The following are the release notes for each FreedomBox version.
/etc/issue: Update message to reflect that all users can login
ci: Force pip to install packages to system environment
datetime: Use timedatectl to read current timezone
samba: Make sure shares are not accessible from the internet
ttrss: Fix failing backup
mediawiki: Fix app view error
locale: Update translations for Albanian, Bulgarian, Czech, Dutch, German, Spanish, Swedish, Turkish, Ukrainian
samba: tests: Fix enable share view test
ejabberd: Fix making call connections when using TURN
matrixsynapse: Disable verification to fix public registrations
snapshot: Fix issue with snapshot rollbacks
app: Add backup and restore menu items to toolbar menu
backups: Allow selecting a single app from URL when creating backup
config: Drop RuntimeMaxUse=5% for journal logging
dynamicdns: Skip uninstall test
ejabberd: Add Monal and Siskin for iOS and remove ChatSecure
email: Redirect to the app page if roundcube isn't installed
ikiwiki: Re-run setup for each site after restore
locale: Update translations for Bulgarian, Spanish
matrixsynapse: Minor refactor in getting/setting public registrations
matrixsynapse: Add python3-psycopg2 to packages
matrixsynapse: Use yaml.safe_load
searx: Add libjs-bootstrap to packages
snapshot: Fix mounting /.snapshots subvolume and use automounting
templates: Show better title for 404 page
uninstall: Fix spelling in warning message
vagrant: Drop unnecessary script that deletes sqlite file
vagrant: Hide the vagrant-script directory
vagrant: Mount source in /freedombox instead of /vagrant
vagrant: Switch to /freedombox before running service with alias
config: Fix showing the value of the default home page
email: Revert workaround for error on finishing uninstall
firewalld: Allow upgrade to version 2*
gitweb: tests: Skip tests using git when git is not installed
locale: Update translations for Bulgarian
tests: functional: Fix submitting forms with notifications present
tor: Also use Aptsources822 augeas lens
tor: Remove workaround for old Augeas bug
upgrades: Add augeas lens for Deb822 apt sources
views: Use dedicated view when showing an app with operations
locale: Update translations for Albanian, Bulgarian
ssh: Add sudo to allowed groups
upgrades: Stop quassel during dist upgrade
package: Don't uninstall packages that are in use by other apps
tor: Add onion location to apache
email: Workaround an issue with error on finishing uninstall
gitweb: Run git commands as a web user
janus: Allow upgrade to 1.1
locale: Update translations for Galician, Spanish
operation: tests: Fix warning when test helpers start with 'Test'
zoph: Add explicit dependency on default-mysql-server
minidlna: Fix incorrect marking for firewall local protection
zoph, wordpress: Add conflicts on libpam-tmpdir
container: Drop free tag from image URLs
d/control: Don't recommend libpam-tmpdir
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, German, Turkish, Ukrainian
package, email: Move conflicting package removal to framework
snapshot: Fix showing unsupported message on non-btrfs filesystems
tests: functional: Set timeout to 3 hours
upgrades: dist-upgrade: Don't change apt security line
users: tests: Fix privileged tests
wordpress: Redirect Webfinger queries
ejabberd: Enable mod_http_upload
security: Remove restricted access setting and configuration
ssh: Restrict logins to groups root, admin and freedombox-ssh
calibre: Add protection to local service using firewall
deluge: Add protection to local service using firewall
email: Add protection to local service using firewall
firewall: Create a mechanism for protecting local services
firewall: Introduce component for local service protection
i2p: Add protection to local service using firewall
i2p: Remove donation URL that is no longer available
minidlna: Add protection to local service using firewall
searx: Ensure that socket is only reachable by Apache and root
ssh: Add checkbox to remove login group restrictions
syncthing: Add protection to local service using firewall
transmission: Add protection to local service using firewall
email: Add fail2ban jail for dovecot
email: Fix creation of aliases for security@ and usenet@
locale: Update translations for Bulgarian, French, German, Norwegian Bokmål
debian/lintian-overrides: Fix mismatch patterns and new messages
minetest: Handle upgrade from 5.3.0 to 5.6.1
storage: Drop skip_recommends
upgrades: Add documentation link to upgrades service file
upgrades: Update list of holds during dist upgrade
letsencrypt: Fix regression with comparing certificate
rssbridge: Add option to allow public access
locale: Update translations for Bulgarian, Hungarian, Swedish
storage: Handle file systems on non-physical devices
upgrades: Allow FreedomBox vendor when adding backports
upgrades: Skip unattended-upgrade in dist-upgrade
debian: tests: Fix PYTHONPATH
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, Turkish, Ukrainian
privacy: Remove unused import, fix pipeline
privacy: Add new system app for popularity-contest
matrix: Add fail2ban jail
: Use privileged decorator for actions
action_utils: Drop support for non-systemd environments
action_utils: Drop unused progress requests from apt-get
actions: Allow actions to be called by other users
actions: Allow nested and top-level actions
actions: Drop unused superuser_run and related methods
actions: Implement getting raw output from the process
actions: Use separate IPC for communicating results
apache: Fix logs still going into /var/log files
bind: Drop enabling DNSSEC (deprecated) as it is always enabled
config: Drop ability to set hostname on systems without systemd
config: Drop legacy migration of Apache homepage settings
fail2ban: Make fail2ban log to journald
firewall: Drop showing running status
locale: Update translations for Albanian, Czech, Norwegian Bokmål, Russian, Swedish, Ukrainian
minidlna: Use the exposed URL for diagnostic test
openvpn: Drop RSA to ECC migration code and two-step setup
privacy: Set vendor as FreedomBox for dpkg and popularity-contest
searx: Show status of public access irrespective of enabled state
templates: Update HTML meta tags for better description and app-name
tests: Add fixture to help in testing privileged actions
wordpress: Update fail2ban filter
locale: Update translations for Bulgarian, Ukrainian
notification: Don't fail when formatting message strings
janus: Enable systemd sandboxing
locale: Update translations for Albanian, Bulgarian, Czech, Danish, Dutch, French, German, Greek, Hungarian, Indonesian, Italian, Latvian, Lithuanian, Norwegian Bokmål, Persian, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Swedish, Turkish, Ukrainian
mediawiki: Add powered by freedombox logo
wordpress: Add fail2ban filter and jail
wordpress: Disable readme.html, xmlrpc.php, wp-cron.php
matrixsynapse: Allow matrix-synapse >= 1.65 to install successfully
backups: Use generic form template for create and schedule views
backups: tests: functional: Find forms more accurately
bepasty: Use generic form template for add password view
bepasty: tests: functional: Minor refactor for form submission
calibre: tests: functional: Find forms more specifically
d/maintscript: remove tahoe and mldonkey apache conf files
debian: Add Italian debconf translation
ejabberd: tests: functional: Ensure jsxc is installed
firewall: Allow upgrade from any version to 1.2.*
first_boot: tests: functional: Find form more specifically
gitweb: Fix issue with page not refreshing during uninstall
gitweb: Use generic form template for create/edit repository
gitweb: tests: functional: Find forms more accurately
ikiwiki: tests: functional: Find forms more accurately
locale: Update translations for Chinese (Simplified), Czech, French, Italian, Turkish
samba: Ignore mounted files when listing mounts
samba: Update client apps information
shaarli: tests: functional: Specify setup form submission button
sharing: tests: functional: Find forms more accurately
snapshot: tests: functional: Minor refactoring for form submission
sso: tests: functional: Find forms more accurately
templates: form: Specify a form class for use with functional tests
tests: functional: Assert app is not installed after uninstallation
tests: functional: Force specifying form to submit more accurately
tests: functional: Wait for installation to complete fully
users: tests: functional: Find forms more accurately
version: Compare Debian package version numbers
wordpress: tests: functional: Find forms more specifically
zoph: tests: functional: Simplify finding the form to submit
jsxc: Allow disabling the app
app: Add a menu item to trigger uninstallation
app: Add API to uninstall an app
avahi: Don't disable after tests
backups: Use AppView for the main app page
container: Display help message when no args are passed
container: Show default values in command help
d/control: Break ufw as we use firewalld
debian: Update Spanish translation template
diagnostics: Use AppView for app page
ejabberd: Set hostname for test that relies on it
forms: Implement form for uninstallation
janus: Convert action to privileged
janus: Handle upgrades to 1.0.*
letsencrypt: Use AppView for app page
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, French, German, Spanish, Turkish, Ukrainian
names: Use AppView for app page
networks: Use AppView for app page
operation: Factor out template code into a separate file
operation: Show operations on app page in addition to setup page
package: Implement low-level methods for uninstalling
package: Implement uninstall in Package component
power: Use AppView for app page
security: Use AppView for app page
setup: Drop check for already running operation
setup: Implement operation to uninstall an app
snapshot: Use AppView for app page
tests: Make functional.is_available check faster
tests: functional: Add install/uninstall test for all apps
tor: Use AppView and Operation for app page
ttrss: Add donation url
upgrades: Add button to test dist-upgrade in development mode
upgrades: Hold janus during dist-upgrade
views: Implement a view to uninstall an app
networks: Remove DNSSEC diagnostics
setup: Allow starting installation when package manager is busy
setup: Fix issue with immediate refresh after installation
: Add setup method on all apps that don't have it
: Drop module level app property
: Make force upgrading part of app rather than a module
: Make setup method part of App class for all apps
app: Drop optimization that skips setup process
backups: tests: Mark need for Django database during API tests
container: Add IdentitiesOnly option to SSH
container: Ignore flake8 error 'line too long' in bash script text
coturn: Fix link to ejabberd in description
doc: dev: Document previously undocumented components
ejabberd: Fix showing the status messages
locale: Update translations for Bulgarian, Czech, Dutch, French, German, Turkish, Ukrainian
matrixsynapse: Fix showing the status messages
notification: Pass full context when rendering body template
operation: Add module to manage threaded operations
package: Run installation operation using app_id instead of module
setup: Drop setup_helper and use the new Operation API
sharing: Add installing and enable/disable like other apps
sharing: tests: functional: Fix a flaky test by waiting
ssh: tests: functional: Keep service enabled after tests
storage: Fix enumerating partitions without mount points
help: Add "How can I help?" section to Contribute page
locale: Update translations for Chinese (Simplified), Dutch, French, German, Turkish
wordpress: Don't install php-ssh2
cockpit: Reconfigure to allow any origin
rssbridge: New app to generate RSS feeds for websites
apache: Also configure to serve on /freedombox
apache: Merge old configuration files into a better location
apache: Redirect all logs to systemd journal
cockpit: Depend on apache and setup after it
cockpit: Use decorator for privileged actions
