{
'key' => 'selfservice-timeout',
- 'section' => 'self-service',
- 'description' => 'Timeout for the self-service login cookie, in seconds. Defaults to 1 hour.',
+ 'section' => 'deprecated',
+ 'description' => 'Deprecated. Was the timeout for the self-service login cookie, in seconds. Defaulted to 1 hour.',
'type' => 'text',
},
"$file.tex"
);
- my $timeout = 30; #? should be more than enough
+ my $timeout = 60; #an entire minute is enough? LaTeX is slower in bullseye?
for ( 1, 2 ) {
use Geo::JSON::Polygon;
use Geo::JSON::Feature;
-# update this in 2020, along with the URL for the TIGERweb service
-our $CENSUS_YEAR = 2010;
+our $CENSUS_YEAR = 2020;
our $tech_label = FS::part_pkg_fcc_option->technology_labels;
inSR => 4326,
outSR => 4326,
spatialRel => 'esriSpatialRelIntersects', # the test to perform
- outFields => 'OID,GEOID',
+ outFields => 'GEOID',
returnGeometry => 'false',
orderByFields => 'OID',
);
#warn "Census block lookup: $count\n";
- # we have to do our own pagination on this, because the census bureau
- # doesn't support resultOffset (maybe they don't have ArcGIS 10.3 yet).
- # that's why we're ordering by OID, it's globally unique
- my $last_oid = 0;
my $done = 0;
while (!$done) {
$response = $ua->request(
POST $url, Content => [
%query,
- where => "OID>$last_oid",
+ resultOffset => $inserted,
]
);
die $response->status_line unless $response->is_success;
}
#warn "Inserted $inserted records\n";
- $last_oid = $data->{features}[-1]{attributes}{OID};
$done = 1 unless $data->{exceededTransferLimit};
}
default=> '/etc/bind/named.conf' },
'zonepath' => { label => 'path to zone files',
default=> '/etc/bind/', },
+ 'local_zonepath'=>{ label => 'path to zone files in named.conf (optional override)',
+ },
'bind_release' => { label => 'ISC BIND Release',
type => 'select',
options => [qw(BIND8 BIND9)],
my @exports = qsearch('part_export', { 'exporttype' => 'bind' } );
my @sexports = qsearch('part_export', { 'exporttype' => 'bind_slave' } );
-my $rsync = File::Rsync->new({
+my $rsync = File::Rsync->new(
rsh => 'ssh',
# dry_run => 1,
-});
+);
foreach my $export ( @exports ) {
close CONF_HEADER;
}
- my $zonepath = $export->option('zonepath');
+ my $zonepath = $export->option('local_zonepath')
+ || $export->option('zonepath');
$zonepath =~ s/\/$//;
my @svc_domain = $export->svc_x;
}
- $rsync->exec( {
+ $zonepath = $export->option('zonepath');
+ $zonepath =~ s/\/$//;
+
+ $rsync->exec(
src => "$prefix/",
recursive => 1,
dest => "root\@$machine:$zonepath/",
exclude => [qw( *.import named.conf.HEADER named.conf )],
- } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
+ ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
# warn $rsync->out;
- $rsync->exec( {
+ $rsync->exec(
src => "$prefix/named.conf",
dest => "root\@$machine:". $export->option('named_conf'),
- } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
+ ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
# warn $rsync->out;
ssh("root\@$machine", "$ndc_cmd reload");
}
- $rsync->exec( {
+ $rsync->exec(
src => "$prefix/named.conf",
dest => "root\@$machine:". $sexport->option('named_conf'),
- } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
+ ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
# warn $rsync->out;
ssh("root\@$machine", "$ndc_cmd reload");
# -----
sub usage {
- die "Usage:\n bind.export user\n";
+ die "Usage:\n freeside-bind-export user\n";
}
#(an include directory, not a file, "Include /etc/apache/conf.d" in httpd.conf)
#debian unstable/8.0+, apache2.4
APACHE_CONF = /etc/apache2/conf-available
-INSSERV_OVERRIDE = /etc/insserv/overrides
FREESIDE_RESTART = ${INIT_FILE} restart
