From 7fe685d072441fa5a8d9605e2409ca20fc0cd965 Mon Sep 17 00:00:00 2001 From: Andrew Dryga Date: Tue, 4 Apr 2023 09:41:12 -0600 Subject: [PATCH] Make all tests pass I removed some of VPN/Wall settings (they are irrelevant once we move out gateway) along with port-based rules conditions (since we are moving to userspace wg). --- apps/domain/.formatter.exs | 10 + apps/domain/.gitignore | 39 +++ apps/domain/README.md | 3 + apps/domain/coveralls.json | 5 + apps/domain/fz_http/application.ex | 84 ------ apps/domain/fz_http/encrypted/binary.ex | 7 - apps/domain/fz_http/encrypted/map.ex | 7 - apps/domain/fz_http/repo/notifier.ex | 39 --- apps/domain/fz_http/rules/rule.ex | 14 - apps/domain/fz_http/server.ex | 41 --- apps/domain/fz_http/types/protocols.ex | 21 -- apps/domain/fz_http/vault.ex | 7 - apps/domain/fz_http/vpn_session_scheduler.ex | 27 -- apps/domain/{fz_http.ex => lib/domain.ex} | 9 +- .../{fz_http => lib/domain}/api_tokens.ex | 12 +- .../domain}/api_tokens/api_token.ex | 6 +- .../domain}/api_tokens/api_token/changeset.ex | 6 +- .../domain}/api_tokens/api_token/query.ex | 6 +- .../domain}/api_tokens/authorizer.ex | 10 +- apps/domain/lib/domain/application.ex | 39 +++ apps/domain/{fz_http => lib/domain}/auth.ex | 18 +- .../domain}/auth/authorizer.ex | 20 +- .../{fz_http => lib/domain}/auth/context.ex | 2 +- .../{fz_http => lib/domain}/auth/mfa.ex | 8 +- .../domain}/auth/mfa/method.ex | 8 +- .../domain}/auth/mfa/method/changeset.ex | 8 +- .../domain}/auth/mfa/method/query.ex | 6 +- .../{fz_http => lib/domain}/auth/oidc.ex | 4 +- .../domain}/auth/oidc/connection.ex | 6 +- .../domain}/auth/oidc/connection/changeset.ex | 4 +- .../domain}/auth/oidc/connection/query.ex | 6 +- .../domain}/auth/oidc/refresh_manager.ex | 8 +- .../domain}/auth/oidc/refresher.ex | 6 +- .../domain}/auth/permission.ex | 2 +- .../{fz_http => lib/domain}/auth/role.ex | 4 +- .../{fz_http => lib/domain}/auth/roles.ex | 16 +- .../domain}/auth/saml/start_proxy.ex | 8 +- .../{fz_http => lib/domain}/auth/subject.ex | 8 +- apps/domain/{fz_http => lib/domain}/config.ex | 22 +- .../domain}/config/authorizer.ex | 8 +- .../{fz_http => lib/domain}/config/caster.ex | 2 +- .../domain}/config/configuration.ex | 14 +- .../domain}/config/configuration/changeset.ex | 12 +- .../configuration/openid_connect_provider.ex | 6 +- .../configuration/saml_identity_provider.ex | 8 +- .../domain}/config/definition.ex | 16 +- .../domain}/config/definitions.ex | 63 ++--- .../{fz_http => lib/domain}/config/dumper.ex | 2 +- .../{fz_http => lib/domain}/config/errors.ex | 12 +- .../{fz_http => lib/domain}/config/fetcher.ex | 4 +- .../{fz_http => lib/domain}/config/logo.ex | 8 +- .../domain}/config/resolver.ex | 6 +- .../domain}/config/validator.ex | 2 +- .../domain}/connectivity_checks.ex | 12 +- .../domain}/connectivity_checks/authorizer.ex | 10 +- .../connectivity_checks/connectivity_check.ex | 4 +- .../connectivity_check/changeset.ex | 6 +- .../connectivity_check/query.ex | 6 +- .../domain}/connectivity_checks/poller.ex | 6 +- apps/domain/{fz_http => lib/domain}/crypto.ex | 2 +- .../domain/{fz_http => lib/domain}/devices.ex | 14 +- .../domain}/devices/authorizer.ex | 14 +- .../{fz_http => lib/domain}/devices/device.ex | 16 +- .../domain}/devices/device/changeset.ex | 36 +-- .../domain}/devices/device/query.ex | 10 +- .../domain}/devices/stats_updater.ex | 4 +- apps/domain/lib/domain/encrypted/binary.ex | 7 + apps/domain/lib/domain/encrypted/map.ex | 7 + .../{fz_http => lib/domain}/name_generator.ex | 2 +- apps/domain/lib/domain/notifications.ex | 97 +++++++ .../domain/{fz_http => lib/domain}/release.ex | 49 ++-- apps/domain/{fz_http => lib/domain}/repo.ex | 4 +- apps/domain/{fz_http => lib/domain}/rules.ex | 14 +- .../domain}/rules/authorizer.ex | 10 +- apps/domain/lib/domain/rules/rule.ex | 14 + .../domain}/rules/rule/changeset.ex | 16 +- .../domain}/rules/rule/query.ex | 6 +- .../{fz_http => lib/domain}/telemetry.ex | 28 +- .../domain}/telemetry/posthog.ex | 2 +- .../domain}/telemetry/timer.ex | 4 +- .../{fz_http => lib/domain}/types/cidr.ex | 4 +- .../{fz_http => lib/domain}/types/inet.ex | 2 +- .../domain}/types/int4range.ex | 2 +- .../{fz_http => lib/domain}/types/ip.ex | 6 +- .../{fz_http => lib/domain}/types/ip_port.ex | 2 +- apps/domain/lib/domain/types/protocols.ex | 21 ++ apps/domain/{fz_http => lib/domain}/users.ex | 12 +- .../domain}/users/authorizer.ex | 10 +- .../{fz_http => lib/domain}/users/user.ex | 10 +- .../domain}/users/user/changeset.ex | 10 +- .../domain}/users/user/query.ex | 6 +- .../{fz_http => lib/domain}/validator.ex | 10 +- apps/domain/lib/domain/vault.ex | 6 + apps/domain/mix.exs | 86 ++++++ .../test/domain}/api_tokens_test.exs | 14 +- .../test/domain}/auth/mfa_test.exs | 10 +- .../test/domain}/auth/oidc/refresher_test.exs | 16 +- .../test/domain}/auth_test.exs | 10 +- .../test/domain}/config/caster_test.exs | 4 +- .../test/domain}/config/definition_test.exs | 10 +- .../test/domain}/config/fetcher_test.exs | 8 +- .../test/domain}/config/resolver_test.exs | 6 +- .../test/domain}/config/validator_test.exs | 16 +- .../test/domain}/config_test.exs | 36 +-- .../connectivity_checks/poller_test.exs | 8 +- .../test/domain}/connectivity_checks_test.exs | 12 +- .../test/domain}/crypto_test.exs | 4 +- .../domain}/devices/device/query_test.exs | 34 +-- .../domain}/devices/stats_updater_test.exs | 6 +- .../test/domain}/devices_test.exs | 32 +-- .../test/domain}/name_generator_test.exs | 4 +- .../test/domain}/notifications_test.exs | 8 +- .../test/domain}/release_test.exs | 14 +- .../test/domain}/rules_test.exs | 32 +-- .../test/domain}/telemetry_test.exs | 40 +-- .../test/domain}/types/cidr_test.exs | 4 +- .../test/domain}/users_test.exs | 18 +- apps/domain/test/support/case_template.ex | 21 ++ .../{web => domain}/test/support/data_case.ex | 10 +- .../support/fixtures/api_tokens_fixtures.ex | 10 +- .../test/support/fixtures/config_fixtures.ex | 6 +- .../fixtures/connectivity_checks_fixtures.ex | 6 +- .../test/support/fixtures/devices_fixtures.ex | 10 +- .../test/support/fixtures/mfa_fixtures.ex | 8 +- .../fixtures/notifications_fixtures.ex | 2 +- .../test/support/fixtures/rules_fixtures.ex | 8 +- .../test/support/fixtures/subject_fixtures.ex | 8 +- .../test/support/fixtures/users_fixtures.ex | 8 +- apps/domain/test/support/test_helpers.ex | 175 ++++++++++++ apps/domain/test/test_helper.exs | 2 + apps/web/.formatter.exs | 1 - apps/web/README.md | 2 +- .../live/device_live/admin/show.html.heex | 2 - .../live/hooks/allow_ecto_sandbox.ex | 6 - apps/web/lib/fz_http_web/presence.ex | 11 - apps/web/lib/fz_http_web/views/auth_view.ex | 3 - .../web/lib/fz_http_web/views/browser_view.ex | 4 - apps/web/lib/fz_http_web/views/root_view.ex | 3 - apps/web/lib/fz_http_web/views/rule_view.ex | 3 - apps/web/lib/{fz_http_web.ex => web.ex} | 48 ++-- apps/web/lib/web/application.ex | 19 ++ .../auth/html/authentication.ex | 14 +- .../auth/html/error_handler.ex | 8 +- .../auth/html/pipeline.ex | 8 +- .../auth/json/authentication.ex | 6 +- .../auth/json/error_handler.ex | 4 +- .../auth/json/pipeline.ex | 8 +- .../authorization_helpers.ex | 4 +- .../channels/notification_channel.ex | 10 +- .../controller_helpers.ex | 6 +- .../controllers/auth_controller.ex | 22 +- .../controllers/browser_controller.ex | 4 +- .../controllers/debug_controller.ex | 4 +- .../json/configuration_controller.ex | 10 +- .../controllers/json/device_controller.ex | 10 +- .../controllers/json/fallback_controller.ex | 14 +- .../controllers/json/rule_controller.ex | 10 +- .../controllers/json/user_controller.ex | 10 +- .../controllers/root_controller.ex | 6 +- .../controllers/user_controller.ex | 14 +- .../lib/{fz_http_web => web}/doc_helpers.ex | 2 +- apps/web/lib/{fz_http_web => web}/endpoint.ex | 24 +- .../lib/{fz_http_web => web}/error_helpers.ex | 6 +- apps/web/lib/{fz_http_web => web}/gettext.ex | 6 +- .../{fz_http_web => web}/header_helpers.ex | 6 +- .../connectivity_check_live/index.html.heex | 4 +- .../connectivity_check_live/index_live.ex | 6 +- .../live/device_live/admin/index.html.heex | 6 +- .../live/device_live/admin/index_live.ex | 6 +- .../web/live/device_live/admin/show.html.heex | 2 + .../live/device_live/admin/show_live.ex | 10 +- .../live/device_live/new_form_component.ex | 15 +- .../device_live/new_form_component.html.heex | 2 +- .../device_live/unprivileged/index.html.heex | 6 +- .../device_live/unprivileged/index_live.ex | 6 +- .../device_live/unprivileged/show.html.heex | 2 +- .../device_live/unprivileged/show_live.ex | 12 +- .../lib/web/live/hooks/allow_ecto_sandbox.ex | 6 + .../live/hooks/live_auth.ex | 10 +- .../live/hooks/live_mfa.ex | 6 +- .../live/hooks/live_nav.ex | 2 +- .../live/logo_component.ex | 6 +- .../live/mfa_live/auth_live.ex | 8 +- .../live/mfa_live/register_component.ex | 8 +- .../live/mfa_live/register_steps_component.ex | 4 +- .../live/modal_component.ex | 6 +- .../live/notifications_live/badge.ex | 8 +- .../live/notifications_live/badge.html.heex | 0 .../live/notifications_live/index.html.heex | 2 +- .../live/notifications_live/index_live.ex | 8 +- .../oidc_live/connections_table_component.ex | 10 +- .../connections_table_component.html.heex | 0 .../live/rule_live/index.html.heex | 8 +- .../live/rule_live/index_live.ex | 4 +- .../live/rule_live/rule_list_component.ex | 11 +- .../rule_live/rule_list_component.html.heex | 19 +- .../live/setting_live/account.html.heex | 20 +- .../setting_live/account_form_component.ex | 6 +- .../account_form_component.html.heex | 4 +- .../live/setting_live/account_live.ex | 10 +- .../setting_live/client_defaults.html.heex | 6 +- .../client_defaults_form_component.ex | 8 +- .../client_defaults_form_component.html.heex | 2 +- .../live/setting_live/client_defaults_live.ex | 6 +- .../live/setting_live/customization.html.heex | 10 +- .../live/setting_live/customization_live.ex | 10 +- .../setting_live/new_api_token_component.ex | 6 +- .../live/setting_live/oidc_form_component.ex | 12 +- .../live/setting_live/saml_form_component.ex | 10 +- .../live/setting_live/security.html.heex | 8 +- .../live/setting_live/security_live.ex | 19 +- .../setting_live/show_api_token_component.ex | 8 +- .../unprivileged/account.html.heex | 12 +- .../unprivileged/account_form_component.ex | 6 +- .../account_form_component.html.heex | 4 +- .../setting_live/unprivileged/account_live.ex | 10 +- .../live/sidebar_component.ex | 4 +- .../live/user_live/form_component.ex | 6 +- .../live/user_live/form_component.html.heex | 4 +- .../live/user_live/index.html.heex | 11 +- .../live/user_live/index_live.ex | 6 +- .../live/user_live/show.html.heex | 16 +- .../live/user_live/show_live.ex | 12 +- .../user_live/vpn_connection_component.ex | 10 +- .../live/user_live/vpn_status_component.ex | 2 +- .../lib/{fz_http_web => web}/live_helpers.ex | 8 +- apps/web/lib/{fz_http_web => web}/mailer.ex | 8 +- .../{fz_http_web => web}/mailer/auth_email.ex | 8 +- .../mailer/noop_adapter.ex | 4 +- .../templates/auth_email/magic_link.html.heex | 0 .../templates/auth_email/magic_link.text.eex | 0 .../lib/{fz_http_web => web}/oauth/pkce.ex | 4 +- .../lib/{fz_http_web => web}/oidc/state.ex | 6 +- .../{fz_http_web => web}/plug/path_prefix.ex | 4 +- .../plug/require_local_authentication.ex | 6 +- .../plug/samly_target_url.ex | 2 +- apps/web/lib/web/presence.ex | 5 + .../lib/{fz_http_web => web}/proxy_headers.ex | 4 +- apps/web/lib/{fz_http_web => web}/router.ex | 62 ++--- apps/web/lib/{fz_http_web => web}/sandbox.ex | 2 +- apps/web/lib/{fz_http_web => web}/session.ex | 12 +- .../sockets/user_socket.ex | 10 +- .../templates/auth/request.html.heex | 0 .../templates/auth/reset_password.html.heex | 0 .../templates/browser/browserconfig.xml.eex | 0 .../templates/layout/admin.html.heex | 10 +- .../templates/layout/app.html.heex | 0 .../templates/layout/email.html.heex | 0 .../templates/layout/live.html.heex | 2 +- .../templates/layout/root.html.heex | 4 +- .../templates/layout/unprivileged.html.heex | 6 +- .../templates/root/auth.html.heex | 0 .../templates/shared/device_details.html.heex | 6 +- .../templates/shared/devices_table.html.heex | 0 .../templates/shared/flash.html.heex | 0 .../templates/shared/head.html.heex | 0 .../templates/shared/heading.html.heex | 0 .../shared/mfa_methods_table.html.heex | 0 .../templates/shared/password_field.html.heex | 0 .../templates/shared/show_device.html.heex | 6 +- .../shared/socket_token_headers.html.heex | 0 .../templates/shared/submit_button.html.heex | 0 .../templates/shared/user_details.html.heex | 4 +- .../{fz_http_web => web}/user_from_auth.ex | 6 +- apps/web/lib/web/views/auth_view.ex | 3 + apps/web/lib/web/views/browser_view.ex | 4 + .../{fz_http_web => web}/views/error_view.ex | 4 +- .../views/json/changeset_view.ex | 6 +- .../views/json/configuration_view.ex | 8 +- .../views/json/device_view.ex | 8 +- .../json/openid_connect_provider_view.ex | 4 +- .../views/json/rule_view.ex | 4 +- .../views/json/saml_identity_provider_view.ex | 4 +- .../views/json/user_view.ex | 4 +- .../{fz_http_web => web}/views/layout_view.ex | 8 +- apps/web/lib/web/views/root_view.ex | 3 + apps/web/lib/web/views/rule_view.ex | 3 + .../{fz_http_web => web}/views/shared_view.ex | 6 +- .../{fz_http_web => web}/views/user_view.ex | 4 +- .../views/wireguard_config_view.ex | 22 +- apps/web/mix.exs | 26 +- .../20200225005454_create_users.exs | 2 +- .../20200228145810_create_devices.exs | 2 +- .../20200228154815_create_rules.exs | 2 +- ...10929172417_add_dns_servers_to_devices.exs | 2 +- ...11116172808_create_connectivity_checks.exs | 2 +- .../20211116173236_create_settings.exs | 2 +- ...03012238_change_device_column_defaults.exs | 2 +- ...1216155557_add_config_token_to_devices.exs | 2 +- ...211217003247_add_persistent_keepalives.exs | 2 +- .../20211221183311_add_role_to_users.exs | 2 +- ...61545_add_require_auth_for_vpn_setting.exs | 2 +- .../20220103175026_add_inets_to_devices.exs | 2 +- .../20220111004847_add_mtu_to_devices.exs | 2 +- .../migrations/20220124162404_add_uuids.exs | 2 +- ...127021835_rename_persistent_keepalives.exs | 2 +- ...220127191440_rename_dns_servers_to_dns.exs | 2 +- .../20220208184257_settings_to_sites.exs | 2 +- ...9005201_rename_use_default_to_use_site.exs | 2 +- .../20220211201727_remove_private_keys.exs | 2 +- .../20220219165023_add_key_regenerated_at.exs | 2 +- ...5313_add_last_signed_in_method_to_user.exs | 2 +- .../20220412144151_add_psk_to_devices.exs | 2 +- .../20220419172036_add_stats_to_devices.exs | 2 +- ...20427140943_add_description_to_devices.exs | 2 +- ...20516063916_change_allowed_ips_to_text.exs | 2 +- ...20220519034545_create_oidc_connections.exs | 2 +- ...20220520072323_add_disabled_at_to_user.exs | 2 +- .../20220530073152_create_mfa_methods.exs | 2 +- ...609232854_change_refresh_token_to_text.exs | 2 +- .../20220614192937_add_user_id_to_rules.exs | 2 +- .../20220713050742_create_configurations.exs | 2 +- .../20220719014442_add_auth_configs.exs | 2 +- ...5_add_device_rule_user_notify_triggers.exs | 2 +- .../20220726205646_add_rule_port_range.exs | 2 +- ..._add_unprivileged_device_configuration.exs | 2 +- ...ml_identity_providers_to_configuration.exs | 2 +- ...08_move_auto_create_users_to_providers.exs | 8 +- ...221129002233_update_on_delete_behavior.exs | 2 +- .../20221223190406_migrate_pks_to_uuid.exs | 2 +- ...23357_migrate_datetimes_to_timestamptz.exs | 2 +- ..._connectivity_checks_inserted_at_index.exs | 2 +- ...221224210654_fix_sites_nullable_fields.exs | 2 +- .../20221226044850_create_api_tokens.exs | 2 +- ...51_move_sites_fields_to_configurations.exs | 2 +- ...6171558_rename_use_site_to_use_default.exs | 2 +- .../migrations/20221226193228_drop_sites.exs | 2 +- ...move_cache_fallbacks_to_configurations.exs | 2 +- ...221229154115_migrate_providers_configs.exs | 2 +- ...104000803_add_users_sign_in_token_hash.exs | 2 +- ...104181853_change_users_email_to_citext.exs | 2 +- .../20230113184557_add_default_pks_values.exs | 2 +- ...0116200524_add_not_null_to_mfa_methods.exs | 6 +- ...ations_default_client_allowed_ips_type.exs | 2 +- ...143621_change_mfa_methods_unique_index.exs | 2 +- ...ange_dns_and_allowed_ips_to_inet_array.exs | 2 +- .../20230223175621_trim_dns_fields.exs | 2 +- ...1258_remove_devices_key_regenerated_at.exs | 2 +- apps/web/priv/repo/seeds.exs | 10 +- apps/web/test/fz_http/events_test.exs | 262 ------------------ apps/web/test/fz_http/repo/notifier_test.exs | 123 -------- .../fz_http_web/views/error_view_test.exs | 14 - apps/web/test/support/acceptance_case.ex | 18 +- apps/web/test/support/acceptance_case/auth.ex | 24 +- .../support/acceptance_case/simple_saml.ex | 4 +- .../web/test/support/acceptance_case/vault.ex | 4 +- apps/web/test/support/api_case.ex | 24 +- apps/web/test/support/case_template.ex | 23 -- apps/web/test/support/channel_case.ex | 10 +- apps/web/test/support/conn_case.ex | 20 +- apps/web/test/support/docs_generator.ex | 12 +- apps/web/test/support/mailer_case.ex | 12 +- apps/web/test/support/mailer_test_adapter.ex | 2 +- apps/web/test/support/test_helpers.ex | 5 +- apps/web/test/test_helper.exs | 2 +- .../acceptance/admin_test.exs | 76 ++--- .../acceptance/authentication_test.exs | 18 +- .../acceptance/unprivileged_user_test.exs | 20 +- .../auth/json/authentication_test.exs | 16 +- .../channels/notification_channel_test.exs | 10 +- .../controllers/auth_controller_test.exs | 32 +-- .../controllers/browser_controller_test.exs | 4 +- .../json/configuration_controller_test.exs | 10 +- .../json/device_controller_test.exs | 6 +- .../controllers/json/rule_controller_test.exs | 8 +- .../controllers/json/user_controller_test.exs | 10 +- .../controllers/user_controller_test.exs | 8 +- .../header_helpers_test.exs | 10 +- .../html_authentication_test.exs | 6 +- .../{fz_http_web => web}/layout_view_test.exs | 6 +- .../connectivity_check_live/index_test.exs | 4 +- .../live/device_live/admin/index_test.exs | 6 +- .../live/device_live/admin/show_test.exs | 4 +- .../device_live/unprivileged/index_test.exs | 8 +- .../device_live/unprivileged/show_test.exs | 6 +- .../live/mfa_live/auth_test.exs | 6 +- .../live/notifications_live/badge_test.exs | 14 +- .../live/notifications_live/index_test.exs | 6 +- .../live/rule_live/index_test.exs | 4 +- .../live/setting_live/account_test.exs | 8 +- .../setting_live/client_defaults_test.exs | 8 +- .../live/setting_live/customization_test.exs | 12 +- .../live/setting_live/security_test.exs | 42 +-- .../unprivileged/account_test.exs | 8 +- .../live/user_live/index_test.exs | 8 +- .../live/user_live/show_test.exs | 8 +- .../vpn_connection_component_test.exs | 6 +- .../user_live/vpn_status_component_test.exs | 6 +- .../test/{fz_http_web => web}/mailer_test.exs | 6 +- .../sample_email/test_heex.html.heex | 0 .../sample_email/test_multipart.html.eex | 0 .../sample_email/test_multipart.text.eex | 0 .../plug/path_prefix_test.exs | 16 +- .../user_from_auth_test.exs | 24 +- apps/web/test/web/views/error_view_test.exs | 14 + .../views/shared_view_test.exs | 4 +- config/config.exs | 123 ++++---- config/dev.exs | 48 +--- config/prod.exs | 20 +- config/runtime.exs | 111 +++----- config/test.exs | 33 +-- mix.exs | 6 +- mix.lock | 2 +- rel/overlays/bin/create-api-token | 2 +- rel/overlays/bin/create-or-reset-admin | 2 +- rel/overlays/bin/migrate | 2 +- rel/overlays/bin/server | 4 +- www/docs/reference/env-vars.mdx | 145 +++++----- 408 files changed, 2200 insertions(+), 2464 deletions(-) create mode 100644 apps/domain/.formatter.exs create mode 100644 apps/domain/.gitignore create mode 100644 apps/domain/README.md create mode 100644 apps/domain/coveralls.json delete mode 100644 apps/domain/fz_http/application.ex delete mode 100644 apps/domain/fz_http/encrypted/binary.ex delete mode 100644 apps/domain/fz_http/encrypted/map.ex delete mode 100644 apps/domain/fz_http/repo/notifier.ex delete mode 100644 apps/domain/fz_http/rules/rule.ex delete mode 100644 apps/domain/fz_http/server.ex delete mode 100644 apps/domain/fz_http/types/protocols.ex delete mode 100644 apps/domain/fz_http/vault.ex delete mode 100644 apps/domain/fz_http/vpn_session_scheduler.ex rename apps/domain/{fz_http.ex => lib/domain.ex} (73%) rename apps/domain/{fz_http => lib/domain}/api_tokens.ex (94%) rename apps/domain/{fz_http => lib/domain}/api_tokens/api_token.ex (68%) rename apps/domain/{fz_http => lib/domain}/api_tokens/api_token/changeset.ex (92%) rename apps/domain/{fz_http => lib/domain}/api_tokens/api_token/query.ex (76%) rename apps/domain/{fz_http => lib/domain}/api_tokens/authorizer.ex (87%) create mode 100644 apps/domain/lib/domain/application.ex rename apps/domain/{fz_http => lib/domain}/auth.ex (89%) rename apps/domain/{fz_http => lib/domain}/auth/authorizer.ex (59%) rename apps/domain/{fz_http => lib/domain}/auth/context.ex (92%) rename apps/domain/{fz_http => lib/domain}/auth/mfa.ex (93%) rename apps/domain/{fz_http => lib/domain}/auth/mfa/method.ex (62%) rename apps/domain/{fz_http => lib/domain}/auth/mfa/method/changeset.ex (91%) rename apps/domain/{fz_http => lib/domain}/auth/mfa/method/query.ex (86%) rename apps/domain/{fz_http => lib/domain}/auth/oidc.ex (92%) rename apps/domain/{fz_http => lib/domain}/auth/oidc/connection.ex (66%) rename apps/domain/{fz_http => lib/domain}/auth/oidc/connection/changeset.ex (76%) rename apps/domain/{fz_http => lib/domain}/auth/oidc/connection/query.ex (67%) rename apps/domain/{fz_http => lib/domain}/auth/oidc/refresh_manager.ex (85%) rename apps/domain/{fz_http => lib/domain}/auth/oidc/refresher.ex (90%) rename apps/domain/{fz_http => lib/domain}/auth/permission.ex (94%) rename apps/domain/{fz_http => lib/domain}/auth/role.ex (75%) rename apps/domain/{fz_http => lib/domain}/auth/roles.ex (68%) rename apps/domain/{fz_http => lib/domain}/auth/saml/start_proxy.ex (87%) rename apps/domain/{fz_http => lib/domain}/auth/subject.ex (72%) rename apps/domain/{fz_http => lib/domain}/config.ex (91%) rename apps/domain/{fz_http => lib/domain}/config/authorizer.ex (61%) rename apps/domain/{fz_http => lib/domain}/config/caster.ex (98%) rename apps/domain/{fz_http => lib/domain}/config/configuration.ex (79%) rename apps/domain/{fz_http => lib/domain}/config/configuration/changeset.ex (84%) rename apps/domain/{fz_http => lib/domain}/config/configuration/openid_connect_provider.ex (94%) rename apps/domain/{fz_http => lib/domain}/config/configuration/saml_identity_provider.ex (90%) rename apps/domain/{fz_http => lib/domain}/config/definition.ex (91%) rename apps/domain/{fz_http => lib/domain}/config/definitions.ex (93%) rename apps/domain/{fz_http => lib/domain}/config/dumper.ex (97%) rename apps/domain/{fz_http => lib/domain}/config/errors.ex (91%) rename apps/domain/{fz_http => lib/domain}/config/fetcher.ex (95%) rename apps/domain/{fz_http => lib/domain}/config/logo.ex (87%) rename apps/domain/{fz_http => lib/domain}/config/resolver.ex (96%) rename apps/domain/{fz_http => lib/domain}/config/validator.ex (99%) rename apps/domain/{fz_http => lib/domain}/connectivity_checks.ex (85%) rename apps/domain/{fz_http => lib/domain}/connectivity_checks/authorizer.ex (63%) rename apps/domain/{fz_http => lib/domain}/connectivity_checks/connectivity_check.ex (72%) rename apps/domain/{fz_http => lib/domain}/connectivity_checks/connectivity_check/changeset.ex (66%) rename apps/domain/{fz_http => lib/domain}/connectivity_checks/connectivity_check/query.ex (75%) rename apps/domain/{fz_http => lib/domain}/connectivity_checks/poller.ex (90%) rename apps/domain/{fz_http => lib/domain}/crypto.ex (96%) rename apps/domain/{fz_http => lib/domain}/devices.ex (94%) rename apps/domain/{fz_http => lib/domain}/devices/authorizer.ex (83%) rename apps/domain/{fz_http => lib/domain}/devices/device.ex (72%) rename apps/domain/{fz_http => lib/domain}/devices/device/changeset.ex (85%) rename apps/domain/{fz_http => lib/domain}/devices/device/query.ex (96%) rename apps/domain/{fz_http => lib/domain}/devices/stats_updater.ex (91%) create mode 100644 apps/domain/lib/domain/encrypted/binary.ex create mode 100644 apps/domain/lib/domain/encrypted/map.ex rename apps/domain/{fz_http => lib/domain}/name_generator.ex (99%) create mode 100644 apps/domain/lib/domain/notifications.ex rename apps/domain/{fz_http => lib/domain}/release.ex (66%) rename apps/domain/{fz_http => lib/domain}/repo.ex (95%) rename apps/domain/{fz_http => lib/domain}/rules.ex (89%) rename apps/domain/{fz_http => lib/domain}/rules/authorizer.ex (71%) create mode 100644 apps/domain/lib/domain/rules/rule.ex rename apps/domain/{fz_http => lib/domain}/rules/rule/changeset.ex (80%) rename apps/domain/{fz_http => lib/domain}/rules/rule/query.ex (81%) rename apps/domain/{fz_http => lib/domain}/telemetry.ex (86%) rename apps/domain/{fz_http => lib/domain}/telemetry/posthog.ex (91%) rename apps/domain/{fz_http => lib/domain}/telemetry/timer.ex (91%) rename apps/domain/{fz_http => lib/domain}/types/cidr.ex (97%) rename apps/domain/{fz_http => lib/domain}/types/inet.ex (98%) rename apps/domain/{fz_http => lib/domain}/types/int4range.ex (98%) rename apps/domain/{fz_http => lib/domain}/types/ip.ex (83%) rename apps/domain/{fz_http => lib/domain}/types/ip_port.ex (98%) create mode 100644 apps/domain/lib/domain/types/protocols.ex rename apps/domain/{fz_http => lib/domain}/users.ex (94%) rename apps/domain/{fz_http => lib/domain}/users/authorizer.ex (79%) rename apps/domain/{fz_http => lib/domain}/users/user.ex (77%) rename apps/domain/{fz_http => lib/domain}/users/user/changeset.ex (92%) rename apps/domain/{fz_http => lib/domain}/users/user/query.ex (92%) rename apps/domain/{fz_http => lib/domain}/validator.ex (97%) create mode 100644 apps/domain/lib/domain/vault.ex create mode 100644 apps/domain/mix.exs rename apps/{web/test/fz_http => domain/test/domain}/api_tokens_test.exs (98%) rename apps/{web/test/fz_http => domain/test/domain}/auth/mfa_test.exs (98%) rename apps/{web/test/fz_http => domain/test/domain}/auth/oidc/refresher_test.exs (72%) rename apps/{web/test/fz_http => domain/test/domain}/auth_test.exs (93%) rename apps/{web/test/fz_http => domain/test/domain}/config/caster_test.exs (96%) rename apps/{web/test/fz_http => domain/test/domain}/config/definition_test.exs (93%) rename apps/{web/test/fz_http => domain/test/domain}/config/fetcher_test.exs (98%) rename apps/{web/test/fz_http => domain/test/domain}/config/resolver_test.exs (94%) rename apps/{web/test/fz_http => domain/test/domain}/config/validator_test.exs (86%) rename apps/{web/test/fz_http => domain/test/domain}/config_test.exs (95%) rename apps/{web/test/fz_http => domain/test/domain}/connectivity_checks/poller_test.exs (84%) rename apps/{web/test/fz_http => domain/test/domain}/connectivity_checks_test.exs (91%) rename apps/{web/test/fz_http => domain/test/domain}/crypto_test.exs (95%) rename apps/{web/test/fz_http => domain/test/domain}/devices/device/query_test.exs (84%) rename apps/{web/test/fz_http => domain/test/domain}/devices/stats_updater_test.exs (74%) rename apps/{web/test/fz_http => domain/test/domain}/devices_test.exs (97%) rename apps/{web/test/fz_http => domain/test/domain}/name_generator_test.exs (80%) rename apps/{web/test/fz_http => domain/test/domain}/notifications_test.exs (91%) rename apps/{web/test/fz_http => domain/test/domain}/release_test.exs (83%) rename apps/{web/test/fz_http => domain/test/domain}/rules_test.exs (96%) rename apps/{web/test/fz_http => domain/test/domain}/telemetry_test.exs (73%) rename apps/{web/test/fz_http => domain/test/domain}/types/cidr_test.exs (98%) rename apps/{web/test/fz_http => domain/test/domain}/users_test.exs (98%) create mode 100644 apps/domain/test/support/case_template.ex rename apps/{web => domain}/test/support/data_case.ex (87%) rename apps/{web => domain}/test/support/fixtures/api_tokens_fixtures.ex (73%) rename apps/{web => domain}/test/support/fixtures/config_fixtures.ex (99%) rename apps/{web => domain}/test/support/fixtures/connectivity_checks_fixtures.ex (82%) rename apps/{web => domain}/test/support/fixtures/devices_fixtures.ex (84%) rename apps/{web => domain}/test/support/fixtures/mfa_fixtures.ex (90%) rename apps/{web => domain}/test/support/fixtures/notifications_fixtures.ex (89%) rename apps/{web => domain}/test/support/fixtures/rules_fixtures.ex (90%) rename apps/{web => domain}/test/support/fixtures/subject_fixtures.ex (79%) rename apps/{web => domain}/test/support/fixtures/users_fixtures.ex (89%) create mode 100644 apps/domain/test/support/test_helpers.ex create mode 100644 apps/domain/test/test_helper.exs delete mode 100644 apps/web/lib/fz_http_web/live/device_live/admin/show.html.heex delete mode 100644 apps/web/lib/fz_http_web/live/hooks/allow_ecto_sandbox.ex delete mode 100644 apps/web/lib/fz_http_web/presence.ex delete mode 100644 apps/web/lib/fz_http_web/views/auth_view.ex delete mode 100644 apps/web/lib/fz_http_web/views/browser_view.ex delete mode 100644 apps/web/lib/fz_http_web/views/root_view.ex delete mode 100644 apps/web/lib/fz_http_web/views/rule_view.ex rename apps/web/lib/{fz_http_web.ex => web.ex} (73%) create mode 100644 apps/web/lib/web/application.ex rename apps/web/lib/{fz_http_web => web}/auth/html/authentication.ex (93%) rename apps/web/lib/{fz_http_web => web}/auth/html/error_handler.ex (82%) rename apps/web/lib/{fz_http_web => web}/auth/html/pipeline.ex (62%) rename apps/web/lib/{fz_http_web => web}/auth/json/authentication.ex (90%) rename apps/web/lib/{fz_http_web => web}/auth/json/error_handler.ex (85%) rename apps/web/lib/{fz_http_web => web}/auth/json/pipeline.ex (62%) rename apps/web/lib/{fz_http_web => web}/authorization_helpers.ex (74%) rename apps/web/lib/{fz_http_web => web}/channels/notification_channel.ex (86%) rename apps/web/lib/{fz_http_web => web}/controller_helpers.ex (74%) rename apps/web/lib/{fz_http_web => web}/controllers/auth_controller.ex (93%) rename apps/web/lib/{fz_http_web => web}/controllers/browser_controller.ex (53%) rename apps/web/lib/{fz_http_web => web}/controllers/debug_controller.ex (90%) rename apps/web/lib/{fz_http_web => web}/controllers/json/configuration_controller.ex (82%) rename apps/web/lib/{fz_http_web => web}/controllers/json/device_controller.ex (91%) rename apps/web/lib/{fz_http_web => web}/controllers/json/fallback_controller.ex (77%) rename apps/web/lib/{fz_http_web => web}/controllers/json/rule_controller.ex (89%) rename apps/web/lib/{fz_http_web => web}/controllers/json/user_controller.ex (95%) rename apps/web/lib/{fz_http_web => web}/controllers/root_controller.ex (84%) rename apps/web/lib/{fz_http_web => web}/controllers/user_controller.ex (73%) rename apps/web/lib/{fz_http_web => web}/doc_helpers.ex (93%) rename apps/web/lib/{fz_http_web => web}/endpoint.ex (79%) rename apps/web/lib/{fz_http_web => web}/error_helpers.ex (92%) rename apps/web/lib/{fz_http_web => web}/gettext.ex (86%) rename apps/web/lib/{fz_http_web => web}/header_helpers.ex (73%) rename apps/web/lib/{fz_http_web => web}/live/connectivity_check_live/index.html.heex (91%) rename apps/web/lib/{fz_http_web => web}/live/connectivity_check_live/index_live.ex (86%) rename apps/web/lib/{fz_http_web => web}/live/device_live/admin/index.html.heex (69%) rename apps/web/lib/{fz_http_web => web}/live/device_live/admin/index_live.ex (88%) create mode 100644 apps/web/lib/web/live/device_live/admin/show.html.heex rename apps/web/lib/{fz_http_web => web}/live/device_live/admin/show_live.ex (86%) rename apps/web/lib/{fz_http_web => web}/live/device_live/new_form_component.ex (87%) rename apps/web/lib/{fz_http_web => web}/live/device_live/new_form_component.html.heex (99%) rename apps/web/lib/{fz_http_web => web}/live/device_live/unprivileged/index.html.heex (95%) rename apps/web/lib/{fz_http_web => web}/live/device_live/unprivileged/index_live.ex (92%) rename apps/web/lib/{fz_http_web => web}/live/device_live/unprivileged/show.html.heex (61%) rename apps/web/lib/{fz_http_web => web}/live/device_live/unprivileged/show_live.ex (83%) create mode 100644 apps/web/lib/web/live/hooks/allow_ecto_sandbox.ex rename apps/web/lib/{fz_http_web => web}/live/hooks/live_auth.ex (84%) rename apps/web/lib/{fz_http_web => web}/live/hooks/live_mfa.ex (88%) rename apps/web/lib/{fz_http_web => web}/live/hooks/live_nav.ex (93%) rename apps/web/lib/{fz_http_web => web}/live/logo_component.ex (84%) rename apps/web/lib/{fz_http_web => web}/live/mfa_live/auth_live.ex (96%) rename apps/web/lib/{fz_http_web => web}/live/mfa_live/register_component.ex (94%) rename apps/web/lib/{fz_http_web => web}/live/mfa_live/register_steps_component.ex (97%) rename apps/web/lib/{fz_http_web => web}/live/modal_component.ex (90%) rename apps/web/lib/{fz_http_web => web}/live/notifications_live/badge.ex (81%) rename apps/web/lib/{fz_http_web => web}/live/notifications_live/badge.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/live/notifications_live/index.html.heex (97%) rename apps/web/lib/{fz_http_web => web}/live/notifications_live/index_live.ex (88%) rename apps/web/lib/{fz_http_web => web}/live/oidc_live/connections_table_component.ex (80%) rename apps/web/lib/{fz_http_web => web}/live/oidc_live/connections_table_component.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/live/rule_live/index.html.heex (80%) rename apps/web/lib/{fz_http_web => web}/live/rule_live/index_live.ex (82%) rename apps/web/lib/{fz_http_web => web}/live/rule_live/rule_list_component.ex (90%) rename apps/web/lib/{fz_http_web => web}/live/rule_live/rule_list_component.html.heex (80%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/account.html.heex (92%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/account_form_component.ex (85%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/account_form_component.html.heex (94%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/account_live.ex (94%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/client_defaults.html.heex (66%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/client_defaults_form_component.ex (89%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/client_defaults_form_component.html.heex (98%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/client_defaults_live.ex (81%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/customization.html.heex (90%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/customization_live.ex (91%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/new_api_token_component.ex (93%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/oidc_form_component.ex (95%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/saml_form_component.ex (96%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/security.html.heex (98%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/security_live.ex (88%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/show_api_token_component.ex (88%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/unprivileged/account.html.heex (88%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/unprivileged/account_form_component.ex (84%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/unprivileged/account_form_component.html.heex (91%) rename apps/web/lib/{fz_http_web => web}/live/setting_live/unprivileged/account_live.ex (90%) rename apps/web/lib/{fz_http_web => web}/live/sidebar_component.ex (97%) rename apps/web/lib/{fz_http_web => web}/live/user_live/form_component.ex (93%) rename apps/web/lib/{fz_http_web => web}/live/user_live/form_component.html.heex (94%) rename apps/web/lib/{fz_http_web => web}/live/user_live/index.html.heex (85%) rename apps/web/lib/{fz_http_web => web}/live/user_live/index_live.ex (85%) rename apps/web/lib/{fz_http_web => web}/live/user_live/show.html.heex (87%) rename apps/web/lib/{fz_http_web => web}/live/user_live/show_live.ex (91%) rename apps/web/lib/{fz_http_web => web}/live/user_live/vpn_connection_component.ex (82%) rename apps/web/lib/{fz_http_web => web}/live/user_live/vpn_status_component.ex (95%) rename apps/web/lib/{fz_http_web => web}/live_helpers.ex (91%) rename apps/web/lib/{fz_http_web => web}/mailer.ex (61%) rename apps/web/lib/{fz_http_web => web}/mailer/auth_email.ex (73%) rename apps/web/lib/{fz_http_web => web}/mailer/noop_adapter.ex (82%) rename apps/web/lib/{fz_http_web => web}/mailer/templates/auth_email/magic_link.