config: Add option to set logging mode: none/volatile/persistent
config: Set volatile logging by default
debian: Follows policy version 4.6.1
debian: Update copyright year
gitweb: Switch default branch name to main for new repositories
janus: Change short description to "Video Room"
locale: Update translations for Bulgarian, Chinese (Simplified), French, Russian, Ukrainian
privoxy: Restrict to private IPs, prevent access over the internet
privoxy: Use privileged decorator for actions
roundcube: Add fail2ban jail
roundcube: Configure to log to journald
roundcube: Use privileged to simplify actions
rssbridge: Add functional tests
rssbridge: Fix flake8 errors
rssbridge: Whitelist all bridges by default
backups: Add options to keep sshfs shares responsive
backups: Unmount repositories before and after backup
users: create home directories for newly created users
: pylint: Avoid calling super() with arguments
: pylint: Don't inherit from 'object'
: pylint: Drop unnecessary 'pass' statements
: pylint: Explicitly specify encoding when open a file
: pylint: Suppress unused argument warnings
ci: Use compatible versions of Selenium and Splinter
locale: Update translations for Bulgarian, Russian, Ukrainian
mediawiki: Add regex validator to the domain field
mediawiki: Remove Buster specific code not needed in Bullseye
mediawiki: Remove wgLogo as it is not needed in Bullseye
pyproject.toml: Ignore some refactoring messages with pylint
static: js: css: Make multiple select fields work with Django 4.0
tests: functional: Simplify GitLabCI configuration
upgrades: Hold packages one at a time
upgrades: Re-add workaround for grub
views: Add a comment about change in Django 4.0
matrixsynapse: Allow new dependency to be installed from backports
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, German, Turkish
actions: Note that privileged actions can't output to stdout
mumble: Backup/restore the configuration file
mumble: Don't set the root channel name unless it is changed
mumble: Use privileged decorator for superuser actions
mumble: tests: Add functional tests for setting the passwords
ejabberd: Allow domains to be added or removed
mumble: Allow setting a password that is required to join the server
mediawiki: Add option to change the site name
actions: Add a decorator for marking superuser actions
doc: dev: Use and recommend new privileged actions
ejabberd: Automatically use coturn
janus: Improve description about coturn
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, French, German, Russian, Turkish
tests: Add a dummy parameter for middlewares for Django 4.0
translation: Don't use session for storing lang pref in Django 4.0
transmission: Simplify actions using the privileged decorator
users: Fix deleting user LDAP entry with Django 4.0
email: Make app available for all users (even without advanced flag)
janus: Add new app for lightweight WebRTC server
wordpress: Allow installing/updating plugins and themes
email: Add description about ISP and domain limitations
locale: Added Latvian translation
locale: Update translation for Bulgarian, Chinese (Simplified), Czech, Dutch, German, Russian, Swedish, Turkish
mumble: Allow changing root channel name
tests: functional: Add jobs for bullseye-backports
tests: functional: Integrate into Salsa CI
transmission: Add redirects to avoid 409 conflict
wordpress: tests: Continue past language selection screen
wordpress: tests: Fix writing title for new post in newer versions
: Show Learn More... links in frontpage with description
mediawiki: Serve hidden service over http for .onion domains
apache: Allow URL diagnostics to work with redirects
firewall: Show service name in port forwarding info table
frontpage: Allow showing links to manual pages
frontpage: Reuse app header template for showing app description
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, French, German, Norwegian Bokmål, Turkish
mediawiki: Add stricter sandbox rules for jobrunner service
mediawiki: Fix URL diagnostics with redirects involved
ssh, bind: Show 'Learn More...' links
tor: Show port forwarding information in consistent way
tt-rss: Fix description about user access
email: Fix userdb lookups with LDAP
matrixsynapse: Allow new dependencies to be installed from backports
HACKING: Improve documentation on how to run tests
container: Show executed commands when setting up/running tests
locale: Update translations for Bulgarian, Danish, French, Hungarian, Norwegian Bokmål, Polish, Russian, Ukrainian
mediawiki: Check if admin password is at least 10 characters long
mediawiki: Handle password rejection from MediaWiki
samba: Fix functional tests when user is not logged in at start
tests: functional: Get rid of dependency on xvfb
transmission: Improve description
locale: Update translations for Bulgarian, Czech, Dutch, German, Greek, Russian, Swedish, Turkish
sharing: Allow spaces in path strings
minetest: Allow alternate name for 3d armor mod
upgrades: Use python3-typing-extensions from bullseye-backports
calibre: Fix description of allowable library names
locale: Add new Arabic translation
locale: Update translations for Arabic, Bulgarian, Czech, Dutch, French, German, Hungarian, Turkish
plinth: Add forum link to footer
network: Fix showing wifi connection
calibre: explain correct name format for new library
ikiwiki: add packages that are necessary
locale: Updated translations for Chinese (Simplified), French, Russian
upgrades: Allow backports from src:freedombox
locale: Update translations for French, Hungarian, Spanish
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, German, Turkish
email: Enable as an advanced app
dynamicdns: Fix adding null domain into configuration
email: Add backup/restore component
email: Add basic functional tests
email: Add front page shortcut, update name and description
email: Add more special-use IMAP folders, set autoexpunge to 60days
email: Add shortcut for non-admin users to manage their aliases
email: Add various documentation links for future readability
email: Allow re-running setup
email: Backup/restore aliases and mailboxes
email: Depend on and run redis server
email: Implement adding common aliases for first admin user
email: List all listening ports of the daemons
email: Narrowly match just rspamd's spam header
email: Open firewall port for managesieve protocol
email: Revert to LDAP auth as pam does not allow non-admin users
email: Set an icon from Tango project
email: Setup rspamd configuration to include FreedomBox config
email: Tweak client auto-configuration file
email: Update donation URL to rspamd donation URL
email: aliases: Drop ability to enable/disable aliases
email: clients: Make Thunderbird URLs language independent
email: dkim: Implement setting up DKIM signing keys
email: dns: Show table for desired DNS entries
email: postfix: Fix priority for authentication directives
email: postfix: use inline map for TLS SNI maps
email: rspamd: Log to journald via syslog
email: rspamd: Simplify installing configuration
locale: Update translations for Bulgarian, Chinese (Simplified), Czech, Dutch, German, Hungarian, Russian, Swedish, Telugu, Turkish, Ukrainian
minidlna: add iOS VLC client
samba: add iOS VLC client
dynamicdns: Replace ez-ipupdate
Drop NAT detection as it is no longer used
Drop about page and merge into description
Drop tabs and use single page
Rewrite configuration handling and update using URL
app: Add component to store enabled state of an app in kvstore
backups: Implement backup/restore of key/value settings
locale: Update translations for Albanian, Bulgarian, Chinese (Simplified), Czech, Dutch, German, Hungarian, Russian, Spanish, Swedish, Turkish, Ukrainian
minetest: Reduce the number of configuration update messages
tests: functional: Add plugin for HTML reports
tt-rss: Restrict access to feed-reader
group in "/tt-rss-app"
users: Fix typo in description
coturn: Use wildcard listening address to fix startup issues
sso, users: Redirect to home page after logout
apache: Don't redirect to HTTPS for .onion domains
apache: Don't set HSTS for .onion domain
cockpit: Explicitly redirect to HTTPS as needed for WebSockets
doc: Fail when downloading images from Debian wiki fails
email_server: Drop showing diagnostics/repair and roundcube config
email_server: Drop some unused code
locale: Update translations for Bulgarian, Dutch, French, German, Hungarian, Russian, Swedish, Ukrainian
matrixsynapse: Add FluffyChat to client list
mldonkey: Drop app not available in Debian Bullseye and Bookworm
power: Add a link to power app in the system menu
roundcube: Add setting for local connection only
shaarli: Add android app to description
shaarli: Add backup component
shaarli: Add functional tests
snapshots: Clarify that snapshots are take during updates too
tests: functional: Implement a workaround for issue with screenshots
users: Clarify help message for authorization password
wireguard: tests: Add functional tests
upgrades: Allow matrix's new dependency to be installed
sso: Adjust URL to CAPTCHA page needed by Django security fix
container: Avoid a warning that interactive mode is intended
help: tests: Fix functional test to check for status logs
locale: Update translations for Chinese (Simplified), Czech, Dutch, German, Hungarian, Turkish
sso: Add missing captcha/rate limiting on SSO login
tests: functional: Fix setting domain name with active notifications
tt-rss: Allow published articles to be publicly available
debian, setup.py: Add dependency on python3-tomli
help: Fix failing setup when manual directory is not available
backups: Correct spelling of encryption protocols
i2p: Fix grammar in description
ikiwiki: Initialize shortcuts during post-init setup
locale: Update translations for Chinese (Simplified), Czech, Dutch, German, Hungarian, Italian, Swedish, Turkish
mumble: Change description to include iOS client app
networks: Fix reference to an option
openvpn: Add link to IOS app
radicale: Update Thunderbird URLs
transmission: Fix capitalization
wireguard: Fix spelling
package: Add diagnostic to check if a package is the latest version
backups: Capitalize 'SSH' in template
config, upgrades: Specify submit button for tests
datetime: Explicitly list systemd-timesyncd as a dependency
locale: Update translations for Chinese (Traditional), Czech, Dutch, Hungarian, Norwegian Bokmål, Spanish, Swedish
storage: Skip tests if not enough disk space is available
upgrades: Relabel from 'Update' to 'Software Update'
datetime: Fix checking when timesyncd will run on a system
cockpit, ejabberd: Make 'name' optional in Signal handlers
diaspora: Drop app that was never finished
email_server:
Adjust TLS configuration parameters
Fix issue with handling domain removal
Include postfix package in packages list
Re-implement TLS configuration
Rename dovecot TLS configuration file for consistency
letsencrypt: Handle cert setup when an app wants all domains
locale: Update translations for Chinese (Simplified), Chinese (Traditional), Czech, French, German, Swedish, Turkish
monkeysphere, tahoe-lafs: Drop unused apps
roundcube: Allow upgrades by avoiding configuration file change
tests: Fix app name in pytest.skip statement
tests: functional: Skip MLDonkey app
upgrades: Cleanup dist upgrade steps specific to bullseye release
upgrades: Refactor dist upgrade process
dynamicdns: Update URLs to the new dynamic DNS server
firewall: Allow configuration upgrade to version 1.0.x
shaarli: Enable app (only available in testing and unstable)
: Drop module level depends declaration
: Drop module level package_conflicts and use component API
: Drop unused manual_page at module level
: Drop use of managed_packages and rely on Packages component
: Drop use of managed_services, rely on Daemon component
: Drop use of module level is_essential flag
: Drop use of module level version
: Drop use of unnecessary managed_paths
: Use the App's state management API