[ -d ${APACHE_CONF} ] && [ -x /usr/sbin/a2enconf ] && ( /usr/sbin/a2enconf freeside-base2.4 ) || true
[ -d ${APACHE_CONF} ] && [ -x /usr/sbin/a2disconf ] && ( /usr/sbin/a2disconf freeside-base2 ) || true
[ -d ${APACHE_CONF} ] && [ -x /usr/sbin/a2enconf ] && [ ${RT_ENABLED} -eq 1 ] && ( /usr/sbin/a2enconf freeside-rt ) || true
- [ -d ${INSSERV_OVERRIDE} ] && [ -x /sbin/insserv ] && ( install -o root -m 755 init.d/insserv-override-apache2 ${INSSERV_OVERRIDE}/apache2 && insserv -d ) || true
+ [ -x /usr/bin/systemctl ] && mkdir /etc/systemd/system/apache.service.d/ || true
+ [ -x /usr/bin/systemctl ] && ( install -o root -m 755 init.d/systemd-apache-override.conf /etc/systemd/system/apache2.service.d/override.conf && /usr/bin/systemctl daemon-reload ) || true
install-selfservice:
[ -e ~freeside ] || cp -pr /etc/skel ~freeside && chown -R freeside ~freeside
+++ /dev/null
-#!/usr/bin/perl -w
-
-use strict;
-use File::Path;
-use File::Rsync;
-use Net::SSH qw(ssh);
-use FS::UID qw(adminsuidsetup datasrc);
-use FS::Record qw(qsearch qsearchs);
-use FS::part_export;
-use FS::cust_pkg;
-use FS::cust_svc;
-use FS::svc_domain;
-
-my $user = shift or die &usage;
-adminsuidsetup $user;
-
-my $spooldir = "/usr/local/etc/freeside/export.". datasrc. "/bind";
-mkdir $spooldir, 0700 unless -d $spooldir;
-
-my @exports = qsearch('part_export', { 'exporttype' => 'bind' } );
-my @sexports = qsearch('part_export', { 'exporttype' => 'bind_slave' } );
-
-my $rsync = File::Rsync->new({
- rsh => 'ssh',
-# dry_run => 1,
-});
-
-foreach my $export ( @exports ) {
-
- my $machine = $export->machine;
- my $prefix = "$spooldir/$machine";
-
- my $bind_rel = $export->option('bind_release');
- my $ndc_cmd = $export->option('reload')
- || ( ($bind_rel eq 'BIND9') ? 'rndc' : 'ndc' );
- my $minttl = $export->option('bind9_minttl');
-
- #prevent old domain files from piling up
- #rmtree "$prefix" or die "can't rmtree $prefix.db: $!";
-
- mkdir $prefix, 0700 unless -d $prefix;
-
- open(NAMED_CONF,">$prefix/named.conf")
- or die "can't open $prefix/named.conf: $!";
-
- if ( -e "$prefix/named.conf.HEADER" ) {
- open(CONF_HEADER,"<$prefix/named.conf.HEADER")
- or die "can't open $prefix/named.conf.HEADER: $!";
- while (<CONF_HEADER>) { print NAMED_CONF $_; }
- close CONF_HEADER;
- }
-
- my $zonepath = $export->option('zonepath');
- $zonepath =~ s/\/$//;
-
- my @svc_domain = $export->svc_x;
-
- foreach my $svc_domain ( @svc_domain ) {
- my $domain = $svc_domain->domain;
- my @masters = qsearch('domain_record', {
- 'svcnum' => $svc_domain->svcnum,
- 'rectype' => '_mstr',
- } );
- if ( @masters ) {
- my $masters = join('; ', map { $_->recdata } @masters );
-
- print NAMED_CONF <<END;
-zone "$domain" {
- type slave;
- file "db.$domain";
- masters { $masters; };
-};
-
-END
- unlink "$prefix/db.$domain" if -e "$prefix/db.$domain";
-
- } else {
-
- print NAMED_CONF <<END;
-zone "$domain" {
- type master;
- file "$zonepath/db.$domain";
-};
-
-END
-
- open (DB_MASTER,">$prefix/db.$domain")
- or die "can't open $prefix/db.$domain: $!";
-
- if ($bind_rel eq 'BIND9') {
- print DB_MASTER "\$TTL $minttl\n\$ORIGIN $domain.\n";
- }
-
- my @domain_records =
- qsearch('domain_record', { 'svcnum' => $svc_domain->svcnum } );
- foreach my $domain_record (
- sort { $b->rectype cmp $a->rectype } @domain_records
- ) {
- #if ( $domain_record->rectype eq 'SOA' ) {
- # print DB_MASTER join("\t", $domain_record-> reczone
- #} else {
- print DB_MASTER join("\t",
- map { $domain_record->getfield($_) }
- qw( reczone recaf rectype recdata )
- ), "\n";
- #}
- }
-
- close DB_MASTER;
-
- }
-
- }
-