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/mailer/templates/auth_email/magic_link.text.eex (100%) rename apps/web/lib/{fz_http_web => web}/oauth/pkce.ex (90%) rename apps/web/lib/{fz_http_web => web}/oidc/state.ex (84%) rename apps/web/lib/{fz_http_web => web}/plug/path_prefix.ex (91%) rename apps/web/lib/{fz_http_web => web}/plug/require_local_authentication.ex (63%) rename apps/web/lib/{fz_http_web => web}/plug/samly_target_url.ex (85%) create mode 100644 apps/web/lib/web/presence.ex rename apps/web/lib/{fz_http_web => web}/proxy_headers.ex (84%) rename apps/web/lib/{fz_http_web => web}/router.ex (80%) rename apps/web/lib/{fz_http_web => web}/sandbox.ex (97%) rename apps/web/lib/{fz_http_web => web}/session.ex (73%) rename apps/web/lib/{fz_http_web => web}/sockets/user_socket.ex (90%) rename apps/web/lib/{fz_http_web => web}/templates/auth/request.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/auth/reset_password.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/browser/browserconfig.xml.eex (100%) rename apps/web/lib/{fz_http_web => web}/templates/layout/admin.html.heex (93%) rename apps/web/lib/{fz_http_web => web}/templates/layout/app.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/layout/email.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/layout/live.html.heex (55%) rename apps/web/lib/{fz_http_web => web}/templates/layout/root.html.heex (85%) rename apps/web/lib/{fz_http_web => web}/templates/layout/unprivileged.html.heex (80%) rename apps/web/lib/{fz_http_web => web}/templates/root/auth.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/device_details.html.heex (90%) rename apps/web/lib/{fz_http_web => web}/templates/shared/devices_table.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/flash.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/head.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/heading.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/mfa_methods_table.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/password_field.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/show_device.html.heex (77%) rename apps/web/lib/{fz_http_web => web}/templates/shared/socket_token_headers.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/submit_button.html.heex (100%) rename apps/web/lib/{fz_http_web => web}/templates/shared/user_details.html.heex (90%) rename apps/web/lib/{fz_http_web => web}/user_from_auth.ex (91%) create mode 100644 apps/web/lib/web/views/auth_view.ex create mode 100644 apps/web/lib/web/views/browser_view.ex rename apps/web/lib/{fz_http_web => web}/views/error_view.ex (92%) rename apps/web/lib/{fz_http_web => web}/views/json/changeset_view.ex (77%) rename apps/web/lib/{fz_http_web => web}/views/json/configuration_view.ex (88%) rename apps/web/lib/{fz_http_web => web}/views/json/device_view.ex (89%) rename apps/web/lib/{fz_http_web => web}/views/json/openid_connect_provider_view.ex (81%) rename apps/web/lib/{fz_http_web => web}/views/json/rule_view.ex (89%) rename apps/web/lib/{fz_http_web => web}/views/json/saml_identity_provider_view.ex (82%) rename apps/web/lib/{fz_http_web => web}/views/json/user_view.ex (89%) rename apps/web/lib/{fz_http_web => web}/views/layout_view.ex (60%) create mode 100644 apps/web/lib/web/views/root_view.ex create mode 100644 apps/web/lib/web/views/rule_view.ex rename apps/web/lib/{fz_http_web => web}/views/shared_view.ex (78%) rename apps/web/lib/{fz_http_web => web}/views/user_view.ex (52%) rename apps/web/lib/{fz_http_web => web}/views/wireguard_config_view.ex (83%) delete mode 100644 apps/web/test/fz_http/events_test.exs delete mode 100644 apps/web/test/fz_http/repo/notifier_test.exs delete mode 100644 apps/web/test/fz_http_web/views/error_view_test.exs delete mode 100644 apps/web/test/support/case_template.ex rename apps/web/test/{fz_http_web => web}/acceptance/admin_test.exs (91%) rename apps/web/test/{fz_http_web => web}/acceptance/authentication_test.exs (97%) rename apps/web/test/{fz_http_web => web}/acceptance/unprivileged_user_test.exs (90%) rename apps/web/test/{fz_http_web => web}/auth/json/authentication_test.exs (65%) rename apps/web/test/{fz_http_web => web}/channels/notification_channel_test.exs (77%) rename apps/web/test/{fz_http_web => web}/controllers/auth_controller_test.exs (91%) rename apps/web/test/{fz_http_web => web}/controllers/browser_controller_test.exs (78%) rename apps/web/test/{fz_http_web => web}/controllers/json/configuration_controller_test.exs (95%) rename apps/web/test/{fz_http_web => web}/controllers/json/device_controller_test.exs (97%) rename apps/web/test/{fz_http_web => web}/controllers/json/rule_controller_test.exs (97%) rename apps/web/test/{fz_http_web => web}/controllers/json/user_controller_test.exs (98%) rename apps/web/test/{fz_http_web => web}/controllers/user_controller_test.exs (87%) rename apps/web/test/{fz_http_web => web}/header_helpers_test.exs (79%) rename apps/web/test/{fz_http_web => web}/html_authentication_test.exs (84%) rename apps/web/test/{fz_http_web => web}/layout_view_test.exs (73%) rename apps/web/test/{fz_http_web => web}/live/connectivity_check_live/index_test.exs (89%) rename apps/web/test/{fz_http_web => web}/live/device_live/admin/index_test.exs (89%) rename apps/web/test/{fz_http_web => web}/live/device_live/admin/show_test.exs (94%) rename apps/web/test/{fz_http_web => web}/live/device_live/unprivileged/index_test.exs (93%) rename apps/web/test/{fz_http_web => web}/live/device_live/unprivileged/show_test.exs (89%) rename apps/web/test/{fz_http_web => web}/live/mfa_live/auth_test.exs (95%) rename apps/web/test/{fz_http_web => web}/live/notifications_live/badge_test.exs (79%) rename apps/web/test/{fz_http_web => web}/live/notifications_live/index_test.exs (93%) rename apps/web/test/{fz_http_web => web}/live/rule_live/index_test.exs (98%) rename apps/web/test/{fz_http_web => web}/live/setting_live/account_test.exs (93%) rename apps/web/test/{fz_http_web => web}/live/setting_live/client_defaults_test.exs (97%) rename apps/web/test/{fz_http_web => web}/live/setting_live/customization_test.exs (86%) rename apps/web/test/{fz_http_web => web}/live/setting_live/security_test.exs (88%) rename apps/web/test/{fz_http_web => web}/live/setting_live/unprivileged/account_test.exs (91%) rename apps/web/test/{fz_http_web => web}/live/user_live/index_test.exs (95%) rename apps/web/test/{fz_http_web => web}/live/user_live/show_test.exs (99%) rename apps/web/test/{fz_http_web => web}/live/user_live/vpn_connection_component_test.exs (75%) rename apps/web/test/{fz_http_web => web}/live/user_live/vpn_status_component_test.exs (90%) rename apps/web/test/{fz_http_web => web}/mailer_test.exs (92%) rename apps/web/test/{fz_http_web => web}/mailer_test/sample_email/test_heex.html.heex (100%) rename apps/web/test/{fz_http_web => web}/mailer_test/sample_email/test_multipart.html.eex (100%) rename apps/web/test/{fz_http_web => web}/mailer_test/sample_email/test_multipart.text.eex (100%) rename apps/web/test/{fz_http_web => web}/plug/path_prefix_test.exs (79%) rename apps/web/test/{fz_http_web => web}/user_from_auth_test.exs (80%) create mode 100644 apps/web/test/web/views/error_view_test.exs rename apps/web/test/{fz_http_web => web}/views/shared_view_test.exs (87%) diff --git a/apps/domain/.formatter.exs b/apps/domain/.formatter.exs new file mode 100644 index 000000000..9819eca3c --- /dev/null +++ b/apps/domain/.formatter.exs @@ -0,0 +1,10 @@ +[ + import_deps: [ + :ecto, + :plug + ], + inputs: [ + "*.{heex,ex,exs}", + "{lib,test,priv}/**/*.{heex,ex,exs}" + ] +] diff --git a/apps/domain/.gitignore b/apps/domain/.gitignore new file mode 100644 index 000000000..a02cf5bae --- /dev/null +++ b/apps/domain/.gitignore @@ -0,0 +1,39 @@ +# macOS cruft +.DS_Store + +# The directory Mix will write compiled artifacts to. +/_build/ + +# If you run "mix test --cover", coverage assets end up here. +/cover/ + +# The directory Mix downloads your dependencies sources to. +/deps/ + +# Where 3rd-party dependencies like ExDoc output generated docs. +/doc/ + +# Ignore .fetch files in case you like to edit your project deps locally. +/.fetch + +# If the VM crashes, it generates a dump, let's ignore it too. +erl_crash.dump + +# Also ignore archive artifacts (built via "mix archive.build"). +*.ez + +# Ignore package tarball (built via "mix hex.build"). +cloudfire-*.tar + +# If NPM crashes, it generates a log, let's ignore it too. +npm-debug.log + +# The directory NPM downloads your dependencies sources to. +/assets/node_modules/ +/assets/lib/node_modules/ +/assets/bin/ + +# Since we are building assets from assets/, +# we ignore priv/static. You may want to comment +# this depending on your deployment strategy. +/priv/static/dist/ diff --git a/apps/domain/README.md b/apps/domain/README.md new file mode 100644 index 000000000..e9b4ae911 --- /dev/null +++ b/apps/domain/README.md @@ -0,0 +1,3 @@ +# Domain + +Phoenix app for managing Firezone. diff --git a/apps/domain/coveralls.json b/apps/domain/coveralls.json new file mode 100644 index 000000000..3d771278d --- /dev/null +++ b/apps/domain/coveralls.json @@ -0,0 +1,5 @@ +{ + "skip_files": [ + "test" + ] +} diff --git a/apps/domain/fz_http/application.ex b/apps/domain/fz_http/application.ex deleted file mode 100644 index 810ff3644..000000000 --- a/apps/domain/fz_http/application.ex +++ /dev/null @@ -1,84 +0,0 @@ -defmodule FzHttp.Application do - use Application - - def start(_type, _args) do - supervision_tree_mode = FzHttp.Config.fetch_env!(:fz_http, :supervision_tree_mode) - - result = - supervision_tree_mode - |> children() - |> Supervisor.start_link(strategy: :one_for_one, name: __MODULE__.Supervisor) - - :ok = after_start() - - result - end - - # Tell Phoenix to update the endpoint configuration - # whenever the application is updated. - def config_change(changed, _new, removed) do - FzHttpWeb.Endpoint.config_change(changed, removed) - :ok - end - - # XXX: get rid off this - defp children(:full) do - [ - # Infrastructure services - FzHttp.Repo, - FzHttp.Vault, - {Phoenix.PubSub, name: FzHttp.PubSub}, - {FzHttp.Notifications, name: FzHttp.Notifications}, - FzHttpWeb.Presence, - - # Application - {Postgrex.Notifications, [name: FzHttp.Repo.Notifications] ++ FzHttp.Repo.config()}, - FzHttp.Repo.Notifier, - FzHttp.Server, - FzHttp.VpnSessionScheduler, - FzHttp.Auth, - FzHttpWeb.Endpoint, - - # Observability - FzHttp.ConnectivityChecks, - FzHttp.Telemetry - ] - end - - defp children(:test) do - [ - # Infrastructure services - FzHttp.Repo, - FzHttp.Vault, - {Phoenix.PubSub, name: FzHttp.PubSub}, - {FzHttp.Notifications, name: FzHttp.Notifications}, - FzHttpWeb.Presence, - - # Application - FzHttp.Server, - FzHttp.Auth, - FzHttpWeb.Endpoint, - - # Observability - FzHttp.ConnectivityChecks, - FzHttp.Telemetry - ] - end - - defp children(:database) do - [ - FzHttp.Repo, - FzHttp.Vault - ] - end - - if Mix.env() == :prod do - defp after_start do - FzHttp.Config.validate_runtime_config!() - end - else - defp after_start do - :ok - end - end -end diff --git a/apps/domain/fz_http/encrypted/binary.ex b/apps/domain/fz_http/encrypted/binary.ex deleted file mode 100644 index 0dfbcf016..000000000 --- a/apps/domain/fz_http/encrypted/binary.ex +++ /dev/null @@ -1,7 +0,0 @@ -defmodule FzHttp.Encrypted.Binary do - @moduledoc """ - Configures how to encrpyt Binaries to the DB. - """ - - use Cloak.Ecto.Binary, vault: FzHttp.Vault -end diff --git a/apps/domain/fz_http/encrypted/map.ex b/apps/domain/fz_http/encrypted/map.ex deleted file mode 100644 index 9ddee603e..000000000 --- a/apps/domain/fz_http/encrypted/map.ex +++ /dev/null @@ -1,7 +0,0 @@ -defmodule FzHttp.Encrypted.Map do - @moduledoc """ - Configures how to encrpyt Maps to the DB. - """ - - use Cloak.Ecto.Map, vault: FzHttp.Vault -end diff --git a/apps/domain/fz_http/repo/notifier.ex b/apps/domain/fz_http/repo/notifier.ex deleted file mode 100644 index 9a387f992..000000000 --- a/apps/domain/fz_http/repo/notifier.ex +++ /dev/null @@ -1,39 +0,0 @@ -defmodule FzHttp.Repo.Notifier do - @moduledoc """ - Listens for Repo notifications and trigger events based on data changes. - """ - - use GenServer - - alias FzHttp.Events - alias FzHttp.Repo - - @impl GenServer - def init(state) do - for subject <- ~w(devices rules users)a do - {:ok, _ref} = Postgrex.Notifications.listen(Repo.Notifications, "#{subject}_changed") - end - - {:ok, state} - end - - @impl GenServer - def handle_info({:notification, _pid, _ref, event, payload}, _state) do - subject = String.split(event, "_") |> List.first() - data = Jason.decode!(payload, keys: :atoms) - - handle_event(subject, data) - - {:noreply, :event_handled} - end - - def start_link(opts \\ []), do: GenServer.start_link(__MODULE__, opts) - - def handle_event(subject, %{op: "INSERT"} = data) do - Events.add(subject, data.row) - end - - def handle_event(subject, %{op: "DELETE"} = data) do - Events.delete(subject, data.row) - end -end diff --git a/apps/domain/fz_http/rules/rule.ex b/apps/domain/fz_http/rules/rule.ex deleted file mode 100644 index ee30c9c92..000000000 --- a/apps/domain/fz_http/rules/rule.ex +++ /dev/null @@ -1,14 +0,0 @@ -defmodule FzHttp.Rules.Rule do - use FzHttp, :schema - - schema "rules" do - field :action, Ecto.Enum, values: [:drop, :accept], default: :drop - field :destination, FzHttp.Types.INET - field :port_type, Ecto.Enum, values: [:tcp, :udp] - field :port_range, FzHttp.Types.Int4Range - - belongs_to :user, FzHttp.Users.User - - timestamps() - end -end diff --git a/apps/domain/fz_http/server.ex b/apps/domain/fz_http/server.ex deleted file mode 100644 index 0e99db64b..000000000 --- a/apps/domain/fz_http/server.ex +++ /dev/null @@ -1,41 +0,0 @@ -defmodule FzHttp.Server do - @moduledoc """ - Functions for other processes to interact with the FzHttp application - """ - use GenServer - alias FzHttp.{Devices, Devices.StatsUpdater, Rules, Users} - - def start_link(_) do - # We're not storing state, simply providing an API - GenServer.start_link(__MODULE__, nil, name: {:global, :fz_http_server}) - end - - @impl GenServer - def init(state) do - {:ok, state} - end - - @impl GenServer - def handle_call(:load_peers, _from, state) do - reply = {:ok, Devices.to_peer_list()} - {:reply, reply, state} - end - - @impl GenServer - def handle_call(:load_settings, _from, state) do - reply = - {:ok, - %{ - users: Users.as_settings(), - devices: Devices.as_settings(), - rules: Rules.as_settings() - }} - - {:reply, reply, state} - end - - @impl GenServer - def handle_call({:update_device_stats, stats}, _from, state) do - {:reply, StatsUpdater.update(stats), state} - end -end diff --git a/apps/domain/fz_http/types/protocols.ex b/apps/domain/fz_http/types/protocols.ex deleted file mode 100644 index c9577a1b0..000000000 --- a/apps/domain/fz_http/types/protocols.ex +++ /dev/null @@ -1,21 +0,0 @@ -defimpl String.Chars, for: Postgrex.INET do - def to_string(%Postgrex.INET{} = inet), do: FzHttp.Types.INET.to_string(inet) -end - -defimpl Phoenix.HTML.Safe, for: Postgrex.INET do - def to_iodata(%Postgrex.INET{} = inet), do: FzHttp.Types.INET.to_string(inet) -end - -defimpl Jason.Encoder, for: Postgrex.INET do - def encode(%Postgrex.INET{} = struct, opts) do - Jason.Encode.string("#{struct}", opts) - end -end - -defimpl String.Chars, for: FzHttp.Types.IPPort do - def to_string(%FzHttp.Types.IPPort{} = ip_port), do: FzHttp.Types.IPPort.to_string(ip_port) -end - -defimpl Phoenix.HTML.Safe, for: FzHttp.Types.IPPort do - def to_iodata(%FzHttp.Types.IPPort{} = ip_port), do: FzHttp.Types.IPPort.to_string(ip_port) -end diff --git a/apps/domain/fz_http/vault.ex b/apps/domain/fz_http/vault.ex deleted file mode 100644 index 4527b3ba5..000000000 --- a/apps/domain/fz_http/vault.ex +++ /dev/null @@ -1,7 +0,0 @@ -defmodule FzHttp.Vault do - @moduledoc """ - Manages encrypted DB fields. - """ - - use Cloak.Vault, otp_app: :fz_http -end diff --git a/apps/domain/fz_http/vpn_session_scheduler.ex b/apps/domain/fz_http/vpn_session_scheduler.ex deleted file mode 100644 index 323292e67..000000000 --- a/apps/domain/fz_http/vpn_session_scheduler.ex +++ /dev/null @@ -1,27 +0,0 @@ -defmodule FzHttp.VpnSessionScheduler do - @moduledoc """ - Checks for VPN sessions to expire. - """ - use GenServer - - alias FzHttp.Events - - # 1 minute - @interval 60 * 1_000 - - def start_link(_) do - GenServer.start_link(__MODULE__, %{}) - end - - @impl GenServer - def init(state) do - :timer.send_interval(@interval, :perform) - {:ok, state} - end - - @impl GenServer - def handle_info(:perform, state) do - Events.set_config() - {:noreply, state} - end -end diff --git a/apps/domain/fz_http.ex b/apps/domain/lib/domain.ex similarity index 73% rename from apps/domain/fz_http.ex rename to apps/domain/lib/domain.ex index 481a2438e..e7e31eef6 100644 --- a/apps/domain/fz_http.ex +++ b/apps/domain/lib/domain.ex @@ -1,4 +1,9 @@ -defmodule FzHttp do +defmodule Domain do + @moduledoc """ + This module provides a common interface for all the domain modules, + making sure our code structure is consistent and predictable. + """ + def schema do quote do use Ecto.Schema @@ -15,7 +20,7 @@ defmodule FzHttp do def changeset do quote do import Ecto.Changeset - import FzHttp.Validator + import Domain.Validator end end diff --git a/apps/domain/fz_http/api_tokens.ex b/apps/domain/lib/domain/api_tokens.ex similarity index 94% rename from apps/domain/fz_http/api_tokens.ex rename to apps/domain/lib/domain/api_tokens.ex index 7cf8f9e2d..9bebe8673 100644 --- a/apps/domain/fz_http/api_tokens.ex +++ b/apps/domain/lib/domain/api_tokens.