b/src/yunohost/diagnosis.py index bfb2619eb..806285f52 100644 --- a/src/yunohost/diagnosis.py +++ b/src/yunohost/diagnosis.py @@ -27,6 +27,7 @@ import re import os import time +import smtplib from moulinette import m18n, msettings from moulinette.utils import log @@ -41,6 +42,7 @@ DIAGNOSIS_CACHE = "/var/cache/yunohost/diagnosis/" DIAGNOSIS_CONFIG_FILE = '/etc/yunohost/diagnosis.yml' DIAGNOSIS_SERVER = "diagnosis.yunohost.org" + def diagnosis_list(): all_categories_names = [h for h, _ in _list_diagnosis_categories()] return {"categories": all_categories_names} @@ -65,7 +67,7 @@ def diagnosis_get(category, item): return Diagnoser.get_cached_report(category, item=item) -def diagnosis_show(categories=[], issues=False, full=False, share=False): +def diagnosis_show(categories=[], issues=False, full=False, share=False, human_readable=False): if not os.path.exists(DIAGNOSIS_CACHE): logger.warning(m18n.n("diagnosis_never_ran_yet")) @@ -93,7 +95,7 @@ def diagnosis_show(categories=[], issues=False, full=False, share=False): logger.error(m18n.n("diagnosis_failed", category=category, error=str(e))) continue - Diagnoser.i18n(report) + Diagnoser.i18n(report, force_remove_html_tags=share or human_readable) add_ignore_flag_to_issues(report) if not full: @@ -123,9 +125,12 @@ def diagnosis_show(categories=[], issues=False, full=False, share=False): return {"url": url} else: return + elif human_readable: + print(_dump_human_readable_reports(all_reports)) else: return {"reports": all_reports} + def _dump_human_readable_reports(reports): output = "" @@ -137,16 +142,16 @@ def _dump_human_readable_reports(reports): for item in report["items"]: output += "[{status}] {summary}\n".format(**item) for detail in item.get("details", []): - output += " - " + detail + "\n" + output += " - " + detail.replace("\n", "\n ") + "\n" output += "\n" output += "\n\n" return(output) -def diagnosis_run(categories=[], force=False, except_if_never_ran_yet=False): +def diagnosis_run(categories=[], force=False, except_if_never_ran_yet=False, email=False): - if except_if_never_ran_yet and not os.path.exists(DIAGNOSIS_CACHE): + if (email or except_if_never_ran_yet) and not os.path.exists(DIAGNOSIS_CACHE): return # Get all the categories @@ -170,7 +175,7 @@ def diagnosis_run(categories=[], force=False, except_if_never_ran_yet=False): try: code, report = hook_exec(path, args={"force": force}, env=None) - except Exception as e: + except Exception: import traceback logger.error(m18n.n("diagnosis_failed_for_category", category=category, error='\n'+traceback.format_exc())) else: @@ -178,10 +183,11 @@ def diagnosis_run(categories=[], force=False, except_if_never_ran_yet=False): if report != {}: issues.extend([item for item in report["items"] if item["status"] in ["WARNING", "ERROR"]]) - if issues and msettings.get("interface") == "cli": - logger.warning(m18n.n("diagnosis_display_tip")) - - return + if issues: + if email: + _email_diagnosis_issues() + elif msettings.get("interface") == "cli": + logger.warning(m18n.n("diagnosis_display_tip")) def diagnosis_ignore(add_filter=None, remove_filter=None, list=False): @@ -318,6 +324,7 @@ def issue_matches_criterias(issue, criterias): return False return True + def add_ignore_flag_to_issues(report): """ Iterate over issues in a report, and flag them as ignored if they match an @@ -448,7 +455,7 @@ class Diagnoser(): return descr if descr != key else id_ @staticmethod - def i18n(report): + def i18n(report, force_remove_html_tags=False): # "Render" the strings with m18n.n # N.B. : we do those m18n.n right now instead of saving the already-translated report @@ -477,7 +484,7 @@ class Diagnoser(): info[1].update(meta_data) s = m18n.n(info[0], **(info[1])) # In cli, we remove the html tags - if msettings.get("interface") != "api": + if msettings.get("interface") != "api" or force_remove_html_tags: s = s.replace("", "'").replace("", "'") s = html_tags.sub('', s.replace("
","\n")) else: @@ -547,3 +554,33 @@ def _list_diagnosis_categories(): hooks.append((name, info["path"])) return hooks + + +def _email_diagnosis_issues(): + from yunohost.domain import _get_maindomain + from_ = "diagnosis@%s (Automatic diagnosis)" % _get_maindomain() + to_ = "root" + subject_ = "Issues found by automatic diagnosis" + + disclaimer = "The automatic diagnosis on your YunoHost server identified some issues on your server. You will find a description of the issues below. You can manage those issues in the 'Diagnosis' section in your webadmin." + + content = _dump_human_readable_reports(diagnosis_show(issues=True)["reports"]) + + message = """\ +From: %s +To: %s +Subject: %s + +%s + +--- + +%s +""" % (from_, to_, subject_, disclaimer, content) + + print(message) + + smtp = smtplib.SMTP("localhost") + smtp.sendmail(from_, [to_], message) + smtp.quit() + From d8dfa1c5d5f6626954c13a96bd930f3ce710f5a0 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 15:58:40 +0200 Subject: [PATCH 139/451] We gotta trash the error stream because gzip complains about broken pipe when ran in python subprocess ~.~ --- src/yunohost/utils/packages.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/utils/packages.py b/src/yunohost/utils/packages.py index 6103206e5..51e9ab71a 100644 --- a/src/yunohost/utils/packages.py +++ b/src/yunohost/utils/packages.py @@ -40,7 +40,7 @@ def get_ynh_package_version(package): # may handle changelog differently ! changelog = "/usr/share/doc/%s/changelog.gz" % package - cmd = "gzip -cd %s | head -n1" % changelog + cmd = "gzip -cd %s 2>/dev/null | head -n1" % changelog if not os.path.exists(changelog): return {"version": "?", "repo": "?"} out = check_output(cmd).split() From c8625858e2940212072a7c646430c703adf78027 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 18:01:16 +0200 Subject: [PATCH 140/451] Fetch xmpp-upload DNS record status from diagnosis directly --- src/yunohost/certificate.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index 35d019ec8..366f45462 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -39,7 +39,7 @@ from moulinette.utils.filesystem import read_file from yunohost.vendor.acme_tiny.acme_tiny import get_crt as sign_certificate from yunohost.utils.error import YunohostError -from yunohost.utils.network import get_public_ip, dig +from yunohost.utils.network import get_public_ip from yunohost.diagnosis import Diagnoser from yunohost.service import _run_service_command @@ -596,7 +596,8 @@ def _prepare_certificate_signing_request(domain, key_file, output_folder): # For "parent" domains, include xmpp-upload subdomain in subject alternate names if domain in domain_list(exclude_subdomains=True)["domains"]: subdomain = "xmpp-upload." + domain - if dig(subdomain, "A", resolvers="force_external") == ("ok", [get_public_ip()]): + xmpp_records = Diagnoser.get_cached_report("dnsrecords", item={"domain": domain, "category": "xmpp"}).get("data") or {} + if xmpp_records.get("CNAME:xmpp-upload") == "OK": csr.add_extensions([crypto.X509Extension("subjectAltName", False, "DNS:" + subdomain)]) else: logger.warning(m18n.n('certmanager_warning_subdomain_dns_record', subdomain=subdomain, domain=domain)) From 232c5f3d6b0f6a8a64eb541778a9862e9d766c9e Mon Sep 17 00:00:00 2001 From: xaloc33 Date: Tue, 28 Apr 2020 22:39:03 +0000 Subject: [PATCH 141/451] Translated using Weblate (Catalan) Currently translated at 100.0% (632 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/ca/ --- locales/ca.json | 70 ++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 54 insertions(+), 16 deletions(-) diff --git a/locales/ca.json b/locales/ca.json index bd071e354..e5174205d 100644 --- a/locales/ca.json +++ b/locales/ca.json @@ -504,7 +504,7 @@ "diagnosis_basesystem_ynh_main_version": "El servidor funciona amb YunoHost {main_version} ({repo})", "diagnosis_ram_low": "El sistema només té {available} ({available_percent}%) de memòria RAM disponibles d'un total de {total}. Aneu amb compte.", "diagnosis_swap_none": "El sistema no té swap. Hauríeu de considerar afegir un mínim de {recommended} de swap per evitar situacions en les que el sistema es queda sense memòria.", - "diagnosis_regenconf_manually_modified": "El fitxer de configuració {file} ha estat modificat manualment.", + "diagnosis_regenconf_manually_modified": "El fitxer de configuració {file} sembla haver estat modificat manualment.", "diagnosis_security_vulnerable_to_meltdown_details": "Per arreglar-ho, hauríeu d'actualitzar i reiniciar el sistema per tal de carregar el nou nucli de linux (o contactar amb el proveïdor del servidor si no funciona). Vegeu https://meltdownattack.com/ per a més informació.", "diagnosis_http_could_not_diagnose": "No s'ha pogut diagnosticar si el domini és accessible des de l'exterior.", "diagnosis_http_could_not_diagnose_details": "Error: {error}", @@ -531,23 +531,23 @@ "diagnosis_ip_not_connected_at_all": "Sembla que el servidor no està connectat a internet!?", "diagnosis_ip_dnsresolution_working": "La resolució de nom de domini està funcionant!", "diagnosis_ip_broken_dnsresolution": "La resolució de nom de domini falla per algun motiu… Està el tallafocs bloquejant les peticions DNS?", - "diagnosis_ip_broken_resolvconf": "La resolució de nom de domini sembla caiguda en el servidor, podria estar relacionat amb el fet que /etc/resolv.conf no apunta cap a 127.0.0.1.", - "diagnosis_ip_weird_resolvconf": "La resolució DNS sembla estar funcionant, però aneu amb compte ja que esteu utilitzant un versió personalitzada de /etc/resolv.conf.", - "diagnosis_ip_weird_resolvconf_details": "En canvi, aquest fitxer hauria de ser un enllaç simbòlic cap a /etc/resolvconf/run/resolv.conf i que aquest apunti cap a 127.0.0.1 (dnsmasq). La configuració del «resolver» real s'hauria de fer a /etc/resolv.dnsmaq.conf.", - "diagnosis_dns_good_conf": "Bona configuració DNS pel domini {domain} (categoria {category})", - "diagnosis_dns_bad_conf": "Configuració DNS incorrecta o inexistent pel domini {domain} (categoria {category})", - "diagnosis_dns_missing_record": "Segons la configuració DNS recomanada, hauríeu d'afegir un registre DNS\ntipus: {type}\nnom: {name}\nvalor: {value}.", + "diagnosis_ip_broken_resolvconf": "La resolució de nom de domini sembla caiguda en el servidor, podria estar relacionat amb el fet que /etc/resolv.conf no apunta cap a 127.0.0.1.", + "diagnosis_ip_weird_resolvconf": "La resolució DNS sembla estar funcionant, però sembla que esteu utilitzant un versió personalitzada de /etc/resolv.conf.", + "diagnosis_ip_weird_resolvconf_details": "El fitxer etc/resolv.conf hauria de ser un enllaç simbòlic cap a /etc/resolvconf/run/resolv.conf i que aquest apunti cap a 127.0.0.1 (dnsmasq). La configuració del «resolver» real s'hauria de fer a /etc/resolv.dnsmaq.conf.", + "diagnosis_dns_good_conf": "Els registres DNS han estat correctament configurats pel domini {domain} (categoria {category})", + "diagnosis_dns_bad_conf": "Alguns registres DNS són incorrectes o no existeixen pel domini {domain} (categoria {category})", + "diagnosis_dns_missing_record": "Segons la configuració DNS recomanada, hauríeu d'afegir un registre DNS amb la següent informació.
Tipus: {type}
Nom: {name}
Valor: {value}", "diagnosis_dns_discrepancy": "El registre DNS de tipus {type} i nom {name} no concorda amb la configuració recomanada.\nValor actual: {current}\nValor esperat: {value}", "diagnosis_services_bad_status": "El servei {service} està {status} :(", - "diagnosis_diskusage_verylow": "El lloc d'emmagatzematge {mountpoint} (en l'aparell {device}) només té disponibles {free} ({free_percent}%). Hauríeu de considerar alliberar una mica d'espai.", - "diagnosis_diskusage_low": "El lloc d'emmagatzematge {mountpoint} (en l'aparell {device}) només té disponibles {free} ({free_percent}%). Aneu amb compte.", - "diagnosis_diskusage_ok": "El lloc d'emmagatzematge {mountpoint} (en l'aparell {device}) encara té {free} ({free_percent}%) lliures!", + "diagnosis_diskusage_verylow": "El lloc d'emmagatzematge {mountpoint} (en l'aparell {device}) només té disponibles {free} ({free_percent}%). Hauríeu de considerar alliberar una mica d'espai!", + "diagnosis_diskusage_low": "El lloc d'emmagatzematge {mountpoint} (en l'aparell {device}) només té disponibles {free} ({free_percent}%). Aneu amb compte.", + "diagnosis_diskusage_ok": "El lloc d'emmagatzematge {mountpoint} (en l'aparell {device}) encara té {free} ({free_percent}%) lliures!", "diagnosis_ram_verylow": "El sistema només té {available} ({available_percent}%) de memòria RAM disponibles! (d'un total de {total})", "diagnosis_ram_ok": "El sistema encara té {available} ({available_percent}%) de memòria RAM disponibles d'un total de {total}.", "diagnosis_swap_notsomuch": "El sistema només té {total} de swap. Hauríeu de considerar tenir un mínim de {recommended} per evitar situacions en les que el sistema es queda sense memòria.", "diagnosis_swap_ok": "El sistema té {total} de swap!", "diagnosis_regenconf_allgood": "Tots els fitxers de configuració estan en acord amb la configuració recomanada!", - "diagnosis_regenconf_manually_modified_details": "No hauria de ser cap problema sempre i quan sapigueu el que esteu fent ;) !", + "diagnosis_regenconf_manually_modified_details": "No hauria de ser cap problema sempre i quan sapigueu el que esteu fent! YunoHost deixarà d'actualitzar aquest fitxer de manera automàtica… Però tingueu en compte que les actualitzacions de YunoHost podrien tenir canvis recomanats importants. Si voleu podeu mirar les diferències amb yunohost tools regen-conf {category} --dry-run --with-diff i forçar el restabliment de la configuració recomanada amb yunohost tools regen-conf {category} --force", "diagnosis_regenconf_manually_modified_debian": "El fitxer de configuració {file} ha estat modificat manualment respecte al fitxer per defecte de Debian.", "diagnosis_regenconf_manually_modified_debian_details": "No hauria de ser cap problema, però ho haureu de vigilar...", "diagnosis_security_all_good": "No s'ha trobat cap vulnerabilitat de seguretat crítica.", @@ -577,11 +577,11 @@ "diagnosis_description_mail": "Correu electrònic", "migration_description_0013_futureproof_apps_catalog_system": "Migrar al nou sistema de catàleg d'aplicacions resistent al pas del temps", "app_upgrade_script_failed": "Hi ha hagut un error en el script d'actualització de l'aplicació", - "diagnosis_services_bad_status_tip": "Podeu intentar reiniciar el servei, i si no funciona, podeu mirar els registres del servei utilitzant «yunohost service log {service}» o a través de «Serveis» a la secció de la pàgina web d'administració.", - "diagnosis_ports_forwarding_tip": "Per arreglar aquest problema, segurament s'ha de configurar el reenviament de ports en el router tal i com s'explica a https://yunohost.org/isp_box_config", - "diagnosis_http_bad_status_code": "El sistema de diagnòstic no ha pogut connectar amb el servidor. Podria ser que una altra màquina hagi contestat en lloc del servidor. S'hauria de comprovar que el reenviament del port 80 sigui correcte, que la configuració NGINX està actualitzada i que el reverse-proxy no està interferint.", + "diagnosis_services_bad_status_tip": "Podeu intentar reiniciar el servei, i si no funciona, podeu mirar els registres a la pàgina web d'administració (des de la línia de comandes, ho podeu fer utilitzant yunohost service restart {service} i yunohost service log {service}).", + "diagnosis_ports_forwarding_tip": "Per arreglar aquest problema, segurament s'ha de configurar el reenviament de ports en el router tal i com s'explica a https://yunohost.org/isp_box_config", + "diagnosis_http_bad_status_code": "Sembla que una altra màquina (potser el router) a respost en lloc del vostre servidor.
1. La causa més probable per a aquest problema és que el port 80 (i 443) no reenvien correctament cap al vostre servidor.
2. En configuracions més complexes: assegureu-vos que no hi ha cap tallafoc o reverse-proxy interferint.", "diagnosis_no_cache": "Encara no hi ha memòria cau pel diagnòstic de la categoria «{category}»", - "diagnosis_http_timeout": "S'ha exhaurit el temps d'esperar intentant connectar amb el servidor des de l'exterior. Sembla que no s'hi pot accedir. S'hauria de comprovar que el reenviament del port 80 és correcte, que NGINX funciona, i que el tallafocs no està interferint.", + "diagnosis_http_timeout": "S'ha exhaurit el temps d'esperar intentant connectar amb el servidor des de l'exterior.
1. La causa més probable per a aquest problema és que el port 80 (i 443) no reenvien correctament cap al vostre servidor.
2. També us hauríeu d'assegurar que el servei nginx estigui funcionant
3. En configuracions més complexes: assegureu-vos que no hi ha cap tallafoc o reverse-proxy interferint.", "diagnosis_http_connection_error": "Error de connexió: no s'ha pogut connectar amb el domini demanat, segurament és inaccessible.", "yunohost_postinstall_end_tip": "S'ha completat la post-instal·lació. Per acabar la configuració, considereu:\n - afegir un primer usuari a través de la secció «Usuaris» a la pàgina web d'administració (o emprant «yunohost user create » a la línia d'ordres);\n - diagnosticar possibles problemes a través de la secció «Diagnòstics» a la pàgina web d'administració (o emprant «yunohost diagnosis run» a la línia d'ordres);\n - llegir les seccions «Finalizing your setup» i «Getting to know Yunohost» a la documentació per administradors: https://yunohost.org/admindoc.", "migration_description_0014_remove_app_status_json": "Eliminar els fitxers d'aplicació status.json heretats", @@ -598,5 +598,43 @@ "diagnosis_basesystem_hardware": "L'arquitectura del maquinari del servidor és {virt} {arch}", "group_already_exist_on_system_but_removing_it": "El grup {group} ja existeix en els grups del sistema, però YunoHost l'eliminarà…", "certmanager_warning_subdomain_dns_record": "El subdomini «{subdomain:s}» no resol a la mateixa adreça IP que «{domain:s}». Algunes funcions no estaran disponibles fins que no s'hagi arreglat i s'hagi regenerat el certificat.", - "domain_cannot_add_xmpp_upload": "No podeu afegir dominis començant per «xmpp-upload.». Aquest tipus de nom està reservat per a la funció de pujada de XMPP integrada a YunoHost." + "domain_cannot_add_xmpp_upload": "No podeu afegir dominis començant per «xmpp-upload.». Aquest tipus de nom està reservat per a la funció de pujada de XMPP integrada a YunoHost.", + "diagnosis_display_tip": "Per veure els problemes que s'han trobat, podeu anar a la secció de Diagnòstic a la pàgina web d'administració, o utilitzar « yunohost diagnostic show --issues » a la línia de comandes.", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Alguns proveïdors no permeten desbloquejar el port de sortida 25 perquè no els hi importa la Neutralitat de la Xarxa.
- Alguns d'ells ofereixen l'alternativa d'utilitzar un relay de servidor de correu electrònic tot i que implica que el relay serà capaç d'espiar el tràfic de correus electrònics.
- Una alternativa respectuosa amb la privacitat és utilitzar una VPN *amb una IP pública dedicada* per sortejar aquest tipus de limitació. Vegeu https://yunohost.org/#/vpn_advantage
- També podeu considerar canviar-vos a un proveïdor més respectuós de la neutralitat de la xarxa", + "diagnosis_ip_global": "IP global: {global}", + "diagnosis_ip_local": "IP local: {local}", + "diagnosis_dns_point_to_doc": "Consulteu la documentació a https://yunohost.org/dns_config si necessiteu ajuda per configurar els registres DNS.", + "diagnosis_mail_outgoing_port_25_ok": "El servidor de correu electrònic SMTP pot enviar correus electrònics (el port de sortida 25 no està bloquejat).", + "diagnosis_mail_outgoing_port_25_blocked_details": "Primer heu d'intentar desbloquejar el port 25 en la interfície del vostre router o en la interfície del vostre allotjador. (Alguns proveïdors d'allotjament demanen enviar un tiquet de suport en aquests casos).", + "diagnosis_mail_ehlo_ok": "El servidor de correu electrònic SMTP no és accessible des de l'exterior i per tant no pot rebre correus electrònics!", + "diagnosis_mail_ehlo_unreachable": "El servidor de correu electrònic SMTP no és accessible des de l'exterior amb IPv{ipversion}. No podrà rebre correus electrònics.", + "diagnosis_mail_ehlo_bad_answer": "Un servei no SMTP a respost en el port 25 amb IPv{ipversion}", + "diagnosis_mail_ehlo_bad_answer_details": "Podria ser que sigui per culpa d'una altra màquina responent en lloc del servidor.", + "diagnosis_mail_ehlo_wrong": "Un servidor de correu electrònic SMTP diferent respon amb IPv{ipversion}. És probable que el vostre servidor no pugui rebre correus electrònics.", + "diagnosis_mail_ehlo_could_not_diagnose": "No s'ha pogut diagnosticar si el servidor de correu electrònic postfix és accessible des de l'exterior amb IPv{ipversion}.", + "diagnosis_mail_ehlo_could_not_diagnose_details": "Error: {error}", + "diagnosis_mail_fcrdns_ok": "S'ha configurat correctament el servidor DNS invers!", + "diagnosis_mail_blacklist_ok": "Sembla que les IPs i el dominis d'aquest servidor no són en una llista negra", + "diagnosis_mail_blacklist_listed_by": "La vostra IP o domini {item} està en una llista negra a {blacklist_name}", + "diagnosis_mail_blacklist_reason": "El motiu de ser a la llista negra és: {reason}", + "diagnosis_mail_fcrdns_different_from_ehlo_domain": "El DNS invers no està correctament configurat amb IPv{ipversion}. Alguns correus electrònics poden no arribar al destinatari o ser marcats com correu brossa.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "DNS invers actual: {rdns_domain}
Valor esperat: {ehlo_domain}", + "diagnosis_mail_queue_ok": "{nb_pending} correus electrònics pendents en les cues de correu electrònic", + "diagnosis_mail_queue_unavailable": "No s'ha pogut consultar el nombre de correus electrònics pendents en la cua", + "diagnosis_mail_queue_unavailable_details": "Error: {error}", + "diagnosis_mail_queue_too_big": "Hi ha massa correus electrònics pendents en la cua ({nb_pending} correus electrònics)", + "diagnosis_http_hairpinning_issue": "Sembla que la vostra xarxa no té el hairpinning activat.", + "diagnosis_http_nginx_conf_not_up_to_date": "La configuració NGINX d'aquest domini sembla que ha estat modificada manualment, i no deixa que YunoHost diagnostiqui si és accessible amb HTTP.", + "diagnosis_http_nginx_conf_not_up_to_date_details": "Per arreglar el problema, mireu les diferències amb la línia d'ordres utilitzant yunohost tools regen-conf nginx --dry-run --with-diff i si els canvis us semblen bé els podeu fer efectius utilitzant yunohost tools regen-conf nginx --force.", + "global_settings_setting_smtp_allow_ipv6": "Permet l'ús de IPv6 per rebre i enviar correus electrònics", + "diagnosis_mail_ehlo_unreachable_details": "No s'ha pogut establir una connexió amb el vostre servidor en el port 25 amb IPv{ipversion}. Sembla que el servidor no és accessible.
1. La causa més comú per aquest problema és que el port 25 no està correctament redireccionat cap al vostre servidor.
2. També us hauríeu d'assegurar que el servei postfix estigui funcionant.
3. En configuracions més complexes: assegureu-vos que que no hi hagi cap tallafoc ni reverse-proxy interferint.", + "diagnosis_mail_ehlo_wrong_details": "El EHLO rebut pel servidor de diagnòstic remot amb IPv{ipversion} és diferent al domini del vostre servidor.
EHLO rebut: {wrong_ehlo}
Esperat: {right_ehlo}
La causa més habitual d'aquest problema és que el port 25 no està correctament reenviat cap al vostre servidor. També podeu comprovar que no hi hagi un tallafocs o un reverse-proxy interferint.", + "diagnosis_mail_fcrdns_dns_missing": "No hi ha cap DNS invers definit per IPv{ipversion}. Alguns correus electrònics poden no entregar-se o poden ser marcats com a correu brossa.", + "diagnosis_mail_blacklist_website": "Després d'haver identificat perquè estàveu llistats i haver arreglat el problema, no dubteu en demanar que la vostra IP o domini sigui eliminat de {blacklist_website}", + "diagnosis_ports_partially_unreachable": "El port {port} no és accessible des de l'exterior amb IPv{failed}.", + "diagnosis_http_partially_unreachable": "El domini {domain} sembla que no és accessible utilitzant HTTP des de l'exterior de la xarxa local amb IPv{failed}, tot i que funciona amb IPv{passed}.", + "diagnosis_mail_fcrdns_nok_details": "Hauríeu d'intentar configurar primer el DNS invers amb {ehlo_domain} en la interfície del router o en la interfície del vostre allotjador. (Alguns allotjadors requereixen que obris un informe de suport per això).", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Alguns proveïdors no permeten configurar el DNS invers (o aquesta funció pot no funcionar…). Si teniu problemes a causa d'això, considereu les solucions següents:
- Alguns proveïdors d'accés a internet (ISP) donen l'alternativa de utilitzar un relay de servidor de correu electrònic tot i que implica que el relay podrà espiar el trànsit de correus electrònics.