actions/letsencrypt: Drop use of managed_paths and use LE component
actions/service: Drop unused list action
actions/service: Drop use of managed_services for Daemon component
actions: Get list of packages from Packages components
app: Introduce API for managing setup state of the app
app: Introduce API to setup an app
bind: Drop alias handling unnecessary in >= Bullseye
daemon: Add new component to hold information about related daemons
doc/dev: Drop discussion on managed_paths
doc/dev: Drop reference to module level depends declaration
doc/dev: Remove mention of managed_services
doc/dev: Remove outdated reference to init() at module level
doc/dev: Update documentation to not refer to managed_packages
email_server: Merge domain configuration with app view
email_server: Simplify domain configuration form
first_boot: Drop use of loaded_modules and use App.list
forms: Fix regression with TLS domain form in quassel and tt-rss
letsencrypt: On domain removal, don't revoke certificate, keep it
locale: Update translations for Czech, German, Norwegian Bokmål
main: List apps instead of modules
middleware, views: Reduce use of setup_helper
module_loader, app: Move app init to app module
package: Add parameter to specify skipping package recommendations
package: Implement installing packages in the component
package: Introduce component API for package conflicts
packages: Move checking for unavailable packages to component
security: Drop use of loaded_modules and use App.list
security: Drop use of managed_services in security report
security: Get the list of packages from Packages component
setup: Drop unused API for app's state management
setup: List dependencies for apps instead of modules
setup: Run setup on apps instead of modules
setup: Use apps instead of modules to determine running first setup
setup: Work on apps instead of modules for force upgrade
tests: Add 'domain' mark for apps that add/remove domains
web_server: Drop use of loaded_modules and use App.list
config: Add packages component to a re-add zram-tools dependency
tt-rss: Allow selection of a domain name
: Split app initialization from app construction
app: Introduce separate method for post initialization operations
datetime: Avoid error when systemctl is not available
debian: Fail build if no module dependencies found
locale: Update translations for Swedish, Turkish, Ukrainian
main: Drop initializing Django when listing dependencies
avahi, samba: Use systemd sandboxing
components: Introduce new component - Packages
security: Properly handle sandbox analysis of timer units
email_server (not enabled yet):
Add buttons for managing aliases, domains, spam
Authenticate using PAM instead of LDAP
Delivery mail to /var/mail instead of home directory
Don't use user IDs when performing lookups
Drop hash DB and use sqlite3 directly
Use Django forms and views
locale: Update translations for German, Swedish, Turkish, Ukrainian
tests: Use BaseAppTests for functional tests of most apps
utils: Fix ruamel.yaml deprecation warnings
locale: Update translations for Bulgarian, Czech, French, German, Turkish, Ukrainian
middleware: Don't show setup view to non-admin users
performance: Add backup support (no data)
storage: Pass optional mount point to partition expansion
storage: tests: Fix tests for expanding disk partitions
tests: Add BaseAppTests class for common functional tests
ttrss: Fix daemon not running sometimes on startup
: Always pass check= argument to subprocess.run()
: Convert all functional tests to python format
: Move all systemd service files from /lib to /usr
calibre: Run service only if when installed
d/control: Allow building with python interpreter of any arch
d/rules: Don't install and enable other systemd service files
d/rules: Don't use setup.py to invoke tests, invoke directly instead
email: Manage known installation conflicts
locale: Update translation for Bulgarian, Ukrainian
package: Add functions for removing packages
performance: Cleanup code meant for cockpit version < 235
pyproject.toml: Merge contents of .converagerc
pyproject.toml: Merge contents of pytest.ini
settings: Choose password hashing complexity suitable for SBCs
setup: Show and remove conflicts before installation
sso, translation: Help set language cookie when user logins in
storage: tests: functional: Fix tests always getting skipped
tests: Add some missed marks for functional tests
tests: Add tests for action utilities
tests: Improve handling of tests skipped by default
tests: help: Add help view tests
translation: Always set language cookie when switching language
ttrss: Add systemd security hardening to daemon
ttrss: tests: functional: Make subscription faster
user: Accommodate Django 3.1 change for model choice iteration
users: Help set language cookie when user profile is edited
wordpress: Run service only if when installed and configured
locale: Update translations for German, Italian, Swedish, Turkish, Ukrainian
Use Django gettext functions instead of ugettext
Use allow/denylist instead white/blacklist in comments
Use django.urls.re_path() instead of its alias url()
Various isort fixes
pyproject: Make isort consistent across execution environments
settings: Set Django auto field type explicitly
signals: Drop provider args when creating Signal object
sso: Update usage of OpenSSL crypt signing API
tests: Convert functional tests to python format
tests: Introduce fixtures to make it easy to test actions
tests: Show warning when app not available
tests: Use common fixtures for testing actions module
tests: Use newer splinter API for finding links
views: Update utility for checking URL safety
mediawiki: Backup and restore uploaded files
mediawiki: Enable a subset of default extensions
apache: Update security settings
Drop support for GnuTLS
Drop support for SSLv3, TLSv1 and TLSv1.1
Enable and prioritize HTTP/2 protocol
Setup Mozilla recommended configuration
locale: Update translations for Bulgarian, Chinese (Simplified), Dutch, Persian, Russian, Swedish, Turkish, Ukrainian
mediawiki: Handle upgrade for 1.35
mediawiki: Switch to MediaWiki 2020 logo
plinth: remove diagnose command
Add workaround for Django 3.2 with captcha 0.5.6
wordpress: New app to manage a WordPress site/blog
d/control: Drop wireless-tools as recommends
email: Basic app to manage an email server - Email server app is currently disabled by default, so it is not yet visible in the interface.
locale: Update translations for Norwegian Bokmål, Ukrainian
security: Remove display of past vulnerabilities
ttrss: Allow upgrade to version 21
locale: Update translations for Albanian, Bengali, Chinese (Simplified), German, Indonesian, Norwegian Bokmål, Ukrainian, Vietnamese
action_utils: Use flag to indicate freedombox package has been held
debian: Ensure fuse gets replaced by fuse3
locale: Add Sinhala language
locale: Add Vietnamese language
backups: Change submit button to fix translation issues
locale: Update translations for Chinese (Simplified), Chinese (Traditional), Dutch, French, German, Hungarian, Indonesian, Japanese, Portuguese, Sinhala, Swedish, Telugu, Turkish, Vietnamese
ejabberd: Add STUN/TURN configuration
locale: Add Albanian language
Update copyright year
action_utils: Introduce utility for masking services
ci: Merge with Salsa CI pipeline
config, dynamicdns, pagekite: Remove incorrect use of str
config: Convert entered domain name to lower case
config: Disable rsyslog and syslog forwarding
config: Fix tests related to user home directory
config: Install and configure zram for swap
container script: Must convert env. var. string to a Path object
container: Work in the absence of systemd in PATH
container: distribution as environment variable
coturn: Mention ejabberd in app description
coturn: Validate TURN URIs if provided in form
debian: Add coverage to autopkgtest
deluge, mldonkey, syncthing, transmission: Depend on nslcd.service
deluge: Fix daemon user not in freedombox-share group after installation
diagnostics: Use lock to protect results
docs: Add filename to code snippets in tutorial
docs: Add missing imports in tutorial
docs: Add some troubleshooting information
docs: Generate developer documentation
docs: Improve Developer Documentation index page
docs: Set the version
attribute as required instead of optional
dynamicdns: Convert entered domain name to lower case
dynamicdns: Wait after changing domain name in tests
first_boot: Use session to verify first boot welcome step
letsencrypt: Always return a diagnostics result
locale: Update translations for Albanian, Chinese (Simplified), Dutch, German, Greek, Indonesian, Polish, Spanish, Swedish, Turkish
pagekite: Convert entered kite name to lower case
security: Clarify vulnerability count and provide link to more info
security: Ensure that fail2ban is not re-enabled on version increment
security: Increment app version to reload fail2ban
security: Move fail2ban default configuration to this app
ssh, apache: Make fail2ban use systemd journald backend by default
users: Fix unit test failures when LDAP is empty
firstboot: Use session to verify first boot welcome step
locale: Update translations for German, Greek, Indonesian, Turkish
manual: Update Contributing and Matrix Synapse pages
deluge, mldonkey, syncthing, transmission: Ensure nslcd is running before the service is started
deluge: Fix daemon user not in freedombox-share group after installation
config: Fix tests related to user home directory
locale: Update translations for Dutch, German, Greek, Polish, Spanish, Swedish, Turkish
matrix-synapse: Auto configure STUN/TURN using coturn server
coturn: Add new component for usage of coturn by other apps
coturn: Minor refactor view to use utility to generate URIs
coturn: Remove advanced flag, make app visible to all
locale: Update translations for Dutch, French, German, Hungarian, Italian, Lithuanian, Norwegian Bokmål, Swedish, Turkish
matrix-synapse: Update description to talk about TURN configuration
plinth: Disable start rate limiting for service
ui: Fix buttons jumping on click in snapshots page
upgrades: Disable searx during dist-upgrade
zoph: Add new app to organize photos
Only available in Debian testing (bullseye) due to issues in buster.
locale: Update translations for Dutch, Greek, Spanish, Swedish, Turkish
sharing: Improve shares group access description
upgrades: Add 10 minute delay before apt update
upgrades: Disable apt snapshots during dist upgrade
upgrades: Only check free space bytes before dist upgrade
calibre: Fix freedombox.local inaccessible after enabling app
matrix-synapse: Install python3-psycopg2 from backports
backups: schedule: tests: Fix failures due to long test run
jsxc: Fix issues with jQuery >= 3.5.0
locale: Update translations for Bengali, Dutch, French, German, Hungarian, Italian, Polish, Russian, Spanish, Swedish, Turkish
mediawiki: Fix app installation process doesn't display status information
mediawiki: Set default logo to mediawiki.png
minidlna: Implement force upgrading from older version
minidlna: Minor refactor of media directory handling
plinth: Show running spinner when app installation is in progress
radicale: Allow older 2.x release to upgrade to 3.x
roundcube: Allow upgrade to 1.4.*
tests: Update functional tests default config
upgrades: Add notifications for dist upgrade
upgrades: Increment version for MatrixSynapse 1.26
backups: Add scheduled backups for each location
container script: Various improvements
locale: Update translations for Bulgarian, Chinese (Simplified), Chinese (Traditional), Czech, Danish, Dutch, French, Galician, German, Greek, Gujarati, Hindi, Hungarian, Italian, Lithuanian, Norwegian Bokmål, Persian, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Swedish, Turkish, Ukrainian
networks: Change connection type to a radio button
networks: Hide deactivate/remove buttons for primary connections
networks: Prevent unintended changes to primary connection.