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.ApiTokens do - alias FzHttp.{Repo, Validator, Auth} - alias FzHttp.Users - alias FzHttp.ApiTokens.Authorizer - alias FzHttp.ApiTokens.ApiToken +defmodule Domain.ApiTokens do + alias Domain.{Repo, Validator, Auth} + alias Domain.Users + alias Domain.ApiTokens.Authorizer + alias Domain.ApiTokens.ApiToken def count_by_user_id(user_id) do ApiToken.Query.by_user_id(user_id) @@ -112,7 +112,7 @@ defmodule FzHttp.ApiTokens do changeset = ApiToken.Changeset.create_changeset(user, attrs, max: count_by_user_id) with {:ok, api_token} <- Repo.insert(changeset) do - FzHttp.Telemetry.create_api_token() + Domain.Telemetry.create_api_token() {:ok, api_token} end end diff --git a/apps/domain/fz_http/api_tokens/api_token.ex b/apps/domain/lib/domain/api_tokens/api_token.ex similarity index 68% rename from apps/domain/fz_http/api_tokens/api_token.ex rename to apps/domain/lib/domain/api_tokens/api_token.ex index d58073f37..78921b5e0 100644 --- a/apps/domain/fz_http/api_tokens/api_token.ex +++ b/apps/domain/lib/domain/api_tokens/api_token.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.ApiTokens.ApiToken do - use FzHttp, :schema +defmodule Domain.ApiTokens.ApiToken do + use Domain, :schema schema "api_tokens" do field :expires_at, :utc_datetime_usec @@ -7,7 +7,7 @@ defmodule FzHttp.ApiTokens.ApiToken do # Developer-friendly way to set expires_at field :expires_in, :integer, virtual: true, default: 30 - belongs_to :user, FzHttp.Users.User + belongs_to :user, Domain.Users.User timestamps(updated_at: false) end diff --git a/apps/domain/fz_http/api_tokens/api_token/changeset.ex b/apps/domain/lib/domain/api_tokens/api_token/changeset.ex similarity index 92% rename from apps/domain/fz_http/api_tokens/api_token/changeset.ex rename to apps/domain/lib/domain/api_tokens/api_token/changeset.ex index ac3354471..e13152b9c 100644 --- a/apps/domain/fz_http/api_tokens/api_token/changeset.ex +++ b/apps/domain/lib/domain/api_tokens/api_token/changeset.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.ApiTokens.ApiToken.Changeset do - use FzHttp, :changeset - alias FzHttp.ApiTokens.ApiToken +defmodule Domain.ApiTokens.ApiToken.Changeset do + use Domain, :changeset + alias Domain.ApiTokens.ApiToken @max_per_user 25 diff --git a/apps/domain/fz_http/api_tokens/api_token/query.ex b/apps/domain/lib/domain/api_tokens/api_token/query.ex similarity index 76% rename from apps/domain/fz_http/api_tokens/api_token/query.ex rename to apps/domain/lib/domain/api_tokens/api_token/query.ex index f1cb5d201..896df46bc 100644 --- a/apps/domain/fz_http/api_tokens/api_token/query.ex +++ b/apps/domain/lib/domain/api_tokens/api_token/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.ApiTokens.ApiToken.Query do - use FzHttp, :query +defmodule Domain.ApiTokens.ApiToken.Query do + use Domain, :query def all do - from(api_tokens in FzHttp.ApiTokens.ApiToken, as: :api_tokens) + from(api_tokens in Domain.ApiTokens.ApiToken, as: :api_tokens) end def by_id(queryable \\ all(), id) do diff --git a/apps/domain/fz_http/api_tokens/authorizer.ex b/apps/domain/lib/domain/api_tokens/authorizer.ex similarity index 87% rename from apps/domain/fz_http/api_tokens/authorizer.ex rename to apps/domain/lib/domain/api_tokens/authorizer.ex index c56ed582a..1345bee12 100644 --- a/apps/domain/fz_http/api_tokens/authorizer.ex +++ b/apps/domain/lib/domain/api_tokens/authorizer.ex @@ -1,11 +1,11 @@ -defmodule FzHttp.ApiTokens.Authorizer do - use FzHttp.Auth.Authorizer - alias FzHttp.ApiTokens.ApiToken +defmodule Domain.ApiTokens.Authorizer do + use Domain.Auth.Authorizer + alias Domain.ApiTokens.ApiToken def manage_own_api_tokens_permission, do: build(ApiToken, :manage_own) def manage_api_tokens_permission, do: build(ApiToken, :manage) - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def list_permissions_for_role(:admin) do [ manage_own_api_tokens_permission(), @@ -17,7 +17,7 @@ defmodule FzHttp.ApiTokens.Authorizer do [] end - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def for_subject(queryable, %Subject{} = subject) when is_user(subject) do cond do has_permission?(subject, manage_api_tokens_permission()) -> diff --git a/apps/domain/lib/domain/application.ex b/apps/domain/lib/domain/application.ex new file mode 100644 index 000000000..26be7eca1 --- /dev/null +++ b/apps/domain/lib/domain/application.ex @@ -0,0 +1,39 @@ +defmodule Domain.Application do + use Application + + def start(_type, _args) do + result = + Supervisor.start_link(children(), strategy: :one_for_one, name: __MODULE__.Supervisor) + + :ok = after_start() + result + end + + # TODO: when app starts for migrations set env to disable connectivity checks and telemetry + def children do + [ + # Infrastructure services + Domain.Repo, + Domain.Vault, + {Phoenix.PubSub, name: Domain.PubSub}, + + # Application + {Domain.Notifications, name: Domain.Notifications}, + Domain.Auth, + + # Observability + Domain.ConnectivityChecks, + Domain.Telemetry + ] + end + + if Mix.env() == :prod do + defp after_start do + Domain.Config.validate_runtime_config!() + end + else + defp after_start do + :ok + end + end +end diff --git a/apps/domain/fz_http/auth.ex b/apps/domain/lib/domain/auth.ex similarity index 89% rename from apps/domain/fz_http/auth.ex rename to apps/domain/lib/domain/auth.ex index 585a11c2a..34c19e2f4 100644 --- a/apps/domain/fz_http/auth.ex +++ b/apps/domain/lib/domain/auth.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.Auth do +defmodule Domain.Auth do use Supervisor - alias FzHttp.Repo - alias FzHttp.Config - alias FzHttp.{Users, ApiTokens} - alias FzHttp.Auth.{Subject, Context, Permission, Roles} + alias Domain.Repo + alias Domain.Config + alias Domain.{Users, ApiTokens} + alias Domain.Auth.{Subject, Context, Permission, Roles} def start_link(opts) do Supervisor.start_link(__MODULE__, opts, name: __MODULE__) @@ -11,9 +11,9 @@ defmodule FzHttp.Auth do def init(_opts) do children = [ - FzHttp.Auth.SAML.StartProxy, - {DynamicSupervisor, name: FzHttp.RefresherSupervisor, strategy: :one_for_one}, - FzHttp.Auth.OIDC.RefreshManager + Domain.Auth.SAML.StartProxy, + {DynamicSupervisor, name: Domain.RefresherSupervisor, strategy: :one_for_one}, + Domain.Auth.OIDC.RefreshManager ] Supervisor.init(children, strategy: :one_for_one) @@ -84,7 +84,7 @@ defmodule FzHttp.Auth do if provider.redirect_uri do provider.redirect_uri else - external_url = FzHttp.Config.fetch_env!(:fz_http, :external_url) + external_url = Domain.Config.fetch_env!(:web, :external_url) "#{external_url}auth/oidc/#{provider.id}/callback/" end diff --git a/apps/domain/fz_http/auth/authorizer.ex b/apps/domain/lib/domain/auth/authorizer.ex similarity index 59% rename from apps/domain/fz_http/auth/authorizer.ex rename to apps/domain/lib/domain/auth/authorizer.ex index 642560b71..85052b5ff 100644 --- a/apps/domain/fz_http/auth/authorizer.ex +++ b/apps/domain/lib/domain/auth/authorizer.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Auth.Authorizer do +defmodule Domain.Auth.Authorizer do @moduledoc """ Business contexts use authorization modules to define permissions that are supported by the context and expose them to the authorization system by implementing behaviour provided by this module. @@ -6,11 +6,11 @@ defmodule FzHttp.Auth.Authorizer do defmacro __using__(_opts) do quote do - import FzHttp.Auth.Authorizer - import FzHttp.Auth, only: [has_permission?: 2] - alias FzHttp.Auth.Subject + import Domain.Auth.Authorizer + import Domain.Auth, only: [has_permission?: 2] + alias Domain.Auth.Subject - @behaviour FzHttp.Auth.Authorizer + @behaviour Domain.Auth.Authorizer end end @@ -18,24 +18,24 @@ defmodule FzHttp.Auth.Authorizer do Returns list of all permissions defined by implementation module, which is used to simplify role management. """ - @callback list_permissions_for_role(FzHttp.Auth.Role.name()) :: [FzHttp.Auth.Permission.t()] + @callback list_permissions_for_role(Domain.Auth.Role.name()) :: [Domain.Auth.Permission.t()] @doc """ Optional helper which allows to filter queryable based on subject permissions. """ - @callback for_subject(Ecto.Queryable.t(), FzHttp.Auth.Subject.t()) :: Ecto.Queryable.t() + @callback for_subject(Ecto.Queryable.t(), Domain.Auth.Subject.t()) :: Ecto.Queryable.t() @optional_callbacks for_subject: 2 def build(resource, action) do - %FzHttp.Auth.Permission{resource: resource, action: action} + %Domain.Auth.Permission{resource: resource, action: action} end defguard is_user(subject) - when is_struct(subject, FzHttp.Auth.Subject) and + when is_struct(subject, Domain.Auth.Subject) and elem(subject.actor, 0) == :user defguard is_api_token(subject) - when is_struct(subject, FzHttp.Auth.Subject) and + when is_struct(subject, Domain.Auth.Subject) and elem(subject.actor, 0) == :api_token end diff --git a/apps/domain/fz_http/auth/context.ex b/apps/domain/lib/domain/auth/context.ex similarity index 92% rename from apps/domain/fz_http/auth/context.ex rename to apps/domain/lib/domain/auth/context.ex index 7e5e3387a..10764babb 100644 --- a/apps/domain/fz_http/auth/context.ex +++ b/apps/domain/lib/domain/auth/context.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Auth.Context do +defmodule Domain.Auth.Context do @typedoc """ This structure represents an authentication context for a user or an API token. diff --git a/apps/domain/fz_http/auth/mfa.ex b/apps/domain/lib/domain/auth/mfa.ex similarity index 93% rename from apps/domain/fz_http/auth/mfa.ex rename to apps/domain/lib/domain/auth/mfa.ex index 8e8600a10..fa12ddd27 100644 --- a/apps/domain/fz_http/auth/mfa.ex +++ b/apps/domain/lib/domain/auth/mfa.ex @@ -1,7 +1,7 @@ -defmodule FzHttp.Auth.MFA do - alias FzHttp.{Repo, Validator} - alias FzHttp.Users - alias FzHttp.Auth.MFA.Method +defmodule Domain.Auth.MFA do + alias Domain.{Repo, Validator} + alias Domain.Users + alias Domain.Auth.MFA.Method def count_users_with_mfa_enabled do Method.Query.select_distinct_user_ids_count() diff --git a/apps/domain/fz_http/auth/mfa/method.ex b/apps/domain/lib/domain/auth/mfa/method.ex similarity index 62% rename from apps/domain/fz_http/auth/mfa/method.ex rename to apps/domain/lib/domain/auth/mfa/method.ex index 96cb80639..4881f0247 100644 --- a/apps/domain/fz_http/auth/mfa/method.ex +++ b/apps/domain/lib/domain/auth/mfa/method.ex @@ -1,15 +1,15 @@ -defmodule FzHttp.Auth.MFA.Method do - use FzHttp, :schema +defmodule Domain.Auth.MFA.Method do + use Domain, :schema schema "mfa_methods" do field :name, :string field :type, Ecto.Enum, values: [:totp, :native, :portable] field :last_used_at, :utc_datetime_usec - field :payload, FzHttp.Encrypted.Map + field :payload, Domain.Encrypted.Map field :code, :string, virtual: true - belongs_to :user, FzHttp.Users.User + belongs_to :user, Domain.Users.User timestamps() end diff --git a/apps/domain/fz_http/auth/mfa/method/changeset.ex b/apps/domain/lib/domain/auth/mfa/method/changeset.ex similarity index 91% rename from apps/domain/fz_http/auth/mfa/method/changeset.ex rename to apps/domain/lib/domain/auth/mfa/method/changeset.ex index 53591c37e..d6d1f1f69 100644 --- a/apps/domain/fz_http/auth/mfa/method/changeset.ex +++ b/apps/domain/lib/domain/auth/mfa/method/changeset.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Auth.MFA.Method.Changeset do - use FzHttp, :changeset - alias FzHttp.Auth.MFA.Method +defmodule Domain.Auth.MFA.Method.Changeset do + use Domain, :changeset + alias Domain.Auth.MFA.Method @create_fields [:name, :type, :payload, :code] @@ -11,7 +11,7 @@ defmodule FzHttp.Auth.MFA.Method.Changeset do |> validate_length(:name, min: 1, max: 255) |> trim_change(:name) |> unique_constraint(:name, name: :mfa_methods_user_id_name_index) - |> unsafe_validate_unique([:name, :user_id], FzHttp.Repo) + |> unsafe_validate_unique([:name, :user_id], Domain.Repo) |> assoc_constraint(:user) |> changeset() end diff --git a/apps/domain/fz_http/auth/mfa/method/query.ex b/apps/domain/lib/domain/auth/mfa/method/query.ex similarity index 86% rename from apps/domain/fz_http/auth/mfa/method/query.ex rename to apps/domain/lib/domain/auth/mfa/method/query.ex index 72ba80c89..4aef8a200 100644 --- a/apps/domain/fz_http/auth/mfa/method/query.ex +++ b/apps/domain/lib/domain/auth/mfa/method/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Auth.MFA.Method.Query do - use FzHttp, :query +defmodule Domain.Auth.MFA.Method.Query do + use Domain, :query def all do - from(users in FzHttp.Auth.MFA.Method, as: :methods) + from(users in Domain.Auth.MFA.Method, as: :methods) end def by_id(queryable \\ all(), id) do diff --git a/apps/domain/fz_http/auth/oidc.ex b/apps/domain/lib/domain/auth/oidc.ex similarity index 92% rename from apps/domain/fz_http/auth/oidc.ex rename to apps/domain/lib/domain/auth/oidc.ex index 35a77ae97..29adf1f34 100644 --- a/apps/domain/fz_http/auth/oidc.ex +++ b/apps/domain/lib/domain/auth/oidc.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.Auth.OIDC do +defmodule Domain.Auth.OIDC do @moduledoc """ The OIDC context. """ import Ecto.Query, warn: false - alias FzHttp.{Auth.OIDC.Connection, Repo, Users.User} + alias Domain.{Auth.OIDC.Connection, Repo, Users.User} def list_connections(%User{id: id}) do Repo.all(from(Connection, where: [user_id: ^id])) diff --git a/apps/domain/fz_http/auth/oidc/connection.ex b/apps/domain/lib/domain/auth/oidc/connection.ex similarity index 66% rename from apps/domain/fz_http/auth/oidc/connection.ex rename to apps/domain/lib/domain/auth/oidc/connection.ex index 02f2f436c..a00f6260f 100644 --- a/apps/domain/fz_http/auth/oidc/connection.ex +++ b/apps/domain/lib/domain/auth/oidc/connection.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Auth.OIDC.Connection do - use FzHttp, :schema +defmodule Domain.Auth.OIDC.Connection do + use Domain, :schema schema "oidc_connections" do field :provider, :string @@ -7,7 +7,7 @@ defmodule FzHttp.Auth.OIDC.Connection do field :refresh_token, :string field :refreshed_at, :utc_datetime_usec - belongs_to :user, FzHttp.Users.User + belongs_to :user, Domain.Users.User timestamps() end diff --git a/apps/domain/fz_http/auth/oidc/connection/changeset.ex b/apps/domain/lib/domain/auth/oidc/connection/changeset.ex similarity index 76% rename from apps/domain/fz_http/auth/oidc/connection/changeset.ex rename to apps/domain/lib/domain/auth/oidc/connection/changeset.ex index f14ee877f..00fb1f33f 100644 --- a/apps/domain/fz_http/auth/oidc/connection/changeset.ex +++ b/apps/domain/lib/domain/auth/oidc/connection/changeset.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Auth.OIDC.Connection.Changeset do - use FzHttp, :changeset +defmodule Domain.Auth.OIDC.Connection.Changeset do + use Domain, :changeset @fields ~w[provider refresh_token refreshed_at refresh_response]a @required_fields ~w[provider refresh_token]a diff --git a/apps/domain/fz_http/auth/oidc/connection/query.ex b/apps/domain/lib/domain/auth/oidc/connection/query.ex similarity index 67% rename from apps/domain/fz_http/auth/oidc/connection/query.ex rename to apps/domain/lib/domain/auth/oidc/connection/query.ex index de71a126b..d4f09139f 100644 --- a/apps/domain/fz_http/auth/oidc/connection/query.ex +++ b/apps/domain/lib/domain/auth/oidc/connection/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Auth.OIDC.Connection.Query do - use FzHttp, :query +defmodule Domain.Auth.OIDC.Connection.Query do + use Domain, :query def all do - from(connection in FzHttp.Auth.OIDC.Connection, as: :connection) + from(connection in Domain.Auth.OIDC.Connection, as: :connection) end def by_id(queryable \\ all(), id) do diff --git a/apps/domain/fz_http/auth/oidc/refresh_manager.ex b/apps/domain/lib/domain/auth/oidc/refresh_manager.ex similarity index 85% rename from apps/domain/fz_http/auth/oidc/refresh_manager.ex rename to apps/domain/lib/domain/auth/oidc/refresh_manager.ex index 955e2b9fb..ee5cb1403 100644 --- a/apps/domain/fz_http/auth/oidc/refresh_manager.ex +++ b/apps/domain/lib/domain/auth/oidc/refresh_manager.ex @@ -1,11 +1,11 @@ -defmodule FzHttp.Auth.OIDC.RefreshManager do +defmodule Domain.Auth.OIDC.RefreshManager do @moduledoc """ Manager module for refreshing OIDC connections """ use GenServer, restart: :permanent import Ecto.Query - alias FzHttp.{Repo, Users.User} + alias Domain.{Repo, Users.User} # Refresh every 10 minutes -- Keycloak's ttl for refresh tokens # is 30 minutes by default. @@ -46,8 +46,8 @@ defmodule FzHttp.Auth.OIDC.RefreshManager do delay_after_spawn = Enum.random(1..@max_delay_after_spawn) * 1000 DynamicSupervisor.start_child( - FzHttp.RefresherSupervisor, - {FzHttp.Auth.OIDC.Refresher, {id, delay_after_spawn}} + Domain.RefresherSupervisor, + {Domain.Auth.OIDC.Refresher, {id, delay_after_spawn}} ) end end diff --git a/apps/domain/fz_http/auth/oidc/refresher.ex b/apps/domain/lib/domain/auth/oidc/refresher.ex similarity index 90% rename from apps/domain/fz_http/auth/oidc/refresher.ex rename to apps/domain/lib/domain/auth/oidc/refresher.ex index a7dbd2aed..b050f7adc 100644 --- a/apps/domain/fz_http/auth/oidc/refresher.ex +++ b/apps/domain/lib/domain/auth/oidc/refresher.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.Auth.OIDC.Refresher do +defmodule Domain.Auth.OIDC.Refresher do @moduledoc """ Worker module for refreshing OIDC connections """ use GenServer, restart: :temporary - alias FzHttp.