- Una alternativa respectuosa amb la privacitat és utilitzar una VPN *amb una IP pública dedicada* per sobrepassar aquest tipus de limitacions. Mireu https://yunohost.org/#/vpn_advantage
- Finalment, també es pot canviar de proveïdor", + "diagnosis_mail_fcrdns_nok_alternatives_6": "Alguns proveïdors no permeten configurar el vostre DNS invers (o la funció no els hi funciona…). Si el vostre DNS invers està correctament configurat per IPv4, podeu intentar deshabilitar l'ús de IPv6 per a enviar correus electrònics utilitzant yunohost settings set smtp.allow_ipv6 -v off. Nota: aquesta última solució implica que no podreu enviar o rebre correus electrònics cap a els pocs servidors que hi ha que només tenen IPv-6.", + "diagnosis_http_hairpinning_issue_details": "Això és probablement a causa del router del vostre proveïdor d'accés a internet. El que fa, que gent de fora de la xarxa local pugui accedir al servidor sense problemes, però no la gent de dins la xarxa local (com vostè probablement) quan s'utilitza el nom de domini o la IP global. Podreu segurament millorar la situació fent una ullada a https://yunohost.org/dns_local_network" } From ff0dca4773e44dcdc466dfd700baa06d4d47c0c9 Mon Sep 17 00:00:00 2001 From: amirale qt Date: Mon, 27 Apr 2020 06:54:46 +0000 Subject: [PATCH 142/451] Translated using Weblate (Esperanto) Currently translated at 100.0% (632 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/eo/ --- locales/eo.json | 70 ++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 54 insertions(+), 16 deletions(-) diff --git a/locales/eo.json b/locales/eo.json index d778938e9..6fb758fd1 100644 --- a/locales/eo.json +++ b/locales/eo.json @@ -508,15 +508,15 @@ "diagnosis_basesystem_ynh_main_version": "Servilo funkcias YunoHost {main_version} ({repo})", "diagnosis_basesystem_ynh_inconsistent_versions": "Vi prizorgas malkonsekvencajn versiojn de la YunoHost-pakoj... plej probable pro malsukcesa aŭ parta ĝisdatigo.", "diagnosis_display_tip_web": "Vi povas iri al la sekcio Diagnozo (en la hejmekrano) por vidi la trovitajn problemojn.", - "diagnosis_cache_still_valid": "(Kaŝmemoro ankoraŭ validas por {category} diagnozo. Ankoraŭ ne re-diagnoza!)", + "diagnosis_cache_still_valid": "(La kaŝmemoro ankoraŭ validas por {category} diagnozo. Vi ankoraŭ ne diagnozas ĝin!)", "diagnosis_cant_run_because_of_dep": "Ne eblas fari diagnozon por {category} dum estas gravaj problemoj rilataj al {dep}.", "diagnosis_display_tip_cli": "Vi povas aranĝi 'yunohost diagnosis show --issues' por aperigi la trovitajn problemojn.", "diagnosis_failed_for_category": "Diagnozo malsukcesis por kategorio '{category}': {error}", "app_upgrade_script_failed": "Eraro okazis en la skripto pri ĝisdatiga programo", - "diagnosis_diskusage_verylow": "Stokado {mountpoint} (sur aparato {device)) restas nur {free} ({free_percent}%) spaco. Vi vere konsideru purigi iom da spaco.", + "diagnosis_diskusage_verylow": "Stokado {mountpoint} (sur aparato {device} ) nur restas {{free} ({free_percent}%) spaco restanta (el {total}). Vi vere konsideru purigi iom da spaco !", "diagnosis_ram_verylow": "La sistemo nur restas {available} ({available_percent}%) RAM! (el {total})", "diagnosis_mail_outgoing_port_25_blocked": "Eliranta haveno 25 ŝajnas esti blokita. Vi devas provi malŝlosi ĝin en via agorda panelo de provizanto (aŭ gastiganto). Dume la servilo ne povos sendi retpoŝtojn al aliaj serviloj.", - "diagnosis_http_bad_status_code": "La diagnoza sistemo ne povis atingi vian servilon. Povas esti, ke alia maŝino respondis anstataŭ via servilo. Vi devus kontroli, ke vi ĝuste redonas la havenon 80, ke via agordo de nginx estas ĝisdatigita kaj ke reverso-prokuro ne interbatalas.", + "diagnosis_http_bad_status_code": "Ĝi aspektas kiel alia maŝino (eble via interreta enkursigilo) respondita anstataŭ via servilo.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 80 (kaj 443) ne estas ĝuste senditaj al via servilo .
2. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", "main_domain_changed": "La ĉefa domajno estis ŝanĝita", "yunohost_postinstall_end_tip": "La post-instalado finiĝis! Por fini vian agordon, bonvolu konsideri:\n - aldonado de unua uzanto tra la sekcio 'Uzantoj' de la retadreso (aŭ 'uzanto de yunohost kreu ' en komandlinio);\n - diagnozi eblajn problemojn per la sekcio 'Diagnozo' de la reteja administrado (aŭ 'diagnoza yunohost-ekzekuto' en komandlinio);\n - legante la partojn 'Finigi vian agordon' kaj 'Ekkoni Yunohost' en la administra dokumentado: https://yunohost.org/admindoc.", "migration_description_0014_remove_app_status_json": "Forigi heredajn dosierojn", @@ -526,21 +526,21 @@ "diagnosis_ip_no_ipv6": "La servilo ne havas funkciantan IPv6.", "diagnosis_ip_not_connected_at_all": "La servilo tute ne ŝajnas esti konektita al la Interreto !?", "diagnosis_ip_dnsresolution_working": "Rezolucio pri domajna nomo funkcias !", - "diagnosis_ip_weird_resolvconf": "DNS-rezolucio ŝajnas funkcii, sed atentu, ke vi ŝajnas uzi kutimon /etc/resolv.conf.", - "diagnosis_ip_weird_resolvconf_details": "Anstataŭe, ĉi tiu dosiero estu ligilo kun /etc/resolvconf/run/resolv.conf mem montrante al 127.0.0.1 (dnsmasq). La efektivaj solvantoj devas agordi en /etc/resolv.dnsmasq.conf.", - "diagnosis_dns_good_conf": "Bona DNS-agordo por domajno {domain} (kategorio {category})", - "diagnosis_dns_bad_conf": "Malbona aŭ mankas DNS-agordo por domajno {domain} (kategorio {category})", + "diagnosis_ip_weird_resolvconf": "DNS-rezolucio ŝajnas funkcii, sed ŝajnas ke vi uzas kutiman /etc/resolv.conf .", + "diagnosis_ip_weird_resolvconf_details": "La dosiero /etc/resolv.conf devas esti ligilo al /etc/resolvconf/run/resolv.conf indikante 127.0.0.1 (dnsmasq). Se vi volas permane agordi DNS-solvilojn, bonvolu redakti /etc/resolv.dnsmasq.conf .", + "diagnosis_dns_good_conf": "DNS-registroj estas ĝuste agorditaj por domajno {domain} (kategorio {category})", + "diagnosis_dns_bad_conf": "Iuj DNS-registroj mankas aŭ malĝustas por domajno {domain} (kategorio {category})", "diagnosis_ram_ok": "La sistemo ankoraŭ havas {available} ({available_percent}%) RAM forlasita de {total}.", "diagnosis_swap_none": "La sistemo tute ne havas interŝanĝon. Vi devus pripensi aldoni almenaŭ {recommended} da interŝanĝo por eviti situaciojn en kiuj la sistemo restas sen memoro.", "diagnosis_swap_notsomuch": "La sistemo havas nur {total}-interŝanĝon. Vi konsideru havi almenaŭ {recommended} por eviti situaciojn en kiuj la sistemo restas sen memoro.", - "diagnosis_regenconf_manually_modified_details": "Ĉi tio probable estas bona tiel longe kiel vi scias kion vi faras;)!", + "diagnosis_regenconf_manually_modified_details": "Ĉi tio probable estas bona, se vi scias, kion vi faras! YunoHost ĉesigos ĝisdatigi ĉi tiun dosieron aŭtomate ... Sed atentu, ke YunoHost-ĝisdatigoj povus enhavi gravajn rekomendajn ŝanĝojn. Se vi volas, vi povas inspekti la diferencojn per yyunohost tools regen-conf {category} --dry-run --with-diff kaj devigi la reset al la rekomendita agordo per yunohost tools regen-conf {category} --force", "diagnosis_regenconf_manually_modified_debian": "Agordodosiero {file} estis modifita permane kompare kun la defaŭlta Debian.", "diagnosis_regenconf_manually_modified_debian_details": "Ĉi tio probable estas bona, sed devas observi ĝin...", "diagnosis_security_all_good": "Neniu kritika sekureca vundebleco estis trovita.", "diagnosis_security_vulnerable_to_meltdown": "Vi ŝajnas vundebla al la kritiko-vundebleco de Meltdown", "diagnosis_no_cache": "Neniu diagnoza kaŝmemoro por kategorio '{category}'", "diagnosis_ip_broken_dnsresolution": "Rezolucio pri domajna nomo rompiĝas pro iu kialo... Ĉu fajroŝirmilo blokas DNS-petojn ?", - "diagnosis_ip_broken_resolvconf": "Rezolucio pri domajna nomo ŝajnas esti rompita en via servilo, kiu ŝajnas rilata al /etc/resolv.conf ne notante 127.0.0.1.", + "diagnosis_ip_broken_resolvconf": "Rezolucio pri domajna nomo estas rompita en via servilo, kiu ŝajnas rilata al /etc/resolv.conf ne montrante al 127.0.0.1 .", "diagnosis_dns_missing_record": "Laŭ la rekomendita DNS-agordo, vi devas aldoni DNS-registron kun\ntipo: {type}\nnomo: {name}\nvaloro: {value}", "diagnosis_dns_discrepancy": "La DNS-registro kun tipo {type} kaj nomo {name} ne kongruas kun la rekomendita agordo.\nNuna valoro: {current}\nEsceptita valoro: {value}", "diagnosis_services_conf_broken": "Agordo estas rompita por servo {service} !", @@ -549,7 +549,7 @@ "diagnosis_swap_ok": "La sistemo havas {total} da interŝanĝoj!", "diagnosis_mail_ougoing_port_25_ok": "Eliranta haveno 25 ne estas blokita kaj retpoŝto povas esti sendita al aliaj serviloj.", "diagnosis_regenconf_allgood": "Ĉiuj agordaj dosieroj kongruas kun la rekomendita agordo!", - "diagnosis_regenconf_manually_modified": "Agordodosiero {file} estis permane modifita.", + "diagnosis_regenconf_manually_modified": "Agordodosiero {file} ŝajnas esti permane modifita.", "diagnosis_description_ip": "Interreta konektebleco", "diagnosis_description_dnsrecords": "Registroj DNS", "diagnosis_description_services": "Servo kontrolas staton", @@ -557,27 +557,27 @@ "diagnosis_description_security": "Sekurecaj kontroloj", "diagnosis_ports_could_not_diagnose": "Ne povis diagnozi, ĉu haveblaj havenoj de ekstere.", "diagnosis_ports_could_not_diagnose_details": "Eraro: {error}", - "diagnosis_services_bad_status_tip": "Vi povas provi rekomenci la servon, kaj se ĝi ne funkcias, trarigardu la servajn protokolojn uzante 'yunohost service log {service}' aŭ tra la sekcio 'Servoj' de la retadreso.", + "diagnosis_services_bad_status_tip": "Vi povas provi rekomenci la servon , kaj se ĝi ne funkcias, rigardu La servaj registroj en reteja (el la komandlinio, vi povas fari tion per yunohost service restart {service} kaj yunohost service log {service} ).", "diagnosis_security_vulnerable_to_meltdown_details": "Por ripari tion, vi devas ĝisdatigi vian sistemon kaj rekomenci por ŝarĝi la novan linux-kernon (aŭ kontaktu vian servilan provizanton se ĉi tio ne funkcias). Vidu https://meltdownattack.com/ por pliaj informoj.", "diagnosis_description_basesystem": "Baza sistemo", "diagnosis_description_regenconf": "Sistemaj agordoj", "main_domain_change_failed": "Ne eblas ŝanĝi la ĉefan domajnon", "log_domain_main_domain": "Faru de '{}' la ĉefa domajno", - "diagnosis_http_timeout": "Tempolimigita dum provado kontakti vian servilon de ekstere. Ĝi ŝajnas esti neatingebla. Vi devus kontroli, ke vi ĝuste redonas la havenon 80, ke nginx funkcias kaj ke fajroŝirmilo ne interbatalas.", + "diagnosis_http_timeout": "Tempolimigita dum provado kontakti vian servilon de ekstere. Ĝi ŝajnas esti neatingebla.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 80 (kaj 443) ne estas ĝuste senditaj al via servilo.
2. Vi ankaŭ devas certigi, ke la servo nginx funkcias
3. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", "diagnosis_http_connection_error": "Rilata eraro: ne povis konektiĝi al la petita domajno, tre probable ĝi estas neatingebla.", "migration_description_0013_futureproof_apps_catalog_system": "Migru al la nova katalogosistemo pri estontecaj programoj", "diagnosis_ignored_issues": "(+ {nb_ignored} ignorataj aferoj))", "diagnosis_found_errors": "Trovis {errors} signifa(j) afero(j) rilata al {category}!", "diagnosis_found_errors_and_warnings": "Trovis {errors} signifaj problemo (j) (kaj {warnings} averto) rilataj al {category}!", - "diagnosis_diskusage_low": "Stokado {mountpoint} (sur aparato {device)) restas nur {free} ({free_percent}%) spaco. Estu zorgema.", - "diagnosis_diskusage_ok": "Stokado {mountpoint} (sur aparato {device) ankoraŭ restas {free} ({free_percent}%) spaco!", + "diagnosis_diskusage_low": "Stokado {mountpoint} (sur aparato {device} ) nur restas {{free} ({free_percent}%) spaco restanta (el {total}). Estu zorgema.", + "diagnosis_diskusage_ok": "Stokado {mountpoint} (sur aparato {device}) ankoraŭ restas {free} ({free_percent}%) spaco (el {total})!", "global_settings_setting_pop3_enabled": "Ebligu la protokolon POP3 por la poŝta servilo", "diagnosis_unknown_categories": "La jenaj kategorioj estas nekonataj: {categories}", "diagnosis_services_running": "Servo {service} funkcias!", "diagnosis_ports_unreachable": "Haveno {port} ne atingeblas de ekstere.", "diagnosis_ports_ok": "Haveno {port} atingeblas de ekstere.", "diagnosis_ports_needed_by": "Eksponi ĉi tiun havenon necesas por {category} funkcioj (servo {service})", - "diagnosis_ports_forwarding_tip": "Por solvi ĉi tiun problemon, vi plej verŝajne bezonas agordi havenon en via interreta enkursigilo kiel priskribite en https://yunohost.org/isp_box_config", + "diagnosis_ports_forwarding_tip": "Por solvi ĉi tiun problemon, vi plej verŝajne devas agordi la plusendon de haveno en via interreta enkursigilo kiel priskribite en https://yunohost.org/isp_box_config", "diagnosis_http_could_not_diagnose": "Ne povis diagnozi, ĉu atingeblas domajno de ekstere.", "diagnosis_http_could_not_diagnose_details": "Eraro: {error}", "diagnosis_http_ok": "Domajno {domain} atingebla per HTTP de ekster la loka reto.", @@ -598,5 +598,43 @@ "diagnosis_basesystem_hardware_board": "Servilo-tabulo-modelo estas {model}", "diagnosis_description_web": "Reta", "domain_cannot_add_xmpp_upload": "Vi ne povas aldoni domajnojn per 'xmpp-upload'. Ĉi tiu speco de nomo estas rezervita por la XMPP-alŝuta funkcio integrita en YunoHost.", - "group_already_exist_on_system_but_removing_it": "Grupo {group} jam ekzistas en la sistemaj grupoj, sed YunoHost forigos ĝin …" + "group_already_exist_on_system_but_removing_it": "Grupo {group} jam ekzistas en la sistemaj grupoj, sed YunoHost forigos ĝin …", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Iuj provizantoj ne lasos vin malŝlosi elirantan havenon 25 ĉar ili ne zorgas pri Neta Neŭtraleco.
- Iuj el ili provizas la alternativon de uzante retpoŝtan servilon kvankam ĝi implicas, ke la relajso povos spioni vian retpoŝtan trafikon.
- Amika privateco estas uzi VPN * kun dediĉita publika IP * por pretervidi ĉi tiun specon. de limoj. Vidu https://yunohost.org/#/vpn_avantage
- Vi ankaŭ povas konsideri ŝanĝi al pli neta neŭtraleco-amika provizanto ", + "diagnosis_mail_fcrdns_nok_details": "Vi unue provu agordi la inversan DNS kun {ehlo_domain} en via interreta enkursigilo aŭ en via retprovizanta interfaco. (Iuj gastigantaj provizantoj eble postulas, ke vi sendu al ili subtenan bileton por ĉi tio).", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Iuj provizantoj ne lasos vin agordi vian inversan DNS (aŭ ilia funkcio povus esti rompita ...). Se vi spertas problemojn pro tio, konsideru jenajn solvojn:
- Iuj ISP provizas la alternativon de uzante retpoŝtan servilon kvankam ĝi implicas, ke la relajso povos spioni vian retpoŝtan trafikon.
- Interreta privateco estas uzi VPN * kun dediĉita publika IP * por preterpasi ĉi tiajn limojn. Vidu https://yunohost.org/#/vpn_avantage
- Finfine eblas ankaŭ ŝanĝo de provizanto ", + "diagnosis_display_tip": "Por vidi la trovitajn problemojn, vi povas iri al la sekcio pri Diagnozo de la reteja administrado, aŭ funkcii \"yunohost diagnosis show --issues\" el la komandlinio.", + "diagnosis_ip_global": "Tutmonda IP: {global} ", + "diagnosis_ip_local": "Loka IP: {local} ", + "diagnosis_dns_point_to_doc": "Bonvolu kontroli la dokumentaron ĉe https://yunohost.org/dns_config se vi bezonas helpon pri agordo de DNS-registroj.", + "diagnosis_mail_outgoing_port_25_ok": "La SMTP-poŝta servilo kapablas sendi retpoŝtojn (eliranta haveno 25 ne estas blokita).", + "diagnosis_mail_outgoing_port_25_blocked_details": "Vi unue provu malŝlosi elirantan havenon 25 en via interreta enkursigilo aŭ en via retprovizanta interfaco. (Iuj gastigantaj provizantoj eble postulas, ke vi sendu al ili subtenan bileton por ĉi tio).", + "diagnosis_mail_ehlo_unreachable": "La SMTP-poŝta servilo estas neatingebla de ekstere sur IPv {ipversion}. Ĝi ne povos ricevi retpoŝtojn.", + "diagnosis_mail_ehlo_ok": "La SMTP-poŝta servilo atingeblas de ekstere kaj tial kapablas ricevi retpoŝtojn !", + "diagnosis_mail_ehlo_unreachable_details": "Ne povis malfermi rilaton sur la haveno 25 al via servilo en IPv {ipversion}. Ĝi ŝajnas esti neatingebla.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 25 ne estas ĝuste sendita al via servilo .
2. Vi ankaŭ devas certigi, ke servo-prefikso funkcias.
3. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", + "diagnosis_mail_ehlo_bad_answer": "Ne-SMTP-servo respondita sur la haveno 25 sur IPv {ipversion}", + "diagnosis_mail_ehlo_bad_answer_details": "Povas esti ke alia maŝino respondas anstataŭ via servilo.", + "diagnosis_mail_ehlo_wrong": "Malsama SMTP-poŝta servilo respondas pri IPv {ipversion}. Via servilo probable ne povos ricevi retpoŝtojn.", + "diagnosis_mail_ehlo_wrong_details": "La EHLO ricevita de la fora diagnozilo en IPv {ipversion} diferencas de la domajno de via servilo.
Ricevita EHLO: {wrong_ehlo}
Atendita: {right_ehlo}
La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 25 ne estas ĝuste sendita al via servilo . Alternative, certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", + "diagnosis_mail_ehlo_could_not_diagnose": "Ne povis diagnozi ĉu postfiksa poŝta servilo atingebla de ekstere en IPv {ipversion}.", + "diagnosis_mail_ehlo_could_not_diagnose_details": "Eraro: {error}", + "diagnosis_mail_fcrdns_ok": "Via inversa DNS estas ĝuste agordita!", + "diagnosis_mail_fcrdns_dns_missing": "Neniu inversa DNS estas difinita en IPv {ipversion}. Iuj retpoŝtoj povas malsukcesi liveri aŭ povus esti markitaj kiel spamo.", + "diagnosis_mail_fcrdns_nok_alternatives_6": "Iuj provizantoj ne lasos vin agordi vian inversan DNS (aŭ ilia funkcio povus esti rompita ...). Se via inversa DNS estas ĝuste agordita por IPv4, vi povas provi malebligi la uzon de IPv6 kiam vi sendas retpoŝtojn per funkciado yunohost-agordoj set smtp.allow_ipv6 -v off . Noto: ĉi tiu lasta solvo signifas, ke vi ne povos sendi aŭ ricevi retpoŝtojn de la malmultaj IPv6-nur serviloj tie.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain": "La inversa DNS ne ĝuste agordis en IPv {ipversion}. Iuj retpoŝtoj povas malsukcesi liveri aŭ povus esti markitaj kiel spamo.", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "Aktuala reverso DNS: {rdns_domain}
Atendita valoro: {ehlo_domain}", + "diagnosis_mail_blacklist_ok": "La IP kaj domajnoj uzataj de ĉi tiu servilo ne ŝajnas esti listigitaj nigre", + "diagnosis_mail_blacklist_listed_by": "Via IP aŭ domajno {item} estas listigita en {blacklist_name}", + "diagnosis_mail_blacklist_reason": "La negra listo estas: {reason}", + "diagnosis_mail_blacklist_website": "Post identigi kial vi listigas kaj riparis ĝin, bonvolu peti forigi vian IP aŭ domenion sur {blacklist_website}", + "diagnosis_mail_queue_ok": "{nb_pending} pritraktataj retpoŝtoj en la retpoŝtaj vostoj", + "diagnosis_mail_queue_unavailable": "Ne povas konsulti multajn pritraktitajn retpoŝtojn en vosto", + "diagnosis_mail_queue_unavailable_details": "Eraro: {error}", + "diagnosis_mail_queue_too_big": "Tro multaj pritraktataj retpoŝtoj en retpoŝto ({nb_pending} retpoŝtoj)", + "diagnosis_ports_partially_unreachable": "Haveno {port} ne atingebla de ekstere en IPv {failed}.", + "diagnosis_http_hairpinning_issue": "Via loka reto ŝajne ne havas haŭtadon.", + "diagnosis_http_hairpinning_issue_details": "Ĉi tio probable estas pro via ISP-skatolo / enkursigilo. Rezulte, homoj de ekster via loka reto povos aliri vian servilon kiel atendite, sed ne homoj de interne de la loka reto (kiel vi, probable?) Kiam uzas la domajnan nomon aŭ tutmondan IP. Eble vi povas plibonigi la situacion per rigardado al https://yunohost.org/dns_local_network", + "diagnosis_http_partially_unreachable": "Domajno {domain} ŝajnas neatingebla per HTTP de ekster la loka reto en IPv {failed}, kvankam ĝi funkcias en IPv {passed}.", + "diagnosis_http_nginx_conf_not_up_to_date": "La nginx-agordo de ĉi tiu domajno ŝajnas esti modifita permane, kaj malhelpas YunoHost diagnozi ĉu ĝi atingeblas per HTTP.", + "diagnosis_http_nginx_conf_not_up_to_date_details": "Por solvi la situacion, inspektu la diferencon per la komandlinio per yunohost tools regen-conf nginx --dry-run --with-diff kaj se vi aranĝas, apliku la ŝanĝojn per yunohost tools regen-conf nginx --force.", + "global_settings_setting_smtp_allow_ipv6": "Permesu la uzon de IPv6 por ricevi kaj sendi poŝton" } From 31426c54698fd2991b13b3cba40c83779017bf5b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Idafe=20Hern=C3=A1ndez?= Date: Sun, 3 May 2020 19:38:34 +0000 Subject: [PATCH 143/451] Translated using Weblate (Spanish) Currently translated at 92.7% (586 of 632 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/es/ --- locales/es.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/locales/es.json b/locales/es.json index 6d77dd2ef..cd0d1dc57 100644 --- a/locales/es.json +++ b/locales/es.json @@ -601,5 +601,9 @@ "diagnosis_ports_forwarding_tip": "Para solucionar este incidente, debería configurar el \"port forwading\" en su router como especificado en https://yunohost.org/isp_box_config", "certmanager_warning_subdomain_dns_record": "El subdominio '{subdomain:s}' no se resuelve en la misma dirección IP que '{domain:s}'. Algunas funciones no estarán disponibles hasta que solucione esto y regenere el certificado.", "domain_cannot_add_xmpp_upload": "No puede agregar dominios que comiencen con 'xmpp-upload'. Este tipo de nombre está reservado para la función de carga XMPP integrada en YunoHost.", - "yunohost_postinstall_end_tip": "¡La post-instalación completada! Para finalizar su configuración, considere:\n - agregar un primer usuario a través de la sección 'Usuarios' del webadmin (o 'yunohost user create ' en la línea de comandos);\n - diagnostique problemas potenciales a través de la sección 'Diagnóstico' de webadmin (o 'ejecución de diagnóstico yunohost' en la línea de comandos);\n - leyendo las partes 'Finalizando su configuración' y 'Conociendo a Yunohost' en la documentación del administrador: https://yunohost.org/admindoc." + "yunohost_postinstall_end_tip": "¡La post-instalación completada! Para finalizar su configuración, considere:\n - agregar un primer usuario a través de la sección 'Usuarios' del webadmin (o 'yunohost user create ' en la línea de comandos);\n - diagnostique problemas potenciales a través de la sección 'Diagnóstico' de webadmin (o 'ejecución de diagnóstico yunohost' en la línea de comandos);\n - leyendo las partes 'Finalizando su configuración' y 'Conociendo a Yunohost' en la documentación del administrador: https://yunohost.org/admindoc.", + "diagnosis_dns_point_to_doc": "Por favor, consulta la documentación en https://yunohost.org/dns_config si necesitas ayuda para configurar los registros DNS.", + "diagnosis_ip_global": "IP Global: {global}", + "diagnosis_mail_outgoing_port_25_ok": "El servidor de email SMTP puede mandar emails (puerto saliente 25 no está bloqueado).", + "diagnosis_mail_outgoing_port_25_blocked_details": "Deberías intentar desbloquear el puerto 25 saliente en la interfaz de tu router o en la interfaz de tu provedor de hosting. (Algunos hosting pueden necesitar que les abras un ticket de soporte para esto)." } From da7d0d0561d40e3535ded4b002337daa027b2663 Mon Sep 17 00:00:00 2001 From: xaloc33 Date: Fri, 8 May 2020 22:11:02 +0000 Subject: [PATCH 144/451] Translated using Weblate (Catalan) Currently translated at 98.3% (630 of 641 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/ca/ --- locales/ca.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/locales/ca.json b/locales/ca.json index e5174205d..234a32fe4 100644 --- a/locales/ca.json +++ b/locales/ca.json @@ -636,5 +636,7 @@ "diagnosis_mail_fcrdns_nok_details": "Hauríeu d'intentar configurar primer el DNS invers amb {ehlo_domain} en la interfície del router o en la interfície del vostre allotjador. (Alguns allotjadors requereixen que obris un informe de suport per això).", "diagnosis_mail_fcrdns_nok_alternatives_4": "Alguns proveïdors no permeten configurar el DNS invers (o aquesta funció pot no funcionar…). Si teniu problemes a causa d'això, considereu les solucions següents:
- Alguns proveïdors d'accés a internet (ISP) donen l'alternativa de utilitzar un relay de servidor de correu electrònic tot i que implica que el relay podrà espiar el trànsit de correus electrònics.