networks: Separate the delete button and color it differently
networks: Use radio buttons for network modes
performance: Fix web client link to Cockpit
plinth: Fix disable daemon when service alias is provided
setup: Enable essential apps that use firewall
syncthing: Create LDAP group name different from system group
syncthing: Hide unnecessary security warning
tahoe: Disable app
ui: New style for select all checkbox
upgrades: Require at least 5 GB free space for dist upgrade
apache2: Allow downloads in openvpn and backups with latest browsers
locale: Update translations for Dutch, French, German, Hungarian, Polish, Spanish, Swedish, Turkish
app: Add locked flag
app: component: Add app_id and app properties
app: info: Move client validation to info component
backups: Add new component for backup and restore
backups: Don't open a new window for downloading backups
dev-container: 'up' command: Show banner also when container is already running
dev-container: Add command to print container IP address
dev-container: Add subcommand to run tests
doc: dev: Update the tutorial to reflect latest API/code
ejabberd: functional tests: Wait until the jsxc buddy list is loaded
functional tests: Make tests compatible with pytest-bdd v4.0
functional-tests: Fix installation errors in install.sh script
gitweb: Add functional tests for git-access group
gitweb: tests: functional: Fix test failures in localized environment
mumble: Updated mumla and removed plumble from clients list
openvpn: Don't show running status on download profile button
plinth: Fix daemon is enabled check when service alias is provided
radicale: Fix backup and restore of configuration
tests: functional: Improve creating users in tests
transmission: Show port forwarding information
transmission: Update description
upgrades: Add service for dist upgrade
upgrades: Ensure freedombox package is upgraded during dist upgrade
upgrades: Hold tt-rss during dist upgrade, if available
upgrades: Install python3-systemd for unattended-upgrades
upgrades: Restart FreedomBox service at end of dist-upgrade
upgrades: Use full path to searx action script
users: Skip action script tests if LDAP is not set up
apache: Create snake oil certificate if not exists
Fixes an issue when installing FreedomBox on Hetzner Cloud's Debian image
calibre: Fix link to manual page
deluge: Require user to be in bit-torrent group to access
locale: Update translations for German, Hungarian, Polish, Russian, Spanish, Swedish
security: Fix access denied for user daemon from cron
upgrades: Allow grub-pc upgrade without reinstalling grub
upgrades: Update searx search engines during dist upgrade
users: Remove timeout when creating Samba user
config: Skip homepage test on buildd
ui: Migrate from bootstrap 3 to bootstrap 4
apache: Disallow all inline styling in sandbox settings
gitweb: Make functional tests compatible with pytest-bdd v4.0
javascript: Fix disabled submit buttons when navigating back to a page
locale: Update translations for Dutch, German, Turkish
ui: Adopt a consistent and new table style
config: Add user websites as choices for homepage config
templates: Make toggle button responsive
apache: Add app name for diagnostics
diagnostics: Improve exception handling in app diagnostics
diagnostics: Show app name and fallback to app id if not exist
locale: Update translations for Dutch, French, German, Portuguese, Spanish, Swedish, Turkish
mumble: Implement force upgrade for 1.3.*
snapshot: Check that / is a btrfs subvolume before setup
upgrades: Hold mumble-server during dist upgrade
openvpn: Create user group "vpn"
upgrades: Add first boot step to run initial update
bepasty: Apply translation to autogenerated comments
locale: Update translations for Bengali, Dutch, German, Spanish
networks: Apply translation to a tooltip
samba: Show toggle buttons and share names
snapshots: Translate snapshot types (field description)
upgrades: Fix sources list for dist upgrade from buster
upgrades: Hold freedombox package during dist upgrade
locale: Update translations for Dutch, French, German, Italian, Norwegian Bokmål, Spanish, Swedish, Turkish
sso: Fix regression in auth-pubtkt configuration
openvpn: Support Elliptic Curve Cryptography (ECC)
If you are already using OpenVPN, you can migrate to ECC to improve speed and security. Visit the OpenVPN page in the FreedomBox interface to perform the one-time migration, and to re-download the client profiles.
dynamicdns: Handle IPv6
locale: Update translations for Dutch, French, German, Italian, Spanish
openvpn: Cleanup easyrsa 2 to 3 upgrade code
openvpn: Remove explicit setup step
ci: Fix flake8 errors
debian: Rename source package to freedombox
locale: Update translations for German, Italian, Turkish
pubtkt: Fix Python format language errors
locale: Add Chinese (Traditional) translation
mediawiki: Add action to set domain name
upgrades: Add a setting to enable dist upgrade
apache: setup uwsgi by default
backups: i18n: Mark form success messages for translation
locale: Update translations for Danish, French, German, Italian, Norwegian Bokmål, Polish, Russian, Spanish, Swedish, Telugu, Turkish
mediawiki: Ensure password file is not empty
networks: css: Make button wider in network list
networks: i18n: Mark string for translation on delete page
networks: i18n: Mark various strings for translation
notifications: i18n: Mark app names and extra data for translation
package: i18n: Mark progress status strings for translation
upgrades: Disable the option when not able to dist upgrade
app: Add donation buttons on app pages
updates: Eliminate delay and better status for manual upgrade
calibre: Update group description to reflect 'using' app
diagnostics: Lazy format all diagnostic test strings properly
diagnostics: Show low system memory notifications
help: Link to updates page when new version is available
locale: Update translations for Chinese (Simplified), French, Greek, Norwegian Bokmål, Russian, Slovenian, Spanish, Swedish, Turkish
notifications: Show severity level on every notification
upgrades: Add status section showing version and upgrade status
calibre: Add new e-book library app
mumble: configure letsencrypt component
upgrades: Detect and upgrade to next stable release
bepasty: Change default permissions to 'read'
container: Assign virtual network interface to trusted firewall zone
container: Handle edge cases with container update
coturn: Don't handle certificates if not installed
debian/control: Add sshpass as build dependency
doc: Before fetching, drop all old to cleanup deleted pages/images
doc: dev: Link to list of potential apps from tutorial
dynamicdns: Drop unnecessary code to set app as enabled
locale: Update translations for French, Norwegian Bokmål, Portuguese, Spanish, Swedish, Turkish
module_loader, web_framework: Update console log messages
mumble: Store and use a single domain for TLS certificate setup
pagekite: Don't announce unconfigured kite as a valid domain
pagekite: Don't update names module if not installed
quassel: Don't handle certificates if not installed
ssh: action script: Require user credentials when editing ssh keys
tests: functional: Simplify calling the login helper
tor: Don't check if enabled when not installed
upgrades: Check free space before dist-upgrade
upgrades: Extend function to check for normal dist availability
upgrades: Set a flag so interrupted dist-upgrade can be continued
users: Deal with admin user already existing during first boot
users: Require admin credentials when creating or editing a user
cockpit: Don't show home page icon to non-admin users
locale: Update translations for French, German, Norwegian Bokmål, Russian, Turkish
minidlna: Fix typo DNLA -> DLNA
module_loader: Load/process all essential modules before others
apache: Disable mod_status (CVE-2020-25073)
bepasty: New app for file upload and sharing
matrixsynapse: Allow upgrade to version 1.19
apps: Remove Coquelicot
backups: Make app available by default
debian: Add newline to end of /var/lib/plinth/firstboot-wizard-secret
debian: Don't show first wizard secret on command line
debian: Temporarily revert source package rename
diagnostics: Prevent showing running status on diagnostics menu item
doc: Add moinmoin wiki parser
doc: Fix wiki links in manual
ejabberd, mumble, wireguard: Update Apple app links
ejabberd: Use new ruamel.yaml API and allow duplicate keys
firewall: Show port forwarding info contextually
firewall: Show port forwarding info in tabular format
gitweb: Add ability to change default branch
gitweb: Fix enable auth webserver component on app init
help, networks: Clarify i18n different contexts for "Manual"
i18n: Mark strings missed for translation
ikiwiki: Validate a path when deleting wiki or blog
js: Don't show running status on buttons pulled to right
jsxc, sharing, wireguard: Add 'Learn more...' link for help pages
locale: Update translations for Danish, Dutch, Galician, German, Hungarian, Italian, Spanish, Swedish, Russian, Turkish
matrixsynapse: Perform a one time conversion to new config format
matrixsynapse: Rename Riot to Element
matrixsynapse: Use conf.d snippets
radicale: Remove code to handle 1.x
radicale: Stop service during backup and restore
samba: Hide common system partitions
snapshots: Clarify description for disabling yearly snapshots
ssh: Disallow managing keys for the root user
storage: Fix expanding partitions on GPT partition tables
upgrades, security: Update the messages describing backports
upgrades: Add first boot step to configure backports
upgrades: Change backports activation message wording
upgrades: Display correct backports info for unstable
upgrades: security: Don't use technical term 'backports' in UI
wireguard: Remove hardcoded Windows client version
upgrades: Update apt cache before manual update
minidlna: Do not expose statistics over public web
backups: Allow remote repository usernames to start with numbers
locale: Update translations for Chinese (Simplified), Hungarian, Kannada, Norwegian Bokmål, Spanish, Swedish
security: Move backports notice to security page
upgrades: Add button to activate backports if needed for current release
debian: Rename source package from plinth to freedombox
cfg, frontpage: Ignore errors while reading config and shortcuts
locale: Update translations for French, German, and Norwegian Bokmål
apt: Recover from errors before installing apps or updating system
apache: Add strict content security policy, sandbox and other security headers
storage: Allow ejecting SATA disks
configuration: Allow changes using .d drop-in files
configuration: Move default configuration into source code
configuration: Read from multiple locations in /etc/ and /usr/share/
debian: Add ssl-cert and nscd as proper dependencies
frontpage: Allow adding shotcuts using .d drop-in files
frontpage: Read shortcuts from multiple locations in /etc/, /usr/share and /var/lib
locale: Update translations for Czech, Danish, French, German, Russian, Spanish, Swedish, Telugu, Turkish
storage: Automount system disks without partition table but ignore all loopback devices
storage: Allow ejecting SATA disks
storage: Show only physical disks and not all mount points
upgrades: Skip enabling backports on testing and unstable
upgrades: Show more logs
ui: Show a spinner and disable button on form submit
locale: Add new translation for Arabic (Saudi Arabia)
javascript: Remove use of Turbolinks library
locale: Update translations for French, Norwegian Bokmål, German, Swedish, Polish, and Spanish
matrixsynapse: Handle upgrade to versions 1.15.x
upgrades: Avoid manual update interruption when upgrading freedombox package
upgrades: Don't enable backports on Debian derivatives
pagekite: Fix expired certificates causing connection failures
tor: Fix problems with running a relay