{Auth, Auth.OIDC, Auth.OIDC.Connection, Repo, Users} + alias Domain.{Auth, Auth.OIDC, Auth.OIDC.Connection, Repo, Users} require Logger def start_link(init_opts) do @@ -60,6 +60,6 @@ defmodule FzHttp.Auth.OIDC.Refresher do end defp enabled? do - FzHttp.Config.fetch_config!(:disable_vpn_on_oidc_error) + Domain.Config.fetch_config!(:disable_vpn_on_oidc_error) end end diff --git a/apps/domain/fz_http/auth/permission.ex b/apps/domain/lib/domain/auth/permission.ex similarity index 94% rename from apps/domain/fz_http/auth/permission.ex rename to apps/domain/lib/domain/auth/permission.ex index 16ec3961a..ae7db2fbf 100644 --- a/apps/domain/fz_http/auth/permission.ex +++ b/apps/domain/lib/domain/auth/permission.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Auth.Permission do +defmodule Domain.Auth.Permission do @type resource :: module() @typedoc """ diff --git a/apps/domain/fz_http/auth/role.ex b/apps/domain/lib/domain/auth/role.ex similarity index 75% rename from apps/domain/fz_http/auth/role.ex rename to apps/domain/lib/domain/auth/role.ex index 6aae9f0de..3a0e26c87 100644 --- a/apps/domain/fz_http/auth/role.ex +++ b/apps/domain/lib/domain/auth/role.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Auth.Role do - alias FzHttp.Auth.Permission +defmodule Domain.Auth.Role do + alias Domain.Auth.Permission @type name :: atom() diff --git a/apps/domain/fz_http/auth/roles.ex b/apps/domain/lib/domain/auth/roles.ex similarity index 68% rename from apps/domain/fz_http/auth/roles.ex rename to apps/domain/lib/domain/auth/roles.ex index 876e8ca35..7beccee8b 100644 --- a/apps/domain/fz_http/auth/roles.ex +++ b/apps/domain/lib/domain/auth/roles.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Auth.Roles do - alias FzHttp.Auth.Role +defmodule Domain.Auth.Roles do + alias Domain.Auth.Role def list_roles do [ @@ -10,12 +10,12 @@ defmodule FzHttp.Auth.Roles do defp list_authorizers do [ - FzHttp.Config.Authorizer, - FzHttp.ApiTokens.Authorizer, - FzHttp.ConnectivityChecks.Authorizer, - FzHttp.Devices.Authorizer, - FzHttp.Rules.Authorizer, - FzHttp.Users.Authorizer + Domain.Config.Authorizer, + Domain.ApiTokens.Authorizer, + Domain.ConnectivityChecks.Authorizer, + Domain.Devices.Authorizer, + Domain.Rules.Authorizer, + Domain.Users.Authorizer ] end diff --git a/apps/domain/fz_http/auth/saml/start_proxy.ex b/apps/domain/lib/domain/auth/saml/start_proxy.ex similarity index 87% rename from apps/domain/fz_http/auth/saml/start_proxy.ex rename to apps/domain/lib/domain/auth/saml/start_proxy.ex index ceaac75df..0e809219c 100644 --- a/apps/domain/fz_http/auth/saml/start_proxy.ex +++ b/apps/domain/lib/domain/auth/saml/start_proxy.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Auth.SAML.StartProxy do +defmodule Domain.Auth.SAML.StartProxy do @moduledoc """ This proxy starts Samly.Provider with proper configs """ @@ -20,7 +20,7 @@ defmodule FzHttp.Auth.SAML.StartProxy do end def set_service_provider(samly_configs) do - config = FzHttp.Config.fetch_env!(:fz_http, FzHttp.SAML) + config = Domain.Config.fetch_env!(:web, Web.SAML) entity_id = Keyword.fetch!(config, :entity_id) keyfile = Keyword.fetch!(config, :keyfile_path) certfile = Keyword.fetch!(config, :certfile_path) @@ -55,9 +55,9 @@ defmodule FzHttp.Auth.SAML.StartProxy do Keyword.put(samly_configs, :identity_providers, identity_providers) end - def refresh(providers \\ FzHttp.Config.fetch_config!(:saml_identity_providers)) do + def refresh(providers \\ Domain.Config.fetch_config!(:saml_identity_providers)) do samly_configs = - FzHttp.Config.fetch_env!(:samly, Samly.Provider) + Domain.Config.fetch_env!(:samly, Samly.Provider) |> set_service_provider() |> set_identity_providers(providers) diff --git a/apps/domain/fz_http/auth/subject.ex b/apps/domain/lib/domain/auth/subject.ex similarity index 72% rename from apps/domain/fz_http/auth/subject.ex rename to apps/domain/lib/domain/auth/subject.ex index 7c984d86d..886d4f57d 100644 --- a/apps/domain/fz_http/auth/subject.ex +++ b/apps/domain/lib/domain/auth/subject.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.Auth.Subject do - alias FzHttp.Auth.{Permission, Context} +defmodule Domain.Auth.Subject do + alias Domain.Auth.{Permission, Context} @type actor :: - {:user, %FzHttp.Users.User{}} - | {:api_token, %FzHttp.ApiTokens.ApiToken{}} + {:user, %Domain.Users.User{}} + | {:api_token, %Domain.ApiTokens.ApiToken{}} | :system @type permission :: Permission.t() diff --git a/apps/domain/fz_http/config.ex b/apps/domain/lib/domain/config.ex similarity index 91% rename from apps/domain/fz_http/config.ex rename to apps/domain/lib/domain/config.ex index 4dff6640c..056f864df 100644 --- a/apps/domain/fz_http/config.ex +++ b/apps/domain/lib/domain/config.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Config do - alias FzHttp.{Repo, Auth} - alias FzHttp.Config.Authorizer - alias FzHttp.Config.{Definition, Definitions, Validator, Errors, Fetcher} - alias FzHttp.Config.Configuration +defmodule Domain.Config do + alias Domain.{Repo, Auth} + alias Domain.Config.Authorizer + alias Domain.Config.{Definition, Definitions, Validator, Errors, Fetcher} + alias Domain.Config.Configuration def fetch_source_and_config!(key) do db_config = maybe_fetch_db_config!(key) @@ -59,7 +59,7 @@ defmodule FzHttp.Config do end defp maybe_fetch_db_config!(keys) when is_list(keys) do - if Enum.any?(keys, &(&1 in FzHttp.Config.Configuration.__schema__(:fields))) do + if Enum.any?(keys, &(&1 in Domain.Config.Configuration.__schema__(:fields))) do fetch_db_config!() else %{} @@ -67,7 +67,7 @@ defmodule FzHttp.Config do end defp maybe_fetch_db_config!(key) do - if key in FzHttp.Config.Configuration.__schema__(:fields) do + if key in Domain.Config.Configuration.__schema__(:fields) do fetch_db_config!() else %{} @@ -134,7 +134,7 @@ defmodule FzHttp.Config do changeset = Configuration.Changeset.changeset(config, attrs) with {:ok, config} <- Repo.update(changeset) do - FzHttp.Auth.SAML.StartProxy.refresh(config.saml_identity_providers) + Domain.Auth.SAML.StartProxy.refresh(config.saml_identity_providers) {:ok, config} end end @@ -176,13 +176,13 @@ defmodule FzHttp.Config do if Mix.env() != :test do defdelegate fetch_env!(app, key), to: Application else - def put_env_override(app \\ :fz_http, key, value) do + def put_env_override(app \\ :domain, key, value) do Process.put(pdict_key_function(app, key), value) :ok end def put_system_env_override(key, value) when is_atom(key) do - Process.put({FzHttp.Config.Resolver, key}, {:env, value}) + Process.put({Domain.Config.Resolver, key}, {:env, value}) :ok end @@ -199,7 +199,7 @@ defmodule FzHttp.Config do application_env = Application.fetch_env!(app, key) pdict_key_function(app, key) - |> FzHttp.Config.Resolver.fetch_process_env() + |> Domain.Config.Resolver.fetch_process_env() |> case do {:ok, override} -> override diff --git a/apps/domain/fz_http/config/authorizer.ex b/apps/domain/lib/domain/config/authorizer.ex similarity index 61% rename from apps/domain/fz_http/config/authorizer.ex rename to apps/domain/lib/domain/config/authorizer.ex index 700027853..da862329c 100644 --- a/apps/domain/fz_http/config/authorizer.ex +++ b/apps/domain/lib/domain/config/authorizer.ex @@ -1,10 +1,10 @@ -defmodule FzHttp.Config.Authorizer do - use FzHttp.Auth.Authorizer - alias FzHttp.Config.Configuration +defmodule Domain.Config.Authorizer do + use Domain.Auth.Authorizer + alias Domain.Config.Configuration def configure_permission, do: build(Configuration, :manage) - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def list_permissions_for_role(:admin) do [ configure_permission() diff --git a/apps/domain/fz_http/config/caster.ex b/apps/domain/lib/domain/config/caster.ex similarity index 98% rename from apps/domain/fz_http/config/caster.ex rename to apps/domain/lib/domain/config/caster.ex index 279032835..03a9716e8 100644 --- a/apps/domain/fz_http/config/caster.ex +++ b/apps/domain/lib/domain/config/caster.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Config.Caster do +defmodule Domain.Config.Caster do @moduledoc """ This module allows to cast values to a defined type. diff --git a/apps/domain/fz_http/config/configuration.ex b/apps/domain/lib/domain/config/configuration.ex similarity index 79% rename from apps/domain/fz_http/config/configuration.ex rename to apps/domain/lib/domain/config/configuration.ex index 84d012006..d30b3b00b 100644 --- a/apps/domain/fz_http/config/configuration.ex +++ b/apps/domain/lib/domain/config/configuration.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Config.Configuration do - use FzHttp, :schema - alias FzHttp.Config.Logo +defmodule Domain.Config.Configuration do + use Domain, :schema + alias Domain.Config.Logo schema "configurations" do field :allow_unprivileged_device_management, :boolean @@ -10,7 +10,7 @@ defmodule FzHttp.Config.Configuration do field :disable_vpn_on_oidc_error, :boolean # The defaults for these fields are set in the following migration: - # apps/fz_http/priv/repo/migrations/20221224210654_fix_sites_nullable_fields.exs + # apps/domain/priv/repo/migrations/20221224210654_fix_sites_nullable_fields.exs # # This will be changing in 0.8 and again when we have client apps, # so this works for the time being. The important thing is allowing users @@ -22,7 +22,7 @@ defmodule FzHttp.Config.Configuration do field :default_client_mtu, :integer field :default_client_endpoint, :string field :default_client_dns, {:array, :string}, default: [] - field :default_client_allowed_ips, {:array, FzHttp.Types.INET}, default: [] + field :default_client_allowed_ips, {:array, Domain.Types.INET}, default: [] # XXX: Remove when this feature is refactored into config expiration feature # and WireGuard keys are decoupled from devices to facilitate rotation. @@ -33,11 +33,11 @@ defmodule FzHttp.Config.Configuration do embeds_one :logo, Logo, on_replace: :delete embeds_many :openid_connect_providers, - FzHttp.Config.Configuration.OpenIDConnectProvider, + Domain.Config.Configuration.OpenIDConnectProvider, on_replace: :delete embeds_many :saml_identity_providers, - FzHttp.Config.Configuration.SAMLIdentityProvider, + Domain.Config.Configuration.SAMLIdentityProvider, on_replace: :delete timestamps() diff --git a/apps/domain/fz_http/config/configuration/changeset.ex b/apps/domain/lib/domain/config/configuration/changeset.ex similarity index 84% rename from apps/domain/fz_http/config/configuration/changeset.ex rename to apps/domain/lib/domain/config/configuration/changeset.ex index 8e14c7f3d..6d671e582 100644 --- a/apps/domain/fz_http/config/configuration/changeset.ex +++ b/apps/domain/lib/domain/config/configuration/changeset.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Config.Configuration.Changeset do - use FzHttp, :changeset - import FzHttp.Config, only: [config_changeset: 2] +defmodule Domain.Config.Configuration.Changeset do + use Domain, :changeset + import Domain.Config, only: [config_changeset: 2] # Postgres max int size is 4 bytes @max_vpn_session_duration 2_147_483_647 @@ -32,10 +32,10 @@ defmodule FzHttp.Config.Configuration.Changeset do |> cast(attrs, @fields) |> cast_embed(:logo) |> cast_embed(:openid_connect_providers, - with: {FzHttp.Config.Configuration.OpenIDConnectProvider, :changeset, []} + with: {Domain.Config.Configuration.OpenIDConnectProvider, :changeset, []} ) |> cast_embed(:saml_identity_providers, - with: {FzHttp.Config.Configuration.SAMLIdentityProvider, :changeset, []} + with: {Domain.Config.Configuration.SAMLIdentityProvider, :changeset, []} ) |> trim_change(:default_client_dns) |> trim_change(:default_client_endpoint) @@ -48,7 +48,7 @@ defmodule FzHttp.Config.Configuration.Changeset do defp ensure_no_overridden_changes(changeset) do changed_keys = Map.keys(changeset.changes) - configs = FzHttp.Config.fetch_source_and_configs!(changed_keys) + configs = Domain.Config.fetch_source_and_configs!(changed_keys) Enum.reduce(changed_keys, changeset, fn key, changeset -> case Map.fetch!(configs, key) do diff --git a/apps/domain/fz_http/config/configuration/openid_connect_provider.ex b/apps/domain/lib/domain/config/configuration/openid_connect_provider.ex similarity index 94% rename from apps/domain/fz_http/config/configuration/openid_connect_provider.ex rename to apps/domain/lib/domain/config/configuration/openid_connect_provider.ex index d92731868..3a64d6c75 100644 --- a/apps/domain/fz_http/config/configuration/openid_connect_provider.ex +++ b/apps/domain/lib/domain/config/configuration/openid_connect_provider.ex @@ -1,10 +1,10 @@ -defmodule FzHttp.Config.Configuration.OpenIDConnectProvider do +defmodule Domain.Config.Configuration.OpenIDConnectProvider do @moduledoc """ OIDC Config virtual schema """ - use FzHttp, :schema + use Domain, :schema import Ecto.Changeset - alias FzHttp.Validator + alias Domain.Validator @reserved_config_ids [ "identity", diff --git a/apps/domain/fz_http/config/configuration/saml_identity_provider.ex b/apps/domain/lib/domain/config/configuration/saml_identity_provider.ex similarity index 90% rename from apps/domain/fz_http/config/configuration/saml_identity_provider.ex rename to apps/domain/lib/domain/config/configuration/saml_identity_provider.ex index a7dfebb51..87579bbef 100644 --- a/apps/domain/fz_http/config/configuration/saml_identity_provider.ex +++ b/apps/domain/lib/domain/config/configuration/saml_identity_provider.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Config.Configuration.SAMLIdentityProvider do +defmodule Domain.Config.Configuration.SAMLIdentityProvider do @moduledoc """ SAML Config virtual schema """ - use FzHttp, :schema + use Domain, :schema import Ecto.Changeset @reserved_config_ids [ @@ -48,7 +48,7 @@ defmodule FzHttp.Config.Configuration.SAMLIdentityProvider do :metadata, :auto_create_users ]) - |> FzHttp.Validator.validate_uri(:base_url) + |> Domain.Validator.validate_uri(:base_url) |> validate_metadata() # Don't allow users to enter reserved config ids |> validate_exclusion(:id, @reserved_config_ids) @@ -69,7 +69,7 @@ defmodule FzHttp.Config.Configuration.SAMLIdentityProvider do defp gen_default_base_url(changeset) do default_base_url = - FzHttp.Config.fetch_env!(:fz_http, :external_url) + Domain.Config.fetch_env!(:web, :external_url) |> Path.join("/auth/saml") base_url = get_change(changeset, :base_url, default_base_url) diff --git a/apps/domain/fz_http/config/definition.ex b/apps/domain/lib/domain/config/definition.ex similarity index 91% rename from apps/domain/fz_http/config/definition.ex rename to apps/domain/lib/domain/config/definition.ex index c99f03102..e75df9317 100644 --- a/apps/domain/fz_http/config/definition.ex +++ b/apps/domain/lib/domain/config/definition.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Config.Definition do +defmodule Domain.Config.Definition do @moduledoc """ This module provides a DSL to define application configuration, which can be read from multiple sources, casted and validated. @@ -6,7 +6,7 @@ defmodule FzHttp.Config.Definition do ## Examples defmodule MyConfig do - use FzHttp.Config.Definition + use Domain.Config.Definition @doc "My config key" defconfig :my_key, :string, required: true @@ -21,7 +21,7 @@ defmodule FzHttp.Config.Definition do iex> MyConfig.fetch_doc(:my_key) {:ok, "My config key"} """ - alias FzHttp.Config.Errors + alias Domain.Config.Errors @type array_opts :: [{:validate_unique, boolean()} | {:validate_length, Keyword.t()}] @@ -53,17 +53,17 @@ defmodule FzHttp.Config.Definition do defmacro __using__(_opts) do quote do - import FzHttp.Config.Definition - import FzHttp.Config, only: [compile_config!: 1] + import Domain.Config.Definition + import Domain.Config, only: [compile_config!: 1] # Accumulator keeps the list of defined config keys Module.register_attribute(__MODULE__, :configs, accumulate: true) # A `configs/0` function is injected before module is compiled # exporting the aggregated list of config keys - @before_compile FzHttp.Config.Definition + @before_compile Domain.Config.Definition - @doc "See `FzHttp.Config.Definition.fetch_doc/2`" + @doc "See `Domain.Config.Definition.fetch_doc/2`" def fetch_doc(key), do: fetch_doc(__MODULE__, key) end end @@ -96,7 +96,7 @@ defmodule FzHttp.Config.Definition do defmacro defconfig(key, type, opts \\ []) do quote do @configs {__MODULE__, unquote(key)} - @spec unquote(key)() :: {FzHttp.Config.Definition.type(), FzHttp.Config.Definition.opts()} + @spec unquote(key)() :: {Domain.Config.Definition.type(), Domain.Config.Definition.opts()} def unquote(key)(), do: {unquote(type), unquote(opts)} end end diff --git a/apps/domain/fz_http/config/definitions.ex b/apps/domain/lib/domain/config/definitions.ex similarity index 93% rename from apps/domain/fz_http/config/definitions.ex rename to apps/domain/lib/domain/config/definitions.ex index 6a2872c76..1bc40e8b6 100644 --- a/apps/domain/fz_http/config/definitions.ex +++ b/apps/domain/lib/domain/config/definitions.ex @@ -1,4 +1,5 @@ -defmodule FzHttp.Config.Definitions do +# TODO: clean up unused definitions +defmodule Domain.Config.Definitions do @moduledoc """ Most day-to-day config of Firezone can be done via the Firezone Web UI, but for zero-touch deployments we allow to override most of configuration options @@ -27,10 +28,10 @@ defmodule FzHttp.Config.Definitions do It means that if environment variable is set, it will be used, regardless of the database value, and UI to edit database value will be disabled. """ - use FzHttp.Config.Definition - alias FzHttp.Config.Dumper - alias FzHttp.Types - alias FzHttp.Config.{Configuration, Logo} + use Domain.Config.Definition + alias Domain.Config.Dumper + alias Domain.Types + alias Domain.Config.