- Una alternativa respectuosa amb la privacitat és utilitzar una VPN *amb una IP pública dedicada* per sobrepassar aquest tipus de limitacions. Mireu https://yunohost.org/#/vpn_advantage
- Finalment, també es pot canviar de proveïdor", "diagnosis_mail_fcrdns_nok_alternatives_6": "Alguns proveïdors no permeten configurar el vostre DNS invers (o la funció no els hi funciona…). Si el vostre DNS invers està correctament configurat per IPv4, podeu intentar deshabilitar l'ús de IPv6 per a enviar correus electrònics utilitzant yunohost settings set smtp.allow_ipv6 -v off. Nota: aquesta última solució implica que no podreu enviar o rebre correus electrònics cap a els pocs servidors que hi ha que només tenen IPv-6.", - "diagnosis_http_hairpinning_issue_details": "Això és probablement a causa del router del vostre proveïdor d'accés a internet. El que fa, que gent de fora de la xarxa local pugui accedir al servidor sense problemes, però no la gent de dins la xarxa local (com vostè probablement) quan s'utilitza el nom de domini o la IP global. Podreu segurament millorar la situació fent una ullada a https://yunohost.org/dns_local_network" + "diagnosis_http_hairpinning_issue_details": "Això és probablement a causa del router del vostre proveïdor d'accés a internet. El que fa, que gent de fora de la xarxa local pugui accedir al servidor sense problemes, però no la gent de dins la xarxa local (com vostè probablement) quan s'utilitza el nom de domini o la IP global. Podreu segurament millorar la situació fent una ullada a https://yunohost.org/dns_local_network", + "backup_archive_cant_retrieve_info_json": "No s'ha pogut carregar la informació de l'arxiu «{archive}»… No s'ha pogut obtenir el fitxer info.json (o no és un fitxer json vàlid).", + "backup_archive_corrupted": "Sembla que l'arxiu de la còpia de seguretat «{archive}» està corromput : {error}" } From d3252a1739f4a097372c83a9444e60056705ac84 Mon Sep 17 00:00:00 2001 From: clecle226 Date: Thu, 7 May 2020 15:45:26 +0000 Subject: [PATCH 145/451] Translated using Weblate (French) Currently translated at 100.0% (641 of 641 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index e9402730d..bf5598f75 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -54,7 +54,7 @@ "domain_dyndns_already_subscribed": "Vous avez déjà souscris à un domaine DynDNS", "domain_dyndns_root_unknown": "Domaine DynDNS principal inconnu", "domain_exists": "Le domaine existe déjà", - "domain_uninstall_app_first": "Une ou plusieurs applications sont installées sur ce domaine. Veuillez d’abord les désinstaller avant de supprimer ce domaine", + "domain_uninstall_app_first": "Ces applications sont toujours installées sur votre domaine: {apps}. Veuillez d’abord les désinstaller avant de supprimer ce domaine", "domain_unknown": "Domaine inconnu", "done": "Terminé", "downloading": "Téléchargement en cours …", @@ -184,7 +184,7 @@ "mailbox_used_space_dovecot_down": "Le service de courriel Dovecot doit être démarré si vous souhaitez voir l’espace disque occupé par la messagerie", "domains_available": "Domaines disponibles :", "backup_archive_broken_link": "Impossible d’accéder à l’archive de sauvegarde (lien invalide vers {path:s})", - "certmanager_acme_not_configured_for_domain": "Le certificat du domaine {domain:s} ne semble pas être correctement installé. Veuillez d’abord exécuter cert-install.", + "certmanager_acme_not_configured_for_domain": "Le challenge ACME n'a pas pu être validé pour le domaine {domain} pour le moment car le code de la configuration nginx est manquant... Merci de vérifier que votre configuration nginx est à jour avec la commande: `yunohost tools regen-conf nginx --dry-run --with-diff`.", "certmanager_http_check_timeout": "Expiration du délai lorsque le serveur a essayé de se contacter lui-même via HTTP en utilisant l’adresse IP public {ip:s} du domaine {domain:s}. Vous rencontrez peut-être un problème d’hairpinning ou alors le pare-feu/routeur en amont de votre serveur est mal configuré.", "certmanager_couldnt_fetch_intermediate_cert": "Expiration du délai lors de la tentative de récupération du certificat intermédiaire depuis Let’s Encrypt. L’installation ou le renouvellement du certificat a été annulé. Veuillez réessayer plus tard.", "domain_hostname_failed": "Échec de l’utilisation d’un nouveau nom d’hôte. Cela pourrait causer des soucis plus tard (cela n’en causera peut-être pas).", @@ -637,5 +637,15 @@ "diagnosis_http_hairpinning_issue_details": "C'est probablement à cause de la box/routeur de votre fournisseur d'accès internet. Par conséquent, les personnes extérieures à votre réseau local pourront accéder à votre serveur comme prévu, mais pas les personnes internes au réseau local (comme vous, probablement ?) si elles utilisent le nom de domaine ou l'IP globale. Vous pourrez peut-être améliorer la situation en consultant https://yunohost.org/dns_local_network", "diagnosis_http_partially_unreachable": "Le domaine {domain} semble inaccessible en HTTP depuis l’extérieur du réseau local en IPv{failed}, bien qu’il fonctionne en IPv{passed}.", "diagnosis_http_nginx_conf_not_up_to_date": "La configuration Nginx de ce domaine semble avoir été modifiée manuellement et empêche YunoHost de diagnostiquer si elle est accessible en HTTP.", - "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d’accord, appliquez les modifications avec yunohost tools regen-conf nginx --force." + "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d’accord, appliquez les modifications avec yunohost tools regen-conf nginx --force.", + "backup_archive_cant_retrieve_info_json": "Impossible d'avoir des informations sur l'archive '{archive}' ... Le fichier info.json ne peut pas être trouvé (ou n'est pas un fichier json valide).", + "backup_archive_corrupted": "Il semble que l'archive de la sauvegarde '{archive}' est corrompue : {error}", + "diagnosis_ip_no_ipv6_tip": "L'utilisation de IPv6 n'est pas obligatoire pour le fonctionnement de votre serveur, mais cela permet un meilleur fonctionnement de l'internet dans son ensemble. IPv6 peut-être automatiquement configuré par votre système ou votre FAI s'il est disponible. Autrement, vous devrez prendre quelque minute pour le configurer manuellement comme il est écrit dans cette documentation: https://yunohost.org/#/ipv6. Si vous ne pouvez pas activer IPv6 ou si c'est trop technique pour vous, vous pouvez ignorer cet avertissement sans problème.", + "diagnosis_domain_expiration_not_found": "Impossible de vérifier la date d'expiration de certains domaines", + "diagnosis_domain_expiration_not_found_details": "Les informations WHOIS pour le domaine {domain} ne semblent pas contenir les informations concernant la date d'expiration ?", + "diagnosis_domain_not_found_details": "Le domaine {domain} n'existe pas dans la base de donnée WHOIS ou est expiré !", + "diagnosis_domain_expiration_success": "Vos domaines sont enregistrés et ne sont pas expirés prochainement.", + "diagnosis_domain_expiration_warning": "Certains domaines vont expirés prochainement !", + "diagnosis_domain_expiration_error": "Certains domaines vont expirés TRÈS PROCHAINEMENT !", + "diagnosis_domain_expires_in": "Le {domain} expire dans {days} jours." } From 1577d0e8439d2606134e8c373a5bc8680a644c2b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 20:35:33 +0200 Subject: [PATCH 146/451] Stupid spaces issues --- locales/eo.json | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/locales/eo.json b/locales/eo.json index 6fb758fd1..f093633a5 100644 --- a/locales/eo.json +++ b/locales/eo.json @@ -248,7 +248,7 @@ "ldap_init_failed_to_create_admin": "LDAP-iniciato ne povis krei administran uzanton", "backup_output_directory_required": "Vi devas provizi elirejan dosierujon por la sekurkopio", "tools_upgrade_cant_unhold_critical_packages": "Ne povis malŝalti kritikajn pakojn…", - "log_link_to_log": "Plena ŝtipo de ĉi tiu operacio: ' {desc} '", + "log_link_to_log": "Plena ŝtipo de ĉi tiu operacio: '{desc} '", "global_settings_cant_serialize_settings": "Ne eblis serialigi datumojn pri agordoj, motivo: {reason:s}", "backup_running_hooks": "Kurado de apogaj hokoj …", "certmanager_domain_unknown": "Nekonata domajno '{domain:s}'", @@ -351,7 +351,7 @@ "dyndns_ip_update_failed": "Ne povis ĝisdatigi IP-adreson al DynDNS", "migration_description_0004_php5_to_php7_pools": "Rekonfigu la PHP-naĝejojn por uzi PHP 7 anstataŭ 5", "ssowat_conf_updated": "SSOwat-agordo ĝisdatigita", - "log_link_to_failed_log": "Ne povis plenumi la operacion '{desc}'. Bonvolu provizi la plenan protokolon de ĉi tiu operacio per alklakante ĉi tie por akiri helpon", + "log_link_to_failed_log": "Ne povis plenumi la operacion '{desc}'. Bonvolu provizi la plenan protokolon de ĉi tiu operacio per alklakante ĉi tie por akiri helpon", "user_home_creation_failed": "Ne povis krei dosierujon \"home\" por uzanto", "pattern_backup_archive_name": "Devas esti valida dosiernomo kun maksimume 30 signoj, alfanombraj kaj -_. signoj nur", "restore_cleaning_failed": "Ne eblis purigi la adresaron de provizora restarigo", @@ -513,10 +513,10 @@ "diagnosis_display_tip_cli": "Vi povas aranĝi 'yunohost diagnosis show --issues' por aperigi la trovitajn problemojn.", "diagnosis_failed_for_category": "Diagnozo malsukcesis por kategorio '{category}': {error}", "app_upgrade_script_failed": "Eraro okazis en la skripto pri ĝisdatiga programo", - "diagnosis_diskusage_verylow": "Stokado {mountpoint} (sur aparato {device} ) nur restas {{free} ({free_percent}%) spaco restanta (el {total}). Vi vere konsideru purigi iom da spaco !", + "diagnosis_diskusage_verylow": "Stokado {mountpoint} (sur aparato {device} ) nur restas {free} ({free_percent}%) spaco restanta (el {total}). Vi vere konsideru purigi iom da spaco !", "diagnosis_ram_verylow": "La sistemo nur restas {available} ({available_percent}%) RAM! (el {total})", "diagnosis_mail_outgoing_port_25_blocked": "Eliranta haveno 25 ŝajnas esti blokita. Vi devas provi malŝlosi ĝin en via agorda panelo de provizanto (aŭ gastiganto). Dume la servilo ne povos sendi retpoŝtojn al aliaj serviloj.", - "diagnosis_http_bad_status_code": "Ĝi aspektas kiel alia maŝino (eble via interreta enkursigilo) respondita anstataŭ via servilo.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 80 (kaj 443) ne estas ĝuste senditaj al via servilo .
2. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", + "diagnosis_http_bad_status_code": "Ĝi aspektas kiel alia maŝino (eble via interreta enkursigilo) respondita anstataŭ via servilo.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 80 (kaj 443) ne estas ĝuste senditaj al via servilo .
2. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", "main_domain_changed": "La ĉefa domajno estis ŝanĝita", "yunohost_postinstall_end_tip": "La post-instalado finiĝis! Por fini vian agordon, bonvolu konsideri:\n - aldonado de unua uzanto tra la sekcio 'Uzantoj' de la retadreso (aŭ 'uzanto de yunohost kreu ' en komandlinio);\n - diagnozi eblajn problemojn per la sekcio 'Diagnozo' de la reteja administrado (aŭ 'diagnoza yunohost-ekzekuto' en komandlinio);\n - legante la partojn 'Finigi vian agordon' kaj 'Ekkoni Yunohost' en la administra dokumentado: https://yunohost.org/admindoc.", "migration_description_0014_remove_app_status_json": "Forigi heredajn dosierojn", @@ -526,21 +526,21 @@ "diagnosis_ip_no_ipv6": "La servilo ne havas funkciantan IPv6.", "diagnosis_ip_not_connected_at_all": "La servilo tute ne ŝajnas esti konektita al la Interreto !?", "diagnosis_ip_dnsresolution_working": "Rezolucio pri domajna nomo funkcias !", - "diagnosis_ip_weird_resolvconf": "DNS-rezolucio ŝajnas funkcii, sed ŝajnas ke vi uzas kutiman /etc/resolv.conf .", - "diagnosis_ip_weird_resolvconf_details": "La dosiero /etc/resolv.conf devas esti ligilo al /etc/resolvconf/run/resolv.conf indikante 127.0.0.1 (dnsmasq). Se vi volas permane agordi DNS-solvilojn, bonvolu redakti /etc/resolv.dnsmasq.conf .", + "diagnosis_ip_weird_resolvconf": "DNS-rezolucio ŝajnas funkcii, sed ŝajnas ke vi uzas kutiman /etc/resolv.conf .", + "diagnosis_ip_weird_resolvconf_details": "La dosiero /etc/resolv.conf devas esti ligilo al /etc/resolvconf/run/resolv.conf indikante 127.0.0.1 (dnsmasq). Se vi volas permane agordi DNS-solvilojn, bonvolu redakti /etc/resolv.dnsmasq.conf .", "diagnosis_dns_good_conf": "DNS-registroj estas ĝuste agorditaj por domajno {domain} (kategorio {category})", "diagnosis_dns_bad_conf": "Iuj DNS-registroj mankas aŭ malĝustas por domajno {domain} (kategorio {category})", "diagnosis_ram_ok": "La sistemo ankoraŭ havas {available} ({available_percent}%) RAM forlasita de {total}.", "diagnosis_swap_none": "La sistemo tute ne havas interŝanĝon. Vi devus pripensi aldoni almenaŭ {recommended} da interŝanĝo por eviti situaciojn en kiuj la sistemo restas sen memoro.", "diagnosis_swap_notsomuch": "La sistemo havas nur {total}-interŝanĝon. Vi konsideru havi almenaŭ {recommended} por eviti situaciojn en kiuj la sistemo restas sen memoro.", - "diagnosis_regenconf_manually_modified_details": "Ĉi tio probable estas bona, se vi scias, kion vi faras! YunoHost ĉesigos ĝisdatigi ĉi tiun dosieron aŭtomate ... Sed atentu, ke YunoHost-ĝisdatigoj povus enhavi gravajn rekomendajn ŝanĝojn. Se vi volas, vi povas inspekti la diferencojn per yyunohost tools regen-conf {category} --dry-run --with-diff kaj devigi la reset al la rekomendita agordo per yunohost tools regen-conf {category} --force", + "diagnosis_regenconf_manually_modified_details": "Ĉi tio probable estas bona, se vi scias, kion vi faras! YunoHost ĉesigos ĝisdatigi ĉi tiun dosieron aŭtomate ... Sed atentu, ke YunoHost-ĝisdatigoj povus enhavi gravajn rekomendajn ŝanĝojn. Se vi volas, vi povas inspekti la diferencojn per yyunohost tools regen-conf {category} --dry-run --with-diff kaj devigi la reset al la rekomendita agordo per yunohost tools regen-conf {category} --force", "diagnosis_regenconf_manually_modified_debian": "Agordodosiero {file} estis modifita permane kompare kun la defaŭlta Debian.", "diagnosis_regenconf_manually_modified_debian_details": "Ĉi tio probable estas bona, sed devas observi ĝin...", "diagnosis_security_all_good": "Neniu kritika sekureca vundebleco estis trovita.", "diagnosis_security_vulnerable_to_meltdown": "Vi ŝajnas vundebla al la kritiko-vundebleco de Meltdown", "diagnosis_no_cache": "Neniu diagnoza kaŝmemoro por kategorio '{category}'", "diagnosis_ip_broken_dnsresolution": "Rezolucio pri domajna nomo rompiĝas pro iu kialo... Ĉu fajroŝirmilo blokas DNS-petojn ?", - "diagnosis_ip_broken_resolvconf": "Rezolucio pri domajna nomo estas rompita en via servilo, kiu ŝajnas rilata al /etc/resolv.conf ne montrante al 127.0.0.1 .", + "diagnosis_ip_broken_resolvconf": "Rezolucio pri domajna nomo estas rompita en via servilo, kiu ŝajnas rilata al /etc/resolv.conf ne montrante al 127.0.0.1 .", "diagnosis_dns_missing_record": "Laŭ la rekomendita DNS-agordo, vi devas aldoni DNS-registron kun\ntipo: {type}\nnomo: {name}\nvaloro: {value}", "diagnosis_dns_discrepancy": "La DNS-registro kun tipo {type} kaj nomo {name} ne kongruas kun la rekomendita agordo.\nNuna valoro: {current}\nEsceptita valoro: {value}", "diagnosis_services_conf_broken": "Agordo estas rompita por servo {service} !", @@ -557,19 +557,19 @@ "diagnosis_description_security": "Sekurecaj kontroloj", "diagnosis_ports_could_not_diagnose": "Ne povis diagnozi, ĉu haveblaj havenoj de ekstere.", "diagnosis_ports_could_not_diagnose_details": "Eraro: {error}", - "diagnosis_services_bad_status_tip": "Vi povas provi rekomenci la servon , kaj se ĝi ne funkcias, rigardu La servaj registroj en reteja (el la komandlinio, vi povas fari tion per yunohost service restart {service} kaj yunohost service log {service} ).", + "diagnosis_services_bad_status_tip": "Vi povas provi rekomenci la servon , kaj se ĝi ne funkcias, rigardu La servaj registroj en reteja (el la komandlinio, vi povas fari tion per yunohost service restart {service} kajyunohost service log {service}).", "diagnosis_security_vulnerable_to_meltdown_details": "Por ripari tion, vi devas ĝisdatigi vian sistemon kaj rekomenci por ŝarĝi la novan linux-kernon (aŭ kontaktu vian servilan provizanton se ĉi tio ne funkcias). Vidu https://meltdownattack.com/ por pliaj informoj.", "diagnosis_description_basesystem": "Baza sistemo", "diagnosis_description_regenconf": "Sistemaj agordoj", "main_domain_change_failed": "Ne eblas ŝanĝi la ĉefan domajnon", "log_domain_main_domain": "Faru de '{}' la ĉefa domajno", - "diagnosis_http_timeout": "Tempolimigita dum provado kontakti vian servilon de ekstere. Ĝi ŝajnas esti neatingebla.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 80 (kaj 443) ne estas ĝuste senditaj al via servilo.
2. Vi ankaŭ devas certigi, ke la servo nginx funkcias
3. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", + "diagnosis_http_timeout": "Tempolimigita dum provado kontakti vian servilon de ekstere. Ĝi ŝajnas esti neatingebla.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 80 (kaj 443) ne estas ĝuste senditaj al via servilo.
2. Vi ankaŭ devas certigi, ke la servo nginx funkcias
3. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", "diagnosis_http_connection_error": "Rilata eraro: ne povis konektiĝi al la petita domajno, tre probable ĝi estas neatingebla.", "migration_description_0013_futureproof_apps_catalog_system": "Migru al la nova katalogosistemo pri estontecaj programoj", "diagnosis_ignored_issues": "(+ {nb_ignored} ignorataj aferoj))", "diagnosis_found_errors": "Trovis {errors} signifa(j) afero(j) rilata al {category}!", "diagnosis_found_errors_and_warnings": "Trovis {errors} signifaj problemo (j) (kaj {warnings} averto) rilataj al {category}!", - "diagnosis_diskusage_low": "Stokado {mountpoint} (sur aparato {device} ) nur restas {{free} ({free_percent}%) spaco restanta (el {total}). Estu zorgema.", + "diagnosis_diskusage_low": "Stokado {mountpoint} (sur aparato {device}) nur restas {free} ({free_percent}%) spaco restanta (el {total}). Estu zorgema.", "diagnosis_diskusage_ok": "Stokado {mountpoint} (sur aparato {device}) ankoraŭ restas {free} ({free_percent}%) spaco (el {total})!", "global_settings_setting_pop3_enabled": "Ebligu la protokolon POP3 por la poŝta servilo", "diagnosis_unknown_categories": "La jenaj kategorioj estas nekonataj: {categories}", @@ -599,29 +599,29 @@ "diagnosis_description_web": "Reta", "domain_cannot_add_xmpp_upload": "Vi ne povas aldoni domajnojn per 'xmpp-upload'. Ĉi tiu speco de nomo estas rezervita por la XMPP-alŝuta funkcio integrita en YunoHost.", "group_already_exist_on_system_but_removing_it": "Grupo {group} jam ekzistas en la sistemaj grupoj, sed YunoHost forigos ĝin …", - "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Iuj provizantoj ne lasos vin malŝlosi elirantan havenon 25 ĉar ili ne zorgas pri Neta Neŭtraleco.
- Iuj el ili provizas la alternativon de uzante retpoŝtan servilon kvankam ĝi implicas, ke la relajso povos spioni vian retpoŝtan trafikon.
- Amika privateco estas uzi VPN * kun dediĉita publika IP * por pretervidi ĉi tiun specon. de limoj. Vidu https://yunohost.org/#/vpn_avantage
- Vi ankaŭ povas konsideri ŝanĝi al pli neta neŭtraleco-amika provizanto ", + "diagnosis_mail_outgoing_port_25_blocked_relay_vpn": "Iuj provizantoj ne lasos vin malŝlosi elirantan havenon 25 ĉar ili ne zorgas pri Neta Neŭtraleco.
- Iuj el ili provizas la alternativon de uzante retpoŝtan servilon kvankam ĝi implicas, ke la relajso povos spioni vian retpoŝtan trafikon.
- Amika privateco estas uzi VPN * kun dediĉita publika IP * por pretervidi ĉi tiun specon. de limoj. Vidu https://yunohost.org/#/vpn_avantage
- Vi ankaŭ povas konsideri ŝanĝi al pli neta neŭtraleco-amika provizanto", "diagnosis_mail_fcrdns_nok_details": "Vi unue provu agordi la inversan DNS kun {ehlo_domain} en via interreta enkursigilo aŭ en via retprovizanta interfaco. (Iuj gastigantaj provizantoj eble postulas, ke vi sendu al ili subtenan bileton por ĉi tio).", - "diagnosis_mail_fcrdns_nok_alternatives_4": "Iuj provizantoj ne lasos vin agordi vian inversan DNS (aŭ ilia funkcio povus esti rompita ...). Se vi spertas problemojn pro tio, konsideru jenajn solvojn:
- Iuj ISP provizas la alternativon de uzante retpoŝtan servilon kvankam ĝi implicas, ke la relajso povos spioni vian retpoŝtan trafikon.
- Interreta privateco estas uzi VPN * kun dediĉita publika IP * por preterpasi ĉi tiajn limojn. Vidu https://yunohost.org/#/vpn_avantage
- Finfine eblas ankaŭ ŝanĝo de provizanto ", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Iuj provizantoj ne lasos vin agordi vian inversan DNS (aŭ ilia funkcio povus esti rompita ...). Se vi spertas problemojn pro tio, konsideru jenajn solvojn:
- Iuj ISP provizas la alternativon de uzante retpoŝtan servilon kvankam ĝi implicas, ke la relajso povos spioni vian retpoŝtan trafikon.
- Interreta privateco estas uzi VPN * kun dediĉita publika IP * por preterpasi ĉi tiajn limojn. Vidu https://yunohost.org/#/vpn_avantage
- Finfine eblas ankaŭ ŝanĝo de provizanto", "diagnosis_display_tip": "Por vidi la trovitajn problemojn, vi povas iri al la sekcio pri Diagnozo de la reteja administrado, aŭ funkcii \"yunohost diagnosis show --issues\" el la komandlinio.", - "diagnosis_ip_global": "Tutmonda IP: {global} ", - "diagnosis_ip_local": "Loka IP: {local} ", - "diagnosis_dns_point_to_doc": "Bonvolu kontroli la dokumentaron ĉe https://yunohost.org/dns_config se vi bezonas helpon pri agordo de DNS-registroj.", + "diagnosis_ip_global": "Tutmonda IP: {global} ", + "diagnosis_ip_local": "Loka IP: {local} ", + "diagnosis_dns_point_to_doc": "Bonvolu kontroli la dokumentaron ĉe https://yunohost.org/dns_config se vi bezonas helpon pri agordo de DNS-registroj.", "diagnosis_mail_outgoing_port_25_ok": "La SMTP-poŝta servilo kapablas sendi retpoŝtojn (eliranta haveno 25 ne estas blokita).", "diagnosis_mail_outgoing_port_25_blocked_details": "Vi unue provu malŝlosi elirantan havenon 25 en via interreta enkursigilo aŭ en via retprovizanta interfaco. (Iuj gastigantaj provizantoj eble postulas, ke vi sendu al ili subtenan bileton por ĉi tio).", "diagnosis_mail_ehlo_unreachable": "La SMTP-poŝta servilo estas neatingebla de ekstere sur IPv {ipversion}. Ĝi ne povos ricevi retpoŝtojn.", "diagnosis_mail_ehlo_ok": "La SMTP-poŝta servilo atingeblas de ekstere kaj tial kapablas ricevi retpoŝtojn !", - "diagnosis_mail_ehlo_unreachable_details": "Ne povis malfermi rilaton sur la haveno 25 al via servilo en IPv {ipversion}. Ĝi ŝajnas esti neatingebla.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 25 ne estas ĝuste sendita al via servilo .