backups: Add optional field - Name
cockpit: Promote for advanced storage/firewalld/networking ops
firewall: Don't show tun interface in internal zone warning
firewall: Mention that internal services are available over VPN
ikiwiki: Enable 'attachment' plugin by default
locale: Update translations for Spanish, French, Russian, Norwegian Bokmål, Czech, Hungarian, and Greek
minidlna: Add link to manual page
minidlna: Fix internationalization for name of the app
mldonkey: Add app to freedombox-share group
openvpn: Use app toggle button and common app view
radicale: Fix link in description to clients
samba: Add clients information
templates: Fix setup state check
users: Avoid error when user's groups cannot be parsed
performance: Add app for system monitoring
upgrades: Restart services and system when needed after upgrades
System restart will happen at 02:00 local time
bind: Add service alias for bind9 -> named
firewall: Reload firewalld so it works with newly installed services
first_setup: Fix regression with logo not showing
locale: Update translations for Norwegian Bokmål, German, Swedish, Spanish, and Russian
mediawiki: Stop jobrunner during backup/restore
minidlna: Stop service during backup/restore
mumble: Stop service during backup/restore
package: Fix error log when checking if package manager is busy
performance: Launch the Cockpit graphs directly if possible
quassel: Fix stopping service during backup/restore
quassel: Use systemd sandboxing features
samba: Change description to Network File Storage
snapshot: Fix issues with restore and delete
snapshot: Set as essential module
storage: Auto-mount disks, notify of failing disks
tor: Fix stopping service during backup/restore
syncthing: Add service to freedombox-share group
users: When adding service to sharing group, only restart if already running
datetime: Ignore time synchronization service in containers and virtual machines
minidlna: Make app installable inside unprivileged container
web_server: Suppress warnings that static directories don't exist
debian: Remove unused timer
static: Use SVG logo during first wizard welcome step
static: Reduce the size of the background noise image
setup.py: Don't install/ship .po files
static: Don't ship visual design file and unused images
all: Update links to repository and project page
coturn: Add app to manage Coturn TURN/STUN server
mediawiki: Partial fix for installing on testing
datetime: Disable diagnostics when no tests are available
data: Print hostname and IP addresses before console login
snapshot: Fix message when not available
snapshot: Fix title
mumble: Add Mumla to the list of clients
locale: Update translations for Spanish, Telugu, Russian, German, French, and Swedish
matrixsynapse: Fix initial installation and upgrade from backports
gitweb: Improve error handling when creating repository
locale: Update translations for French, Serbian, and Telugu
users: Restore line of help text that was accidentally dropped
debian: Add firmware-ath9k-htc to Recommends
gitweb: Use proper ellipsis char when showing clone progress
locale: Update translations for Norwegian Bokmål, German, French, Portuguese, Italian, Russian, and Serbian
app: Ensure toggle buttons work independently of configuration form
networks, monkeysphere: Make styling more specific to avoid interference
syncthing: Update description to mention 'syncthing' group
radicale: Support upgrade up to any 2.x version
packages: Hold freedombox package during package installs
users: Add component for managing users and groups
app: Fix grammar in developer documentation string
ikiwiki: Disable public edits of blog pages
ikiwiki: Add moderation of blog comments
firewalld: Support upgrade up to any 0.8.x version
infinoted: Fix permissions of sync directory
locale: Added Serbian translation
locale: Update translations for Russian, French, German, Czech, Italian, Hindi, Telugu, and Spanish
networks: Update label wording in topology form
jsxc: Fix issue with serving static files
debian: Separate binary packages for each language manual
locale: Update translations for Norwegian Bokmål and German
app: Fix description block in app header
pagekite: Don't signal new domain on init if app is disabled
pagekite: Don't attempt to notify about domain if app is disabled
pagekite: Remove app enabled checking from getting configuration
pagekite: On enable/disable, add/remove domain from names module
pagekite: Fix an error message in custom services form
matrixsynapse: Handle release of matrix-synapse 1.11
setup: Fix regression to force-upgrade caused by Info changes
pagekite: Don't allow non-unique custom services
index: Reintroduce clients button in front page
upgrades: Don't ship apt backport preferences file
upgrades: Use internal scheduler instead of systemd timer
shadowsocks: Change default configuration
shadowsocks: Fix incorrect setting of state directory
shadowsocks: When editing configuration, don't re-enable
mediawiki: Don't allow anonymous edits
names: Fix Local Network Domain is not shown
shadowshocks: Fix setting configuration on Buster
locale: Update translations for Swedish, Spanish, and French
apache: Handle transition to php 7.4
app: Fix showing app name in port forwarding information
apps: Do not show status block if service is running
i2p: New style app page layout
locale: Update translations for French, Telugu, Spanish, and Swedish
networks: Add first boot step for network topology wizard
networks: Add form for network topology
networks: Don't show router wizard if not behind a router
networks, firewall: Support newer version of policykit
networks: Fixes for networks wizards access and user experience
networks: If topology wizard is skipped, skip router wizard too
networks: Show router wizard before Internet connection type wizard
plinth: Increase sqlite busy timeout from default 5s to 30s
quassel: Fix unable to disable application without choosing a domain name
shadowsocks: Move user settings to state directory
storage: Directory selection form improvements
transmission: Allow to submit download directory if it is creatable
upgrades: Clean apt cache every week
views: Improve template security
apps: Update style for toggle button
apps: Drop border shadow for app icon in mobile view
apps: Show short description as secondary title
apps: Remove css filters and glow from app icons
cards: Remove the transition delay on hover effect
system: Implement new style for cards
framework: Generate secret key (existing sessions will get logged out)
framework: Cleanup expired sessions every week
networks: Add setting for internet connection type
networks: Ask about internet connection type during setup
shadowsocks: Fix shadowsocks not able to start
jsxc: Bypass issue with stronghold to get the app working again
monkeysphere: Fix regression with reading Apache configuration
help: Fix attribute on download manual button
firewall: Improve speed of some operations using DBus API
css: Add missing license identifier on some CSS files
deluge: Use safer method for editing configuration
deluge: More reliable initial configuration setup
samba: Add link to manual page
searx: Update search engines for 0.16.0
openvpn: Fix spelling for Tunnelblick
bind: Show served domains
Update translations for German, Swedish, Italian, Spanish, Norwegian Bokmål, Hungarian, Polish, and French
networks: Support virtual Ethernet (veth) devices
diagnostics: Show firewall service status
storage: Show disks if FreedomBox is running in an unprivileged container
service: Stop service not before but after disabling it
users: Use more precise username validation
sso, users: Turn off autocapitalization on the username field
help: Fix anchor hidden under navbar
searx: Fix installation issue for 0.16.0
firewall: Show Run Diagnostics button in app
glib: Introduce method to schedule an operation at regular intervals
notification: Show a drop down from main navbar for notifications
storage: Show low disk space warning using notifications API
upgrades: Show notification when FreedomBox is updated
security: Add Sandbox Coverage to report page
matrixsynapse: Enable systemd sandboxing
locale: Update translations for Telugu, French, Norwegian Bokmål, German, Spanish, and Swedish
deluge: Allow to set a download directory
deluge: Fix installation failure on slow machine
storage: Make external disk mounts accessible to other users
gitweb: Add link to the manual page
style: Fix incorrect margins for containers in mobile view
style: Fix responsiveness for app header
network: Fix activating connections that don't have real devices
wireguard: Add WireGuard VPN app
networks: Add router configuration page
networks: Add first boot step for router config helper
bind: Enable sandboxing for bind service
locale: Updated translations for Dutch, Norwegian Bokmål, German, Spanish, Swedish, French, and Greek
samba: Improve speed of actions
deluge: Manage deluged service and connect automatically from web interface
openvpn: Enable support for communication among all clients
storage: Ignore errors resizing partition during initial setup
storage: Make partition resizing work with parted 3.3
debian: Add powermgmt-base as recommended package
openvpn: Enable IPv6 for server and client outside the tunnel
networks: Fix crashing when accessing network manager D-Bus API
mediawiki: Use a mobile-friendly skin by default
mediawiki: Allow admin to set default skin
matrixsynapse: Allow upgrade to 1.8.*
security: Add explanation of sandboxing
Update translations for Greek, German, Swedish, Hungarian, Norwegian Bokmål, and French
app: Fix JavaScript doesn't run on first visit
samba: Add private shares
firewall: Support upgrading firewalld to 0.8
deluge: Add systemd sandboxing features
infinoted: Add systemd sandboxing features
storage: Add systemd sandboxing features to udiskie service
upgrades: Add systemd sandboxing features to repository setup service
security: List whether each app is sandboxed
mediawiki: Avoid delay in update script
diagnostics: Use new component based API for all diagnostic tests
minidlna: Fix showing clients information
mediawiki: Fix problem with session cache failing logins
locale: Update translations for French, German, Swedish, Greek, Hungarian, Norwegian Bokmål, and Dutch
minidlna: New app for MiniDLNA (Simple Media Server)
apps: Show app icons in app pages
apps: Implement responsive layout for app pages
samba: Recursively set open share directory permissions
transmission: Add directory selection form
mumble: Add option to set SuperUser password
cockpit: Extend apps description with access info
cockpit: Add list of valid urls to access the app
Update translations for French, German, Spanish, Portuguese, and Swedish
samba: Add new app for Samba file sharing
pagekite: Remove tabs in the configuration page
openvpn: Fix text with manual link
pagekite: Show existing services only if there are any
pagekite: Move Custom Services under Configuration
pagekite: Use the new app toggle button
openvpn: Add client apps
backups: Fix title not appearing
diagnostics: Don't run on disabled modules
apps: Remove link to webapps in app descriptions
interface: Fix error with app toggle input
templates: Add toolbar for apps
toolbar: Move diagnostics button into dropdown menu
ssh: Fix Avahi SFTP service file
diagnostics: Fix IPv6 failures
matrix-synapse: Fix installation of 1.5 from buster-backports
app: Fix javascript constant redeclaration error
ikiwiki: Move the create button to manage section
gitweb: Move create button into manage section
networks: Move actions button into connection section
users: Move create button into users section
locale: Update translations for French, German, and Swedish
gitweb: Allow to import from a remote repository
interface: Disable turbolinks on links that don't point to /plinth/...