{Configuration, Logo} def doc_sections do [ @@ -156,8 +157,8 @@ defmodule FzHttp.Config.Definitions do defconfig(:external_url, :string, changeset: fn changeset, key -> changeset - |> FzHttp.Validator.validate_uri(key, require_trailing_slash: true) - |> FzHttp.Validator.normalize_url(key) + |> Domain.Validator.validate_uri(key, require_trailing_slash: true) + |> Domain.Validator.normalize_url(key) end ) @@ -289,7 +290,7 @@ defmodule FzHttp.Config.Definitions do ) defconfig(:database_parameters, :map, - default: %{application_name: "firezone-#{Application.spec(:fz_http, :vsn)}"}, + default: %{application_name: "firezone-#{Application.spec(:domain, :vsn)}"}, dump: &Dumper.keyword/1 ) @@ -314,8 +315,8 @@ defmodule FzHttp.Config.Definitions do legacy_keys: [{:env, "ADMIN_EMAIL", "0.9"}], changeset: fn changeset, key -> changeset - |> FzHttp.Validator.trim_change(key) - |> FzHttp.Validator.validate_email(key) + |> Domain.Validator.trim_change(key) + |> Domain.Validator.validate_email(key) end ) @@ -339,7 +340,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:guardian_secret_key, :string, sensitive: true, - changeset: &FzHttp.Validator.validate_base64/2 + changeset: &Domain.Validator.validate_base64/2 ) @doc """ @@ -347,7 +348,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:database_encryption_key, :string, sensitive: true, - changeset: &FzHttp.Validator.validate_base64/2 + changeset: &Domain.Validator.validate_base64/2 ) @doc """ @@ -355,7 +356,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:secret_key_base, :string, sensitive: true, - changeset: &FzHttp.Validator.validate_base64/2 + changeset: &Domain.Validator.validate_base64/2 ) @doc """ @@ -363,7 +364,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:live_view_signing_salt, :string, sensitive: true, - changeset: &FzHttp.Validator.validate_base64/2 + changeset: &Domain.Validator.validate_base64/2 ) @doc """ @@ -371,7 +372,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:cookie_signing_salt, :string, sensitive: true, - changeset: &FzHttp.Validator.validate_base64/2 + changeset: &Domain.Validator.validate_base64/2 ) @doc """ @@ -379,7 +380,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:cookie_encryption_salt, :string, sensitive: true, - changeset: &FzHttp.Validator.validate_base64/2 + changeset: &Domain.Validator.validate_base64/2 ) ############################################## @@ -455,8 +456,8 @@ defmodule FzHttp.Config.Definitions do :string, changeset, key -> changeset - |> FzHttp.Validator.trim_change(key) - |> FzHttp.Validator.validate_fqdn(key, allow_port: true) + |> Domain.Validator.trim_change(key) + |> Domain.Validator.validate_fqdn(key, allow_port: true) end ) @@ -477,8 +478,8 @@ defmodule FzHttp.Config.Definitions do :string, changeset, key -> changeset - |> FzHttp.Validator.trim_change(key) - |> FzHttp.Validator.validate_fqdn(key) + |> Domain.Validator.trim_change(key) + |> Domain.Validator.validate_fqdn(key) end ) @@ -537,7 +538,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:saml_keyfile_path, :string, default: "/var/firezone/saml.key", - changeset: &FzHttp.Validator.validate_file(&1, &2, extensions: ~w[.pem .key]) + changeset: &Domain.Validator.validate_file(&1, &2, extensions: ~w[.pem .key]) ) @doc """ @@ -546,7 +547,7 @@ defmodule FzHttp.Config.Definitions do """ defconfig(:saml_certfile_path, :string, default: "/var/firezone/saml.crt", - changeset: &FzHttp.Validator.validate_file(&1, &2, extensions: ~w[.crt .pem]) + changeset: &Domain.Validator.validate_file(&1, &2, extensions: ~w[.crt .pem]) ) @doc """ @@ -673,12 +674,12 @@ defmodule FzHttp.Config.Definitions do defconfig(:wireguard_ipv4_network, Types.CIDR, default: "10.3.2.0/24", - changeset: &FzHttp.Validator.validate_ip_type_inclusion(&1, &2, [:ipv4]) + changeset: &Domain.Validator.validate_ip_type_inclusion(&1, &2, [:ipv4]) ) defconfig(:wireguard_ipv4_address, Types.IP, default: "10.3.2.1", - changeset: &FzHttp.Validator.validate_ip_type_inclusion(&1, &2, [:ipv4]) + changeset: &Domain.Validator.validate_ip_type_inclusion(&1, &2, [:ipv4]) ) @doc """ @@ -689,19 +690,19 @@ defmodule FzHttp.Config.Definitions do defconfig(:wireguard_ipv6_network, Types.CIDR, default: "fd00::3:2:0/120", - changeset: &FzHttp.Validator.validate_ip_type_inclusion(&1, &2, [:ipv6]) + changeset: &Domain.Validator.validate_ip_type_inclusion(&1, &2, [:ipv6]) ) defconfig(:wireguard_ipv6_address, Types.IP, default: "fd00::3:2:1", - changeset: &FzHttp.Validator.validate_ip_type_inclusion(&1, &2, [:ipv6]) + changeset: &Domain.Validator.validate_ip_type_inclusion(&1, &2, [:ipv6]) ) defconfig(:wireguard_private_key_path, :string, default: "/var/firezone/private_key" # We don't check if the file exists, because it is generated on # the first boot. - # changeset: &FzHttp.Validator.validate_file(&1, &2) + # changeset: &Domain.Validator.validate_file(&1, &2) ) defconfig(:wireguard_interface_name, :string, default: "wg-firezone") @@ -737,8 +738,8 @@ defmodule FzHttp.Config.Definitions do sensitive: true, changeset: fn changeset, key -> changeset - |> FzHttp.Validator.trim_change(key) - |> FzHttp.Validator.validate_email(key) + |> Domain.Validator.trim_change(key) + |> Domain.Validator.validate_email(key) end ) @@ -768,7 +769,7 @@ defmodule FzHttp.Config.Definitions do Swoosh.Adapters.Sendmail, Swoosh.Adapters.SocketLabs, Swoosh.Adapters.SparkPost, - FzHttpWeb.Mailer.NoopAdapter, + Web.Mailer.NoopAdapter, # DEPRECATED: Legacy options should be removed in 0.8 :smtp, :mailgun, @@ -778,7 +779,7 @@ defmodule FzHttp.Config.Definitions do :sendmail ] )}, - default: FzHttpWeb.Mailer.NoopAdapter, + default: Web.Mailer.NoopAdapter, legacy_keys: [{:env, "OUTBOUND_EMAIL_PROVIDER", "0.9"}], dump: fn :smtp -> Swoosh.Adapters.SMTP diff --git a/apps/domain/fz_http/config/dumper.ex b/apps/domain/lib/domain/config/dumper.ex similarity index 97% rename from apps/domain/fz_http/config/dumper.ex rename to apps/domain/lib/domain/config/dumper.ex index f4092054f..c73dfadc3 100644 --- a/apps/domain/fz_http/config/dumper.ex +++ b/apps/domain/lib/domain/config/dumper.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Config.Dumper do +defmodule Domain.Config.Dumper do @doc ~S""" Maps JSON-decoded ssl opts to pass to Erlang's ssl module. Most users don't need to override many, if any, SSL opts. Most commonly this is diff --git a/apps/domain/fz_http/config/errors.ex b/apps/domain/lib/domain/config/errors.ex similarity index 91% rename from apps/domain/fz_http/config/errors.ex rename to apps/domain/lib/domain/config/errors.ex index dbd5e608e..2fda26c4b 100644 --- a/apps/domain/fz_http/config/errors.ex +++ b/apps/domain/lib/domain/config/errors.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Config.Errors do - alias FzHttp.Config.Definition +defmodule Domain.Config.Errors do + alias Domain.Config.Definition require Logger @env_doc_url "https://www.firezone.dev/docs/reference/env-vars/#environment-variable-listing" @@ -48,7 +48,7 @@ defmodule FzHttp.Config.Errors do end defp source({:app_env, key}), do: "application environment #{key}" - defp source({:env, key}), do: "environment variable #{FzHttp.Config.Resolver.env_key(key)}" + defp source({:env, key}), do: "environment variable #{Domain.Config.Resolver.env_key(key)}" defp source({:db, key}), do: "database configuration #{key}" defp source(:default), do: "default value" @@ -93,7 +93,7 @@ defmodule FzHttp.Config.Errors do def legacy_key_used(key, legacy_key, removed_at) do Logger.warn( "A legacy configuration option '#{legacy_key}' is used and it will be removed in v#{removed_at}. " <> - "Please use '#{FzHttp.Config.Resolver.env_key(key)}' configuration option instead." + "Please use '#{Domain.Config.Resolver.env_key(key)}' configuration option instead." ) end @@ -107,12 +107,12 @@ defmodule FzHttp.Config.Errors do You can set this configuration via environment variable by adding it to `.env` file: - #{FzHttp.Config.Resolver.env_key(key)}=YOUR_VALUE + #{Domain.Config.Resolver.env_key(key)}=YOUR_VALUE """ end defp db_example(key) do - if key in FzHttp.Config.Configuration.__schema__(:fields) do + if key in Domain.Config.Configuration.__schema__(:fields) do """ ### Using database diff --git a/apps/domain/fz_http/config/fetcher.ex b/apps/domain/lib/domain/config/fetcher.ex similarity index 95% rename from apps/domain/fz_http/config/fetcher.ex rename to apps/domain/lib/domain/config/fetcher.ex index cdc198a44..c7c2292ab 100644 --- a/apps/domain/fz_http/config/fetcher.ex +++ b/apps/domain/lib/domain/config/fetcher.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Config.Fetcher do - alias FzHttp.Config.{Definition, Resolver, Caster, Validator} +defmodule Domain.Config.Fetcher do + alias Domain.Config.{Definition, Resolver, Caster, Validator} @spec fetch_source_and_config( module(), diff --git a/apps/domain/fz_http/config/logo.ex b/apps/domain/lib/domain/config/logo.ex similarity index 87% rename from apps/domain/fz_http/config/logo.ex rename to apps/domain/lib/domain/config/logo.ex index 5e0d8efe1..633385f50 100644 --- a/apps/domain/fz_http/config/logo.ex +++ b/apps/domain/lib/domain/config/logo.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.Config.Logo do +defmodule Domain.Config.Logo do @moduledoc """ Embedded Schema for logo """ - use FzHttp, :schema - import FzHttp.Validator + use Domain, :schema + import Domain.Validator import Ecto.Changeset @whitelisted_file_extensions ~w[.jpg .jpeg .png .gif .webp .avif .svg .tiff] @@ -34,7 +34,7 @@ defmodule FzHttp.Config.Logo do defp move_file_to_static(changeset) do case fetch_change(changeset, :file) do {:ok, file} -> - directory = Path.join(Application.app_dir(:fz_http), "priv/static/uploads/logo") + directory = Path.join(Application.app_dir(:domain), "priv/static/uploads/logo") file_name = Path.basename(file) file_path = Path.join(directory, file_name) File.mkdir_p!(directory) diff --git a/apps/domain/fz_http/config/resolver.ex b/apps/domain/lib/domain/config/resolver.ex similarity index 96% rename from apps/domain/fz_http/config/resolver.ex rename to apps/domain/lib/domain/config/resolver.ex index 690ad87ba..099eab2e2 100644 --- a/apps/domain/fz_http/config/resolver.ex +++ b/apps/domain/lib/domain/config/resolver.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Config.Resolver do - alias FzHttp.Config.Errors +defmodule Domain.Config.Resolver do + alias Domain.Config.Errors @type source :: {:env, atom()} | {:db, atom()} | :default @@ -7,7 +7,7 @@ defmodule FzHttp.Config.Resolver do key :: atom(), env_configurations :: map(), db_configurations :: map(), - opts :: [{:legacy_keys, [FzHttp.Config.Definition.legacy_key()]}] + opts :: [{:legacy_keys, [Domain.Config.Definition.legacy_key()]}] ) :: {:ok, {source :: source(), value :: term()}} | :error def resolve(key, env_configurations, db_configurations, opts) do diff --git a/apps/domain/fz_http/config/validator.ex b/apps/domain/lib/domain/config/validator.ex similarity index 99% rename from apps/domain/fz_http/config/validator.ex rename to apps/domain/lib/domain/config/validator.ex index bc2b68ea4..bf1a762c9 100644 --- a/apps/domain/fz_http/config/validator.ex +++ b/apps/domain/lib/domain/config/validator.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Config.Validator do +defmodule Domain.Config.Validator do import Ecto.Changeset def validate(_key, nil, _type, _opts) do diff --git a/apps/domain/fz_http/connectivity_checks.ex b/apps/domain/lib/domain/connectivity_checks.ex similarity index 85% rename from apps/domain/fz_http/connectivity_checks.ex rename to apps/domain/lib/domain/connectivity_checks.ex index 62c7b7252..b29383414 100644 --- a/apps/domain/fz_http/connectivity_checks.ex +++ b/apps/domain/lib/domain/connectivity_checks.ex @@ -1,11 +1,11 @@ -defmodule FzHttp.ConnectivityChecks do +defmodule Domain.ConnectivityChecks do @moduledoc """ The ConnectivityChecks context. """ use Supervisor - alias FzHttp.Repo - alias FzHttp.Auth - alias FzHttp.ConnectivityChecks.{Poller, ConnectivityCheck, Authorizer} + alias Domain.Repo + alias Domain.Auth + alias Domain.ConnectivityChecks.{Poller, ConnectivityCheck, Authorizer} @http_client_process_name __MODULE__.Finch @@ -14,12 +14,12 @@ defmodule FzHttp.ConnectivityChecks do end def init(_opts) do - config = FzHttp.Config.fetch_env!(:fz_http, FzHttp.ConnectivityChecks) + config = Domain.Config.fetch_env!(:domain, Domain.ConnectivityChecks) transport_opts = Keyword.fetch!(config, :http_client_options) children = if Keyword.fetch!(config, :enabled) == true do - application_version = Application.spec(:fz_http, :vsn) |> to_string() + application_version = Application.spec(:domain, :vsn) |> to_string() connectivity_checks_url = Keyword.fetch!(config, :url) request = Finch.build(:get, connectivity_checks_url <> application_version) diff --git a/apps/domain/fz_http/connectivity_checks/authorizer.ex b/apps/domain/lib/domain/connectivity_checks/authorizer.ex similarity index 63% rename from apps/domain/fz_http/connectivity_checks/authorizer.ex rename to apps/domain/lib/domain/connectivity_checks/authorizer.ex index 8d72b77ce..1e75ed729 100644 --- a/apps/domain/fz_http/connectivity_checks/authorizer.ex +++ b/apps/domain/lib/domain/connectivity_checks/authorizer.ex @@ -1,10 +1,10 @@ -defmodule FzHttp.ConnectivityChecks.Authorizer do - use FzHttp.Auth.Authorizer - alias FzHttp.ConnectivityChecks.ConnectivityCheck +defmodule Domain.ConnectivityChecks.Authorizer do + use Domain.Auth.Authorizer + alias Domain.ConnectivityChecks.ConnectivityCheck def view_connectivity_checks_permission, do: build(ConnectivityCheck, :view) - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def list_permissions_for_role(:admin) do [ view_connectivity_checks_permission() @@ -15,7 +15,7 @@ defmodule FzHttp.ConnectivityChecks.Authorizer do [] end - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def for_subject(queryable, %Subject{} = subject) when is_user(subject) do queryable end diff --git a/apps/domain/fz_http/connectivity_checks/connectivity_check.ex b/apps/domain/lib/domain/connectivity_checks/connectivity_check.ex similarity index 72% rename from apps/domain/fz_http/connectivity_checks/connectivity_check.ex rename to apps/domain/lib/domain/connectivity_checks/connectivity_check.ex index 470df9c93..6c0a4a871 100644 --- a/apps/domain/fz_http/connectivity_checks/connectivity_check.ex +++ b/apps/domain/lib/domain/connectivity_checks/connectivity_check.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.ConnectivityChecks.ConnectivityCheck do - use FzHttp, :schema +defmodule Domain.ConnectivityChecks.ConnectivityCheck do + use Domain, :schema schema "connectivity_checks" do field :response_body, :string diff --git a/apps/domain/fz_http/connectivity_checks/connectivity_check/changeset.ex b/apps/domain/lib/domain/connectivity_checks/connectivity_check/changeset.ex similarity index 66% rename from apps/domain/fz_http/connectivity_checks/connectivity_check/changeset.ex rename to apps/domain/lib/domain/connectivity_checks/connectivity_check/changeset.ex index f2070d7d4..41204c746 100644 --- a/apps/domain/fz_http/connectivity_checks/connectivity_check/changeset.ex +++ b/apps/domain/lib/domain/connectivity_checks/connectivity_check/changeset.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.ConnectivityChecks.ConnectivityCheck.Changeset do - use FzHttp, :changeset - alias FzHttp.ConnectivityChecks.ConnectivityCheck +defmodule Domain.ConnectivityChecks.ConnectivityCheck.Changeset do + use Domain, :changeset + alias Domain.ConnectivityChecks.ConnectivityCheck def create_changeset(attrs) do %ConnectivityCheck{} diff --git a/apps/domain/fz_http/connectivity_checks/connectivity_check/query.ex b/apps/domain/lib/domain/connectivity_checks/connectivity_check/query.ex similarity index 75% rename from apps/domain/fz_http/connectivity_checks/connectivity_check/query.ex rename to apps/domain/lib/domain/connectivity_checks/connectivity_check/query.ex index 724f60f68..642a6c2d9 100644 --- a/apps/domain/fz_http/connectivity_checks/connectivity_check/query.ex +++ b/apps/domain/lib/domain/connectivity_checks/connectivity_check/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.ConnectivityChecks.ConnectivityCheck.Query do - use FzHttp, :query +defmodule Domain.ConnectivityChecks.ConnectivityCheck.Query do + use Domain, :query def all do - from(users in FzHttp.ConnectivityChecks.ConnectivityCheck, as: :connectivity_checks) + from(users in Domain.ConnectivityChecks.ConnectivityCheck, as: :connectivity_checks) end def by_id(queryable \\ all(), id) do diff --git a/apps/domain/fz_http/connectivity_checks/poller.ex b/apps/domain/lib/domain/connectivity_checks/poller.ex similarity index 90% rename from apps/domain/fz_http/connectivity_checks/poller.ex rename to apps/domain/lib/domain/connectivity_checks/poller.ex index 9dc22bb02..28f2decae 100644 --- a/apps/domain/fz_http/connectivity_checks/poller.ex +++ b/apps/domain/lib/domain/connectivity_checks/poller.ex @@ -1,10 +1,10 @@ -defmodule FzHttp.ConnectivityChecks.Poller do +defmodule Domain.ConnectivityChecks.Poller do @moduledoc """ A simple GenServer to periodically check for WAN connectivity by issuing POSTs to https://ping[-dev].firez.one/{version}. """ use GenServer - alias FzHttp.ConnectivityChecks + alias Domain.ConnectivityChecks require Logger # Wait a minute before sending the first ping to avoid event spamming when @@ -23,7 +23,7 @@ defmodule FzHttp.ConnectivityChecks.Poller do @impl GenServer def handle_info(:start_interval, %{request: request} = state) do - FzHttp.Config.fetch_env!(:fz_http, ConnectivityChecks) + Domain.Config.fetch_env!(:domain, ConnectivityChecks) |> Keyword.fetch!(:interval) |> :timer.seconds() |> :timer.send_interval(:tick) diff --git a/apps/domain/fz_http/crypto.ex b/apps/domain/lib/domain/crypto.ex similarity index 96% rename from apps/domain/fz_http/crypto.ex rename to apps/domain/lib/domain/crypto.ex index 02f553c78..339cad780 100644 --- a/apps/domain/fz_http/crypto.ex +++ b/apps/domain/lib/domain/crypto.