2. Vi ankaŭ devas certigi, ke servo-prefikso funkcias.
3. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", + "diagnosis_mail_ehlo_unreachable_details": "Ne povis malfermi rilaton sur la haveno 25 al via servilo en IPv {ipversion}. Ĝi ŝajnas esti neatingebla.
1. La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 25 ne estas ĝuste sendita al via servilo .
2. Vi ankaŭ devas certigi, ke servo-prefikso funkcias.
3. Pri pli kompleksaj agordoj: certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", "diagnosis_mail_ehlo_bad_answer": "Ne-SMTP-servo respondita sur la haveno 25 sur IPv {ipversion}", "diagnosis_mail_ehlo_bad_answer_details": "Povas esti ke alia maŝino respondas anstataŭ via servilo.", "diagnosis_mail_ehlo_wrong": "Malsama SMTP-poŝta servilo respondas pri IPv {ipversion}. Via servilo probable ne povos ricevi retpoŝtojn.", - "diagnosis_mail_ehlo_wrong_details": "La EHLO ricevita de la fora diagnozilo en IPv {ipversion} diferencas de la domajno de via servilo.
Ricevita EHLO: {wrong_ehlo}
Atendita: {right_ehlo}
La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 25 ne estas ĝuste sendita al via servilo . Alternative, certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", + "diagnosis_mail_ehlo_wrong_details": "La EHLO ricevita de la fora diagnozilo en IPv {ipversion} diferencas de la domajno de via servilo.
Ricevita EHLO: {wrong_ehlo}
Atendita: {right_ehlo}
La plej ofta kaŭzo por ĉi tiu afero estas, ke la haveno 25 ne estas ĝuste sendita al via servilo . Alternative, certigu, ke neniu fajroŝirmilo aŭ reverso-prokuro ne interbatalas.", "diagnosis_mail_ehlo_could_not_diagnose": "Ne povis diagnozi ĉu postfiksa poŝta servilo atingebla de ekstere en IPv {ipversion}.", "diagnosis_mail_ehlo_could_not_diagnose_details": "Eraro: {error}", "diagnosis_mail_fcrdns_ok": "Via inversa DNS estas ĝuste agordita!", "diagnosis_mail_fcrdns_dns_missing": "Neniu inversa DNS estas difinita en IPv {ipversion}. Iuj retpoŝtoj povas malsukcesi liveri aŭ povus esti markitaj kiel spamo.", - "diagnosis_mail_fcrdns_nok_alternatives_6": "Iuj provizantoj ne lasos vin agordi vian inversan DNS (aŭ ilia funkcio povus esti rompita ...). Se via inversa DNS estas ĝuste agordita por IPv4, vi povas provi malebligi la uzon de IPv6 kiam vi sendas retpoŝtojn per funkciado yunohost-agordoj set smtp.allow_ipv6 -v off . Noto: ĉi tiu lasta solvo signifas, ke vi ne povos sendi aŭ ricevi retpoŝtojn de la malmultaj IPv6-nur serviloj tie.", + "diagnosis_mail_fcrdns_nok_alternatives_6": "Iuj provizantoj ne lasos vin agordi vian inversan DNS (aŭ ilia funkcio povus esti rompita ...). Se via inversa DNS estas ĝuste agordita por IPv4, vi povas provi malebligi la uzon de IPv6 kiam vi sendas retpoŝtojn per funkciado yunohost-agordoj set smtp.allow_ipv6 -v off . Noto: ĉi tiu lasta solvo signifas, ke vi ne povos sendi aŭ ricevi retpoŝtojn de la malmultaj IPv6-nur serviloj tie.", "diagnosis_mail_fcrdns_different_from_ehlo_domain": "La inversa DNS ne ĝuste agordis en IPv {ipversion}. Iuj retpoŝtoj povas malsukcesi liveri aŭ povus esti markitaj kiel spamo.", - "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "Aktuala reverso DNS: {rdns_domain}
Atendita valoro: {ehlo_domain}", + "diagnosis_mail_fcrdns_different_from_ehlo_domain_details": "Aktuala reverso DNS: {rdns_domain}
Atendita valoro: {ehlo_domain}", "diagnosis_mail_blacklist_ok": "La IP kaj domajnoj uzataj de ĉi tiu servilo ne ŝajnas esti listigitaj nigre", "diagnosis_mail_blacklist_listed_by": "Via IP aŭ domajno {item} estas listigita en {blacklist_name}", "diagnosis_mail_blacklist_reason": "La negra listo estas: {reason}", From 72d4460bb4af04edff1a3a10a2b6e35bb33917e8 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 20:39:50 +0200 Subject: [PATCH 147/451] Typo / wording / grammar ? --- locales/fr.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index bf5598f75..3f9c9ba8c 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -640,12 +640,12 @@ "diagnosis_http_nginx_conf_not_up_to_date_details": "Pour corriger la situation, inspectez la différence avec la ligne de commande en utilisant les outils yunohost regen-conf nginx --dry-run --with-diff et si vous êtes d’accord, appliquez les modifications avec yunohost tools regen-conf nginx --force.", "backup_archive_cant_retrieve_info_json": "Impossible d'avoir des informations sur l'archive '{archive}' ... Le fichier info.json ne peut pas être trouvé (ou n'est pas un fichier json valide).", "backup_archive_corrupted": "Il semble que l'archive de la sauvegarde '{archive}' est corrompue : {error}", - "diagnosis_ip_no_ipv6_tip": "L'utilisation de IPv6 n'est pas obligatoire pour le fonctionnement de votre serveur, mais cela permet un meilleur fonctionnement de l'internet dans son ensemble. IPv6 peut-être automatiquement configuré par votre système ou votre FAI s'il est disponible. Autrement, vous devrez prendre quelque minute pour le configurer manuellement comme il est écrit dans cette documentation: https://yunohost.org/#/ipv6. Si vous ne pouvez pas activer IPv6 ou si c'est trop technique pour vous, vous pouvez ignorer cet avertissement sans problème.", + "diagnosis_ip_no_ipv6_tip": "L'utilisation de IPv6 n'est pas obligatoire pour le fonctionnement de votre serveur, mais cela contribue à la santé d'Internet dans son ensemble. IPv6 généralement configuré automatiquement par votre système ou votre FAI s'il est disponible. Autrement, vous devrez prendre quelque minutes pour le configurer manuellement à l'aide de cette documentation: https://yunohost.org/#/ipv6. Si vous ne pouvez pas activer IPv6 ou si c'est trop technique pour vous, vous pouvez aussi ignorer cet avertissement sans que cela pose problème.", "diagnosis_domain_expiration_not_found": "Impossible de vérifier la date d'expiration de certains domaines", "diagnosis_domain_expiration_not_found_details": "Les informations WHOIS pour le domaine {domain} ne semblent pas contenir les informations concernant la date d'expiration ?", "diagnosis_domain_not_found_details": "Le domaine {domain} n'existe pas dans la base de donnée WHOIS ou est expiré !", - "diagnosis_domain_expiration_success": "Vos domaines sont enregistrés et ne sont pas expirés prochainement.", - "diagnosis_domain_expiration_warning": "Certains domaines vont expirés prochainement !", - "diagnosis_domain_expiration_error": "Certains domaines vont expirés TRÈS PROCHAINEMENT !", + "diagnosis_domain_expiration_success": "Vos domaines sont enregistrés et ne vont pas expirer prochainement.", + "diagnosis_domain_expiration_warning": "Certains domaines vont expirer prochainement !", + "diagnosis_domain_expiration_error": "Certains domaines vont expirer TRÈS PROCHAINEMENT !", "diagnosis_domain_expires_in": "Le {domain} expire dans {days} jours." } From f8154fe23ab6bcd2a373b0970e6f8a73a8484fbd Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 21:21:50 +0200 Subject: [PATCH 148/451] Update changelog for 3.8.4 --- debian/changelog | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/debian/changelog b/debian/changelog index 40109eff9..ed5a87aea 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +yunohost (3.8.4) testing; urgency=low + + - [fix] Restoration of custom hooks / missing restore hooks (#927) + - [enh] Real CSP headers for the webadmin (#961) + - [enh] Simplify / optimize reading version of yunohost packages... (#968) + - [fix] handle new auto restart of ldap in moulinette (#975) + - [enh] service.py cleanup + add tests for services (#979, #986) + - [fix] Enforce permissions for stuff in /etc/yunohost/ (#963) + - [mod] Remove security diagnosis category for now, Move meltdown check to base system (a799740a) + - [mod] Change warning/errors about swap as info instead ... add a tip about the fact that having swap on SD or SSD is dangerous (23147161) + - [enh] Improve auto diagnosis cron UX, add a --human-readable option to diagnosis_show() (aecbb14a) + - [enh] Rely on new diagnosis for letsencrypt elligibility (#985) + - [i18n] Translations updated for Catalan, Esperanto, French, Spanish + + Thanks to all contributors <3 ! (amirale qt, autra, Bram, clecle226, I. Hernández, Kay0u, xaloc33) + + -- Alexandre Aubin Sat, 09 May 2020 21:20:00 +0200 + yunohost (3.8.3) testing; urgency=low - [fix] Remove dot in reverse DNS check From c346f5f1df39ba0359079fa1878b357e2e9fb3df Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 9 May 2020 22:08:49 +0200 Subject: [PATCH 149/451] This file sometimes has stupid \x00 inside ~.~ --- data/hooks/diagnosis/00-basesystem.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/00-basesystem.py b/data/hooks/diagnosis/00-basesystem.py index dbb0ccf08..ec802c870 100644 --- a/data/hooks/diagnosis/00-basesystem.py +++ b/data/hooks/diagnosis/00-basesystem.py @@ -34,7 +34,7 @@ class BaseSystemDiagnoser(Diagnoser): # Also possibly the board name if os.path.exists("/proc/device-tree/model"): - model = read_file('/proc/device-tree/model').strip() + model = read_file('/proc/device-tree/model').strip().replace('\x00', '') hardware["data"]["model"] = model hardware["details"] = ["diagnosis_basesystem_hardware_board"] From 43facfd5b5dda727cf716a70861d11a7bcb6e551 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 May 2020 00:21:25 +0200 Subject: [PATCH 150/451] Again here, list.remove(foo) fails if foo ain't in list :[ --- src/yunohost/service.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 40a0fcc0b..cb40d03bc 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -418,7 +418,8 @@ def service_log(name, number=50): # Legacy stuff related to --log_type where we'll typically have the service # name in the log list but it's not an actual logfile. Nowadays journalctl # is automatically fetch as well as regular log files. - log_list.remove(name) + if name in log_list: + log_list.remove(name) result = {} From afbeb145b6081e180518af8e7670d3ef4e955fb5 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 May 2020 00:36:46 +0200 Subject: [PATCH 151/451] Make sure we have a list for log_list --- src/yunohost/service.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index cb40d03bc..fc6d6f951 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -415,6 +415,9 @@ def service_log(name, number=50): log_list = services[name].get('log', []) + if not isinstance(log_list, list): + log_list = [log_list] + # Legacy stuff related to --log_type where we'll typically have the service # name in the log list but it's not an actual logfile. Nowadays journalctl # is automatically fetch as well as regular log files. From b6631b4882b8d5ed883b33fda87a73d048c63274 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 May 2020 00:37:12 +0200 Subject: [PATCH 152/451] Add a test for service_log --- src/yunohost/tests/test_service.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/yunohost/tests/test_service.py b/src/yunohost/tests/test_service.py index d8660c1e5..e968ac0a7 100644 --- a/src/yunohost/tests/test_service.py +++ b/src/yunohost/tests/test_service.py @@ -1,8 +1,8 @@ import os -from conftest import message, raiseYunohostError +from conftest import raiseYunohostError -from yunohost.service import _get_services, _save_services, service_status, service_add, service_remove +from yunohost.service import _get_services, _save_services, service_status, service_add, service_remove, service_log def setup_function(function): @@ -42,6 +42,13 @@ def test_service_status_single(): assert status["status"] == "running" +def test_service_log(): + + logs = service_log("ssh") + assert "journalctl" in logs.keys() + assert "/var/log/auth.log" in logs.keys() + + def test_service_status_unknown_service(mocker): with raiseYunohostError(mocker, 'service_unknown'): From 2205515d352c716ceeaab594bb8812f7dee5ff83 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 May 2020 00:37:25 +0200 Subject: [PATCH 153/451] Add a dummy description to avoid warning --- src/yunohost/tests/test_service.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/yunohost/tests/test_service.py b/src/yunohost/tests/test_service.py index e968ac0a7..ffe3629c5 100644 --- a/src/yunohost/tests/test_service.py +++ b/src/yunohost/tests/test_service.py @@ -81,24 +81,23 @@ def test_service_remove_service_that_doesnt_exists(mocker): def test_service_update_to_add_properties(): - service_add("dummyservice", description="") + service_add("dummyservice", description="dummy") assert not _get_services()["dummyservice"].get("test_status") - service_add("dummyservice", description="", test_status="true") + service_add("dummyservice", description="dummy", test_status="true") assert _get_services()["dummyservice"].get("test_status") == "true" def test_service_update_to_change_properties(): - service_add("dummyservice", description="", test_status="false") + service_add("dummyservice", description="dummy", test_status="false") assert _get_services()["dummyservice"].get("test_status") == "false" - service_add("dummyservice", description="", test_status="true") + service_add("dummyservice", description="dummy", test_status="true") assert _get_services()["dummyservice"].get("test_status") == "true" def test_service_update_to_remove_properties(): - service_add("dummyservice", description="", test_status="false") + service_add("dummyservice", description="dummy", test_status="false") assert _get_services()["dummyservice"].get("test_status") == "false" - service_add("dummyservice", description="", test_status="") + service_add("dummyservice", description="dummy", test_status="") assert not _get_services()["dummyservice"].get("test_status") - From 429df8c43f938c29c6b368d2dac1ce9b1759af4f Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 May 2020 00:43:58 +0200 Subject: [PATCH 154/451] Ugh smaller treshold because people have exactly 500MB ... --- data/hooks/diagnosis/50-systemresources.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/50-systemresources.py b/data/hooks/diagnosis/50-systemresources.py index 50f69f9ed..682fb897f 100644 --- a/data/hooks/diagnosis/50-systemresources.py +++ b/data/hooks/diagnosis/50-systemresources.py @@ -47,7 +47,7 @@ class SystemResourcesDiagnoser(Diagnoser): if swap.total <= 1 * MB: item["status"] = "INFO" item["summary"] = "diagnosis_swap_none" - elif swap.total < 500 * MB: + elif swap.total < 450 * MB: item["status"] = "INFO" item["summary"] = "diagnosis_swap_notsomuch" else: From b0136bd1aa88c57d83e636119a470f0f92258fed Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 11 May 2020 00:51:01 +0200 Subject: [PATCH 155/451] Update changelog for 3.8.4.1 --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index ed5a87aea..139d390a5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +yunohost (3.8.4.1) testing; urgency=low + + - [mod] Tweak diagnosis threshold for swap warning (429df8c4) + - [fix] Make sure we have a list for log_list + make sure item is in list before using .remove()... (afbeb145, 43facfd5) + - [fix] Sometimes tree-model has a weird \x00 which breaks yunopaste (c346f5f1) + + -- Alexandre Aubin Mon, 11 May 2020 00:50:34 +0200 + yunohost (3.8.4) testing; urgency=low - [fix] Restoration of custom hooks / missing restore hooks (#927) From 7ccd6e1348321491ebcb2c6afec7be1de395e926 Mon Sep 17 00:00:00 2001 From: Julien Rabier Date: Mon, 11 May 2020 21:37:17 +0000 Subject: [PATCH 156/451] fix destination concurrency Hi, Postfix has this very peculiar behavior where the target of some config keys changes depending on the value. Here, if `smtp_destination_concurrency_limit` is set to 1, then according to http://www.postfix.org/postconf.5.html#default_destination_concurrency_limit it doesn't mean "1 concurrent mail per domain, but per recipiend address". So, if set to 1, it means we can send any volume of e-mails concurrently (with a 5s delay) if all recipient addresses are different. In order to avoid this, we should increase the value to restore the expected behavior (concurrency per domain, not per recipient). --- data/templates/postfix/main.cf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/templates/postfix/main.cf b/data/templates/postfix/main.cf index 61cbfa2e6..18e457a76 100644 --- a/data/templates/postfix/main.cf +++ b/data/templates/postfix/main.cf @@ -170,7 +170,7 @@ smtpd_milters = inet:localhost:11332 milter_default_action = accept # Avoid to send simultaneously too many emails -smtp_destination_concurrency_limit = 1 +smtp_destination_concurrency_limit = 2 default_destination_rate_delay = 5s # Avoid email adress scanning From 26fcfed7fb509828009ba5075e43fddb083818ad Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 13 May 2020 15:20:49 +0200 Subject: [PATCH 157/451] Only mention packages that couldn't be upgraded during failed apt upgrades --- src/yunohost/tools.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index abfc3b7af..790857f08 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -598,6 +598,8 @@ def tools_upgrade(operation_logger, apps=None, system=False): ) returncode = call_async_output(dist_upgrade, callbacks, shell=True) if returncode != 0: + upgradables = list(_list_upgradable_apt_packages()) + noncritical_packages_upgradable = [p["name"] for p in upgradables if p["name"] not in critical_packages] logger.warning(m18n.n('tools_upgrade_regular_packages_failed', packages_list=', '.join(noncritical_packages_upgradable))) operation_logger.error(m18n.n('packages_upgrade_failed')) From 4d734a27a0cc3f4c3bcf74df82c44435a83d63b7 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 13 May 2020 16:18:23 +0200 Subject: [PATCH 158/451] Forcing unicode creates issue with non-ascii strings or whatever.. --- src/yunohost/app.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 950d0b401..640556b68 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -550,7 +550,7 @@ def app_upgrade(app=[], url=None, file=None): # Something wrong happened in Yunohost's code (most probably hook_exec) except Exception: import traceback - error = m18n.n('unexpected_error', error=u"\n" + traceback.format_exc()) + error = m18n.n('unexpected_error', error="\n" + traceback.format_exc()) logger.error(m18n.n("app_install_failed", app=app_instance_name, error=error)) failure_message_with_debug_instructions = operation_logger.error(error) finally: @@ -805,7 +805,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu # Something wrong happened in Yunohost's code (most probably hook_exec) except Exception as e: import traceback - error = m18n.n('unexpected_error', error=u"\n" + traceback.format_exc()) + error = m18n.n('unexpected_error', error="\n" + traceback.format_exc()) logger.error(m18n.n("app_install_failed", app=app_id, error=error)) failure_message_with_debug_instructions = operation_logger.error(error) finally: @@ -853,7 +853,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu except (KeyboardInterrupt, EOFError, Exception): remove_retcode = -1 import traceback - logger.error(m18n.n('unexpected_error', error=u"\n" + traceback.format_exc())) + logger.error(m18n.n('unexpected_error', error="\n" + traceback.format_exc())) # Remove all permission in LDAP for permission_name in user_permission_list()["permissions"].keys(): @@ -1042,7 +1042,7 @@ def app_remove(operation_logger, app): except (KeyboardInterrupt, EOFError, Exception): ret = -1 import traceback - logger.error(m18n.n('unexpected_error', error=u"\n" + traceback.format_exc())) + logger.error(m18n.n('unexpected_error', error="\n" + traceback.format_exc())) if ret == 0: logger.success(m18n.n('app_removed', app=app)) From 09d8500fda26268610da5e6ce206fbfeb50c8061 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 13 May 2020 16:38:27 +0200 Subject: [PATCH 159/451] Also run dpkg --audit to check if dpkg is in a broken state --- src/yunohost/utils/packages.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/yunohost/utils/packages.py b/src/yunohost/utils/packages.py index 51e9ab71a..6e6a922f6 100644 --- a/src/yunohost/utils/packages.py +++ b/src/yunohost/utils/packages.py @@ -95,6 +95,8 @@ def ynh_packages_version(*args, **kwargs): def dpkg_is_broken(): + if check_output("dpkg --audit").strip() != "": + return True # If dpkg is broken, /var/lib/dpkg/updates # will contains files like 0001, 0002, ... # ref: https://sources.debian.org/src/apt/1.4.9/apt-pkg/deb/debsystem.cc/#L141-L174 From c6f184960c06b64a7cf0a44ac521a15931b45235 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 13 May 2020 16:59:59 +0200 Subject: [PATCH 160/451] We don't need to display hostname when fetching logs with journalctl --- src/yunohost/service.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index fc6d6f951..6a05c4d12 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -706,7 +706,7 @@ def _get_journalctl_logs(service, number="all"): services = _get_services() systemd_service = services.get(service, {}).get("actual_systemd_service", service) try: - return subprocess.check_output("journalctl -xn -u {0} -n{1}".format(systemd_service, number), shell=True) + return subprocess.check_output("journalctl --no-hostname -xn -u {0} -n{1}".format(systemd_service, number), shell=True) except: import traceback return "error while get services logs from journalctl:\n%s" % traceback.format_exc() From e67dc79197e5baf68b758b7bf9e7522a1b63381b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 14 May 2020 01:47:34 +0200 Subject: [PATCH 161/451] Add the damn short hostname to /etc/hosts automagically --- data/hooks/conf_regen/43-dnsmasq | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq index 8a2985f34..c28d65288 100755 --- a/data/hooks/conf_regen/43-dnsmasq +++ b/data/hooks/conf_regen/43-dnsmasq @@ -64,6 +64,11 @@ do_post_regen() { systemctl restart resolvconf fi + # Some stupid things like rabbitmq-server used by onlyoffice won't work if + # the *short* hostname doesn't exists in /etc/hosts -_- + short_hostname=$(hostname -s) + grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "127.0.0.1\t$short_hostname" >>/etc/hosts + [[ -z "$regen_conf_files" ]] \ || service dnsmasq restart } From 97199d19619804e0a330f781132bbe58e4bd6544 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 14 May 2020 03:25:24 +0200 Subject: [PATCH 162/451] Sometimes dpkg --configure -a ain't enough... --- locales/en.json | 4 ++-- locales/fr.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/locales/en.json b/locales/en.json index 6f2590e2f..25e5a500a 100644 --- a/locales/en.json +++ b/locales/en.json @@ -274,7 +274,7 @@ "domains_available": "Available domains:", "done": "Done", "downloading": "Downloading…", - "dpkg_is_broken": "You cannot do this right now because dpkg/APT (the system package managers) seems to be in a broken state… You can try to solve this issue by connecting through SSH and running `sudo dpkg --configure -a`.", + "dpkg_is_broken": "You cannot do this right now because dpkg/APT (the system package managers) seems to be in a broken state… You can try to solve this issue by connecting through SSH and running `sudo apt install --fix-broken` and/or `sudo dpkg --configure -a`.", "dpkg_lock_not_available": "This command can't be run right now because another program seems to be using the lock of dpkg (the system package manager)", "dyndns_could_not_check_provide": "Could not check if {provider:s} can provide {domain:s}.", "dyndns_could_not_check_available": "Could not check if {domain:s} is available on {provider:s}.", @@ -597,7 +597,7 @@ "ssowat_conf_updated": "SSOwat configuration updated", "system_upgraded": "System upgraded", "system_username_exists": "Username already exists in the list of system users", - "this_action_broke_dpkg": "This action broke dpkg/APT (the system package managers)… You can try to solve this issue by connecting through SSH and running `sudo dpkg --configure -a`.", + "this_action_broke_dpkg": "This action broke dpkg/APT (the system package managers)… You can try to solve this issue by connecting through SSH and running `sudo apt install --fix-broken` and/or `sudo dpkg --configure -a`.", "tools_upgrade_at_least_one": "Please specify '--apps', or '--system'", "tools_upgrade_cant_both": "Cannot upgrade both system and apps at the same time", "tools_upgrade_cant_hold_critical_packages": "Could not hold critical packages…", diff --git a/locales/fr.json b/locales/fr.json index 3f9c9ba8c..96d815b1a 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -364,7 +364,7 @@ "confirm_app_install_warning": "Avertissement : cette application peut fonctionner mais n’est pas bien intégrée dans YunoHost. Certaines fonctionnalités telles que l’authentification unique et la sauvegarde/restauration peuvent ne pas être disponibles. L’installer quand même ? [{answers:s}] ", "confirm_app_install_danger": "DANGER ! Cette application est connue pour être encore expérimentale (si elle ne fonctionne pas explicitement) ! Vous ne devriez probablement PAS l’installer à moins de savoir ce que vous faites. AUCUN SUPPORT ne sera fourni si cette application ne fonctionne pas ou casse votre système … Si vous êtes prêt à prendre ce risque de toute façon, tapez '{answers:s}'", "confirm_app_install_thirdparty": "DANGER! Cette application ne fait pas partie du catalogue d'applications de Yunohost. L'installation d'applications tierces peut compromettre l'intégrité et la sécurité de votre système. Vous ne devriez probablement PAS l'installer à moins de savoir ce que vous faites. AUCUN SUPPORT ne sera fourni si cette application ne fonctionne pas ou casse votre système ... Si vous êtes prêt à prendre ce risque de toute façon, tapez '{answers:s}'", - "dpkg_is_broken": "Vous ne pouvez pas faire ça maintenant car dpkg/apt (le gestionnaire de paquets du système) semble avoir laissé des choses non configurées. Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo dpkg --configure -a'.", + "dpkg_is_broken": "Vous ne pouvez pas faire ça maintenant car dpkg/apt (le gestionnaire de paquets du système) semble avoir laissé des choses non configurées. Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo apt install --fix-broken` et/ou `sudo dpkg --configure -a'.", "dyndns_could_not_check_available": "Impossible de vérifier si {domain:s} est disponible chez {provider:s}.", "file_does_not_exist": "Le fichier dont le chemin est {path:s} n’existe pas.", "global_settings_setting_security_password_admin_strength": "Qualité du mot de passe administrateur", @@ -390,7 +390,7 @@ "service_restarted": "Le service « {service:s} » a été redémarré", "service_reload_or_restart_failed": "Impossible de recharger ou de redémarrer le service '{service:s}'\n\nJournaux historisés récents de ce service : {logs:s}", "service_reloaded_or_restarted": "Le service « {service:s} » a été rechargé ou redémarré", - "this_action_broke_dpkg": "Cette action a laissé des paquets non configurés par dpkg/apt (les gestionnaires de paquets système). Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo dpkg --configure -a`.", + "this_action_broke_dpkg": "Cette action a laissé des paquets non configurés par dpkg/apt (les gestionnaires de paquets système). Vous pouvez essayer de résoudre ce problème en vous connectant via SSH et en exécutant `sudo apt install --fix-broken` et/ou `sudo dpkg --configure -a`.", "app_action_cannot_be_ran_because_required_services_down": "Ces services requis doivent être en cours d’exécution pour exécuter cette action : {services}. Essayez de les redémarrer pour continuer (et éventuellement rechercher pourquoi ils sont en panne).", "admin_password_too_long": "Veuillez choisir un mot de passe de moins de 127 caractères", "log_regen_conf": "Régénérer les configurations du système '{}'", From 65c87d55df2c0c12ed0effa3c6351d943dd5ea0c Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 14 May 2020 03:56:32 +0200 Subject: [PATCH 163/451] Try to not have weird warnings if no diagnosis ran yet... --- src/yunohost/certificate.py | 19 +++++++++---------- src/yunohost/diagnosis.py | 5 +++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/yunohost/certificate.py b/src/yunohost/certificate.py index 366f45462..4b5adb754 100644 --- a/src/yunohost/certificate.py +++ b/src/yunohost/certificate.py @@ -103,10 +103,16 @@ def certificate_status(domain_list, full=False): if not full: del status["subject"] del status["CA_name"] - del status["ACME_eligible"] status["CA_type"] = status["CA_type"]["verbose"] status["summary"] = status["summary"]["verbose"] + if full: + try: + _check_domain_is_ready_for_ACME(domain) + status["ACME_eligible"] = True + except: + status["ACME_eligible"] = False + del status["domain"] certificates[domain] = status @@ -700,12 +706,6 @@ def _get_status(domain): "verbose": "Unknown?", } - try: - _check_domain_is_ready_for_ACME(domain) - ACME_eligible = True - except: - ACME_eligible = False - return { "domain": domain, "subject": cert_subject, @@ -713,7 +713,6 @@ def _get_status(domain): "CA_type": CA_type, "validity": days_remaining, "summary": status_summary, - "ACME_eligible": ACME_eligible } # @@ -791,8 +790,8 @@ def _backup_current_cert(domain): def _check_domain_is_ready_for_ACME(domain): - dnsrecords = Diagnoser.get_cached_report("dnsrecords", item={"domain": domain, "category": "basic"}) or {} - httpreachable = Diagnoser.get_cached_report("web", item={"domain": domain}) or {} + dnsrecords = Diagnoser.get_cached_report("dnsrecords", item={"domain": domain, "category": "basic"}, warn_if_no_cache=False) or {} + httpreachable = Diagnoser.get_cached_report("web", item={"domain": domain}, warn_if_no_cache=False) or {} if not dnsrecords or not httpreachable: raise YunohostError('certmanager_domain_not_diagnosed_yet', domain=domain) diff --git a/src/yunohost/diagnosis.py b/src/yunohost/diagnosis.py index 806285f52..3f34f206e 100644 --- a/src/yunohost/diagnosis.py +++ b/src/yunohost/diagnosis.py @@ -427,10 +427,11 @@ class Diagnoser(): return os.path.join(DIAGNOSIS_CACHE, "%s.json" % id_) @staticmethod - def get_cached_report(id_, item=None): + def get_cached_report(id_, item=None, warn_if_no_cache=True): cache_file = Diagnoser.cache_file(id_) if not os.path.exists(cache_file): - logger.warning(m18n.n("diagnosis_no_cache", category=id_)) + if warn_if_no_cache: + logger.warning(m18n.n("diagnosis_no_cache", category=id_)) report = {"id": id_, "cached_for": -1, "timestamp": -1, From 9cbd368dca61d9ff9d707ead477d7ceadd271f51 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 14 May 2020 04:46:18 +0200 Subject: [PATCH 164/451] Tweak apt/dpkg options to avoid the shitload of lines about progress bar stuff in logs --- data/helpers.d/apt | 2 +- src/yunohost/tools.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 3b4b199d0..dcea0c976 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -96,7 +96,7 @@ ynh_package_version() { # Requires YunoHost version 2.4.0.3 or higher. ynh_apt() { ynh_wait_dpkg_free - LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get --assume-yes $@ + LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get --assume-yes --quiet -o=Dpkg::Use-Pty=0 $@ } # Update package index files diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index 790857f08..0e9d23e87 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -564,7 +564,7 @@ def tools_upgrade(operation_logger, apps=None, system=False): dist_upgrade = "DEBIAN_FRONTEND=noninteractive" dist_upgrade += " APT_LISTCHANGES_FRONTEND=none" dist_upgrade += " apt-get" - dist_upgrade += " --fix-broken --show-upgraded --assume-yes" + dist_upgrade += " --fix-broken --show-upgraded --assume-yes --quiet -o=Dpkg::Use-Pty=0" for conf_flag in ["old", "miss", "def"]: dist_upgrade += ' -o Dpkg::Options::="--force-conf{}"'.format(conf_flag) dist_upgrade += " dist-upgrade" From e140546092da3d6fd1e1220e2573f07df46a5865 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 14 May 2020 19:13:08 +0200 Subject: [PATCH 165/451] Hmgn need to make sure to write this on a new line --- data/hooks/conf_regen/43-dnsmasq | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hooks/conf_regen/43-dnsmasq b/data/hooks/conf_regen/43-dnsmasq index c28d65288..8cddec1be 100755 --- a/data/hooks/conf_regen/43-dnsmasq +++ b/data/hooks/conf_regen/43-dnsmasq @@ -67,7 +67,7 @@ do_post_regen() { # Some stupid things like rabbitmq-server used by onlyoffice won't work if # the *short* hostname doesn't exists in /etc/hosts -_- short_hostname=$(hostname -s) - grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "127.0.0.1\t$short_hostname" >>/etc/hosts + grep -q "127.0.0.1.*$short_hostname" /etc/hosts || echo -e "\n127.0.0.1\t$short_hostname" >>/etc/hosts [[ -z "$regen_conf_files" ]] \ || service dnsmasq restart From 4cd4938eb4dfdc7b204444d4903dce957ad23d8f Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Thu, 14 May 2020 19:32:45 +0200 Subject: [PATCH 166/451] Change logic of --email to avoid sending empty mail is some issues are found but ignored --- src/yunohost/diagnosis.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/yunohost/diagnosis.py b/src/yunohost/diagnosis.py index 3f34f206e..4fad86ffd 100644 --- a/src/yunohost/diagnosis.py +++ b/src/yunohost/diagnosis.py @@ -183,11 +183,10 @@ def diagnosis_run(categories=[], force=False, except_if_never_ran_yet=False, ema if report != {}: issues.extend([item for item in report["items"] if item["status"] in ["WARNING", "ERROR"]]) - if issues: - if email: - _email_diagnosis_issues() - elif msettings.get("interface") == "cli": - logger.warning(m18n.n("diagnosis_display_tip")) + if email: + _email_diagnosis_issues() + if issues and msettings.get("interface") == "cli": + logger.warning(m18n.n("diagnosis_display_tip")) def diagnosis_ignore(add_filter=None, remove_filter=None, list=False): @@ -565,7 +564,11 @@ def _email_diagnosis_issues(): disclaimer = "The automatic diagnosis on your YunoHost server identified some issues on your server. You will find a description of the issues below. You can manage those issues in the 'Diagnosis' section in your webadmin." - content = _dump_human_readable_reports(diagnosis_show(issues=True)["reports"]) + issues = diagnosis_show(issues=True)["reports"] + if not issues: + return + + content = _dump_human_readable_reports(issues) message = """\ From: %s @@ -579,9 +582,6 @@ Subject: %s %s """ % (from_, to_, subject_, disclaimer, content) - print(message) - smtp = smtplib.SMTP("localhost") smtp.sendmail(from_, [to_], message) smtp.quit() - From 757cef32b33f749e3bceba060ef4a25b4392bdd8 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Thu, 14 May 2020 21:30:00 +0200 Subject: [PATCH 167/451] [mod] remove unused import --- src/yunohost/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 640556b68..c8e37d787 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2389,7 +2389,7 @@ def _parse_args_in_yunohost_format(args, action_args): """Parse arguments store in either manifest.json or actions.json """ from yunohost.domain import domain_list, _get_maindomain - from yunohost.user import user_info, user_list + from yunohost.user import user_list args_dict = OrderedDict() From c600b3b53e0ef45aa6fc8e546964f684b8d3d4de Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Fri, 15 May 2020 03:23:12 +0200 Subject: [PATCH 168/451] [mod] rename everything in _parse_args_in_yunohost_format because I'm too old and too tired for shitty variable name, also docstring --- src/yunohost/app.py | 142 +++++++++++++++++++++++--------------------- 1 file changed, 75 insertions(+), 67 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index c8e37d787..300fbcc81 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -2385,126 +2385,134 @@ def _parse_args_for_action(action, args={}): return _parse_args_in_yunohost_format(args, action_args) -def _parse_args_in_yunohost_format(args, action_args): - """Parse arguments store in either manifest.json or actions.json +def _parse_args_in_yunohost_format(user_answers, argument_questions): + """Parse arguments store in either manifest.json or actions.json or from a + config panel against the user answers when they are present. + + Keyword arguments: + user_answers -- a dictionnary of arguments from the user (generally + empty in CLI, filed from the admin interface) + argument_questions -- the arguments description store in yunohost + format from actions.json/toml, manifest.json/toml + or config_panel.json/toml """ from yunohost.domain import domain_list, _get_maindomain from yunohost.user import user_list - args_dict = OrderedDict() + parsed_answers_dict = OrderedDict() - for arg in action_args: - arg_name = arg['name'] - arg_type = arg.get('type', 'string') - arg_default = arg.get('default', None) - arg_choices = arg.get('choices', []) - arg_value = None + for question in argument_questions: + question_name = question['name'] + question_type = question.get('type', 'string') + question_default = question.get('default', None) + question_choices = question.get('choices', []) + question_value = None # Transpose default value for boolean type and set it to # false if not defined. - if arg_type == 'boolean': - arg_default = 1 if arg_default else 0 + if question_type == 'boolean': + question_default = 1 if question_default else 0 # do not print for webadmin - if arg_type == 'display_text' and msettings.get('interface') != 'api': - print(_value_for_locale(arg['ask'])) + if question_type == 'display_text' and msettings.get('interface') != 'api': + print(_value_for_locale(question['ask'])) continue # Attempt to retrieve argument value - if arg_name in args: - arg_value = args[arg_name] + if question_name in user_answers: + question_value = user_answers[question_name] else: - if 'ask' in arg: + if 'ask' in question: # Retrieve proper ask string - ask_string = _value_for_locale(arg['ask']) + text_for_user_input_in_cli = _value_for_locale(question['ask']) # Append extra strings - if arg_type == 'boolean': - ask_string += ' [yes | no]' - elif arg_choices: - ask_string += ' [{0}]'.format(' | '.join(arg_choices)) + if question_type == 'boolean': + text_for_user_input_in_cli += ' [yes | no]' + elif question_choices: + text_for_user_input_in_cli += ' [{0}]'.format(' | '.join(question_choices)) - if arg_default is not None: - if arg_type == 'boolean': - ask_string += ' (default: {0})'.format("yes" if arg_default == 1 else "no") + if question_default is not None: + if question_type == 'boolean': + text_for_user_input_in_cli += ' (default: {0})'.format("yes" if question_default == 1 else "no") else: - ask_string += ' (default: {0})'.format(arg_default) + text_for_user_input_in_cli += ' (default: {0})'.format(question_default) # Check for a password argument - is_password = True if arg_type == 'password' else False + is_password = True if question_type == 'password' else False - if arg_type == 'domain': - arg_default = _get_maindomain() - ask_string += ' (default: {0})'.format(arg_default) + if question_type == 'domain': + question_default = _get_maindomain() + text_for_user_input_in_cli += ' (default: {0})'.format(question_default) msignals.display(m18n.n('domains_available')) for domain in domain_list()['domains']: msignals.display("- {}".format(domain)) - elif arg_type == 'user': + elif question_type == 'user': msignals.display(m18n.n('users_available')) for user in user_list()['users'].keys(): msignals.display("- {}".format(user)) - elif arg_type == 'password': + elif question_type == 'password': msignals.display(m18n.n('good_practices_about_user_password')) try: - input_string = msignals.prompt(ask_string, is_password) + input_string = msignals.prompt(text_for_user_input_in_cli, is_password) except NotImplementedError: input_string = None if (input_string == '' or input_string is None) \ - and arg_default is not None: - arg_value = arg_default + and question_default is not None: + question_value = question_default else: - arg_value = input_string - elif arg_default is not None: - arg_value = arg_default + question_value = input_string + elif question_default is not None: + question_value = question_default # If the value is empty (none or '') - # then check if arg is optional or not - if arg_value is None or arg_value == '': - if arg.get("optional", False): + # then check if question is optional or not + if question_value is None or question_value == '': + if question.get("optional", False): # Argument is optional, keep an empty value - # and that's all for this arg ! - args_dict[arg_name] = ('', arg_type) + # and that's all for this question! + parsed_answers_dict[question_name] = ('', question_type) continue else: # The argument is required ! - raise YunohostError('app_argument_required', name=arg_name) + raise YunohostError('app_argument_required', name=question_name) # Validate argument choice - if arg_choices and arg_value not in arg_choices: - raise YunohostError('app_argument_choice_invalid', name=arg_name, choices=', '.join(arg_choices)) + if question_choices and question_value not in question_choices: + raise YunohostError('app_argument_choice_invalid', name=question_name, choices=', '.join(question_choices)) # Validate argument type - if arg_type == 'domain': - if arg_value not in domain_list()['domains']: - raise YunohostError('app_argument_invalid', name=arg_name, error=m18n.n('domain_unknown')) - elif arg_type == 'user': - if not arg_value in user_list()["users"].keys(): - raise YunohostError('app_argument_invalid', name=arg_name, error=m18n.n('user_unknown', user=arg_value)) - elif arg_type == 'app': - if not _is_installed(arg_value): - raise YunohostError('app_argument_invalid', name=arg_name, error=m18n.n('app_unknown')) - elif arg_type == 'boolean': - if isinstance(arg_value, bool): - arg_value = 1 if arg_value else 0 + if question_type == 'domain': + if question_value not in domain_list()['domains']: + raise YunohostError('app_argument_invalid', name=question_name, error=m18n.n('domain_unknown')) + elif question_type == 'user': + if question_value not in user_list()["users"].keys(): + raise YunohostError('app_argument_invalid', name=question_name, error=m18n.n('user_unknown', user=question_value)) + elif question_type == 'app': + if not _is_installed(question_value): + raise YunohostError('app_argument_invalid', name=question_name, error=m18n.n('app_unknown')) + elif question_type == 'boolean': + if isinstance(question_value, bool): + question_value = 1 if question_value else 0 else: - if str(arg_value).lower() in ["1", "yes", "y"]: - arg_value = 1 - elif str(arg_value).lower() in ["0", "no", "n"]: - arg_value = 0 + if str(question_value).lower() in ["1", "yes", "y"]: + question_value = 1 + elif str(question_value).lower() in ["0", "no", "n"]: + question_value = 0 else: - raise YunohostError('app_argument_choice_invalid', name=arg_name, choices='yes, no, y, n, 1, 0') - elif arg_type == 'password': + raise YunohostError('app_argument_choice_invalid', name=question_name, choices='yes, no, y, n, 1, 0') + elif question_type == 'password': forbidden_chars = "{}" - if any(char in arg_value for char in forbidden_chars): + if any(char in question_value for char in forbidden_chars): raise YunohostError('pattern_password_app', forbidden_chars=forbidden_chars) from yunohost.utils.password import assert_password_is_strong_enough - assert_password_is_strong_enough('user', arg_value) - args_dict[arg_name] = (arg_value, arg_type) + assert_password_is_strong_enough('user', question_value) + parsed_answers_dict[question_name] = (question_value, question_type) - return args_dict + return parsed_answers_dict def _validate_and_normalize_webpath(manifest, args_dict, app_folder): From 5850bf610fcf7a4e928eed56db55d12b58f8f5b4 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 15 May 2020 04:00:58 +0200 Subject: [PATCH 169/451] Get rid of those damn warnings about file descriptors --- src/yunohost/hook.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/yunohost/hook.py b/src/yunohost/hook.py index 40d3d114f..dbfd7eceb 100644 --- a/src/yunohost/hook.py +++ b/src/yunohost/hook.py @@ -323,8 +323,8 @@ def hook_exec(path, args=None, raise_on_error=False, no_trace=False, # Define output loggers and call command loggers = ( - lambda l: logger.debug(l.rstrip()+"\r"), - lambda l: logger.warning(l.rstrip()), + lambda l: logger.debug(l.rstrip() + "\r"), + lambda l: logger.warning(l.rstrip()) if "invalid value for trace file descriptor" not in l.rstrip() else logger.debug(l.rstrip()), lambda l: logger.info(l.rstrip()) ) From 413778d2bce74d51e4274cff4eecdb4713d60e19 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 15 May 2020 04:23:58 +0200 Subject: [PATCH 170/451] Check if app broke something important only if install succeeded (if install fails, this check only matters *after* we remove the app which is already done) --- src/yunohost/app.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index c8e37d787..a2ab5a25e 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -809,15 +809,15 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu logger.error(m18n.n("app_install_failed", app=app_id, error=error)) failure_message_with_debug_instructions = operation_logger.error(error) finally: - # Whatever happened (install success or failure) we check if it broke the system - # and warn the user about it - try: - broke_the_system = False - _assert_system_is_sane_for_app(manifest, "post") - except Exception as e: - broke_the_system = True - logger.error(m18n.n("app_install_failed", app=app_id, error=str(e))) - failure_message_with_debug_instructions = operation_logger.error(str(e)) + # If success so far, validate that app didn't break important stuff + if not install_failed: + try: + broke_the_system = False + _assert_system_is_sane_for_app(manifest, "post") + except Exception as e: + broke_the_system = True + logger.error(m18n.n("app_install_failed", app=app_id, error=str(e))) + failure_message_with_debug_instructions = operation_logger.error(str(e)) # If the install failed or broke the system, we remove it if install_failed or broke_the_system: From fd358fdfcc38c35d7c2e09161e36b16c746125c9 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Fri, 15 May 2020 05:21:36 +0200 Subject: [PATCH 171/451] [enh] start writting test for arguments parsing --- .../tests/test_apps_arguments_parsing.py | 109 ++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 src/yunohost/tests/test_apps_arguments_parsing.py diff --git a/src/yunohost/tests/test_apps_arguments_parsing.py b/src/yunohost/tests/test_apps_arguments_parsing.py new file mode 100644 index 000000000..8fe3d7728 --- /dev/null +++ b/src/yunohost/tests/test_apps_arguments_parsing.py @@ -0,0 +1,109 @@ +import pytest +from collections import OrderedDict +from mock import patch + +from moulinette import msignals + +from yunohost.app import _parse_args_in_yunohost_format +from yunohost.utils.error import YunohostError + + +""" +Argument default format: +{ + "name": "the_name", + "type": "one_of_the_available_type", // "sting" is not specified + "ask": { + "en": "the question in english", + "fr": "the question in french" + }, + "help": { + "en": "some help text in english", + "fr": "some help text in french" + }, + "example": "an example value", // optional + "default", "some stuff", // optional, not available for all types + "optional": true // optional, will skip if not answered +} + +User answers: +{"name": "value", ...} +""" + + +def test_parse_args_in_yunohost_format_empty(): + assert _parse_args_in_yunohost_format({}, []) == {} + + +def test_parse_args_in_yunohost_format_string(): + questions = [{ + "name": "some_string", + "type": "string", + }] + answers = {"some_string": "some_value"} + expected_result = OrderedDict({"some_string": ("some_value", "string")}) + assert _parse_args_in_yunohost_format(answers, questions) == expected_result + + +def test_parse_args_in_yunohost_format_string_default_type(): + questions = [{ + "name": "some_string", + }] + answers = {"some_string": "some_value"} + expected_result = OrderedDict({"some_string": ("some_value", "string")}) + assert _parse_args_in_yunohost_format(answers, questions) == expected_result + + +def test_parse_args_in_yunohost_format_string_no_input(): + questions = [{ + "name": "some_string", + }] + answers = {} + + with pytest.raises(YunohostError): + _parse_args_in_yunohost_format(answers, questions) + + +def test_parse_args_in_yunohost_format_string_input(): + questions = [{ + "name": "some_string", + "ask": "some question", + }] + answers = {} + expected_result = OrderedDict({"some_string": ("some_value", "string")}) + + with patch.object(msignals, "prompt", return_value="some_value"): + assert _parse_args_in_yunohost_format(answers, questions) == expected_result + + +@pytest.mark.skip # that shit should work x( +def test_parse_args_in_yunohost_format_string_input_no_ask(): + questions = [{ + "name": "some_string", + }] + answers = {} + expected_result = OrderedDict({"some_string": ("some_value", "string")}) + + with patch.object(msignals, "prompt", return_value="some_value"): + assert _parse_args_in_yunohost_format(answers, questions) == expected_result + + +def test_parse_args_in_yunohost_format_string_no_input_optional(): + questions = [{ + "name": "some_string", + "optional": True, + }] + answers = {} + expected_result = OrderedDict({"some_string": ("", "string")}) + assert _parse_args_in_yunohost_format(answers, questions) == expected_result + + +def test_parse_args_in_yunohost_format_string_no_input_default(): + questions = [{ + "name": "some_string", + "ask": "some question", + "default": "some_value", + }] + answers = {} + expected_result = OrderedDict({"some_string": ("some_value", "string")}) + assert _parse_args_in_yunohost_format(answers, questions) == expected_result From c9b2213817a9da286f9014672d229f14ea83fc5a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 15 May 2020 17:06:24 +0200 Subject: [PATCH 172/451] Don't miserably crash if doveadm fails to run --- src/yunohost/user.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/yunohost/user.py b/src/yunohost/user.py index 282ec8407..7f8f2dc35 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -467,9 +467,14 @@ def user_info(username): elif username not in user_permission_list(full=True)["permissions"]["mail.main"]["corresponding_users"]: logger.warning(m18n.n('mailbox_disabled', user=username)) else: - cmd = 'doveadm -f flow quota get -u %s' % user['uid'][0] - cmd_result = subprocess.check_output(cmd, stderr=subprocess.STDOUT, - shell=True) + try: + cmd = 'doveadm -f flow quota get -u %s' % user['uid'][0] + cmd_result = subprocess.check_output(cmd, stderr=subprocess.STDOUT, + shell=True) + except Exception as e: + cmd_result = "" + logger.warning("Failed to fetch quota info ... : %s " % str(e)) + # Exemple of return value for cmd: # """Quota name=User quota Type=STORAGE Value=0 Limit=- %=0 # Quota name=User quota Type=MESSAGE Value=0 Limit=- %=0""" From dd09758fb55eaff4e3cc79dc413a837f549d132b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 15 May 2020 23:40:41 +0200 Subject: [PATCH 173/451] Report the service status as unknown if service type is oneshot and status exited --- src/yunohost/service.py | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 6a05c4d12..d236de020 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -85,7 +85,7 @@ def service_add(name, description=None, log=None, log_type=None, test_status=Non # systemd will anyway return foo.service as default value, so we wanna # make sure there's actually something here. if out == name + ".service": - logger.warning("/!\\ Packager ! You added a custom service without specifying a description. Please add a proper Description in the systemd configuration, or use --description to explain what the service does in a similar fashion to existing services.") + logger.warning("/!\\ Packagers! You added a custom service without specifying a description. Please add a proper Description in the systemd configuration, or use --description to explain what the service does in a similar fashion to existing services.") else: service['description'] = out @@ -94,6 +94,8 @@ def service_add(name, description=None, log=None, log_type=None, test_status=Non if test_status: service["test_status"] = test_status + elif subprocess.check_output("systemctl show %s | grep '^Type='" % name, shell=True).strip() == "oneshot": + logger.warning("/!