backups: Show proper error when SSH server is not reachable
tor: Rename "Hidden Service" to "Onion Service"
ejabberd: Handle case where domain name is not set
tahoe: Mark Tahoe-LAFS as an advanced app
searx: Set safe_search to Moderate by default
backups: Make verify ssh host page string translatable
backups: Simplify SSH fingerprint verification command
doc: Fix unavailability of manual images
tor: Fix port diagnostics by correcting port data type
tor: Expect obfs service to be also available on IPv6
tor: Listen on IPv6 for OrPort
clients: implement launch button feature
apps: Implement toggle button in apps pages
Update translations for German, Hungarian, Swedish, Norwegian Bokmål, French, Polish
doc: Add Spanish manual
ssh: Add option to disable password authentication
sharing: Fix wrong links on Apache2 directory index page
gitweb: Set correct access rights after enabling application
gitweb: Fix links leading to blank page
gitweb: Set proper access after restoration of a backup
snapshot: Sort snapshot list from newest to oldest
infinoted: Add missing manual page link
backups: Fix typo
Update translations for German, Spanish, Swedish, Czech, French, Norwegian Bokmål, Hungarian
gitweb: New app for simple git hosting
ikiwiki: Allow full Unicode text in wiki/blog title names
users: reload Apache2 to flush LDAP cache after user operations
ssh: Show server fingerprints in SSH page
frontpage: Show public shortcuts to all users regardless of group
ikiwiki: Remove extra create button when no wiki/blog is present
quassel: Add Let's Encrypt component for certificates
Update translations for Czech, French, Bulgarian, Dutch, German, and Norwegian Bokmål
diagnostics: Ensure that exceptions are reported as failures
users: Rearrange UI to match with other apps
upgrades, ikiwiki, networks, backups: Replace page tabs with buttons
dynamicdns, i2p, pagekite, snapshot: Cleanup page templates
deluge: Support deluge 2 by starting it properly
minetest: Remove mod-torches no longer available in testing/unstable
security: Add past vulnerabilities count, move report to new page
Update translations for Spanish, Norwegian Bokmål, German
firstboot: Add new help menu to firstboot navbar
firstboot: Hide left menu during first boot as intended
Update translations for Chinese (Simplified) and Czech
Fix tests for letsencrypt and tor
backups: Allow adding backup repositories on multiple disks
help: Add buttons for contribute, support, and feedback
action_utils: Workaround problem with setting debconf answers
views: Fix failure in redirecting from language selection page
manual: Move PDF download link to HTML manual page
help: Convert help icon in the navbar to dropdown
ejabberd: Fix listen port configuration for ejabberd 19.x
cockpit, ejabberd: Prevent restart on freedombox startup
ejabberd: Perform host/domain name operations only when installed
logging: Improve formatting and reduce noise
translations: Update Hungarian, German, Italian, French, and Norwegian Bokmål
security: Hide vulnerability table by default
names: Perform better layout of domain names table on small screens
cockpit: Apply domain name changes immediately
ejabberd: Prevent processing empty domain name
config: Send hostname change signal only after fully processing it
letsencrypt: Don't try to obtain certificates for .local domains
avahi: Expose .local domain as a proper domain
cockpit: Make essential and install by default
tt-rss: Force upgrade to 18.12-1.1 and beyond
updates: Allow matrix-synapse 1.3 to be installed for buster users
javascript: Don't resubmit when refreshing the page
storage: Fix regression with restoring backups with storage
matrix-synapse: Use recommended reverse proxy configuration
Update translations for German, Hungarian, and Norwegian Bokmål
storage: Handle all device paths during eject
storage: Fix incorrect internationalization when throwing an error
upgrades: Use collapsible-button style for logs
firewall: Allow automatic upgrade to 0.7.x
upgrades: Handle release info change
frontpage: Fix regression with loading custom shortcuts
names: Add dynamic domain name
names: Add button to configure each type of name
names: Update page layout for clearer presentation
names: Introduce new API for domain name handling
api: Fix regression with listing only enabled apps in mobile app
Update translations for Czech, Hungarian, French, Chinese (Simplified), Turkish, Polish, and Norwegian Bokmål
backups: Make UI more consistent with other apps
backups: Make backup location tables collapsible
Updated translations for Chinese (Simplified), German, and Norwegian Bokmål
help: Show security notice when backports are in use
security: Show vulnerability counts
sharing: Allow directories to be publicly shared
backups: Add option to select/deselect all apps for backup or restore
dbus: Allow plinth user to own FreedomBox DBus service
letsencrypt: Simplify renewal hooks implementation
cockpit: Don't handle domains if app is not installed
dynamicdns: Send domain added signal properly during init
ejabberd: Backup and restore TLS certificates
Started new Galician translation on Weblate
Updated translations for Czech, Norwegian Bokmål, Hungarian, Spanish, Telugu, Chinese (Simplified), German, Turkish, and Russian
This release does not contain any functional changes, but fixes test failures when building the package.
This is a bugfix release for 19.2.
dbus: Allow plinth user to own FreedomBox DBus service
backups: Fixes to issues while adding SSH remotes:
Improve UX of adding ssh remote
Avoid creating duplicate SSH remotes
Fix issue with repository not being initialized
Verify SSH hostkey before mounting
Allow SSH directory paths with : in them
Require passphrase for encryption in add repository form
Don't send passphrase on the command line
Un-mount SSH repositories before deleting them
matrixsynapse: Fix missing translation mark
Started new Greek translation on Weblate
Updated translations for Chinese (Simplified), Hungarian, Spanish, and Russian
syncthing: Open firewall ports for listening and discovery
radicale: Workaround issue with creating log directory
Update translations for Turkish, German, Czech, Norwegian Bokmål, and Portuguese
Introduce components for firewall, webserver, uwsgi, and daemons
config: Add option to show advanced apps, which are hidden by default
monkeysphere: Hide by default
searx: Add option to allow public access to the application
Introduce component architecture for apps, with components for menus and shortcuts
Start new translation for Bulgarian
Update translations for Turkish and Norwegian Bokmål
Switch to using SVG icons for all apps.
Updated translations for Czech, Norwegian Bokmål, Hungarian, German, Turkish, and Spanish.
i2p: Include default favorites.
Separate enabled and disabled apps.
Display port forwarding info for apps.
Added Slovenian translation.
Updated translations for Dutch, German, Hungarian, Norwegian Bokmål, Polish, Portuguese, Telugu.
i2p: Enable new application for I2P Anonymity Network.
Updated translations for Czech, German, Norwegian Bokmål, and Turkish.
letsencrypt: Provide link to configure domain if not configured.
firewall: Show port numbers and types.
storage: Use more reliable method to list disks and disk space usage.
Updated translations for Russian and German.
clients: Open web app in a new browser tab
matrix-synapse: Change client diagnostics url
minetest: Fix duplicate domain names being displayed in UI
storage: Do not show an eject button on /boot partitions
letsencrypt: Call letsencrypt manage_hooks with correct arguments
dynamicdns: Install module by default
storage: Don't check type of the disk for / and /boot
storage: Don't log error when checking if partition is expandable
Updated translations for Norwegian Bokmål, Czech, German, Hungarian, Spanish, German, and Russian.
UI: Move tabs below descriptions.
firewall: Style heading
names: Add description
pagekite: Change heading text
ikiwiki: Consistent styling for delete warning page
main: Show service version in logs
setup: Organize data files into various apps
Updated translations for Czech, Hungarian, Norwegian Bokmål, Spanish, German, French, Italian, and Turkish.
config: Fix Ikiwiki entries not showing up as default apps
config: Migrate default app configuration to new conf file
config: Rename Default App to Webserver Home Page
config: Add option to use Apache's default home page as home page
config: Fix error when setting JSXC as the home page
Disable Coquelicot for Buster release
matrix-synapse: Fix LDAP login issue
config: Revert changes in freedombox.conf to avoid conffile prompt
openvpn: Migration from easy-rsa 2 to 3 for existing installations
tor: Use fixed 9001 port for relaying
package: Implement identifying packages that need conffile prompts
setup: Trigger force upgrade for app that implement it
bind: Handle conffile prompt during upgrade
apache: Pre-enable necessary apache modules
apache: Use cgid module instead of cgi
openvpn: Make frontpage shortcut appear after an upgrade
openvpn: Work around firewalld bug 919517
firewalld: Implement upgrading from 0.4.x to 0.6.x
ttrss: Implement upgrade from 17.4 to 18.12
radicale: Add description of web interface
ttrss: Add backup support
security: Migrate access config to new file
Updated translations for Czech, Hungarian, Norwegian Bokmål, Spanish, German, Telugu.
radicale: Increment module version to trigger upgrade handling
radicale: Remove obsolete diagnostics
radicale: Fix server URLs in client info
Updated translations for Czech, Norwegian Bokmål, and Spanish.
setup: Add option to handle configuration prompts during install
radicale: Simplify upgrading to newer packages
matrixsynapse: Use Let's Encrypt certificates
mldonkey: Add some more clients to the module page
mldonkey: Add to the description the three available front-ends
monkeysphere: Fix handling of multiple domains and keys
monkeysphere: Fix regression with reading new apache domain config
apache: Switch to mod_ssl from mod_gnutls
mldonkey: Enable app
upgrades: Fix priority for buster-backports version
upgrades: Fix premature adding of buster-backports sources
Updated translations for Czech, German, and Spanish
Switched to a new version number scheme: YY.N
YY is the year of release.
N is the release number within that year.
ui: Fix regression with configure button in home page.
backups: Rename 'Abort' buttons to 'Cancel'.
backups: Use icon for add repository button.
backups: Move subsubmenu below description.
backups: Add title and description to other pages.
backups: Add link to manual page.
backups: Fix styling for upload size warning.
backups: Increase timeout for SSH operations to 30 seconds.
letsencrypt: UI: Fix checkbox disabling.
datetime: Switch from chrony to systemd-timesyncd.
Updated translations for Czech, Norwegian Bokmål, and Spanish.
security: Update javascript for Content Security Policy.
help: Use correct package to determine available version.
repro: Disable app due to issues with Debian package.
ui: Fix regression with card icon style in front page.
js: Support full librejs compatibility.
js: Remove javascript license link from footer.
backups: Remove incorrectly set buffer size during download.
backups: Fix incomplete download archives.
backups: Improve performance of backup download.
radicale: Handle migration from 1.x to 2.x.
datetime: Switch from ntp to chrony.
backports: Add buster-backports to apt sources list.
Updated translations for Czech, Norwegian Bokmål, and Hungarian.
Updated translations for Czech, Hungarian, German, and Norwegian Bokmål.
UI improvements:
Fix top margin for content containers.
Fix setting width of card-list at various page sizes.
Show help nav item text when navbar is collapsed.
Hide restart/shutdown items when navbar is collapsed.
Compact pages on extra small screen sizes.
Backups improvements:
Add backup/restore support for syncthing and openvpn.
Upgrade apps before restoring them
Fix showing not-installed apps in create backup page
Automatically install required apps before restore.
Add a loader to the restore button to indicate progress.
Serve default favicon for apps that don't provide one.
radicale: Fix issue with configuration changes not applying.
storage: Fix false error message in log when visiting home page.
infinoted: Handle timeout issue when stopping daemon during setup.
matrix-synapse: Fix startup error caused by bind_address setting.
radicale: Avoid changes to conffile for radicale 2.x.
help: Fix showing status logs when an error occurs.
fail2ban: Enable bans for apache auth failures.
mldonkey: Initial work on new module for the eDonkey network.
Not available yet, due to bug in package.
Show Gujarati in the list of languages.
Replace glyphicons with forkawesome icons.
Snapshots:
Change configuration to avoid filling up disk.
Handle "Config in use" error.
Update descriptions and configuration options.
Firewall: Fix issue with transition from iptables.
Security: Switch to Argon2 password hash.
Cockpit: Add link to manual page and update description.
Radicale: Add initial support for radicale 2.x.
Setup:
Handle showing setup page after app completes installation.
Optimize installation in-progress checks and refresh time.
Updated translations for Czech, German, Spanish, Ukrainian, and Norwegian Bokmål.