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Crypto do +defmodule Domain.Crypto do @wg_psk_length 32 def psk do diff --git a/apps/domain/fz_http/devices.ex b/apps/domain/lib/domain/devices.ex similarity index 94% rename from apps/domain/fz_http/devices.ex rename to apps/domain/lib/domain/devices.ex index 58b88d9ec..9fb2ab7ff 100644 --- a/apps/domain/fz_http/devices.ex +++ b/apps/domain/lib/domain/devices.ex @@ -1,7 +1,7 @@ -defmodule FzHttp.Devices do - alias FzHttp.{Repo, Config, Auth, Validator} - alias FzHttp.{Users, Telemetry} - alias FzHttp.Devices.{Device, Authorizer} +defmodule Domain.Devices do + alias Domain.{Repo, Config, Auth, Validator} + alias Domain.{Users, Telemetry} + alias Domain.Devices.{Device, Authorizer} def count do Device.Query.all() @@ -156,7 +156,7 @@ defmodule FzHttp.Devices do end end - def generate_name(name \\ FzHttp.NameGenerator.generate()) do + def generate_name(name \\ Domain.NameGenerator.generate()) do hash = name |> :erlang.phash2(2 ** 16) @@ -200,14 +200,14 @@ defmodule FzHttp.Devices do def inet(device) do ips = - if Config.fetch_env!(:fz_http, :wireguard_ipv6_enabled) == true do + if Config.fetch_env!(:domain, :wireguard_ipv6_enabled) == true do ["#{device.ipv6}/128"] else [] end ips = - if Config.fetch_env!(:fz_http, :wireguard_ipv4_enabled) == true do + if Config.fetch_env!(:domain, :wireguard_ipv4_enabled) == true do ["#{device.ipv4}/32"] ++ ips else ips diff --git a/apps/domain/fz_http/devices/authorizer.ex b/apps/domain/lib/domain/devices/authorizer.ex similarity index 83% rename from apps/domain/fz_http/devices/authorizer.ex rename to apps/domain/lib/domain/devices/authorizer.ex index 2e06a9a73..bfb992711 100644 --- a/apps/domain/fz_http/devices/authorizer.ex +++ b/apps/domain/lib/domain/devices/authorizer.ex @@ -1,13 +1,13 @@ -defmodule FzHttp.Devices.Authorizer do - use FzHttp.Auth.Authorizer - alias FzHttp.Devices.Device +defmodule Domain.Devices.Authorizer do + use Domain.Auth.Authorizer + alias Domain.Devices.Device def view_own_devices_permission, do: build(Device, :view_own) def manage_own_devices_permission, do: build(Device, :manage_own) def manage_devices_permission, do: build(Device, :manage) def configure_devices_permission, do: build(Device, :configure) - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def list_permissions_for_role(:admin) do [ @@ -23,11 +23,11 @@ defmodule FzHttp.Devices.Authorizer do view_own_devices_permission() ] |> add_permission_if( - FzHttp.Config.fetch_config!(:allow_unprivileged_device_management), + Domain.Config.fetch_config!(:allow_unprivileged_device_management), manage_own_devices_permission() ) |> add_permission_if( - FzHttp.Config.fetch_config!(:allow_unprivileged_device_configuration), + Domain.Config.fetch_config!(:allow_unprivileged_device_configuration), configure_devices_permission() ) end @@ -39,7 +39,7 @@ defmodule FzHttp.Devices.Authorizer do defp add_permission_if(permissions, true, permission), do: permissions ++ [permission] defp add_permission_if(permissions, false, _permission), do: permissions - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def for_subject(queryable, %Subject{} = subject) when is_user(subject) do cond do has_permission?(subject, manage_devices_permission()) -> diff --git a/apps/domain/fz_http/devices/device.ex b/apps/domain/lib/domain/devices/device.ex similarity index 72% rename from apps/domain/fz_http/devices/device.ex rename to apps/domain/lib/domain/devices/device.ex index 6a0a43406..147c20587 100644 --- a/apps/domain/fz_http/devices/device.ex +++ b/apps/domain/lib/domain/devices/device.ex @@ -1,12 +1,12 @@ -defmodule FzHttp.Devices.Device do - use FzHttp, :schema +defmodule Domain.Devices.Device do + use Domain, :schema schema "devices" do field(:name, :string) field(:description, :string) field(:public_key, :string) - field(:preshared_key, FzHttp.Encrypted.Binary) + field(:preshared_key, Domain.Encrypted.Binary) field(:use_default_allowed_ips, :boolean, read_after_writes: true, default: true) field(:use_default_dns, :boolean, read_after_writes: true, default: true) @@ -17,18 +17,18 @@ defmodule FzHttp.Devices.Device do field(:endpoint, :string) field(:mtu, :integer) field(:persistent_keepalive, :integer) - field(:allowed_ips, {:array, FzHttp.Types.INET}, default: []) + field(:allowed_ips, {:array, Domain.Types.INET}, default: []) field(:dns, {:array, :string}, default: []) - field(:ipv4, FzHttp.Types.IP) - field(:ipv6, FzHttp.Types.IP) + field(:ipv4, Domain.Types.IP) + field(:ipv6, Domain.Types.IP) - field(:remote_ip, FzHttp.Types.IP) + field(:remote_ip, Domain.Types.IP) field(:rx_bytes, :integer) field(:tx_bytes, :integer) field(:latest_handshake, :utc_datetime_usec) - belongs_to(:user, FzHttp.Users.User) + belongs_to(:user, Domain.Users.User) timestamps() end diff --git a/apps/domain/fz_http/devices/device/changeset.ex b/apps/domain/lib/domain/devices/device/changeset.ex similarity index 85% rename from apps/domain/fz_http/devices/device/changeset.ex rename to apps/domain/lib/domain/devices/device/changeset.ex index e92298b43..a9f909f51 100644 --- a/apps/domain/fz_http/devices/device/changeset.ex +++ b/apps/domain/lib/domain/devices/device/changeset.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Devices.Device.Changeset do - use FzHttp, :changeset - import FzHttp.Config, only: [config_changeset: 3] - alias FzHttp.Users - alias FzHttp.Devices +defmodule Domain.Devices.Device.Changeset do + use Domain, :changeset + import Domain.Config, only: [config_changeset: 3] + alias Domain.Users + alias Domain.Devices @create_fields ~w[name description public_key preshared_key]a @@ -34,8 +34,8 @@ defmodule FzHttp.Devices.Device.Changeset do def create_changeset(attrs) do %Devices.Device{} |> cast(attrs, @create_fields) - |> put_default_value(:name, &FzHttp.Devices.generate_name/0) - |> put_default_value(:preshared_key, &FzHttp.Crypto.psk/0) + |> put_default_value(:name, &Domain.Devices.generate_name/0) + |> put_default_value(:preshared_key, &Domain.Crypto.psk/0) |> changeset() |> validate_base64(:public_key) |> validate_base64(:preshared_key) @@ -99,7 +99,7 @@ defmodule FzHttp.Devices.Device.Changeset do end defp maybe_put_default_ip(changeset, field) do - if FzHttp.Config.fetch_env!(:fz_http, :"wireguard_#{field}_enabled") == true do + if Domain.Config.fetch_env!(:domain, :"wireguard_#{field}_enabled") == true do case fetch_field(changeset, field) do {:data, nil} -> put_default_ip(changeset, field) :error -> put_default_ip(changeset, field) @@ -113,15 +113,15 @@ defmodule FzHttp.Devices.Device.Changeset do defp put_default_ip(changeset, field) do cidr = wireguard_network(field) - hosts = FzHttp.Types.CIDR.count_hosts(cidr) + hosts = Domain.Types.CIDR.count_hosts(cidr) offset = Enum.random(2..(hosts - 2)) {:ok, gateway_address} = - FzHttp.Config.fetch_env!(:fz_http, :"wireguard_#{field}_address") - |> FzHttp.Types.IP.cast() + Domain.Config.fetch_env!(:domain, :"wireguard_#{field}_address") + |> Domain.Types.IP.cast() Devices.Device.Query.next_available_address(cidr, offset, [gateway_address]) - |> FzHttp.Repo.one() + |> Domain.Repo.one() |> case do nil -> add_error(changeset, :base, "CIDR #{cidr} is exhausted") ip -> put_change(changeset, field, ip) @@ -129,7 +129,7 @@ defmodule FzHttp.Devices.Device.Changeset do end defp wireguard_network(field) do - cidr = FzHttp.Config.fetch_env!(:fz_http, :"wireguard_#{field}_network") + cidr = Domain.Config.fetch_env!(:domain, :"wireguard_#{field}_network") %{cidr | netmask: limit_cidr_netmask(field, cidr.netmask)} end @@ -137,13 +137,13 @@ defmodule FzHttp.Devices.Device.Changeset do defp limit_cidr_netmask(:ipv6, network), do: max(network, 70) defp ipv4_address do - FzHttp.Config.fetch_env!(:fz_http, :wireguard_ipv4_address) - |> FzHttp.Types.IP.cast() + Domain.Config.fetch_env!(:domain, :wireguard_ipv4_address) + |> Domain.Types.IP.cast() end defp ipv6_address do - FzHttp.Config.fetch_env!(:fz_http, :wireguard_ipv6_address) - |> FzHttp.Types.IP.cast() + Domain.Config.fetch_env!(:domain, :wireguard_ipv6_address) + |> Domain.Types.IP.cast() end defp validate_max_devices(changeset, user) do @@ -151,7 +151,7 @@ defmodule FzHttp.Devices.Device.Changeset do # At the moment it's not a big concern. Fixing it would require locking against INSERTs or DELETEs # while counts are happening. count = Devices.count_by_user_id(user.id) - max_devices = FzHttp.Config.fetch_env!(:fz_http, :max_devices_per_user) + max_devices = Domain.Config.fetch_env!(:domain, :max_devices_per_user) if count >= max_devices do add_error( diff --git a/apps/domain/fz_http/devices/device/query.ex b/apps/domain/lib/domain/devices/device/query.ex similarity index 96% rename from apps/domain/fz_http/devices/device/query.ex rename to apps/domain/lib/domain/devices/device/query.ex index 39d2eb865..9b79118ea 100644 --- a/apps/domain/fz_http/devices/device/query.ex +++ b/apps/domain/lib/domain/devices/device/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Devices.Device.Query do - use FzHttp, :query +defmodule Domain.Devices.Device.Query do + use Domain, :query def all do - from(devices in FzHttp.Devices.Device, as: :devices) + from(devices in Domain.Devices.Device, as: :devices) end def by_id(queryable \\ all(), id) do @@ -27,8 +27,8 @@ defmodule FzHttp.Devices.Device.Query do def only_active(queryable \\ all()) do dynamic = - if FzHttp.Config.vpn_sessions_expire?() do - vpn_session_duration = FzHttp.Config.fetch_config!(:vpn_session_duration) + if Domain.Config.vpn_sessions_expire?() do + vpn_session_duration = Domain.Config.fetch_config!(:vpn_session_duration) dynamic( [user: user], diff --git a/apps/domain/fz_http/devices/stats_updater.ex b/apps/domain/lib/domain/devices/stats_updater.ex similarity index 91% rename from apps/domain/fz_http/devices/stats_updater.ex rename to apps/domain/lib/domain/devices/stats_updater.ex index 34974262f..caf2adf91 100644 --- a/apps/domain/fz_http/devices/stats_updater.ex +++ b/apps/domain/lib/domain/devices/stats_updater.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.Devices.StatsUpdater do +defmodule Domain.Devices.StatsUpdater do @moduledoc """ Extracts WireGuard data about each peer and adds it to the correspond device. """ - alias FzHttp.{Devices, Devices.Device, Repo} + alias Domain.{Devices, Devices.Device, Repo} def update(stats) do for {public_key, data} <- stats do diff --git a/apps/domain/lib/domain/encrypted/binary.ex b/apps/domain/lib/domain/encrypted/binary.ex new file mode 100644 index 000000000..e1b56762a --- /dev/null +++ b/apps/domain/lib/domain/encrypted/binary.ex @@ -0,0 +1,7 @@ +defmodule Domain.Encrypted.Binary do + @moduledoc """ + Configures how to encrpyt Binaries to the DB. + """ + + use Cloak.Ecto.Binary, vault: Domain.Vault +end diff --git a/apps/domain/lib/domain/encrypted/map.ex b/apps/domain/lib/domain/encrypted/map.ex new file mode 100644 index 000000000..10a170727 --- /dev/null +++ b/apps/domain/lib/domain/encrypted/map.ex @@ -0,0 +1,7 @@ +defmodule Domain.Encrypted.Map do + @moduledoc """ + Configures how to encrpyt Maps to the DB. + """ + + use Cloak.Ecto.Map, vault: Domain.Vault +end diff --git a/apps/domain/fz_http/name_generator.ex b/apps/domain/lib/domain/name_generator.ex similarity index 99% rename from apps/domain/fz_http/name_generator.ex rename to apps/domain/lib/domain/name_generator.ex index 8ad9823dc..41041f4cd 100644 --- a/apps/domain/fz_http/name_generator.ex +++ b/apps/domain/lib/domain/name_generator.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.NameGenerator do +defmodule Domain.NameGenerator do @adjectives ~w( abandoned able absolute adorable adventurous academic acceptable acclaimed accomplished accurate aching acidic acrobatic active actual adept admirable admired adolescent adorable diff --git a/apps/domain/lib/domain/notifications.ex b/apps/domain/lib/domain/notifications.ex new file mode 100644 index 000000000..118cf0d25 --- /dev/null +++ b/apps/domain/lib/domain/notifications.ex @@ -0,0 +1,97 @@ +defmodule Domain.Notifications do + @moduledoc """ + Notification notifications for notifications live view. + """ + use GenServer + alias Phoenix.PubSub + + @topic "notifications_live" + + def start_link(opts \\ []) do + GenServer.start_link(__MODULE__, [], opts) + end + + @doc """ + Gets a list of current notifications. + """ + def current, do: current(__MODULE__) + def current(nil), do: current() + def current(pid), do: GenServer.call(pid, :current) + + @doc """ + Add a notification. + """ + def add(notification), do: add(__MODULE__, notification) + def add(nil, notification), do: add(notification) + def add(pid, notification), do: GenServer.call(pid, {:add, notification}) + + @doc """ + Clear all notifications. + """ + def clear_all, do: clear_all(__MODULE__) + def clear_all(nil), do: clear_all() + def clear_all(pid), do: GenServer.call(pid, :clear_all) + + @doc """ + Clear the given notification. + """ + def clear(notification), do: clear(__MODULE__, notification) + def clear(nil, notification), do: clear(notification) + def clear(pid, notification), do: GenServer.call(pid, {:clear, notification}) + + @doc """ + Clear a notification at the given index. + """ + def clear_at(index), do: clear_at(__MODULE__, index) + def clear_at(nil, index), do: clear_at(index) + def clear_at(pid, index), do: GenServer.call(pid, {:clear_at, index}) + + defp broadcast(notifications) do + PubSub.broadcast( + Domain.PubSub, + @topic, + {:notifications, notifications} + ) + end + + @impl GenServer + def init(notifications) do + {:ok, notifications} + end + + @impl GenServer + def handle_call(:current, _from, notifications) do + {:reply, notifications, notifications} + end + + @impl GenServer + def handle_call({:add, notification}, _from, notifications) do + new_notifications = [notification | notifications] + broadcast(new_notifications) + + {:reply, :ok, new_notifications} + end + + @impl GenServer + def handle_call(:clear_all, _from, _notifications) do + broadcast([]) + + {:reply, :ok, []} + end + + @impl GenServer + def handle_call({:clear, notification}, _from, notifications) do + new_notifications = Enum.reject(notifications, &(&1 == notification)) + broadcast(new_notifications) + + {:reply, :ok, new_notifications} + end + + @impl GenServer + def handle_call({:clear_at, index}, _from, notifications) do + {_, new_notifications} = List.pop_at(notifications, index) + broadcast(new_notifications) + + {:reply, :ok, new_notifications} + end +end diff --git a/apps/domain/fz_http/release.ex b/apps/domain/lib/domain/release.ex similarity index 66% rename from apps/domain/fz_http/release.ex rename to apps/domain/lib/domain/release.ex index b9bee2d7d..c8884794a 100644 --- a/apps/domain/fz_http/release.ex +++ b/apps/domain/lib/domain/release.ex @@ -1,17 +1,18 @@ -defmodule FzHttp.Release do - alias FzHttp.{ApiTokens, Users} +defmodule Domain.Release do + alias Domain.{ApiTokens, Users} require Logger - def migrate do - load_app() + @app :domain + @repos Application.compile_env!(:domain, :ecto_repos) - for repo <- FzHttp.Config.fetch_env!(:fz_http, :ecto_repos) do + def migrate do + for repo <- @repos do {:ok, _, _} = Ecto.Migrator.with_repo(repo, &Ecto.Migrator.run(&1, :up, all: true)) end end def create_admin_user do - boot_database_app() + start_domain_app() email = email() @@ -48,7 +49,7 @@ defmodule FzHttp.Release do end def create_api_token(device \\ :stdio) do - boot_database_app() + start_domain_app() device |> IO.write(default_admin_user() |> mint_jwt()) @@ -69,16 +70,8 @@ defmodule FzHttp.Release do Users.update_user(user, %{role: role}) end - def repos do - FzHttp.Config.fetch_env!(:fz_http, :ecto_repos) - end - defp email do - FzHttp.Config.fetch_env!(:fz_http, :admin_email) - end - - defp set_supervision_tree_mode(mode) do - Application.put_env(:fz_http, :supervision_tree_mode, mode) + Domain.Config.fetch_env!(:domain, :admin_email) end defp default_admin_user do @@ -90,29 +83,19 @@ defmodule FzHttp.Release do defp mint_jwt(%Users.User{} = user) do {:ok, api_token} = ApiTokens.create_api_token(user, %{}) - {:ok, secret, _claims} = FzHttpWeb.Auth.JSON.Authentication.fz_encode_and_sign(api_token) + {:ok, secret, _claims} = Web.Auth.JSON.Authentication.fz_encode_and_sign(api_token) secret end - defp boot_database_app do - load_app() - set_supervision_tree_mode(:database) - start_app() - end + defp start_domain_app do + # Load the app + :ok = Application.ensure_loaded(@app) - defp load_app do - Application.load(:fz_http) - - # Fixes ssl startup when connecting to SSL DBs. - # See https://elixirforum.com/t/ssl-connection-cannot-be-established-using-elixir-releases/25444/5 - Application.ensure_all_started(:ssl) - end - - defp start_app do - Application.ensure_all_started(:fz_http) + # Start the app dependencies + {:ok, _apps} = Application.ensure_all_started(@app) end defp default_password do - FzHttp.Config.fetch_env!(:fz_http, :default_admin_password) + Domain.Config.fetch_env!(:domain, :default_admin_password) end end diff --git a/apps/domain/fz_http/repo.ex b/apps/domain/lib/domain/repo.ex similarity index 95% rename from apps/domain/fz_http/repo.ex rename to apps/domain/lib/domain/repo.ex index b9a725351..1616b9425 100644 --- a/apps/domain/fz_http/repo.ex +++ b/apps/domain/lib/domain/repo.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Repo do +defmodule Domain.Repo do use Ecto.Repo, - otp_app: :fz_http, + otp_app: :domain, adapter: Ecto.Adapters.Postgres @doc """ diff --git a/apps/domain/fz_http/rules.ex b/apps/domain/lib/domain/rules.ex similarity index 89% rename from apps/domain/fz_http/rules.ex rename to apps/domain/lib/domain/rules.ex index e8524c93b..5b7a62b95 100644 --- a/apps/domain/fz_http/rules.ex +++ b/apps/domain/lib/domain/rules.