\\ Packagers! Please provide a --test_status when adding oneshot-type services in Yunohost, such that it has a reliable way to check if the service is running or not.") if test_conf: service["test_conf"] = test_conf @@ -300,9 +302,9 @@ def service_status(names=[]): continue systemd_service = infos.get("actual_systemd_service", name) - status = _get_service_information_from_systemd(systemd_service) + raw_status, raw_service = _get_service_information_from_systemd(systemd_service) - if status is None: + if raw_status is None: logger.error("Failed to get status information via dbus for service %s, systemctl didn't recognize this service ('NoSuchUnit')." % systemd_service) result[name] = { 'status': "unknown", @@ -322,11 +324,11 @@ def service_status(names=[]): # that's the only way to test for that for now # if we don't have it, uses the one provided by systemd if description == translation_key: - description = str(status.get("Description", "")) + description = str(raw_status.get("Description", "")) result[name] = { - 'status': str(status.get("SubState", "unknown")), - 'start_on_boot': str(status.get("UnitFileState", "unknown")), + 'status': str(raw_status.get("SubState", "unknown")), + 'start_on_boot': str(raw_status.get("UnitFileState", "unknown")), 'last_state_change': "unknown", 'description': description, 'configuration': "unknown", @@ -339,8 +341,8 @@ def service_status(names=[]): elif os.path.exists("/etc/systemd/system/multi-user.target.wants/%s.service" % name): result[name]["start_on_boot"] = "enabled" - if "StateChangeTimestamp" in status: - result[name]['last_state_change'] = datetime.utcfromtimestamp(status["StateChangeTimestamp"] / 1000000) + if "StateChangeTimestamp" in raw_status: + result[name]['last_state_change'] = datetime.utcfromtimestamp(raw_status["StateChangeTimestamp"] / 1000000) # 'test_status' is an optional field to test the status of the service using a custom command if "test_status" in infos: @@ -353,6 +355,12 @@ def service_status(names=[]): p.communicate() result[name]["status"] = "running" if p.returncode == 0 else "failed" + elif raw_service.get("Type", "").lower() == "oneshot" and result[name]["status"] == "exited": + # These are services like yunohost-firewall, hotspot, vpnclient, + # ... they will be "exited" why doesn't provide any info about + # the real state of the service (unless they did provide a + # test_status, c.f. previous condition) + result[name]["status"] = "unknown" # 'test_status' is an optional field to test the status of the service using a custom command if "test_conf" in infos: @@ -389,13 +397,14 @@ def _get_service_information_from_systemd(service): service_proxy = d.get_object('org.freedesktop.systemd1', str(service_unit)) properties_interface = dbus.Interface(service_proxy, 'org.freedesktop.DBus.Properties') - properties = properties_interface.GetAll('org.freedesktop.systemd1.Unit') + unit = properties_interface.GetAll('org.freedesktop.systemd1.Unit') + service = properties_interface.GetAll('org.freedesktop.systemd1.Service') - if properties.get("LoadState", "not-found") == "not-found": + if unit.get("LoadState", "not-found") == "not-found": # Service doesn't really exist - return None + return (None, None) else: - return properties + return (unit, service) def service_log(name, number=50): From 1244241b3fa36b6041c901f70aef4c7d14d7ae57 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Fri, 15 May 2020 23:56:51 +0200 Subject: [PATCH 174/451] Have an independant function for building the service status --- src/yunohost/service.py | 156 +++++++++++++++++++++------------------- 1 file changed, 81 insertions(+), 75 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index d236de020..ddf34c9d0 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -301,81 +301,7 @@ def service_status(names=[]): if infos.get("status", "") is None: continue - systemd_service = infos.get("actual_systemd_service", name) - raw_status, raw_service = _get_service_information_from_systemd(systemd_service) - - if raw_status is None: - logger.error("Failed to get status information via dbus for service %s, systemctl didn't recognize this service ('NoSuchUnit')." % systemd_service) - result[name] = { - 'status': "unknown", - 'start_on_boot': "unknown", - 'last_state_change': "unknown", - 'description': "Error: failed to get information for this service, it doesn't exists for systemd", - 'configuration': "unknown", - } - - else: - translation_key = "service_description_%s" % name - description = infos.get("description") - if not description: - description = m18n.n(translation_key) - - # that mean that we don't have a translation for this string - # that's the only way to test for that for now - # if we don't have it, uses the one provided by systemd - if description == translation_key: - description = str(raw_status.get("Description", "")) - - result[name] = { - 'status': str(raw_status.get("SubState", "unknown")), - 'start_on_boot': str(raw_status.get("UnitFileState", "unknown")), - 'last_state_change': "unknown", - 'description': description, - 'configuration': "unknown", - } - - # Fun stuff™ : to obtain the enabled/disabled status for sysv services, - # gotta do this ... cf code of /lib/systemd/systemd-sysv-install - if result[name]["start_on_boot"] == "generated": - result[name]["start_on_boot"] = "enabled" if glob("/etc/rc[S5].d/S??" + name) else "disabled" - elif os.path.exists("/etc/systemd/system/multi-user.target.wants/%s.service" % name): - result[name]["start_on_boot"] = "enabled" - - if "StateChangeTimestamp" in raw_status: - result[name]['last_state_change'] = datetime.utcfromtimestamp(raw_status["StateChangeTimestamp"] / 1000000) - - # 'test_status' is an optional field to test the status of the service using a custom command - if "test_status" in infos: - p = subprocess.Popen(infos["test_status"], - shell=True, - executable='/bin/bash', - stdout=subprocess.PIPE, - stderr=subprocess.STDOUT) - - p.communicate() - - result[name]["status"] = "running" if p.returncode == 0 else "failed" - elif raw_service.get("Type", "").lower() == "oneshot" and result[name]["status"] == "exited": - # These are services like yunohost-firewall, hotspot, vpnclient, - # ... they will be "exited" why doesn't provide any info about - # the real state of the service (unless they did provide a - # test_status, c.f. previous condition) - result[name]["status"] = "unknown" - - # 'test_status' is an optional field to test the status of the service using a custom command - if "test_conf" in infos: - p = subprocess.Popen(infos["test_conf"], - shell=True, - executable='/bin/bash', - stdout=subprocess.PIPE, - stderr=subprocess.STDOUT) - - out, _ = p.communicate() - if p.returncode == 0: - result[name]["configuration"] = "valid" - else: - result[name]["configuration"] = "broken" - result[name]["configuration-details"] = out.strip().split("\n") + result[name] = _get_and_format_service_status(name, infos) if len(names) == 1: return result[names[0]] @@ -407,6 +333,86 @@ def _get_service_information_from_systemd(service): return (unit, service) +def _get_and_format_service_status(service, infos): + + systemd_service = infos.get("actual_systemd_service", service) + raw_status, raw_service = _get_service_information_from_systemd(systemd_service) + + if raw_status is None: + logger.error("Failed to get status information via dbus for service %s, systemctl didn't recognize this service ('NoSuchUnit')." % systemd_service) + return { + 'status': "unknown", + 'start_on_boot': "unknown", + 'last_state_change': "unknown", + 'description': "Error: failed to get information for this service, it doesn't exists for systemd", + 'configuration': "unknown", + } + + translation_key = "service_description_%s" % service + description = infos.get("description") + if not description: + description = m18n.n(translation_key) + + # that mean that we don't have a translation for this string + # that's the only way to test for that for now + # if we don't have it, uses the one provided by systemd + if description == translation_key: + description = str(raw_status.get("Description", "")) + + output = { + 'status': str(raw_status.get("SubState", "unknown")), + 'start_on_boot': str(raw_status.get("UnitFileState", "unknown")), + 'last_state_change': "unknown", + 'description': description, + 'configuration': "unknown", + } + + # Fun stuff™ : to obtain the enabled/disabled status for sysv services, + # gotta do this ... cf code of /lib/systemd/systemd-sysv-install + if output["start_on_boot"] == "generated": + output["start_on_boot"] = "enabled" if glob("/etc/rc[S5].d/S??" + service) else "disabled" + elif os.path.exists("/etc/systemd/system/multi-user.target.wants/%s.service" % service): + output["start_on_boot"] = "enabled" + + if "StateChangeTimestamp" in raw_status: + output['last_state_change'] = datetime.utcfromtimestamp(raw_status["StateChangeTimestamp"] / 1000000) + + # 'test_status' is an optional field to test the status of the service using a custom command + if "test_status" in infos: + p = subprocess.Popen(infos["test_status"], + shell=True, + executable='/bin/bash', + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT) + + p.communicate() + + output["status"] = "running" if p.returncode == 0 else "failed" + elif raw_service.get("Type", "").lower() == "oneshot" and output["status"] == "exited": + # These are services like yunohost-firewall, hotspot, vpnclient, + # ... they will be "exited" why doesn't provide any info about + # the real state of the service (unless they did provide a + # test_status, c.f. previous condition) + output["status"] = "unknown" + + # 'test_status' is an optional field to test the status of the service using a custom command + if "test_conf" in infos: + p = subprocess.Popen(infos["test_conf"], + shell=True, + executable='/bin/bash', + stdout=subprocess.PIPE, + stderr=subprocess.STDOUT) + + out, _ = p.communicate() + if p.returncode == 0: + output["configuration"] = "valid" + else: + output["configuration"] = "broken" + output["configuration-details"] = out.strip().split("\n") + + return output + + def service_log(name, number=50): """ Log every log files of a service From dd608baec5dfa79265dcf2d8a2f9d5efd9ed96ec Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 16 May 2020 00:07:35 +0200 Subject: [PATCH 175/451] Small simplification? --- src/yunohost/service.py | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index ddf34c9d0..4376ee6d3 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -286,26 +286,19 @@ def service_status(names=[]): # Filter only requested servivces services = {k: v for k, v in services.items() if k in names} - result = {} + # Remove services that aren't "real" services + # + # the historical reason is because regenconf has been hacked into the + # service part of YunoHost will in some situation we need to regenconf + # for things that aren't services + # the hack was to add fake services... + services = {k: v for k, v in services.items() if v.get("status", "") is not None} - for name, infos in services.items(): - - # this "service" isn't a service actually so we skip it - # - # the historical reason is because regenconf has been hacked into the - # service part of YunoHost will in some situation we need to regenconf - # for things that aren't services - # the hack was to add fake services... - # we need to extract regenconf from service at some point, also because - # some app would really like to use it - if infos.get("status", "") is None: - continue - - result[name] = _get_and_format_service_status(name, infos) + output = {s: _get_and_format_service_status(s, infos) for s, infos in services.items()} if len(names) == 1: - return result[names[0]] - return result + return output[names[0]] + return output def _get_service_information_from_systemd(service): From 1cd7ffea66d327985085693d97340c74b3e52d3e Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 16 May 2020 00:20:28 +0200 Subject: [PATCH 176/451] Report unknown status for services as just a warning --- data/hooks/diagnosis/30-services.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/hooks/diagnosis/30-services.py b/data/hooks/diagnosis/30-services.py index 6217d89d3..d0fe50ae9 100644 --- a/data/hooks/diagnosis/30-services.py +++ b/data/hooks/diagnosis/30-services.py @@ -21,7 +21,7 @@ class ServicesDiagnoser(Diagnoser): data={"status": result["status"], "configuration": result["configuration"]}) if result["status"] != "running": - item["status"] = "ERROR" + item["status"] = "ERROR" if result["status"] != "unknown" else "WARNING" item["summary"] = "diagnosis_services_bad_status" item["details"] = ["diagnosis_services_bad_status_tip"] From f8e5ea465243e8d95aa1799f7fe0b3125742c610 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 16 May 2020 00:53:41 +0200 Subject: [PATCH 177/451] Fix tests, rely on _get_service_information_from_systemd to fetch service info during service add --- src/yunohost/service.py | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 4376ee6d3..1f77e3545 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -75,27 +75,32 @@ def service_add(name, description=None, log=None, log_type=None, test_status=Non service['log'] = log - if description: - service['description'] = description - else: + if not description: # Try to get the description from systemd service - out = subprocess.check_output("systemctl show %s | grep '^Description='" % name, shell=True).strip() - out = out.replace("Description=", "") + unit, _ = _get_service_information_from_systemd(name) + description = unit.get("Description", "") if unit is not None else "" # If the service does not yet exists or if the description is empty, # systemd will anyway return foo.service as default value, so we wanna # make sure there's actually something here. - if out == name + ".service": - logger.warning("/!\\ Packagers! You added a custom service without specifying a description. Please add a proper Description in the systemd configuration, or use --description to explain what the service does in a similar fashion to existing services.") - else: - service['description'] = out + if description == name + ".service": + description = "" + + if description: + service['description'] = description + else: + logger.warning("/!\\ Packagers! You added a custom service without specifying a description. Please add a proper Description in the systemd configuration, or use --description to explain what the service does in a similar fashion to existing services.") if need_lock: service['need_lock'] = True if test_status: service["test_status"] = test_status - elif subprocess.check_output("systemctl show %s | grep '^Type='" % name, shell=True).strip() == "oneshot": - logger.warning("/!\\ Packagers! Please provide a --test_status when adding oneshot-type services in Yunohost, such that it has a reliable way to check if the service is running or not.") + else: + # Try to get the description from systemd service + _, service = _get_service_information_from_systemd(name) + type_ = service.get("Type") if service is not None else "" + if type_ == "oneshot": + logger.warning("/!\\ Packagers! Please provide a --test_status when adding oneshot-type services in Yunohost, such that it has a reliable way to check if the service is running or not.") if test_conf: service["test_conf"] = test_conf From 108a3ca498081c80cdfd792b7b5ea7a5673a2ae8 Mon Sep 17 00:00:00 2001 From: Kayou Date: Sat, 16 May 2020 13:31:41 +0200 Subject: [PATCH 178/451] Update .gitlab-ci.yml --- .gitlab-ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6ff932c90..23a0075de 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -57,6 +57,12 @@ test-appurl: - cd src/yunohost - py.test tests/test_appurl.py +test-apps-arguments-parsing: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_apps_arguments_parsing.py + test-backuprestore: extends: .test-stage script: From 5c8c07b8c9019313a4c85c3c7400f4608e205b87 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 17 May 2020 03:24:26 +0200 Subject: [PATCH 179/451] More cleaning of app install logs: we don't really care about debug for ynh_wait_dpkg_free --- data/helpers.d/apt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index dcea0c976..03be6495c 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -10,6 +10,7 @@ # Requires YunoHost version 3.3.1 or higher. ynh_wait_dpkg_free() { local try + set +o xtrace # set +x # With seq 1 17, timeout will be almost 30 minutes for try in `seq 1 17` do @@ -32,13 +33,16 @@ ynh_wait_dpkg_free() { then # If so, that a remaining of dpkg. ynh_print_err "E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem." + set -o xtrace # set -x return 1 fi done 9<<< "$(ls -1 $dpkg_dir)" + set -o xtrace # set -x return 0 fi done echo "apt still used, but timeout reached !" + set -o xtrace # set -x } # Check either a package is installed or not From 086db7a94b012c8414f74c7b3be5149b3e9364a2 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 17 May 2020 04:10:19 +0200 Subject: [PATCH 180/451] Need to explicitly convert info from dbusthingy to str :/ --- src/yunohost/service.py | 2 +- src/yunohost/tests/test_service.py | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index 1f77e3545..fe3ea830f 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -78,7 +78,7 @@ def service_add(name, description=None, log=None, log_type=None, test_status=Non if not description: # Try to get the description from systemd service unit, _ = _get_service_information_from_systemd(name) - description = unit.get("Description", "") if unit is not None else "" + description = str(unit.get("Description", "")) if unit is not None else "" # If the service does not yet exists or if the description is empty, # systemd will anyway return foo.service as default value, so we wanna # make sure there's actually something here. diff --git a/src/yunohost/tests/test_service.py b/src/yunohost/tests/test_service.py index ffe3629c5..c51073c54 100644 --- a/src/yunohost/tests/test_service.py +++ b/src/yunohost/tests/test_service.py @@ -25,7 +25,11 @@ def clean(): if "dummyservice" in services: del services["dummyservice"] - _save_services(services) + + if "networking" in services: + del services["networking"] + + _save_services(services) def test_service_status_all(): @@ -60,6 +64,10 @@ def test_service_add(): service_add("dummyservice", description="A dummy service to run tests") assert "dummyservice" in service_status().keys() +def test_service_add_real_service() + + service_add("networking") + assert "networking" in service_status().keys() def test_service_remove(): From 7b4a9b57bc0241dda975d15ee662cfc46a5c340d Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 17 May 2020 04:22:15 +0200 Subject: [PATCH 181/451] Stewpeed typo :| --- src/yunohost/tests/test_service.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/tests/test_service.py b/src/yunohost/tests/test_service.py index c51073c54..f91a601c4 100644 --- a/src/yunohost/tests/test_service.py +++ b/src/yunohost/tests/test_service.py @@ -64,7 +64,7 @@ def test_service_add(): service_add("dummyservice", description="A dummy service to run tests") assert "dummyservice" in service_status().keys() -def test_service_add_real_service() +def test_service_add_real_service(): service_add("networking") assert "networking" in service_status().keys() From 2d2b3e6bb6f0a9b1c66d51143633afe4ad9b5977 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 17 May 2020 04:01:56 +0200 Subject: [PATCH 182/451] Rework ynh_psql_test_if_first_run --- data/helpers.d/postgresql | 73 ++++++++++++++++++--------------------- 1 file changed, 34 insertions(+), 39 deletions(-) diff --git a/data/helpers.d/postgresql b/data/helpers.d/postgresql index e2bef8746..78ef4f7ce 100644 --- a/data/helpers.d/postgresql +++ b/data/helpers.d/postgresql @@ -1,6 +1,7 @@ #!/bin/bash PSQL_ROOT_PWD_FILE=/etc/yunohost/psql +PSQL_VERSION=9.6 # Open a connection as a user # @@ -273,6 +274,7 @@ ynh_psql_remove_db() { } # Create a master password and set up global settings +# It also make sure that postgresql is installed and running # Please always call this script in install and restore scripts # # usage: ynh_psql_test_if_first_run @@ -280,45 +282,38 @@ ynh_psql_remove_db() { # Requires YunoHost version 2.7.13 or higher. ynh_psql_test_if_first_run() { - if [ -f "$PSQL_ROOT_PWD_FILE" ] + # Make sure postgresql is indeed installed + dpkg --list | grep -q "ii postgresql-$PSQL_VERSION" || ynh_die "postgresql-$PSQL_VERSION is not installed !?" + + # Check for some weird issue where postgresql could be installed but etc folder would not exist ... + [ -e "/etc/postgresql/$PSQL_VERSION" ] || ynh_die "It looks like postgresql was not properly configured ? /etc/postgresql/$PSQL_VERSION is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" + + # Make sure postgresql is started and enabled + # (N.B. : to check the active state, we check the cluster state because + # postgresql could be flagged as active even though the cluster is in + # failed state because of how the service is configured..) + systemctl is-active postgresql@$PSQL_VERSION-main -q || ynh_systemd_action --service_name=postgresql --action=restart + systemctl is-enabled postgresql -q || systemctl enable postgresql + + # If this is the very first time, we define the root password + # and configure a few things + if [ ! -f "$PSQL_ROOT_PWD_FILE" ] then - ynh_print_info --message="PostgreSQL is already installed, no need to create master password" - return + local pg_hba=/etc/postgresql/$PSQL_VERSION/main/pg_hba.conf + + local psql_root_password="$(ynh_string_random)" + echo "$psql_root_password" >$PSQL_ROOT_PWD_FILE + sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$psql_root_password'" postgres + + # force all user to connect to local databases using hashed passwords + # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF + # Note: we can't use peer since YunoHost create users with nologin + # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user + ynh_replace_string --match_string="local\(\s*\)all\(\s*\)all\(\s*\)peer" --replace_string="local\1all\2all\3md5" --target_file="$pg_hba" + + # Integrate postgresql service in yunohost + yunohost service add postgresql --log "/var/log/postgresql/" + + ynh_systemd_action --service_name=postgresql --action=reload fi - - local psql_root_password="$(ynh_string_random)" - echo "$psql_root_password" >$PSQL_ROOT_PWD_FILE - - if [ -e /etc/postgresql/9.4/ ] - then - local pg_hba=/etc/postgresql/9.4/main/pg_hba.conf - local logfile=/var/log/postgresql/postgresql-9.4-main.log - elif [ -e /etc/postgresql/9.6/ ] - then - local pg_hba=/etc/postgresql/9.6/main/pg_hba.conf - local logfile=/var/log/postgresql/postgresql-9.6-main.log - else - if dpkg --list | grep -q "ii postgresql-9." - then - ynh_die "It looks like postgresql was not properly configured ? /etc/postgresql/9.* is missing ... Could be due to a locale issue, c.f.https://serverfault.com/questions/426989/postgresql-etc-postgresql-doesnt-exist" - else - ynh_die "postgresql shoud be 9.4 or 9.6" - fi - fi - - ynh_systemd_action --service_name=postgresql --action=start - - sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$psql_root_password'" postgres - - # force all user to connect to local databases using hashed passwords - # https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF - # Note: we can't use peer since YunoHost create users with nologin - # See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user - ynh_replace_string --match_string="local\(\s*\)all\(\s*\)all\(\s*\)peer" --replace_string="local\1all\2all\3md5" --target_file="$pg_hba" - - # Advertise service in admin panel - yunohost service add postgresql --log "$logfile" - - systemctl enable postgresql - ynh_systemd_action --service_name=postgresql --action=reload } From 7d284e8447f5b3ae17ea6f6e216af11bc4fd71f6 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Sat, 16 May 2020 14:18:52 +0200 Subject: [PATCH 183/451] [enh] build and install deb --- .gitlab-ci.yml | 105 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 102 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 23a0075de..b474b92c1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,8 +1,106 @@ stages: + - build + - install - postinstall - tests - lint +######################################## +# BUILD DEB +######################################## + +.build-stage: + image: before-install + stage: build + variables: + YNH_BUILD_DIR: "ynh-build" + YNH_SOURCE: "https://github.com/yunohost" + before_script: + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" install git git-buildpackage postfix python-setuptools + - mkdir -p $YNH_BUILD_DIR + - cd $YNH_BUILD_DIR + - git clone $YNH_SOURCE/$DEB_TO_BUILD + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$DEB_TO_BUILD + cache: + paths: + - $YNH_BUILD_DIR/*.deb + key: "$CI_COMMIT_REF_SLUG" + +build-yunohost: + extends: .build-stage + variables: + DEB_TO_BUILD: "yunohost" + script: + - cd $DEB_TO_BUILD + - debuild -us -uc + +build-ssowat: + extends: .build-stage + variables: + DEB_TO_BUILD: "ssowat" + script: + - cd $DEB_TO_BUILD + - debuild -us -uc + +build-moulinette: + extends: .build-stage + variables: + DEB_TO_BUILD: "moulinette" + script: + - cd $DEB_TO_BUILD + - debuild -us -uc + +build-metronome: + extends: .build-stage + variables: + DEB_TO_BUILD: "metronome" + script: + - cd $DEB_TO_BUILD + - dpkg-buildpackage -rfakeroot -uc -b -d + +######################################## +# INSTALL DEB +######################################## + +install: + image: before-install + stage: install + variables: + YNH_BUILD_DIR: "ynh-build" + script: + - | + debconf-set-selections << EOF + slapd slapd/password1 password yunohost + slapd slapd/password2 password yunohost + slapd slapd/domain string yunohost.org + slapd shared/organization string yunohost.org + slapd slapd/allow_ldap_v2 boolean false + slapd slapd/invalid_config boolean true + slapd slapd/backend select MDB + postfix postfix/main_mailer_type select Internet Site + postfix postfix/mailname string /etc/mailname + mariadb-server-10.1 mysql-server/root_password password yunohost + mariadb-server-10.1 mysql-server/root_password_again password yunohost + nslcd nslcd/ldap-bindpw password + nslcd nslcd/ldap-starttls boolean false + nslcd nslcd/ldap-reqcert select + nslcd nslcd/ldap-uris string ldap://localhost/ + nslcd nslcd/ldap-binddn string + nslcd nslcd/ldap-base string dc=yunohost,dc=org + libnss-ldapd libnss-ldapd/nsswitch multiselect group, passwd, shadow + postsrsd postsrsd/domain string yunohost.org + EOF + - cd $YNH_BUILD_DIR + - SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./*.deb + artifacts: + paths: + - $YNH_BUILD_DIR/*.deb + cache: + paths: + - $YNH_BUILD_DIR/ + policy: pull + key: "$CI_COMMIT_REF_SLUG" + ######################################## # POSTINSTALL ######################################## @@ -21,16 +119,17 @@ postinstall: .test-stage: image: after-postinstall stage: tests + variables: + PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" before_script: - apt-get install python-pip -y - - mkdir -p .pip - pip install -U pip - hash -d pip - - pip --cache-dir=.pip install pytest pytest-sugar pytest-mock requests-mock mock + - pip install pytest pytest-sugar pytest-mock requests-mock mock - export PYTEST_ADDOPTS="--color=yes" cache: paths: - - .pip + - .cache/pip - src/yunohost/tests/apps key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" From 7f4b0ce6e3c89b290ce4fe63614af3fd9699e3b2 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Sun, 17 May 2020 15:02:58 +0200 Subject: [PATCH 184/451] Add YNH repo before install --- .gitlab-ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b474b92c1..ee6caee48 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -67,6 +67,11 @@ install: stage: install variables: YNH_BUILD_DIR: "ynh-build" + before_script: + - apt install wget --assume-yes + - echo "deb http://forge.yunohost.org/debian/ stretch stable testing unstable" > /etc/apt/sources.list.d/yunohost.list + - wget -O- https://forge.yunohost.org/yunohost.asc -q | apt-key add -qq - >/dev/null 2>&1 + - apt update script: - | debconf-set-selections << EOF From f73c34bfc11ef1ee1bbf10d75b5699b3b6a1ee07 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 17 May 2020 17:00:33 +0200 Subject: [PATCH 185/451] Tell systemctl to stfu when enabling/disabling services, just do it --- src/yunohost/service.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/yunohost/service.py b/src/yunohost/service.py index fe3ea830f..bc082da21 100644 --- a/src/yunohost/service.py +++ b/src/yunohost/service.py @@ -515,6 +515,9 @@ def _run_service_command(action, service): need_lock = services[service].get('need_lock', False) \ and action in ['start', 'stop', 'restart', 'reload', 'reload-or-restart'] + if action in ["enable", "disable"]: + cmd += " --quiet" + try: # Launch the command logger.debug("Running '%s'" % cmd) From 01f8ee6b7bd515fa03bb46d275b853f3a3d28a72 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Sun, 17 May 2020 18:29:10 +0200 Subject: [PATCH 186/451] fix stupid fail2ban issue --- .gitlab-ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ee6caee48..81dc3aa97 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -72,6 +72,8 @@ install: - echo "deb http://forge.yunohost.org/debian/ stretch stable testing unstable" > /etc/apt/sources.list.d/yunohost.list - wget -O- https://forge.yunohost.org/yunohost.asc -q | apt-key add -qq - >/dev/null 2>&1 - apt update + # https://github.com/YunoHost/install_script/blob/3e16abd7c4e1fe9c518cbc573282cb8fb1fcbbd7/install_yunohost#L433-L485 + - touch /var/log/auth.log script: - | debconf-set-selections << EOF From 24d83b6a97d7aa406595bf855702f9ee7c3f1b7e Mon Sep 17 00:00:00 2001 From: Kay0u Date: Sun, 17 May 2020 19:41:38 +0200 Subject: [PATCH 187/451] fix avahi install --- .gitlab-ci.