- $rsync->exec( {
- src => "$prefix/",
- recursive => 1,
- dest => "root\@$machine:$zonepath/",
- exclude => [qw( *.import named.conf.HEADER named.conf )],
- } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
- # warn $rsync->out;
-
- $rsync->exec( {
- src => "$prefix/named.conf",
- dest => "root\@$machine:". $export->option('named_conf'),
- } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
-# warn $rsync->out;
-
- ssh("root\@$machine", "$ndc_cmd reload");
-
-}
-
-close NAMED_CONF;
-
-foreach my $sexport ( @sexports ) { #false laziness with above
-
- my $machine = $sexport->machine;
- my $prefix = "$spooldir/$machine";
-
- my $bind_rel = $sexport->option('bind_release');
- my $ndc_cmd = ($bind_rel eq 'BIND9') ? 'rndc' : 'ndc';
-
- #prevent old domain files from piling up
- #rmtree "$prefix" or die "can't rmtree $prefix.db: $!";
-
- mkdir $prefix, 0700 unless -d $prefix;
-
- open(NAMED_CONF,">$prefix/named.conf")
- or die "can't open $prefix/named.conf: $!";
-
- if ( -e "$prefix/named.conf.HEADER" ) {
- open(CONF_HEADER,"<$prefix/named.conf.HEADER")
- or die "can't open $prefix/named.conf.HEADER: $!";
- while (<CONF_HEADER>) { print NAMED_CONF $_; }
- close CONF_HEADER;
- }
-
- my $masters = $sexport->option('master');
-
- #false laziness with freeside-sqlradius-reset
- my @svc_domain =
- map { qsearchs('svc_domain', { 'svcnum' => $_->svcnum } ) }
- map { qsearch('cust_svc', { 'svcpart' => $_->svcpart } ) }
- grep { qsearch('cust_svc', { 'svcpart' => $_->svcpart } ) }
- $sexport->export_svc;
-
- foreach my $svc_domain ( @svc_domain ) {
- my $domain = $svc_domain->domain;
- print NAMED_CONF <<END;
-zone "$domain" {
- type slave;
- file "db.$domain";
- masters { $masters; };
-};
-
-END
-
- }
-
- $rsync->exec( {
- src => "$prefix/named.conf",
- dest => "root\@$machine:". $sexport->option('named_conf'),
- } ) or die "rsync to $machine failed: ". join(" / ", $rsync->err);
-# warn $rsync->out;
-
- ssh("root\@$machine", "$ndc_cmd reload");
-
-}
-close NAMED_CONF;
-
-# -----
-
-sub usage {
- die "Usage:\n bind.export user\n";
-}
-
liblocale-codes-perl, liblocale-po-perl, libgeo-uscensus-geocoding-perl,
libnet-sftp-foreign-perl, libpdf-webkit-perl, libgeo-shapelib-perl,
libgeo-json-perl, libauth-googleauth-perl
-Conflicts: libparams-classify-perl (>= 0.013-6)
Replaces: freeside (<<4)
Breaks: freeside (<<4)
Description: Libraries for Freeside billing and trouble ticketing
/usr/local/etc/freeside/profile
+/etc/systemd/system/apache2.service.d
/usr/sbin/a2enmod mpm_prefork
#/usr/sbin/service restart apache2
-#XXX systemd equivalent (start apache after postgres)
-/sbin/insserv -d
+/usr/bin/systemctl daemon-reload
exit 0
install -d $(FREESIDE_DOCUMENT_ROOT)
install -d $(TMP)-webui/usr/local/etc/freeside/
- install -d $(TMP)-webui/etc/insserv/overrides/
+ install -d $(TMP)-webui/etc/systemd/system/apache2.service.d/
install -d $(TMP)/usr/local/etc/freeside/
# install -d $(TMP)-lib/usr/bin
# Create Apache configurations
install -d $(APACHE_CONF)
$(MAKE) -e DESTDIR=$(APACHE_CONF) install-apache
- install -o root -m 755 init.d/insserv-override-apache2 $(TMP)-webui/etc/insserv/overrides/apache2
+ install -o root -m 755 init.d/systemd-apache-override.conf $(TMP)-webui/etc/systemd/system/apache2.service.d/override.conf
#Hack the build dir out of apache config
$fill_in->{$_} = $access_info->{$_} foreach keys %$access_info;
# update the user's authentication
- my $timeout = $access_info->{'timeout'} || '3600';
my $cookie = CGI::Cookie->new('-name' => 'session',
'-value' => $session_id,
- '-expires' => '+'.$timeout.'s',
#'-secure' => 1, # would be a good idea...
