Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Removes v2 service configuration and setup support #5915

Merged
merged 3 commits into from
Apr 29, 2021
Merged

Conversation

zenmonkeykstop
Copy link
Contributor

@zenmonkeykstop zenmonkeykstop commented Apr 23, 2021

Status

Ready for review

Description of Changes

Closes #5731 .

  • Removes the options to select v2 and/or v3 in sdconfig. v3 is the only option available, so no need to prompt.
  • Removes ansible tasks and defaults related to v2 service setup, and cleans up conditionals around v3 config.
  • Removes tailsconfig tasks and defaults related to v2 services.

Testing

Perform a from-scratch prod install with ssh-over-tor:

  • Verify that you are not prompted to choose either v2 or v3 services during sdconfig
  • Verify that the installation completes successfully
  • Verify that tailsconfig completes successfully and only v3 desktops and ssh configs are created.
  • Verify that v2 services are not defined on either server
  • Verify backup/restore functionality

Perform a from-scratch prod install with ssh-over-lan:

  • Verify that the cases above also pass with ssh-over-lan.

Run the install playbook against an existing 1.8.1 Focal instance:

  • Verify that the installation completes successfully
  • Verify that tailsconfig completes successfully and only v3 desktops and ssh configs are created.
  • Verify that v2 services are not defined on either server

Deployment

Changes are deployed with admin workstation update (manual or GUI). In terms of server-side impact there should be no need for admin intervention or postint-style changes, as all new instances are v3-only anyway, and all instances must transition to Focal to remain accessible. The config files created by this branch are unchanged from those from a 1.8.0 or greater Focal install, with the exception of site-specific, which will now not contain the {v2,v3}_onion_services variables.

Checklist

If you made changes to the server application code:

  • Linting (make lint) and tests (make test) pass in the development container

If you made changes to the system configuration:

If you added or removed a file deployed with the application:

  • I have updated AppArmor rules to include the change

If you made non-trivial code changes:

  • I have written a test plan and validated it for this PR

Choose one of the following:

  • I have opened a PR in the docs repo for these changes, or will do so later
  • I would appreciate help with the documentation
  • These changes do not require documentation

- Removes the options to select v2 and/or v3 in sdconfig. v3 is the only option
available, so no need to prompt
- Removes ansible tasks and defaults related to v2 service setup, and cleans up
conditionals around v3 config
- Removes tailsconfig tasks and defauls related to v2 services
@codecov-commenter
Copy link

codecov-commenter commented Apr 24, 2021

Codecov Report

Merging #5915 (a65bbd1) into develop (14c9d3a) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff            @@
##           develop    #5915   +/-   ##
========================================
  Coverage    85.39%   85.39%           
========================================
  Files           53       53           
  Lines         3904     3904           
  Branches       485      485           
========================================
  Hits          3334     3334           
  Misses         457      457           
  Partials       113      113           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 14c9d3a...a65bbd1. Read the comment docs.

Copy link
Contributor

@emkll emkll left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @zenmonkeykstop , changes LGTM, went through the test plan and visual review of the changes. I've opened freedomofpress/securedrop-docs#207 to track the documentation changes, which should be merged prior to releasing the changes introduced here.

# v2 Tor onion services are on / v3 Tor onion services are off by default for backwards
# compatibility. Note that new installs after 1.0 will have v3 enabled by sdconfig which
# will override these variables.
v2_onion_services: true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these vars might linger in a site-specific file of existing instances, but since they are no longer used that should be fine

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Remove support for v2 Onion Services
4 participants