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 81dc3aa97..7777e283b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -74,6 +74,15 @@ install: - apt update # https://github.com/YunoHost/install_script/blob/3e16abd7c4e1fe9c518cbc573282cb8fb1fcbbd7/install_yunohost#L433-L485 - touch /var/log/auth.log + - > + if ! id avahi > /dev/null 2>&1; then + avahi_id=$((500 + RANDOM % 500)) + while cut -d ':' -f 3 /etc/passwd | grep -q $avahi_id + do + avahi_id=$((500 + RANDOM % 500)) + done + adduser --disabled-password --quiet --system --home /var/run/avahi-daemon --no-create-home --gecos "Avahi mDNS daemon" --group avahi --uid $avahi_id + fi script: - | debconf-set-selections << EOF @@ -98,7 +107,7 @@ install: postsrsd postsrsd/domain string yunohost.org EOF - cd $YNH_BUILD_DIR - - SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./*.deb + - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./*.deb artifacts: paths: - $YNH_BUILD_DIR/*.deb From fc30d82df5a6aaae305489021c26b225530b398b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 18 May 2020 00:27:42 +0200 Subject: [PATCH 188/451] Ugly hack to workaround sury pinning issues when installing dependencies --- data/helpers.d/apt | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 03be6495c..74862eca5 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -193,17 +193,37 @@ ynh_package_install_from_equivs () { LC_ALL=C equivs-build ./control 1> /dev/null dpkg --force-depends --install "./${pkgname}_${pkgversion}_all.deb" 2>&1) - ynh_package_install --fix-broken || \ + # Let's try to see if install will work using dry-run. It it fails, + # it could be because the pinning of sury is blocking some package install + # c.f. for example: https://github.com/YunoHost/issues/issues/1563#issuecomment-623406509 + # ... In that case, we use an ugly hack were we'll use a tweaked + # preferences.d directory with looser contrains for sury... + if ! ynh_package_install --fix-broken --dry-run >/dev/null 2>&1 && [ -e /etc/apt/preferences.d/extra_php_version ] + then + cp -r /etc/apt/preferences.d/ /etc/apt/preferences.d.tmp/ + sed 's/^Pin-Priority: .*/Pin-Priority: 600/g' -i /etc/apt/preferences.d.tmp/extra_php_version + local apt_tweaks='--option Dir::Etc::preferencesparts=preferences.d.tmp' + # Try a dry-run again to see if that fixes the issue ... + # If it did not, then that's probably not related to sury. + ynh_package_install $apt_tweaks --fix-broken --dry-run >/dev/null 2>&1 || apt_tweaks="" + else + local apt_tweaks="" + fi + + # Try to install for real + ynh_package_install $apt_tweaks --fix-broken || \ { # If the installation failed # (the following is ran inside { } to not start a subshell otherwise ynh_die wouldnt exit the original process) + rm --recursive --force /etc/apt/preferences.d.tmp/ # Get the list of dependencies from the deb local dependencies="$(dpkg --info "$TMPDIR/${pkgname}_${pkgversion}_all.deb" | grep Depends | \ sed 's/^ Depends: //' | sed 's/,//g')" # Fake an install of those dependencies to see the errors # The sed command here is, Print only from '--fix-broken' to the end. - ynh_package_install $dependencies --dry-run | sed --quiet '/--fix-broken/,$p' >&2 + ynh_package_install $apt_tweaks $dependencies --dry-run | sed --quiet '/--fix-broken/,$p' >&2 ynh_die --message="Unable to install dependencies"; } [[ -n "$TMPDIR" ]] && rm --recursive --force $TMPDIR # Remove the temp dir. + rm --recursive --force /etc/apt/preferences.d.tmp/ # check if the package is actually installed ynh_package_is_installed "$pkgname" From 94ea82651839b0e59ce05a61d33d1a49e40bf292 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 18 May 2020 01:31:37 +0200 Subject: [PATCH 189/451] Most of the time there's no .ini file and it still displays an info about the file not existing when attempting to remove it --- data/helpers.d/php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/data/helpers.d/php b/data/helpers.d/php index e8de6d9ff..9b9df64f9 100644 --- a/data/helpers.d/php +++ b/data/helpers.d/php @@ -297,7 +297,10 @@ ynh_remove_fpm_config () { fi ynh_secure_remove --file="$fpm_config_dir/pool.d/$app.conf" - ynh_exec_warn_less ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini" + if [ -e $fpm_config_dir/conf.d/20-$app.ini ] + then + ynh_secure_remove --file="$fpm_config_dir/conf.d/20-$app.ini" + fi # If the php version used is not the default version for YunoHost if [ "$phpversion" != "$YNH_DEFAULT_PHP_VERSION" ] From 09ff411664e4f93c339df2b5338bfbddaec69293 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 18 May 2020 15:11:31 +0200 Subject: [PATCH 190/451] rework build scripts --- .gitlab-ci.yml | 43 +++++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 20 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7777e283b..c0c49d447 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -18,45 +18,48 @@ stages: before_script: - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" install git git-buildpackage postfix python-setuptools - mkdir -p $YNH_BUILD_DIR - - cd $YNH_BUILD_DIR - - git clone $YNH_SOURCE/$DEB_TO_BUILD - - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$DEB_TO_BUILD cache: paths: - $YNH_BUILD_DIR/*.deb key: "$CI_COMMIT_REF_SLUG" +.build_script: &build_script | + cd $YNH_BUILD_DIR/$PACKAGE + VERSION=$(dpkg-parsechangelog -S Version 2>/dev/null) + VERSION_NIGHTLY="${VERSION}+$CI_PIPELINE_ID+$(date +%Y%m%d%H%M)" + dch --package "${PACKAGE}" --force-bad-version -v "${VERSION_NIGHTLY}" -D "unstable" --force-distribution "Daily build." + debuild -us -uc + build-yunohost: extends: .build-stage variables: - DEB_TO_BUILD: "yunohost" + PACKAGE: "yunohost" script: - - cd $DEB_TO_BUILD - - debuild -us -uc + - git ls-files | xargs tar -czf archive.tar.gz + - mkdir -p $YNH_BUILD_DIR/$PACKAGE + - cat archive.tar.gz | tar -xz -C $YNH_BUILD_DIR/$PACKAGE + - rm archive.tar.gz + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE + - *build_script + build-ssowat: extends: .build-stage variables: - DEB_TO_BUILD: "ssowat" + PACKAGE: "ssowat" script: - - cd $DEB_TO_BUILD - - debuild -us -uc + - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE + - *build_script build-moulinette: extends: .build-stage variables: - DEB_TO_BUILD: "moulinette" + PACKAGE: "moulinette" script: - - cd $DEB_TO_BUILD - - debuild -us -uc - -build-metronome: - extends: .build-stage - variables: - DEB_TO_BUILD: "metronome" - script: - - cd $DEB_TO_BUILD - - dpkg-buildpackage -rfakeroot -uc -b -d + - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE + - *build_script ######################################## # INSTALL DEB From 85442c42dcc6462f17fe90ce3f1b6c5efc2febae Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 18 May 2020 15:11:38 +0200 Subject: [PATCH 191/451] fix install --- .gitlab-ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c0c49d447..e48cb62bb 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -86,6 +86,7 @@ install: done adduser --disabled-password --quiet --system --home /var/run/avahi-daemon --no-create-home --gecos "Avahi mDNS daemon" --group avahi --uid $avahi_id fi + - apt install --assume-yes debhelper script: - | debconf-set-selections << EOF From 471dc025dbb6cab18d3c7441348ed9bd427432b5 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 18 May 2020 15:24:42 +0200 Subject: [PATCH 192/451] move debhelper install [skip ci] --- .gitlab-ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e48cb62bb..b58a8868e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -71,7 +71,7 @@ install: variables: YNH_BUILD_DIR: "ynh-build" before_script: - - apt install wget --assume-yes + - apt install --assume-yes wget debhelper - echo "deb http://forge.yunohost.org/debian/ stretch stable testing unstable" > /etc/apt/sources.list.d/yunohost.list - wget -O- https://forge.yunohost.org/yunohost.asc -q | apt-key add -qq - >/dev/null 2>&1 - apt update @@ -86,7 +86,6 @@ install: done adduser --disabled-password --quiet --system --home /var/run/avahi-daemon --no-create-home --gecos "Avahi mDNS daemon" --group avahi --uid $avahi_id fi - - apt install --assume-yes debhelper script: - | debconf-set-selections << EOF From 09ebed1d0b67bea9af19457ff4171e338a046f8d Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 18 May 2020 15:44:53 +0200 Subject: [PATCH 193/451] change deb name --- .gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b58a8868e..befa66c1e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -21,12 +21,12 @@ stages: cache: paths: - $YNH_BUILD_DIR/*.deb - key: "$CI_COMMIT_REF_SLUG" + key: "$CI_PIPELINE_ID" .build_script: &build_script | cd $YNH_BUILD_DIR/$PACKAGE VERSION=$(dpkg-parsechangelog -S Version 2>/dev/null) - VERSION_NIGHTLY="${VERSION}+$CI_PIPELINE_ID+$(date +%Y%m%d%H%M)" + VERSION_NIGHTLY="${VERSION}~${CI_COMMIT_REF_SLUG//-}+$(date +%Y%m%d%H%M)" dch --package "${PACKAGE}" --force-bad-version -v "${VERSION_NIGHTLY}" -D "unstable" --force-distribution "Daily build." debuild -us -uc @@ -118,7 +118,7 @@ install: paths: - $YNH_BUILD_DIR/ policy: pull - key: "$CI_COMMIT_REF_SLUG" + key: "$CI_PIPELINE_ID" ######################################## # POSTINSTALL From f9e4c96ca3de5653e109460d18edcf809371897a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 18 May 2020 18:49:15 +0200 Subject: [PATCH 194/451] Crash early about apps already installed when attempting to restore --- locales/en.json | 1 + src/yunohost/backup.py | 32 ++++++++++++++++-------- src/yunohost/tests/test_backuprestore.py | 7 +++--- 3 files changed, 25 insertions(+), 15 deletions(-) diff --git a/locales/en.json b/locales/en.json index 25e5a500a..95e297bc1 100644 --- a/locales/en.json +++ b/locales/en.json @@ -534,6 +534,7 @@ "regenconf_failed": "Could not regenerate the configuration for category(s): {categories}", "regenconf_pending_applying": "Applying pending configuration for category '{category}'…", "restore_already_installed_app": "An app with the ID '{app:s}' is already installed", + "restore_already_installed_apps": "The following apps can't be restored because they are already installed: {apps}", "restore_app_failed": "Could not restore the app '{app:s}'", "restore_cleaning_failed": "Could not clean up the temporary restoration directory", "restore_complete": "Restored", diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index 1948e795c..449b52bd8 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -1004,10 +1004,20 @@ class RestoreManager(): logger.error(m18n.n('backup_archive_app_not_found', app=app)) - self.targets.set_wanted("apps", - apps, - self.info['apps'].keys(), - unknown_error) + to_be_restored = self.targets.set_wanted("apps", + apps, + self.info['apps'].keys(), + unknown_error) + + # If all apps to restore are already installed, stop right here. + # Otherwise, if at least one app can be restored, we keep going on + # because those which can be restored will indeed be restored + already_installed = [app for app in to_be_restored if _is_installed(app)] + if already_installed != []: + if already_installed == to_be_restored: + raise YunohostError("restore_already_installed_apps", apps=', '.join(already_installed)) + else: + logger.warning(m18n.n("restore_already_installed_apps", apps=', '.join(already_installed))) # # Archive mounting # @@ -1301,13 +1311,6 @@ class RestoreManager(): else: shutil.copy2(s, d) - # Start register change on system - related_to = [('app', app_instance_name)] - operation_logger = OperationLogger('backup_restore_app', related_to) - operation_logger.start() - - logger.info(m18n.n("app_start_restore", app=app_instance_name)) - # Check if the app is not already installed if _is_installed(app_instance_name): logger.error(m18n.n('restore_already_installed_app', @@ -1315,6 +1318,13 @@ class RestoreManager(): self.targets.set_result("apps", app_instance_name, "Error") return + # Start register change on system + related_to = [('app', app_instance_name)] + operation_logger = OperationLogger('backup_restore_app', related_to) + operation_logger.start() + + logger.info(m18n.n("app_start_restore", app=app_instance_name)) + app_dir_in_archive = os.path.join(self.work_dir, 'apps', app_instance_name) app_backup_in_archive = os.path.join(app_dir_in_archive, 'backup') app_settings_in_archive = os.path.join(app_dir_in_archive, 'settings') diff --git a/src/yunohost/tests/test_backuprestore.py b/src/yunohost/tests/test_backuprestore.py index 790d27d6c..aa443f2a5 100644 --- a/src/yunohost/tests/test_backuprestore.py +++ b/src/yunohost/tests/test_backuprestore.py @@ -475,10 +475,9 @@ def test_restore_app_already_installed(mocker): assert _is_installed("wordpress") - with message(mocker, 'restore_already_installed_app', app="wordpress"): - with raiseYunohostError(mocker, 'restore_nothings_done'): - backup_restore(system=None, name=backup_list()["archives"][0], - apps=["wordpress"]) + with message(mocker, 'restore_already_installed_apps', apps="wordpress"): + backup_restore(system=None, name=backup_list()["archives"][0], + apps=["wordpress"]) assert _is_installed("wordpress") From 0dde1f6d4fed6c434d618dd3d5de3cf659304345 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 18 May 2020 19:57:54 +0200 Subject: [PATCH 195/451] Fix exception assertion --- src/yunohost/tests/test_backuprestore.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/yunohost/tests/test_backuprestore.py b/src/yunohost/tests/test_backuprestore.py index aa443f2a5..026e87c95 100644 --- a/src/yunohost/tests/test_backuprestore.py +++ b/src/yunohost/tests/test_backuprestore.py @@ -475,7 +475,7 @@ def test_restore_app_already_installed(mocker): assert _is_installed("wordpress") - with message(mocker, 'restore_already_installed_apps', apps="wordpress"): + with raiseYunohostError(mocker, 'restore_already_installed_apps'): backup_restore(system=None, name=backup_list()["archives"][0], apps=["wordpress"]) From d7891970c3564f6906b20dd44daf6d5744f69bf0 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 19 May 2020 19:56:04 +0200 Subject: [PATCH 196/451] Clean unused code/imports --- src/yunohost/app.py | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 839abee81..b9116693b 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -35,14 +35,13 @@ import subprocess import glob import urllib from collections import OrderedDict -from datetime import datetime from moulinette import msignals, m18n, msettings from moulinette.utils.log import getActionLogger from moulinette.utils.network import download_json from moulinette.utils.filesystem import read_file, read_json, read_toml, read_yaml, write_to_file, write_to_json, write_to_yaml, chmod, chown, mkdir -from yunohost.service import service_log, service_status, _run_service_command +from yunohost.service import service_status, _run_service_command from yunohost.utils import packages from yunohost.utils.error import YunohostError from yunohost.log import is_unit_operation, OperationLogger @@ -2797,21 +2796,6 @@ def is_true(arg): return True if arg else False -def random_password(length=8): - """ - Generate a random string - - Keyword arguments: - length -- The string length to generate - - """ - import string - import random - - char_set = string.ascii_uppercase + string.digits + string.ascii_lowercase - return ''.join([random.SystemRandom().choice(char_set) for x in range(length)]) - - def unstable_apps(): output = [] From 17a439e9ea483e6bc596cc79ca4d701730546a82 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 19 May 2020 20:18:33 +0200 Subject: [PATCH 197/451] Update changelog for 3.8.4.2 --- debian/changelog | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/debian/changelog b/debian/changelog index 139d390a5..e4991cb0c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +yunohost (3.8.4.2) testing; urgency=low + + - [enh] During failed upgrades: Only mention packages that couldn't be upgraded (26fcfed7) + - [enh] Also run dpkg --audit to check if dpkg is in a broken state (09d8500f, 97199d19) + - [enh] Improve logs readability (c6f18496, 9cbd368d, 5850bf61, 413778d2, 5c8c07b8, f73c34bf, 94ea8265) + - [enh] Crash early about apps already installed when attempting to restore (f9e4c96c) + - [fix] Add the damn short hostname to /etc/hosts automagically (c.f. rabbitmq-server) (e67dc791) + - [fix] Don't miserably crash if doveadm fails to run (c9b22138) + - [fix] Diagnosis: Try to not have weird warnings if no diagnosis ran yet... (65c87d55) + - [fix] Diagnosis: Change logic of --email to avoid sending empty mail if some issues are found but ignored (4cd4938e) + - [enh] Diagnosis/services: Report the service status as warning/unknown if service type is oneshot and status exited (dd09758f, 1cd7ffea) + - [fix] Rework ynh_psql_test_if_first_run ([#993](https://github.com/yunohost/yunohost/pull/993)) + - [tests] Tests for args parsing ([#989](https://github.com/yunohost/yunohost/pull/989), 108a3ca4) + + Thanks to all contributors <3 ! (Bram, Kayou) + + -- Alexandre Aubin Tue, 19 May 2020 20:08:47 +0200 + yunohost (3.8.4.1) testing; urgency=low - [mod] Tweak diagnosis threshold for swap warning (429df8c4) From 188bf2f77a04757138f7d6499ff949e5e32998a7 Mon Sep 17 00:00:00 2001 From: clecle226 Date: Sun, 10 May 2020 12:39:01 +0000 Subject: [PATCH 198/451] Translated using Weblate (French) Currently translated at 99.8% (637 of 638 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index 96d815b1a..509a30844 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -166,7 +166,7 @@ "certmanager_certificate_fetching_or_enabling_failed": "Il semble que l’activation du nouveau certificat pour {domain:s} a échoué …", "certmanager_attempt_to_renew_nonLE_cert": "Le certificat pour le domaine {domain:s} n’est pas émis par Let’s Encrypt. Impossible de le renouveler automatiquement !", "certmanager_attempt_to_renew_valid_cert": "Le certificat pour le domaine {domain:s} n’est pas sur le point d’expirer ! (Vous pouvez utiliser --force si vous savez ce que vous faites)", - "certmanager_domain_http_not_working": "Il semble que le domaine {domain:s} ne soit pas accessible via HTTP. Veuillez vérifier que vos configuration DNS et Nginx sont correctes", + "certmanager_domain_http_not_working": "Le domaine {domain:s} ne semble pas être accessible via HTTP. Merci de vérifier la catégorie 'Web' dans le diagnostic pour plus d'informations. (Ou si vous savez ce que vous faites, utilisé '--no-checks' pour désactiver la vérification.)", "certmanager_error_no_A_record": "Aucun enregistrement DNS 'A' n’a été trouvé pour {domain:s}. Vous devez faire pointer votre nom de domaine vers votre machine pour être en mesure d’installer un certificat Let’s Encrypt ! (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", "certmanager_domain_dns_ip_differs_from_public_ip": "L’enregistrement DNS 'A' du domaine {domain:s} est différent de l’adresse IP de ce serveur. Si vous avez récemment modifié votre enregistrement 'A', veuillez attendre sa propagation (des vérificateurs de propagation DNS sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", "certmanager_cannot_read_cert": "Quelque chose s’est mal passé lors de la tentative d’ouverture du certificat actuel pour le domaine {domain:s} (fichier : {file:s}), la cause est : {reason:s}", @@ -647,5 +647,7 @@ "diagnosis_domain_expiration_success": "Vos domaines sont enregistrés et ne vont pas expirer prochainement.", "diagnosis_domain_expiration_warning": "Certains domaines vont expirer prochainement !", "diagnosis_domain_expiration_error": "Certains domaines vont expirer TRÈS PROCHAINEMENT !", - "diagnosis_domain_expires_in": "Le {domain} expire dans {days} jours." + "diagnosis_domain_expires_in": "{domain} expire dans {days} jours.", + "certmanager_domain_not_diagnosed_yet": "Il n'y a pas encore de résultat de diagnostic pour le domaine %s. Merci de relancer un diagnostic pour les catégories 'Enregistrements DNS' et 'Web' dans la section Diagnostique pour vérifier si le domaine est prêt pour Let's Encrypt. (Ou si vous savez ce que vous faites, utilisez '--no-checks' pour désactiver la vérification.)", + "diagnosis_swap_tip": "Merci d'être prudent et conscient que si vous hébergez une partition SWAP sur une carte SD ou un disque SSD, cela risque de réduire drastiquement l’espérance de vie du périphérique." } From 34a9fbf3edf63b13ddd8cc89f9bd4f3314ced6dc Mon Sep 17 00:00:00 2001 From: ppr Date: Sun, 10 May 2020 13:50:22 +0000 Subject: [PATCH 199/451] Translated using Weblate (French) Currently translated at 99.8% (637 of 638 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locales/fr.json b/locales/fr.json index 509a30844..ced8d92be 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -333,7 +333,7 @@ "log_tools_shutdown": "Éteindre votre serveur", "log_tools_reboot": "Redémarrer votre serveur", "mail_unavailable": "Cette adresse de courriel est réservée et doit être automatiquement attribuée au tout premier utilisateur", - "migration_description_0004_php5_to_php7_pools": "Reconfigurer les espaces utilisateurs PHP pour utiliser PHP 7 au lieu de PHP 5", + "migration_description_0004_php5_to_php7_pools": "Reconfigurez l'ensemble PHP pour utiliser PHP 7 au lieu de 5", "migration_description_0005_postgresql_9p4_to_9p6": "Migration des bases de données de PostgreSQL 9.4 vers PostgreSQL 9.6", "migration_0005_postgresql_94_not_installed": "PostgreSQL n’a pas été installé sur votre système. Rien à faire !", "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 est installé, mais pas PostgreSQL 9.6 ‽ Quelque chose de bizarre aurait pu se produire sur votre système :(…", From c92eee337b2ab21503bcc6e34740a4c72244cc44 Mon Sep 17 00:00:00 2001 From: xaloc33 Date: Sat, 9 May 2020 18:45:50 +0000 Subject: [PATCH 200/451] Translated using Weblate (Catalan) Currently translated at 100.0% (638 of 638 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/ca/ --- locales/ca.json | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/locales/ca.json b/locales/ca.json index 234a32fe4..64ee60477 100644 --- a/locales/ca.json +++ b/locales/ca.json @@ -100,7 +100,7 @@ "backup_unable_to_organize_files": "No s'ha pogut utilitzar el mètode ràpid per organitzar els fitxers dins de l'arxiu", "backup_with_no_backup_script_for_app": "L'aplicació «{app:s}» no té un script de còpia de seguretat. Serà ignorat.", "backup_with_no_restore_script_for_app": "L'aplicació «{app:s}» no té un script de restauració, no podreu restaurar automàticament la còpia de seguretat d'aquesta aplicació.", - "certmanager_acme_not_configured_for_domain": "El certificat pel domini «{domain:s}» sembla que no està instal·lat correctament. Si us plau executeu primer «cert-install» per aquest domini.", + "certmanager_acme_not_configured_for_domain": "No s'ha pogut executar el ACME challenge pel domini {domain} en aquests moments ja que a la seva configuració de nginx li manca el codi corresponent… Assegureu-vos que la configuració nginx està actualitzada utilitzant «yunohost tools regen-conf nginx --dry-run --with-diff».", "certmanager_attempt_to_renew_nonLE_cert": "El certificat pel domini «{domain:s}» no ha estat emès per Let's Encrypt. No es pot renovar automàticament!", "certmanager_attempt_to_renew_valid_cert": "El certificat pel domini «{domain:s}» està a punt de caducar! (Utilitzeu --force si sabeu el que esteu fent)", "certmanager_attempt_to_replace_valid_cert": "Esteu intentant sobreescriure un certificat correcte i vàlid pel domini {domain:s}! (Utilitzeu --force per ometre)", @@ -113,8 +113,8 @@ "certmanager_conflicting_nginx_file": "No s'ha pogut preparar el domini per al desafiament ACME: l'arxiu de configuració NGINX {filepath:s} entra en conflicte i s'ha d'eliminar primer", "certmanager_couldnt_fetch_intermediate_cert": "S'ha exhaurit el temps d'esperar al intentar recollir el certificat intermedi des de Let's Encrypt. La instal·lació/renovació del certificat s'ha cancel·lat - torneu a intentar-ho més tard.", "certmanager_domain_cert_not_selfsigned": "El certificat pel domini {domain:s} no és auto-signat Esteu segur de voler canviar-lo? (Utilitzeu «--force» per fer-ho)", - "certmanager_domain_dns_ip_differs_from_public_ip": "El registre DNS \"A\" pel domini «{domain:s}» és diferent a l'adreça IP d'aquest servidor. Si heu modificat recentment el registre A, si us plau espereu a que es propagui (hi ha eines per verificar la propagació disponibles a internet). (Si sabeu el que esteu fent, podeu utilitzar «--no-checks» per desactivar aquestes comprovacions.)", - "certmanager_domain_http_not_working": "Sembla que el domini {domain:s} no és accessible via HTTP. Verifiqueu que les configuracions DNS i NGINX siguin correctes", + "certmanager_domain_dns_ip_differs_from_public_ip": "Els registres DNS pel domini «{domain:s}» són diferents a l'adreça IP d'aquest servidor. Mireu la categoria «registres DNS» (bàsic) al diagnòstic per a més informació. Si heu modificat recentment el registre A, si us plau espereu a que es propagui (hi ha eines per verificar la propagació disponibles a internet). (Si sabeu el que esteu fent, podeu utilitzar «--no-checks» per desactivar aquestes comprovacions.)", + "certmanager_domain_http_not_working": "El domini {domain:s} sembla que no és accessible via HTTP. Verifiqueu la categoria «Web» en el diagnòstic per a més informació. (Si sabeu el que esteu fent, utilitzeu «--no-checks» per deshabilitar les comprovacions.)", "certmanager_domain_unknown": "Domini desconegut «{domain:s}»", "certmanager_error_no_A_record": "No s'ha trobat cap registre DNS «A» per «{domain:s}». Heu de fer que el vostre nom de domini apunti cap a la vostra màquina per tal de poder instal·lar un certificat Let's Encrypt. (Si sabeu el que esteu fent, podeu utilitzar «--no-checks» per desactivar aquestes comprovacions.)", "certmanager_hit_rate_limit": "S'han emès massa certificats recentment per aquest mateix conjunt de dominis {domain:s}. Si us plau torneu-ho a intentar més tard. Consulteu https://letsencrypt.org/docs/rate-limits/ per obtenir més detalls", @@ -140,7 +140,7 @@ "domain_dyndns_already_subscribed": "Ja us heu subscrit a un domini DynDNS", "domain_dyndns_root_unknown": "Domini DynDNS principal desconegut", "domain_hostname_failed": "No s'ha pogut establir un nou nom d'amfitrió. Això podria causar problemes més tard (podria no passar res).", - "domain_uninstall_app_first": "Hi ha una o més aplicacions instal·lades en aquest domini. Desinstal·leu les abans d'eliminar el domini", + "domain_uninstall_app_first": "Aquestes aplicacions encara estan instal·lades en el vostre domini: {apps}. Desinstal·leu les abans d'eliminar el domini", "domain_unknown": "Domini desconegut", "domains_available": "Dominis disponibles:", "done": "Fet", @@ -634,9 +634,19 @@ "diagnosis_ports_partially_unreachable": "El port {port} no és accessible des de l'exterior amb IPv{failed}.", "diagnosis_http_partially_unreachable": "El domini {domain} sembla que no és accessible utilitzant HTTP des de l'exterior de la xarxa local amb IPv{failed}, tot i que funciona amb IPv{passed}.", "diagnosis_mail_fcrdns_nok_details": "Hauríeu d'intentar configurar primer el DNS invers amb {ehlo_domain} en la interfície del router o en la interfície del vostre allotjador. (Alguns allotjadors requereixen que obris un informe de suport per això).", - "diagnosis_mail_fcrdns_nok_alternatives_4": "Alguns proveïdors no permeten configurar el DNS invers (o aquesta funció pot no funcionar…). Si teniu problemes a causa d'això, considereu les solucions següents:
- Alguns proveïdors d'accés a internet (ISP) donen l'alternativa de utilitzar un relay de servidor de correu electrònic tot i que implica que el relay podrà espiar el trànsit de correus electrònics.