Use systemd journal for logging.
Rename plinth binary package to "freedombox", and merge freedombox-setup package into it.
Storage: Merge list of removable media into existing table.
Backups: Allow remote backups to SSH servers using sshfs.
Backups: Removed asking for backup archive name.
Automatically handle future versions of PHP.
Updated translations for Hungarian, Czech, Spanish, Chinese (Simplified), Italian, Norwegian Bokmål, French, and German.
UI: Add card style and gray noise background to apps pages.
UI: Fix distortion of the client apps buttons.
ejabberd: Handle BOSH port change from TCP 5280 to 5443.
Minetest: Update mods list to available Debian packages.
Firewall: Use nftables instead of iptables.
Snapshots: Fix default snapshot listing.
Snapshots: Show description above either tab.
Snapshots: Allow snapshots to be selected for deletion.
Translations: Updated Czech, Norwegian Bokmål, Spanish, German, and Portuguese.
Backups improvements:
Allow backups to be downloaded directly, without export step.
Restore directly from uploaded backup.
Avoid error for apps with no data to backup.
Show free disk space on upload and restore page.
Do not limit maximum upload size.
openvpn: Migrate to easy-rsa 3 and fix setup issues.
Make single sign-on tickets valid for 12 hours.
Use consistent terminology for updates.
Updated translations for Czech and Portuguese.
Fix wrong color in mobile menu
snapshot: Fix broken snapshot management after snapper update
Enable backup/restore for tor, upgrades, monkeysphere, letsencrypt, tahoe
monkeysphere: Handle importing new OpenSSH format keys
udiskie: unmount drive as superuser
Updated translations for Telugu, Indonesian, and Italian
Enable backup/restore for datetime, deluge, avahi, backups, bind, security, snapshot, ssh, firewall, diagnostics, names, power, and storage.
snapshot: Fix issue with setting configuration.
backups: Fix backup archives ownership issue.
backups: Fix issue with showing exports from disks without labels.
backups: Don't rely on disk labels during export/restore.
backups: Fix downloading extracted archive files.
Updated translations for Norwegian Bokmål, French, Russian, and Spanish.
Backups
Enable backup/restore for mumble, privoxy, roundcube, searx, jsxc, coquelicot, transmission, quassel, shadowsocks, sharing, pagekite, and cockpit.
Allow backup archives to be downloaded/uploaded through browser.
mediawiki: Backup/restore settings as well as data.
User Interface
Change card text style and position.
Change maximum cards per row.
Add tint effect on card icons under "Apps".
mediawiki: Run update script for 1.31 upgrade.
customization: Show custom shortcuts on frontpage.
Updated translations for Norwegian Bokmål, Portuguese, Spanish, Czech, German, French, and Italian.
Updated translations for Hungarian and Norwegian Bokmål.
Merge Removable Media (udiskie) into Storage module.
Add Backups module for backing up apps data.
mediawiki: Enable SVG support for MediaWiki
upgrades: Clean up old kernel packages during automatic upgrades
Make the progress bar at the top of the page more visible.
Updated translations for Norwegian Bokmål, Czech, Russian, German, Hungarian, and Spanish.
Updated translations for Czech, Norwegian Bokmål, Russian, Spanish, Hungarian, and Dutch.
install: Use Post/Response/Get pattern for reloads.
Updated translations for Hindi, Spanish, Russian, Telugu, German, Hungarian, Czech, and French
ejabberd: Remove deprecated settings from already existing config files
mediawiki: Fix issue with re-installation
mediawiki: Enable Instant Commons
mediawiki: Fix images throwing 403s
turbolinks: Reload page using JavaScript
Add Lato woff2 fonts
Disable launch button for web client when not installed
configuration: Add an option to set a default app for FreedomBox. The root URL path (https://domainname/
) will redirect to the selected app.
ejabberd: Remove deprecated iqdisc
setting. To apply this fix, disable and then re-enable the Message Archive Management setting.
ejabberd: Replace logo with original version.
mediawiki: Enable short URLs, which look like https://domainname/mediawiki/ArticleName
.
radicale: Clarify description for shared calendar/addressbook.
storage: Handle mount points with spaces.
udiskie: Add button to eject drives.
udiskie: Also show read-only filesystems.
udiskie: Remove internal networks warning.
udiskie: Show special message when no storage device available.
Add turbolinks library for smoother navigation.
Removed extra text from icons for mediawiki, radicale, and tahoe-lafs.
Updated translations for Russian, Spanish, Dutch, Hungarian, Hindi, Italian, Telugu, German, and Norwegian Bokmål.
Prompt for secret during firstboot welcome
(Does not apply to downloadable FreedomBox images, but only when installed using freedombox-setup package.)
Updated translations for Italian, Dutch, Hindi, Hungarian
Fix issue where editing a user would remove them from admin group
Updated translations for Hungarian, Czech, Spanish, Russian, Hindi
Updated translations for Hungarian, Norwegian Bokmål, Spanish, Russian, Czech, Hindi, Dutch, Italian
firewall: Display information that a service is internal only
users: Don't show Create User link to non-admin users
users: Redirect to users list on successful user creation
packages: Show button to refresh package lists when a package is not available for install
Only show front page shortcuts that a user is allowed to access
Restrict removal of last admin user
Use logos instead of icons in the apps page
udiskie: New module for automatic mounting of removable media
Apply new card based design
Fix client info table size and flickering
first-setup: Automatically expand root partition
mediawiki: Enable image uploads
mediawiki: Make private mode and public registrations mutually exclusive
mediawiki: Hide frontpage shortcut when private mode is enabled
Updated translations for Norwegian Bokmål, Czech, Spanish, Russian, Hindi, Telugu, Italian, Dutch, German, and Hungarian
Updated translations for Czech, Spanish, Russian, German, Italian, Hindi, Telugu, and Norwegian Bokmål
mediawiki: Added private mode option
users: Fix user permissions not being saved
users: internationalize a string
mediawiki: Run update script for 1.30 upgrade
shortcuts: Fix urls for ikiwiki shortcuts
Updated translations for Russian, Italian, Norwegian Bokmål, Hungarian, and Hindi
setup: Remove unavailable as a state in setup_helper
security: Fix issue with Plinth locked out from sudo
Updated translations for Czech and Spanish
security: Allow console login access to user plinth
Add an option to enable/disable public registrations in mediawiki
tt-rss: Skip the check for SELF_URL_PATH
searx: Fix issue with uwsgi crashing
Updated translations for Czech, Spanish, German, Norwegian Bokmål, and Italian
setup: disable install button for currently unavailable apps
Add locale for Lithuanian (lt)
Translation updates for Italian, Czech, Russian, Spanish, German, Norwegian Bokmål, Telugu, and Dutch
middleware: Skip 'installed' message for essential apps
users: Fix admin group appearing twice in permissions
apps: Fix app names and short descriptions not being translated
snapshots: Move manual page link to the index page
UI: Fix progress bar not appearing
snapshots: Fix for permissions issue when updating configuration
snapshots: Add option to enable/disable software installation snapshots
Translation updates for Italian, Czech, Russian, Spanish, Dutch, German, Norwegian Bokmål, and Ukrainian
snapshots: Update description
searx: Rewrite url from /searx to /searx/
manual: Link to manual from each service
Workaround security issues in django-axes
apache: Only regenerate snake oil cert when needed
apache: Explicitly enable the latest version of PHP module
apache: Increase module version number to fix php7.2
Update translations for Chinese (Simplified), Russian, Czech, German, Norwegian Bokmål, Hungarian, Spanish, and Italian
sharing: Add app for sharing disk folders.
ttrss: Update list of client apps.
infinoted: Allow setup to recover after timeout issue.
snapshots: Add configuration tab with settings for time-based snapshots.
Add file-sharing application Coquelicot.
Add metasearch engine application Searx.
Add locale for Hungarian (hu).
mediawiki: Allow shortcut to be publicly visible on front page.
clients: Add and correct Client Apps.
locale: Preferred language can be set in each user's profile.
locale: Anonymous users can select preferred language.
config: Remove language selection from config page.
matrixsynapse: Fix mail attribute for ldap login.
snapshots: Modify configurations to reduce disk usage.
snapshots: Skip currently active snapshot when deleting all snapshots.
jsxc: Use consistent url format.
sso: Increase timeout to 60 minutes.
theme: Change font from Helvetica to Lato.
Translation updates for Czech, German, Gujarati, and Telugu.
matrix-synapse: Make sure configuration file does not get corrupted.
tor: Show enabled status properly.
first_setup: Fix not showing admin user creation step.
Migrate from GitHub to Salsa
Migrate from CirceCI to GitLab CI on Salsa.
Translation updates for Czech, Dutch, Gujarati, Hindi, Russian and Telugu.
Started new translation for Ukrainian.
navigation bar: Change label from 'Configuration' to 'System'.
storage: Removed beta warning for expanding partition.
groups: Consistently show available user groups, even before applications are installed.
syncthing: Restrict administration to users in "syncthing" group.
help: Show menu on smaller screens also.
diagnostics: Enable the "Run Diagnostics" button when applications are enabled but not running.
bind: Don't use forwarders by default
ejabberd: Remove redundant button Client Apps
mediawiki: Add wiki application
users: Make sure first run actually works
bind: Add information about current utility
ejabberd: Use dynamic reload instead of restart when changing configuration.
manual: Make manual available as a PDF download.
minetest: Show domain information for users to connect to minetest.
snapshots: Add button to delete all snapshots.
snapshots: Add option to enable/disable automatic timeline snapshots.
users: Add groups for bit-torrent and feed-reader, available when these applications are installed.
Add Shadowsocks client with socks5 proxy.
Fix SSO regressions and conflict with captcha.
transmission: Fix sso not being enabled on upgrade.
avahi: Add service for FreedomBox discovery.
Add client information for modules.
transmission: Enable Single Sign On.
cockpit: Add short description to frontpage shortcut.
fail2ban: Fix spelling and sentence structure.
Add mobile, web and desktop client info for modules.
Enable django SecurityMiddleware to improve security ratings.
cockpit: New module for server administration and web terminal.
letsencrypt: Fix internal server error when obtaining a certificate.
ejabberd: Fix LDAP server entry in config file during setup.
jsxc: Fix outdated URLs for connecting to local ejabberd server.
Rename Disks to Storage.
Rename Snapshot to Storage Snapshots.
tt-rss: Enable API access by default.
Allow access to Plinth from outside the LAN.
matrix-synapse: Disable public registration by default.
power: Merge actions into the user dropdown.
Add locales for Kannada (kn) and for Bengali (bn).
ejabberd: Use Let's Encrypt certificate, also across renewals.
matrix-synapse: Add enable/disable public registrations.
Add captcha validation on 3 failed attempts.
matrix-synapse: Enable LDAP integration.
letsencrypt: Automatically obtain and revoke SSL certificates.