);
if ( $name eq 'logout' ) {
<TR>
<TD COLSPAN=4>
<IMG SRC="<% $fsurl %>images/error.png">
- <FONT COLOR="#FF0000" SIZE="+1"><% $top_warning %></FONT>
+ <FONT COLOR="#FF0000" SIZE="+1"><% $top_warning |n %></FONT>
</TD>
</TR>
% }
my %status_image = ( 'status' => 'images/tick.png', 'warning' => 'images/tick.png', 'error' => 'images/error.png', );
my @top_warnings = ();
+
my $deb_version = int(slurp('/etc/debian_version'));
#per wiki.debian.org/LTS
push @top_warnings, deb_warning($deb_version)
- if ( $deb_version <= 8 )
- or ( $deb_version == 9 && time > 1656658800 ) #7/1/2022
- or ( $deb_version == 10 && time > 1719817200 ) #7/1/2024
- or ( $deb_version == 11 && time > 1782889200 ) #7/1/2026
-;
+ if ( $deb_version <= 10 )
+ or ( $deb_version == 11 && time > 1788246000 ) #9/1/2026
+ or ( $deb_version == 12 && time > 1846047600 ) #7/1/2028
+; # ref: wiki.debian.org/LTS
+
+if ( driver_name =~ /^Pg/ ) {
+ my $pg_ver = FS::Record->scalar_sql('SELECT VERSION()');
+ if ( $pg_ver =~ /^\s*PostgreSQL\s+([\d\.]+)\s/ ) {
+ $pg_ver = $1;
+ push @top_warnings, pg_warning($pg_ver)
+ if ( $pg_ver <= 11 )
+ or ( int($pg_ver) <= 13 && time > 1788246000 ) #9/1/2026
+ or ( int($pg_ver) <= 15 && time > 1846047600 ) #7/1/2028
+ ;
+ } else {
+ warn "Unknown Pg version $pg_ver\n"; #?
+ }
+}
sub deb_warning {
my $ver = shift;
<<"END";
WARNING: Your operating system (Debian v$ver) is EOL and no longer supported.
-This is insecure and a violation of PCI data security standard.
+This is insecure and a violation of the PCI data security standard.
Contact <a href="mailto:sales\@freeside.biz?subject=Debian OS upgrade">sales\@freeside.biz</a> to schedule an upgrade ASAP.
END
}
+sub pg_warning {
+ my $ver = shift;
+ <<"END";
+WARNING: Your database (PostgreSQL v$ver) is EOL and no longer supported.
+This is insecure and a violation of the PCI data security standard.
+Contact <a href="mailto:sales\@freeside.biz?subject=PostgreSQL DB upgrade">sales\@freeside.biz</a> to schedule an upgrade ASAP.
+END
+}
+
</%init>
+++ /dev/null
-### BEGIN INIT INFO
-# Provides: apache2
-# Required-Start: $local_fs $remote_fs $network $syslog $named
-# Required-Stop: $local_fs $remote_fs $network $syslog $named
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# X-Interactive: true
-# Short-Description: Start/stop apache2 web server
-# Should-Start: postgresql mysql
-# Should-Stop: postgresql mysql
-### END INIT INFO
--- /dev/null
+[Unit]
+After=postgresql.service