- Una alternativa respectuosa amb la privacitat és utilitzar una VPN *amb una IP pública dedicada* per sobrepassar aquest tipus de limitacions. Mireu https://yunohost.org/#/vpn_advantage
- Finalment, també es pot canviar de proveïdor", + "diagnosis_mail_fcrdns_nok_alternatives_4": "Alguns proveïdors no permeten configurar el DNS invers (o aquesta funció pot no funcionar…). Si teniu problemes a causa d'això, considereu les solucions següents:
- Alguns proveïdors d'accés a internet (ISP) donen l'alternativa de utilitzar un relay de servidor de correu electrònic tot i que implica que el relay podrà espiar el trànsit de correus electrònics.
- Una alternativa respectuosa amb la privacitat és utilitzar una VPN *amb una IP pública dedicada* per sobrepassar aquest tipus de limitacions. Mireu https://yunohost.org/#/vpn_advantage
- O es pot canviar a un proveïdor diferent", "diagnosis_mail_fcrdns_nok_alternatives_6": "Alguns proveïdors no permeten configurar el vostre DNS invers (o la funció no els hi funciona…). Si el vostre DNS invers està correctament configurat per IPv4, podeu intentar deshabilitar l'ús de IPv6 per a enviar correus electrònics utilitzant yunohost settings set smtp.allow_ipv6 -v off. Nota: aquesta última solució implica que no podreu enviar o rebre correus electrònics cap a els pocs servidors que hi ha que només tenen IPv-6.", "diagnosis_http_hairpinning_issue_details": "Això és probablement a causa del router del vostre proveïdor d'accés a internet. El que fa, que gent de fora de la xarxa local pugui accedir al servidor sense problemes, però no la gent de dins la xarxa local (com vostè probablement) quan s'utilitza el nom de domini o la IP global. Podreu segurament millorar la situació fent una ullada a https://yunohost.org/dns_local_network", "backup_archive_cant_retrieve_info_json": "No s'ha pogut carregar la informació de l'arxiu «{archive}»… No s'ha pogut obtenir el fitxer info.json (o no és un fitxer json vàlid).", - "backup_archive_corrupted": "Sembla que l'arxiu de la còpia de seguretat «{archive}» està corromput : {error}" + "backup_archive_corrupted": "Sembla que l'arxiu de la còpia de seguretat «{archive}» està corromput : {error}", + "certmanager_domain_not_diagnosed_yet": "Encara no hi ha cap resultat de diagnòstic per al domini %s. Torneu a executar el diagnòstic per a les categories «Registres DNS» i «Web» en la secció de diagnòstic per comprovar que el domini està preparat per a Let's Encrypt. (O si sabeu el que esteu fent, utilitzant «--no-checks» per deshabilitar les comprovacions.)", + "diagnosis_ip_no_ipv6_tip": "Utilitzar una IPv6 no és obligatori per a que funcioni el servidor, però és millor per la salut d'Internet en conjunt. La IPv6 hauria d'estar configurada automàticament pel sistema o pel proveïdor si està disponible. Si no és el cas, pot ser necessari configurar alguns paràmetres més de forma manual tal i com s'explica en la documentació disponible aquí: https://yunohost.org/#/ipv6. Si no podeu habilitar IPv6 o us sembla massa tècnic, podeu ignorar aquest avís sense problemes.", + "diagnosis_domain_expiration_not_found": "No s'ha pogut comprovar la data d'expiració d'alguns dominis", + "diagnosis_domain_not_found_details": "El domini {domain} no existeix en la base de dades WHOIS o ha expirat!", + "diagnosis_domain_expiration_not_found_details": "La informació WHOIS pel domini {domain} sembla que no conté informació sobre la data d'expiració?", + "diagnosis_domain_expiration_success": "Els vostres dominis estan registrats i no expiraran properament.", + "diagnosis_domain_expiration_warning": "Alguns dominis expiraran properament!", + "diagnosis_domain_expiration_error": "Alguns dominis expiraran EN BREUS!", + "diagnosis_domain_expires_in": "{domain} expirarà en {days} dies.", + "diagnosis_swap_tip": "Vigileu i tingueu en compte que els servidor està allotjant memòria d'intercanvi en una targeta SD o en l'emmagatzematge SSD, això pot reduir dràsticament l'esperança de vida del dispositiu." } From 23e993af972de56a6ed7b8a0c19260ae37ee3df1 Mon Sep 17 00:00:00 2001 From: clecle226 Date: Sun, 10 May 2020 13:50:34 +0000 Subject: [PATCH 201/451] Translated using Weblate (French) Currently translated at 99.8% (637 of 638 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/fr/ --- locales/fr.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/locales/fr.json b/locales/fr.json index ced8d92be..bd8197c2e 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -333,7 +333,7 @@ "log_tools_shutdown": "Éteindre votre serveur", "log_tools_reboot": "Redémarrer votre serveur", "mail_unavailable": "Cette adresse de courriel est réservée et doit être automatiquement attribuée au tout premier utilisateur", - "migration_description_0004_php5_to_php7_pools": "Reconfigurez l'ensemble PHP pour utiliser PHP 7 au lieu de 5", + "migration_description_0004_php5_to_php7_pools": "Reconfigurez l'ensemble PHP pour utiliser PHP 7 au lieu de PHP 5", "migration_description_0005_postgresql_9p4_to_9p6": "Migration des bases de données de PostgreSQL 9.4 vers PostgreSQL 9.6", "migration_0005_postgresql_94_not_installed": "PostgreSQL n’a pas été installé sur votre système. Rien à faire !", "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 est installé, mais pas PostgreSQL 9.6 ‽ Quelque chose de bizarre aurait pu se produire sur votre système :(…", From 6f03f72e256741361f3cae51a90fc7adcb8659f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Quent=C3=AD?= Date: Mon, 18 May 2020 20:24:03 +0000 Subject: [PATCH 202/451] Translated using Weblate (Occitan) Currently translated at 58.3% (372 of 638 strings) Translation: YunoHost/core Translate-URL: https://translate.yunohost.org/projects/yunohost/core/oc/ --- locales/oc.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/locales/oc.json b/locales/oc.json index cdefd0931..13572a1b1 100644 --- a/locales/oc.json +++ b/locales/oc.json @@ -578,5 +578,7 @@ "diagnosis_mail_ehlo_could_not_diagnose_details": "Error : {error}", "diagnosis_mail_queue_unavailable_details": "Error : {error}", "diagnosis_basesystem_hardware": "L’arquitectura del servidor es {virt} {arch}", - "diagnosis_basesystem_hardware_board": "Lo modèl de carta del servidor es {model}" + "diagnosis_basesystem_hardware_board": "Lo modèl de carta del servidor es {model}", + "backup_archive_corrupted": "Sembla que l’archiu de la salvagarda « {archive} » es corromput : {error}", + "diagnosis_domain_expires_in": "{domain} expiraà d’aquí {days} jorns." } From 4ec426c35bba4acfe11251309677611191924f89 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 19 May 2020 23:55:16 +0200 Subject: [PATCH 203/451] Small translation fix --- locales/fr.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/locales/fr.json b/locales/fr.json index bd8197c2e..b92c828a2 100644 --- a/locales/fr.json +++ b/locales/fr.json @@ -166,7 +166,7 @@ "certmanager_certificate_fetching_or_enabling_failed": "Il semble que l’activation du nouveau certificat pour {domain:s} a échoué …", "certmanager_attempt_to_renew_nonLE_cert": "Le certificat pour le domaine {domain:s} n’est pas émis par Let’s Encrypt. Impossible de le renouveler automatiquement !", "certmanager_attempt_to_renew_valid_cert": "Le certificat pour le domaine {domain:s} n’est pas sur le point d’expirer ! (Vous pouvez utiliser --force si vous savez ce que vous faites)", - "certmanager_domain_http_not_working": "Le domaine {domain:s} ne semble pas être accessible via HTTP. Merci de vérifier la catégorie 'Web' dans le diagnostic pour plus d'informations. (Ou si vous savez ce que vous faites, utilisé '--no-checks' pour désactiver la vérification.)", + "certmanager_domain_http_not_working": "Le domaine {domain:s} ne semble pas être accessible via HTTP. Merci de vérifier la catégorie 'Web' dans le diagnostic pour plus d'informations. (Ou si vous savez ce que vous faites, utilisez '--no-checks' pour désactiver la vérification.)", "certmanager_error_no_A_record": "Aucun enregistrement DNS 'A' n’a été trouvé pour {domain:s}. Vous devez faire pointer votre nom de domaine vers votre machine pour être en mesure d’installer un certificat Let’s Encrypt ! (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", "certmanager_domain_dns_ip_differs_from_public_ip": "L’enregistrement DNS 'A' du domaine {domain:s} est différent de l’adresse IP de ce serveur. Si vous avez récemment modifié votre enregistrement 'A', veuillez attendre sa propagation (des vérificateurs de propagation DNS sont disponibles en ligne). (Si vous savez ce que vous faites, utilisez --no-checks pour désactiver ces contrôles)", "certmanager_cannot_read_cert": "Quelque chose s’est mal passé lors de la tentative d’ouverture du certificat actuel pour le domaine {domain:s} (fichier : {file:s}), la cause est : {reason:s}", @@ -333,7 +333,7 @@ "log_tools_shutdown": "Éteindre votre serveur", "log_tools_reboot": "Redémarrer votre serveur", "mail_unavailable": "Cette adresse de courriel est réservée et doit être automatiquement attribuée au tout premier utilisateur", - "migration_description_0004_php5_to_php7_pools": "Reconfigurez l'ensemble PHP pour utiliser PHP 7 au lieu de PHP 5", + "migration_description_0004_php5_to_php7_pools": "Reconfigurer l'ensemble PHP pour utiliser PHP 7 au lieu de PHP 5", "migration_description_0005_postgresql_9p4_to_9p6": "Migration des bases de données de PostgreSQL 9.4 vers PostgreSQL 9.6", "migration_0005_postgresql_94_not_installed": "PostgreSQL n’a pas été installé sur votre système. Rien à faire !", "migration_0005_postgresql_96_not_installed": "PostgreSQL 9.4 est installé, mais pas PostgreSQL 9.6 ‽ Quelque chose de bizarre aurait pu se produire sur votre système :(…", From 1abdf16b84db314e52fd37cb341885870fe67650 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 20 May 2020 14:53:31 +0200 Subject: [PATCH 204/451] CI: Global refactor, yunohost-ci v2 ready --- .gitlab-ci.yml | 262 ++----------------------------- .gitlab/ci/build.gitlab-ci.yml | 52 ++++++ .gitlab/ci/install.gitlab-ci.yml | 16 ++ .gitlab/ci/lint.gitlab-ci.yml | 22 +++ .gitlab/ci/test.gitlab-ci.yml | 102 ++++++++++++ 5 files changed, 203 insertions(+), 251 deletions(-) create mode 100644 .gitlab/ci/build.gitlab-ci.yml create mode 100644 .gitlab/ci/install.gitlab-ci.yml create mode 100644 .gitlab/ci/lint.gitlab-ci.yml create mode 100644 .gitlab/ci/test.gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index befa66c1e..b4ee10cc3 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,260 +1,20 @@ stages: - build - install - - postinstall - tests - lint -######################################## -# BUILD DEB -######################################## +default: + tags: + - yunohost-ci + # All jobs are interruptible by default + interruptible: true -.build-stage: - image: before-install - stage: build - variables: +variables: YNH_BUILD_DIR: "ynh-build" - YNH_SOURCE: "https://github.com/yunohost" - before_script: - - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" install git git-buildpackage postfix python-setuptools - - mkdir -p $YNH_BUILD_DIR - cache: - paths: - - $YNH_BUILD_DIR/*.deb - key: "$CI_PIPELINE_ID" -.build_script: &build_script | - cd $YNH_BUILD_DIR/$PACKAGE - VERSION=$(dpkg-parsechangelog -S Version 2>/dev/null) - VERSION_NIGHTLY="${VERSION}~${CI_COMMIT_REF_SLUG//-}+$(date +%Y%m%d%H%M)" - dch --package "${PACKAGE}" --force-bad-version -v "${VERSION_NIGHTLY}" -D "unstable" --force-distribution "Daily build." - debuild -us -uc - -build-yunohost: - extends: .build-stage - variables: - PACKAGE: "yunohost" - script: - - git ls-files | xargs tar -czf archive.tar.gz - - mkdir -p $YNH_BUILD_DIR/$PACKAGE - - cat archive.tar.gz | tar -xz -C $YNH_BUILD_DIR/$PACKAGE - - rm archive.tar.gz - - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE - - *build_script - - -build-ssowat: - extends: .build-stage - variables: - PACKAGE: "ssowat" - script: - - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE - - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE - - *build_script - -build-moulinette: - extends: .build-stage - variables: - PACKAGE: "moulinette" - script: - - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE - - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE - - *build_script - -######################################## -# INSTALL DEB -######################################## - -install: - image: before-install - stage: install - variables: - YNH_BUILD_DIR: "ynh-build" - before_script: - - apt install --assume-yes wget debhelper - - echo "deb http://forge.yunohost.org/debian/ stretch stable testing unstable" > /etc/apt/sources.list.d/yunohost.list - - wget -O- https://forge.yunohost.org/yunohost.asc -q | apt-key add -qq - >/dev/null 2>&1 - - apt update - # https://github.com/YunoHost/install_script/blob/3e16abd7c4e1fe9c518cbc573282cb8fb1fcbbd7/install_yunohost#L433-L485 - - touch /var/log/auth.log - - > - if ! id avahi > /dev/null 2>&1; then - avahi_id=$((500 + RANDOM % 500)) - while cut -d ':' -f 3 /etc/passwd | grep -q $avahi_id - do - avahi_id=$((500 + RANDOM % 500)) - done - adduser --disabled-password --quiet --system --home /var/run/avahi-daemon --no-create-home --gecos "Avahi mDNS daemon" --group avahi --uid $avahi_id - fi - script: - - | - debconf-set-selections << EOF - slapd slapd/password1 password yunohost - slapd slapd/password2 password yunohost - slapd slapd/domain string yunohost.org - slapd shared/organization string yunohost.org - slapd slapd/allow_ldap_v2 boolean false - slapd slapd/invalid_config boolean true - slapd slapd/backend select MDB - postfix postfix/main_mailer_type select Internet Site - postfix postfix/mailname string /etc/mailname - mariadb-server-10.1 mysql-server/root_password password yunohost - mariadb-server-10.1 mysql-server/root_password_again password yunohost - nslcd nslcd/ldap-bindpw password - nslcd nslcd/ldap-starttls boolean false - nslcd nslcd/ldap-reqcert select - nslcd nslcd/ldap-uris string ldap://localhost/ - nslcd nslcd/ldap-binddn string - nslcd nslcd/ldap-base string dc=yunohost,dc=org - libnss-ldapd libnss-ldapd/nsswitch multiselect group, passwd, shadow - postsrsd postsrsd/domain string yunohost.org - EOF - - cd $YNH_BUILD_DIR - - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./*.deb - artifacts: - paths: - - $YNH_BUILD_DIR/*.deb - cache: - paths: - - $YNH_BUILD_DIR/ - policy: pull - key: "$CI_PIPELINE_ID" - -######################################## -# POSTINSTALL -######################################## - -postinstall: - image: before-postinstall - stage: postinstall - script: - - apt install --no-install-recommends -y $(cat debian/control | grep "^Depends" -A50 | grep "Recommends:" -B50 | grep "^ *," | grep -o -P "[\w\-]{3,}") - - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns - -######################################## -# TESTS -######################################## - -.test-stage: - image: after-postinstall - stage: tests - variables: - PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip" - before_script: - - apt-get install python-pip -y - - pip install -U pip - - hash -d pip - - pip install pytest pytest-sugar pytest-mock requests-mock mock - - export PYTEST_ADDOPTS="--color=yes" - cache: - paths: - - .cache/pip - - src/yunohost/tests/apps - key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" - -root-tests: - extends: .test-stage - script: - - py.test tests - -test-apps: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_apps.py - -test-appscatalog: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_appscatalog.py - -test-appurl: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_appurl.py - -test-apps-arguments-parsing: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_apps_arguments_parsing.py - -test-backuprestore: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_backuprestore.py - -test-changeurl: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_changeurl.py - -test-permission: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_permission.py - -test-settings: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_settings.py - -test-user-group: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_user-group.py - -test-regenconf: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_regenconf.py - -test-service: - extends: .test-stage - script: - - cd src/yunohost - - py.test tests/test_service.py - -######################################## -# LINTER -######################################## - -.lint-stage: - image: before-postinstall - stage: lint - before_script: - - apt-get install python-pip -y - - mkdir -p .pip - - pip install -U pip - - hash -d pip - - pip --cache-dir=.pip install tox - cache: - paths: - - .pip - - .tox - key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" - -lint: - extends: .lint-stage - allow_failure: true - script: - - tox -e lint - -invalidcode: - extends: .lint-stage - script: - - tox -e invalidcode - -# Disabled, waiting for buster -#format-check: -# extends: .lint-stage -# script: -# - black --check --diff +include: + - local: .gitlab/ci/build.gitlab-ci.yml + - local: .gitlab/ci/install.gitlab-ci.yml + - local: .gitlab/ci/test.gitlab-ci.yml + - local: .gitlab/ci/lint.gitlab-ci.yml diff --git a/.gitlab/ci/build.gitlab-ci.yml b/.gitlab/ci/build.gitlab-ci.yml new file mode 100644 index 000000000..67232ba1f --- /dev/null +++ b/.gitlab/ci/build.gitlab-ci.yml @@ -0,0 +1,52 @@ +.build-stage: + stage: build + image: "before-install" + variables: + YNH_SOURCE: "https://github.com/yunohost" + before_script: + - mkdir -p $YNH_BUILD_DIR + artifacts: + paths: + - $YNH_BUILD_DIR/*.deb + +.build_script: &build_script + - cd $YNH_BUILD_DIR/$PACKAGE + - VERSION=$(dpkg-parsechangelog -S Version 2>/dev/null) + - VERSION_NIGHTLY="${VERSION}+$(date +%Y%m%d%H%M)" + - dch --package "${PACKAGE}" --force-bad-version -v "${VERSION_NIGHTLY}" -D "unstable" --force-distribution "Daily build." + - debuild --no-lintian -us -uc + +######################################## +# BUILD DEB +######################################## + +build-yunohost: + extends: .build-stage + variables: + PACKAGE: "yunohost" + script: + - git ls-files | xargs tar -czf archive.tar.gz + - mkdir -p $YNH_BUILD_DIR/$PACKAGE + - cat archive.tar.gz | tar -xz -C $YNH_BUILD_DIR/$PACKAGE + - rm archive.tar.gz + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE + - *build_script + + +build-ssowat: + extends: .build-stage + variables: + PACKAGE: "ssowat" + script: + - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE + - *build_script + +build-moulinette: + extends: .build-stage + variables: + PACKAGE: "moulinette" + script: + - git clone $YNH_SOURCE/$PACKAGE -b $CI_COMMIT_REF_NAME $YNH_BUILD_DIR/$PACKAGE || git clone $YNH_SOURCE/$PACKAGE $YNH_BUILD_DIR/$PACKAGE + - DEBIAN_FRONTEND=noninteractive apt --assume-yes -o Dpkg::Options::="--force-confold" build-dep $(pwd)/$YNH_BUILD_DIR/$PACKAGE + - *build_script diff --git a/.gitlab/ci/install.gitlab-ci.yml b/.gitlab/ci/install.gitlab-ci.yml new file mode 100644 index 000000000..664fc66d5 --- /dev/null +++ b/.gitlab/ci/install.gitlab-ci.yml @@ -0,0 +1,16 @@ +######################################## +# INSTALL DEB +######################################## + +upgrade: + stage: install + image: "after-install" + script: + - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./$YNH_BUILD_DIR/*.deb + +install-postinstall: + stage: install + image: "before-install" + script: + - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./$YNH_BUILD_DIR/*.deb + - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns diff --git a/.gitlab/ci/lint.gitlab-ci.yml b/.gitlab/ci/lint.gitlab-ci.yml new file mode 100644 index 000000000..31f88dad1 --- /dev/null +++ b/.gitlab/ci/lint.gitlab-ci.yml @@ -0,0 +1,22 @@ +######################################## +# LINTER +######################################## + +lint: + stage: lint + image: "before-install" + allow_failure: true + script: + - tox -e lint + +invalidcode: + stage: lint + image: "before-install" + script: + - tox -e invalidcode + +# Disabled, waiting for buster +#format-check: +# extends: .lint-stage +# script: +# - black --check --diff diff --git a/.gitlab/ci/test.gitlab-ci.yml b/.gitlab/ci/test.gitlab-ci.yml new file mode 100644 index 000000000..dcc1b2d94 --- /dev/null +++ b/.gitlab/ci/test.gitlab-ci.yml @@ -0,0 +1,102 @@ +.install_debs: &install_debs + - DEBIAN_FRONTEND=noninteractive SUDO_FORCE_REMOVE=yes apt --assume-yes -o Dpkg::Options::="--force-confold" --allow-downgrades install ./$YNH_BUILD_DIR/*.deb + +.test-stage: + stage: tests + image: "after-install" + variables: + PYTEST_ADDOPTS: "--color=yes" + before_script: + - *install_debs + cache: + paths: + - src/yunohost/tests/apps + key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" + +######################################## +# TESTS +######################################## + +full-tests: + stage: tests + image: "before-install" + variables: + PYTEST_ADDOPTS: "--color=yes" + before_script: + - *install_debs + - yunohost tools postinstall -d domain.tld -p the_password --ignore-dyndns + script: + - py.test tests + - cd src/yunohost + - py.test tests + +root-tests: + extends: .test-stage + script: + - py.test tests + +test-apps: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_apps.py + +test-appscatalog: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_appscatalog.py + +test-appurl: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_appurl.py + +test-apps-arguments-parsing: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_apps_arguments_parsing.py + +test-backuprestore: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_backuprestore.py + +test-changeurl: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_changeurl.py + +test-permission: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_permission.py + +test-settings: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_settings.py + +test-user-group: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_user-group.py + +test-regenconf: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_regenconf.py + +test-service: + extends: .test-stage + script: + - cd src/yunohost + - py.test tests/test_service.py From 7ad9fbd5b9de81aa8054e937cef092d850012ac9 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 20 May 2020 15:21:46 +0200 Subject: [PATCH 205/451] [fix] helper doc --- data/helpers.d/apt | 2 -- doc/helper_doc_template.html | 5 ++--- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/data/helpers.d/apt b/data/helpers.d/apt index 74862eca5..c6621d814 100644 --- a/data/helpers.d/apt +++ b/data/helpers.d/apt @@ -353,8 +353,6 @@ ynh_remove_app_dependencies () { ynh_package_autopurge ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used. } -#================================================= - # Install packages from an extra repository properly. # # usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name] diff --git a/doc/helper_doc_template.html b/doc/helper_doc_template.html index 92611c737..e5fec733c 100644 --- a/doc/helper_doc_template.html +++ b/doc/helper_doc_template.html @@ -2,6 +2,8 @@

App helpers

+

Doc auto-generated by this script on {{data.date}} (Yunohost version {{data.version}})

+ {% for category, helpers in data.helpers %}

{{ category }}

@@ -81,9 +83,6 @@ {% endfor %} {% endfor %} -

Generated by this script on {{data.date}} (Yunohost version {{data.version}})

- -