Fix front page label names.
Fix vertical alignment of shortcut icons.
storage: Fix issue with locales that use other decimal separators.
Make tt-rss api accessible using Apache basic auth.
letsencrypt: Handle case where current domain is empty.
Handle both admin and non-admin user names in update user template.
letsencrypt: Show more info on cert validity status.
letsencrypt: Add option to delete certificates.
letsencrypt: Add option to let Plinth manage certbot's renewal hooks.
power: Warn if a package manager is running before shutdown/restart.
security: Install and manage fail2ban.
names: Include domain and services from dynamicdns.
disks: Add low disk space warning to system and disks page.
ssh: New application to manage SSH server.
Add api module to get enabled services and access info.
Add Django password validators.
ejabberd, ikiwiki, ttrss: Add user login descriptions.
diaspora: Disable for this release due to issues affecting package.
Remove help from navbar before firstboot complete.
i18n: Don't use backslash-newline for wrapping long lines.
radicale: Update link to documentation.
sso: Upgrade crypto to 4096-bit RSA and SHA-512.
Users: Allow non-admin users to log out.
letsencrypt: Make Let's Encrypt an essential module.
UI: Make apps and configure pages responsive on small screens.
Make help accessible for logged-in non-admin users.
Added Tahoe-LAFS module for distributed file storage.
Added Diaspora* module for federated social networking.
Currently only available in "contrib" repository.
New Locales for Czech (cs) and Tamil (ta).
Added SSO using auth_pubtkt for Syncthing, TT-RSS, and the Repro admin panel.
If you are logged in to Plinth, you will be automatically logged in to these web apps.
ejabberd: Added option to enable/disable Message Archive Management.
help: Added Debian release name to about page.
firstboot: De-bloat first welcome screen.
Pinned footer to the bottom of the viewport.
disks: Restrict precision of reported available space on root partition.
diagnostics: Disable button if app/service is not running.
help: Only show help pages if user is logged in.
navbar: Moved logout to user drop-down and added a new power drop-down.
disks: Show disabled partition resize option if no space is available.
Added line break to titles to fix frontpage layout.
syncthing: Fixed typos and clarity in description.
firewall: Fix 500 error when firewalld is not running.
setup: Disable install/upgrade when dpkg/apt is running.
disks: Use information from lsblk for more accuracy.
datetime: Show timezone properly when it not in expected list.
tor: Added option to use upstream bridges.
openvpn: Added shortcut to front page, shown only when logged-in.
openvpn: Non-admin users can download their own profiles.
Added new locales for Hindi (hi) and Gujarati (gu).
Added Syncthing module for file synchronization.
Added Matrix Synapse as chat server with groups, audio and video.
Require admin access for all system configuration pages.
Changed appearance of topbar and footer.
openvpn: Regenerate user key or certificate if empty.
disks: Workaround issue in parted during resize.
Two new apps were added:
Gobby Server (infinoted) for collaborative editing of text documents
Domain Name Server (BIND), in system menu
Added JavaScript license web labels to provide partial support for LibreJS.
Added basic configuration form for Minetest server.
Added indicator to Help->About page if new Plinth version is available.
Show app logos on front page instead of generic icons.
Prevent anonymous users from accessing setup pages.
Split Chat Server (XMPP) app into Chat Server (ejabberd) and Chat Client (jsxc).
Open up RTP ports in the firewall for repro (SIP server).
Front page shortcuts for services show a Configure button in the details box for logged-in users.
Add mods packages to be installed with Minetest server.
Fix issue with reading Dynamic DNS status as non-root user.
After the hostname is changed, ensure the domain name is still set correctly.
Allow the domain name to be cleared, and properly set the configuration in this case.
On the Certificates (Let's Encrypt) page, show a more informative message when no domains are configured.
On the Chat Server (XMPP) page, show more clearly if domain is not set.
Apps that require login will not be shown on the front page, unless the user is logged in.
Show status block for News Feed Reader (Tiny Tiny RSS).
Change appearance of front page with larger icons and repositioned text.
Firewall page only lists services that have been setup. The port lists are collapsible under each service.
Support configuring IPv6 networks.
Make it less likely to accidentally delete the only Plinth user.
Updated to work with JSXC 3.0.0 (XMPP web client).
Added loading icon for additional busy operations.
Added basic front page with shortcuts to web apps, and information about enabled services.
networks: Add batctl as dependency, required for batman-adv mesh networking.
users:
Fixed checking restricted usernames.
Display error message if unable to set SSH keys.
Flush nscd cache after user operations to avoid some types of errors.
monkeysphere:
Adopted to using SHA256 fingerprints.
Sort items for consistent display.
Handle new uid format of gpg2.
Fixed handling of unavailable imported domains.
minetest: Fixed showing status block and diagnostics.
Fixed stretched favicon.
Switched base template from container-fluid to container. This will narrow the content area for larger displays.
Plinth is now able to run as "plinth" user instead of root user.
xmpp: Replaced jwchat with jsxc.
ikiwiki: Allow only alphanumerics in wiki/blog name to avoid invalid paths.
Updated Plinth to support Django 1.10.
Added a page to display recent status log from Plinth. It is accessible from the 500 error page.
Tor: Added options to toggle relay and bridge relay modes.
Radicale: Added access rights control.
Ikiwiki: Updated suggested packages.
Users and Groups: Fixed editing users without SSH keys.
Networks: Added basic support for configuring batman-adv mesh networking.
Networks: Fixed incorrect access for retrieving DNS entries.
New languages:
Persian (50% translated)
Indonesian (not started, contributions needed)
New modules added to Plinth:
Disks: Shows free space of mounted partitions, and allows expanding the root partition.
Security: Controls login restrictions.
Snapshots: Manages Btrfs snapshots.
Added Polish translation.
Fixed issue preventing access to Plinth on a non-standard port.
Dealt with ownCloud removal from Debian. The ownCloud page in Plinth will be hidden if it has not been setup. Otherwise, a warning is shown.
Fixed issue in Privoxy configuration. Two overlapping listen-addresses were configured, which prevented privoxy service from starting.
Fixed issue that could allow someone to start a module setup process without being logged in to Plinth.
Fixed issues with some diagnostic tests that would show false positive results.
Added check to Diagnostics to skip tests for modules that have not been setup.
Fixed some username checks that could cause errors when editing the user.
Added sorting of menu items per locale.
Moved Dynamic DNS and Pagekite from Applications to System Configuration.
Allowed setting IP for shared network connections.
Switched Dreamplug image from "non-free" to "free". This means that we no longer include the non-free firmware for the built-in wifi on Dreamplug.
Added the "userdir" module for the Apache web server. This allows users in the "admin" group to create a folder called "public_html" under their home folder, and to publicly share files placed in this folder.
New wiki and manual content licence: Creative Commons Attribution-ShareAlike 4.0 International (from June 13rd 2016).
Switched to using apt-get for module setup in Plinth. This fixes several issues that were seen during package installs.
Fixed Wi-Fi AP setup.
Prevent lockout of users in 'sudo' group after setup is complete.
Improved setup mechanism for Plinth modules. Allows users to see what a module is useful for, before doing the setup and package install. Also allows essential modules to be setup by default during FreedomBox install.
Added HTTPS certificates to Monkeysphere page. Reorganized so that multiple domains can be added to a key.
Added Radicale, a CalDAV and CardDAV server.
Added Minetest Server, a multiplayer infinite-world block sandbox.
Added Tiny Tiny RSS, a news feed reader.
Added Quassel, an IRC client that stays connected to IRC networks and can synchronize multiple frontends.
Improved first boot user interface.
Fixed Transmission RPC whitelist issue.
Added translations for Turkish, Chinese, and Russian. Fixed and updated translations in other languages.
Added Monkeysphere, which uses PGP web of trust for SSH host key verification.
Added Let's Encrypt, to obtain certificates for domains, so that browser certificate warnings can be avoided.
Added repro, a SIP server for audio and video calls.
Allow users to set their SSH public keys, so they can login over SSH without a password.
Translations! Full translations of the interface in Danish, Dutch, French, German and Norwegian Bokmål, and partial Telugu.
Support for OLinuXino A20 MICRO and LIME2
New Plinth applications: OpenVPN, reStore
Improved first-boot experience
Many bugfixes and cleanups
New supported hardware target: Raspberry Pi 2
New modules in Plinth:
Shaarli: Web application to manage and share bookmarks
Date & Time: Configure time zone and NTP service
Service Discovery: Configure Avahi service
Documentation revamp including new user manual and developer guide
Improved diagnostic tests, available in Plinth
Avoid unnecessary changes when installing on existing Debian system
Network configuration supports PPPoE connections
Debian packages can be download over Tor
New targets: CubieTruck, i386, amd64
New apps in Plinth: Transmission, Dynamic DNS, Mumble, ikiwiki, Deluge, Roundcube, Privoxy
NetworkManager handles network configuration and can be manipulated through Plinth.
Software Upgrades (unattended-upgrades) module can upgrade the system, and enable automatic upgrades.
Plinth is now capable of installing ejabberd, jwchat, and privoxy, so they are not included in image but can be installed when needed.
User authentication through LDAP for SSH, XMPP (ejabberd), and ikiwiki.
Unit test suite is automatically run on Plinth upstream. This helps us catch at least some code errors before they are discovered by users!
New, simpler look for Plinth.
Performance improvements for Plinth.
Tor Bridges: All boxes now act as non-exit Tor bridges, routing traffic for the Tor network.
Firewall: firewall is on by default and is automatically managed.
Add BeagleBone support. We now have images for BeagleBone, RaspberryPi, VirtualBox i386/amd64, and DreamPlug.
Ability to enable and use Tor Hidden Services. Works with Ejabberd/JWChat and ownCloud services.
Enable Tor obfsproxy with scramblesuit.
Drop well-known root password (an account with sudo capabilities still exists for now but will be removed soon).
Switch to unstable as suite of choice for easier development.
Newer images are built with systemd by default (due to Debian change).
Install and operate firewall automatically (uses firewalld).
Major restructuring of Plinth UI using Python3, Django web development framework and Bootstrap3. Code quality is much better and UI is more polished.
Introduced packaging framework in Plinth UI for on-demand application installation.
Support for Raspberry Pi and VirtualBox (x86) in addition to the DreamPlug.
New Services:
Configuration Management UI.
Instant Messaging.
OwnCloud.
dnsmasq.
Low-Level Configuration Management.
Service Announcement.
LDAP Server.
LXC Support.
Source Packages.
The privoxy setup is now the default from Debian.
First FreedomBox software release (0.1 image, developer release).
Full hardware support in Debian
Support for DreamPlug.
Basic software tools selected as common working environment:
User interface system "plinth"
Cryptography tools: gpg or "monkeysphere"
Box-to-box communication design: Freedom-buddy (uses TOR network)
Web cleaning: "privoxy-freedombox".