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Rules do - alias FzHttp.{Repo, Auth, Validator, Telemetry} - alias FzHttp.Rules.{Authorizer, Rule} +defmodule Domain.Rules do + alias Domain.{Repo, Auth, Validator, Telemetry} + alias Domain.Rules.{Authorizer, Rule} def fetch_count_by_user_id(user_id, %Auth.Subject{} = subject) do if Validator.valid_uuid?(user_id) do @@ -99,19 +99,13 @@ defmodule FzHttp.Rules do } end - def port_rules_supported?, do: FzHttp.Config.fetch_env!(:fz_wall, :port_based_rules_supported) - def as_settings do - port_rules_supported?() - |> scope() + Rule.Query.by_empty_port_type() |> Repo.all() |> Enum.map(&setting_projection/1) |> MapSet.new() end - defp scope(true), do: Rule.Query.all() - defp scope(false), do: Rule.Query.by_empty_port_type() - def allowlist do Rule.Query.by_action(:accept) |> Repo.all() diff --git a/apps/domain/fz_http/rules/authorizer.ex b/apps/domain/lib/domain/rules/authorizer.ex similarity index 71% rename from apps/domain/fz_http/rules/authorizer.ex rename to apps/domain/lib/domain/rules/authorizer.ex index 146c2830d..498e393b1 100644 --- a/apps/domain/fz_http/rules/authorizer.ex +++ b/apps/domain/lib/domain/rules/authorizer.ex @@ -1,10 +1,10 @@ -defmodule FzHttp.Rules.Authorizer do - use FzHttp.Auth.Authorizer - alias FzHttp.Rules.Rule +defmodule Domain.Rules.Authorizer do + use Domain.Auth.Authorizer + alias Domain.Rules.Rule def manage_rules_permission, do: build(Rule, :manage) - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def list_permissions_for_role(:admin) do [ manage_rules_permission() @@ -15,7 +15,7 @@ defmodule FzHttp.Rules.Authorizer do [] end - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def for_subject(queryable, %Subject{} = subject) when is_user(subject) do cond do has_permission?(subject, manage_rules_permission()) -> diff --git a/apps/domain/lib/domain/rules/rule.ex b/apps/domain/lib/domain/rules/rule.ex new file mode 100644 index 000000000..aa30e87c1 --- /dev/null +++ b/apps/domain/lib/domain/rules/rule.ex @@ -0,0 +1,14 @@ +defmodule Domain.Rules.Rule do + use Domain, :schema + + schema "rules" do + field :action, Ecto.Enum, values: [:drop, :accept], default: :drop + field :destination, Domain.Types.INET + field :port_type, Ecto.Enum, values: [:tcp, :udp] + field :port_range, Domain.Types.Int4Range + + belongs_to :user, Domain.Users.User + + timestamps() + end +end diff --git a/apps/domain/fz_http/rules/rule/changeset.ex b/apps/domain/lib/domain/rules/rule/changeset.ex similarity index 80% rename from apps/domain/fz_http/rules/rule/changeset.ex rename to apps/domain/lib/domain/rules/rule/changeset.ex index 18987eb57..0b8cae0ad 100644 --- a/apps/domain/fz_http/rules/rule/changeset.ex +++ b/apps/domain/lib/domain/rules/rule/changeset.ex @@ -1,13 +1,12 @@ -defmodule FzHttp.Rules.Rule.Changeset do - use FzHttp, :changeset - alias FzHttp.Rules.Rule +defmodule Domain.Rules.Rule.Changeset do + use Domain, :changeset + alias Domain.Rules.Rule @exclusion_msg "destination overlaps with an existing rule" @port_range_msg "port is not within valid range" @port_type_msg "port_type must be specified with port_range" @fields ~w[action destination port_type port_range user_id]a - @port_based_fields ~w[port_type port_range]a @required_fields ~w[action destination]a def create_changeset(attrs) do @@ -15,15 +14,8 @@ defmodule FzHttp.Rules.Rule.Changeset do end def update_changeset(rule, attrs) do - fields = - if FzHttp.Rules.port_rules_supported?() do - @fields - else - @fields -- @port_based_fields - end - rule - |> cast(attrs, fields) + |> cast(attrs, @fields) |> validate_required(@required_fields) |> validate_required_group(~w[port_range port_type]a) |> check_constraint(:port_range, diff --git a/apps/domain/fz_http/rules/rule/query.ex b/apps/domain/lib/domain/rules/rule/query.ex similarity index 81% rename from apps/domain/fz_http/rules/rule/query.ex rename to apps/domain/lib/domain/rules/rule/query.ex index aa1ac29bd..9f7125889 100644 --- a/apps/domain/fz_http/rules/rule/query.ex +++ b/apps/domain/lib/domain/rules/rule/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Rules.Rule.Query do - use FzHttp, :query +defmodule Domain.Rules.Rule.Query do + use Domain, :query def all do - from(rules in FzHttp.Rules.Rule, as: :rules) + from(rules in Domain.Rules.Rule, as: :rules) end def by_id(queryable \\ all(), id) do diff --git a/apps/domain/fz_http/telemetry.ex b/apps/domain/lib/domain/telemetry.ex similarity index 86% rename from apps/domain/fz_http/telemetry.ex rename to apps/domain/lib/domain/telemetry.ex index a9318c8fa..cb6054c44 100644 --- a/apps/domain/fz_http/telemetry.ex +++ b/apps/domain/lib/domain/telemetry.ex @@ -1,10 +1,10 @@ -defmodule FzHttp.Telemetry do +defmodule Domain.Telemetry do @moduledoc """ Functions for various telemetry events. """ use Supervisor - alias FzHttp.{Devices, Auth.MFA, Users} - alias FzHttp.Telemetry.{Timer, PostHog} + alias Domain.{Devices, Auth.MFA, Users} + alias Domain.Telemetry.{Timer, PostHog} require Logger def start_link(opts) do @@ -12,7 +12,7 @@ defmodule FzHttp.Telemetry do end def init(_opts) do - config = FzHttp.Config.fetch_env!(:fz_http, FzHttp.Telemetry) + config = Domain.Config.fetch_env!(:domain, Domain.Telemetry) if Keyword.fetch!(config, :enabled) == true do children = [Timer] @@ -79,8 +79,8 @@ defmodule FzHttp.Telemetry do :ok end - def fz_http_started do - PostHog.capture("fz_http_started", common_fields()) + def domain_started do + PostHog.capture("domain_started", common_fields()) :ok end @@ -101,7 +101,7 @@ defmodule FzHttp.Telemetry do disable_vpn_on_oidc_error: {_, disable_vpn_on_oidc_error}, logo: {_, logo} } = - FzHttp.Config.fetch_source_and_configs!([ + Domain.Config.fetch_source_and_configs!([ :openid_connect_providers, :saml_identity_providers, :allow_unprivileged_device_management, @@ -127,10 +127,10 @@ defmodule FzHttp.Telemetry do unprivileged_device_configuration: allow_unprivileged_device_configuration, local_authentication: local_auth_enabled, disable_vpn_on_oidc_error: disable_vpn_on_oidc_error, - outbound_email: FzHttpWeb.Mailer.active?(), + outbound_email: Web.Mailer.active?(), external_database: - external_database?(Map.new(FzHttp.Config.fetch_env!(:fz_http, FzHttp.Repo))), - logo_type: FzHttp.Config.Logo.type(logo) + external_database?(Map.new(Domain.Config.fetch_env!(:domain, Domain.Repo))), + logo_type: Domain.Config.Logo.type(logo) ] end @@ -148,19 +148,19 @@ defmodule FzHttp.Telemetry do end def id do - FzHttp.Config.fetch_env!(:fz_http, __MODULE__) + Domain.Config.fetch_env!(:domain, __MODULE__) |> Keyword.fetch!(:id) end defp fqdn do - :fz_http - |> FzHttp.Config.fetch_env!(FzHttpWeb.Endpoint) + :web + |> Domain.Config.fetch_env!(Web.Endpoint) |> Keyword.get(:url) |> Keyword.get(:host) end defp version do - Application.spec(:fz_http, :vsn) |> to_string() + Application.spec(:domain, :vsn) |> to_string() end defp external_database?(repo_conf) when is_map_key(repo_conf, :hostname) do diff --git a/apps/domain/fz_http/telemetry/posthog.ex b/apps/domain/lib/domain/telemetry/posthog.ex similarity index 91% rename from apps/domain/fz_http/telemetry/posthog.ex rename to apps/domain/lib/domain/telemetry/posthog.ex index e17e117c9..ab13aeaaa 100644 --- a/apps/domain/fz_http/telemetry/posthog.ex +++ b/apps/domain/lib/domain/telemetry/posthog.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Telemetry.PostHog do +defmodule Domain.Telemetry.PostHog do require Logger def capture(event, metadata) do diff --git a/apps/domain/fz_http/telemetry/timer.ex b/apps/domain/lib/domain/telemetry/timer.ex similarity index 91% rename from apps/domain/fz_http/telemetry/timer.ex rename to apps/domain/lib/domain/telemetry/timer.ex index d19ac87e9..159317907 100644 --- a/apps/domain/fz_http/telemetry/timer.ex +++ b/apps/domain/lib/domain/telemetry/timer.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Telemetry.Timer do +defmodule Domain.Telemetry.Timer do use GenServer - alias FzHttp.Telemetry + alias Domain.Telemetry @initial_delay 60 * 1_000 @interval 43_200 diff --git a/apps/domain/fz_http/types/cidr.ex b/apps/domain/lib/domain/types/cidr.ex similarity index 97% rename from apps/domain/fz_http/types/cidr.ex rename to apps/domain/lib/domain/types/cidr.ex index 223a57257..209757c57 100644 --- a/apps/domain/fz_http/types/cidr.ex +++ b/apps/domain/lib/domain/types/cidr.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Types.CIDR do +defmodule Domain.Types.CIDR do @moduledoc """ Ecto type implementation for CIDR's based on `Postgrex.INET` type, it required netmask to be always set. """ @@ -147,5 +147,5 @@ defmodule FzHttp.Types.CIDR do def load(%Postgrex.INET{} = inet), do: {:ok, inet} def load(_), do: :error - def to_string(%Postgrex.INET{} = inet), do: FzHttp.Types.INET.to_string(inet) + def to_string(%Postgrex.INET{} = inet), do: Domain.Types.INET.to_string(inet) end diff --git a/apps/domain/fz_http/types/inet.ex b/apps/domain/lib/domain/types/inet.ex similarity index 98% rename from apps/domain/fz_http/types/inet.ex rename to apps/domain/lib/domain/types/inet.ex index 269875c7e..eb7f73d09 100644 --- a/apps/domain/fz_http/types/inet.ex +++ b/apps/domain/lib/domain/types/inet.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Types.INET do +defmodule Domain.Types.INET do @moduledoc """ INET is an implementation for native PostgreSQL `inet` type which can hold either a CIDR (IP with a netmask) or just an IP address (with empty netmask). diff --git a/apps/domain/fz_http/types/int4range.ex b/apps/domain/lib/domain/types/int4range.ex similarity index 98% rename from apps/domain/fz_http/types/int4range.ex rename to apps/domain/lib/domain/types/int4range.ex index 257664756..7a3b465a6 100644 --- a/apps/domain/fz_http/types/int4range.ex +++ b/apps/domain/lib/domain/types/int4range.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Types.Int4Range do +defmodule Domain.Types.Int4Range do @moduledoc """ Ecto type for Postgres' Int4Range type.any() diff --git a/apps/domain/fz_http/types/ip.ex b/apps/domain/lib/domain/types/ip.ex similarity index 83% rename from apps/domain/fz_http/types/ip.ex rename to apps/domain/lib/domain/types/ip.ex index 5f16eaca4..9e9a9343b 100644 --- a/apps/domain/fz_http/types/ip.ex +++ b/apps/domain/lib/domain/types/ip.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Types.IP do +defmodule Domain.Types.IP do @moduledoc """ Ecto type implementation for IP's based on `Postgrex.INET` type, it always ignores netmask by setting it to `nil`. @@ -14,7 +14,7 @@ defmodule FzHttp.Types.IP do def cast(%Postgrex.INET{} = inet), do: {:ok, inet} def cast(binary) when is_binary(binary) do - with {:ok, address} <- FzHttp.Types.IPPort.cast_address(binary) do + with {:ok, address} <- Domain.Types.IPPort.cast_address(binary) do {:ok, %Postgrex.INET{address: address, netmask: nil}} else {:error, _reason} -> {:error, message: "is invalid"} @@ -30,5 +30,5 @@ defmodule FzHttp.Types.IP do def load(_), do: :error def to_string(ip) when is_binary(ip), do: ip - def to_string(%Postgrex.INET{} = inet), do: FzHttp.Types.INET.to_string(inet) + def to_string(%Postgrex.INET{} = inet), do: Domain.Types.INET.to_string(inet) end diff --git a/apps/domain/fz_http/types/ip_port.ex b/apps/domain/lib/domain/types/ip_port.ex similarity index 98% rename from apps/domain/fz_http/types/ip_port.ex rename to apps/domain/lib/domain/types/ip_port.ex index e7a821944..e6e932167 100644 --- a/apps/domain/fz_http/types/ip_port.ex +++ b/apps/domain/lib/domain/types/ip_port.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Types.IPPort do +defmodule Domain.Types.IPPort do @behaviour Ecto.Type defstruct [:type, :address, :port] diff --git a/apps/domain/lib/domain/types/protocols.ex b/apps/domain/lib/domain/types/protocols.ex new file mode 100644 index 000000000..df6c39112 --- /dev/null +++ b/apps/domain/lib/domain/types/protocols.ex @@ -0,0 +1,21 @@ +defimpl String.Chars, for: Postgrex.INET do + def to_string(%Postgrex.INET{} = inet), do: Domain.Types.INET.to_string(inet) +end + +defimpl Phoenix.HTML.Safe, for: Postgrex.INET do + def to_iodata(%Postgrex.INET{} = inet), do: Domain.Types.INET.to_string(inet) +end + +defimpl Jason.Encoder, for: Postgrex.INET do + def encode(%Postgrex.INET{} = struct, opts) do + Jason.Encode.string("#{struct}", opts) + end +end + +defimpl String.Chars, for: Domain.Types.IPPort do + def to_string(%Domain.Types.IPPort{} = ip_port), do: Domain.Types.IPPort.to_string(ip_port) +end + +defimpl Phoenix.HTML.Safe, for: Domain.Types.IPPort do + def to_iodata(%Domain.Types.IPPort{} = ip_port), do: Domain.Types.IPPort.to_string(ip_port) +end diff --git a/apps/domain/fz_http/users.ex b/apps/domain/lib/domain/users.ex similarity index 94% rename from apps/domain/fz_http/users.ex rename to apps/domain/lib/domain/users.ex index 218fa6cf7..ed30abda4 100644 --- a/apps/domain/fz_http/users.ex +++ b/apps/domain/lib/domain/users.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.Users do - alias FzHttp.{Repo, Auth, Validator, Config, Telemetry} - alias FzHttp.Users.{Authorizer, User} +defmodule Domain.Users do + alias Domain.{Repo, Auth, Validator, Config, Telemetry} + alias Domain.Users.{Authorizer, User} require Ecto.Query def count do @@ -85,7 +85,7 @@ defmodule FzHttp.Users do end def consume_sign_in_token(%User{} = user, token) when is_binary(token) do - if FzHttp.Crypto.equal?(token, user.sign_in_token_hash) do + if Domain.Crypto.equal?(token, user.sign_in_token_hash) do User.Query.by_id(user.id) |> User.Query.where_sign_in_token_is_not_expired() |> Ecto.Query.update(set: [sign_in_token_hash: nil, sign_in_token_created_at: nil]) @@ -151,8 +151,8 @@ defmodule FzHttp.Users do |> Repo.update() |> case do {:ok, user} -> - FzHttp.Telemetry.disable_user() - FzHttpWeb.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) + Domain.Telemetry.disable_user() + Web.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) {:ok, user} {:error, reason} -> diff --git a/apps/domain/fz_http/users/authorizer.ex b/apps/domain/lib/domain/users/authorizer.ex similarity index 79% rename from apps/domain/fz_http/users/authorizer.ex rename to apps/domain/lib/domain/users/authorizer.ex index ed66db443..cd41f4f86 100644 --- a/apps/domain/fz_http/users/authorizer.ex +++ b/apps/domain/lib/domain/users/authorizer.ex @@ -1,11 +1,11 @@ -defmodule FzHttp.Users.Authorizer do - use FzHttp.Auth.Authorizer - alias FzHttp.Users.User +defmodule Domain.Users.Authorizer do + use Domain.Auth.Authorizer + alias Domain.Users.User def manage_users_permission, do: build(User, :manage) def edit_own_profile_permission, do: build(User, :edit_own_profile) - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def list_permissions_for_role(:admin) do [ manage_users_permission(), @@ -23,7 +23,7 @@ defmodule FzHttp.Users.Authorizer do [] end - @impl FzHttp.Auth.Authorizer + @impl Domain.Auth.Authorizer def for_subject(queryable, %Subject{} = subject) when is_user(subject) do cond do has_permission?(subject, manage_users_permission()) -> diff --git a/apps/domain/fz_http/users/user.ex b/apps/domain/lib/domain/users/user.ex similarity index 77% rename from apps/domain/fz_http/users/user.ex rename to apps/domain/lib/domain/users/user.ex index 840353202..98496f187 100644 --- a/apps/domain/fz_http/users/user.ex +++ b/apps/domain/lib/domain/users/user.ex @@ -1,5 +1,5 @@ -defmodule FzHttp.Users.User do - use FzHttp, :schema +defmodule Domain.Users.User do + use Domain, :schema schema "users" do field :role, Ecto.Enum, values: [:unprivileged, :admin] @@ -20,9 +20,9 @@ defmodule FzHttp.Users.User do # Virtual fields that can be hydrated field :device_count, :integer, virtual: true - has_many :devices, FzHttp.Devices.Device - has_many :oidc_connections, FzHttp.Auth.OIDC.Connection - has_many :api_tokens, FzHttp.ApiTokens.ApiToken + has_many :devices, Domain.Devices.Device + has_many :oidc_connections, Domain.Auth.OIDC.Connection + has_many :api_tokens, Domain.ApiTokens.ApiToken field :disabled_at, :utc_datetime_usec timestamps() diff --git a/apps/domain/fz_http/users/user/changeset.ex b/apps/domain/lib/domain/users/user/changeset.ex similarity index 92% rename from apps/domain/fz_http/users/user/changeset.ex rename to apps/domain/lib/domain/users/user/changeset.ex index fbb60bff8..85bc9e2c6 100644 --- a/apps/domain/fz_http/users/user/changeset.ex +++ b/apps/domain/lib/domain/users/user/changeset.ex @@ -1,7 +1,7 @@ -defmodule FzHttp.Users.User.Changeset do - use FzHttp, :changeset - alias FzHttp.Auth - alias FzHttp.Users +defmodule Domain.Users.User.Changeset do + use Domain, :changeset + alias Domain.Auth + alias Domain.Users @min_password_length 12 @max_password_length 64 @@ -75,7 +75,7 @@ defmodule FzHttp.Users.User.Changeset do def generate_sign_in_token(%Users.User{} = user) do user |> change() - |> put_change(:sign_in_token, FzHttp.Crypto.rand_string()) + |> put_change(:sign_in_token, Domain.Crypto.rand_string()) |> put_hash(:sign_in_token, to: :sign_in_token_hash) |> put_change(:sign_in_token_created_at, DateTime.utc_now()) end diff --git a/apps/domain/fz_http/users/user/query.ex b/apps/domain/lib/domain/users/user/query.ex similarity index 92% rename from apps/domain/fz_http/users/user/query.ex rename to apps/domain/lib/domain/users/user/query.ex index 0b8d284d2..c0371d17a 100644 --- a/apps/domain/fz_http/users/user/query.ex +++ b/apps/domain/lib/domain/users/user/query.ex @@ -1,8 +1,8 @@ -defmodule FzHttp.Users.User.Query do - use FzHttp, :query +defmodule Domain.Users.User.Query do + use Domain, :query def all do - from(users in FzHttp.Users.User, as: :users) + from(users in Domain.Users.User, as: :users) end def by_id(queryable \\ all(), id) diff --git a/apps/domain/fz_http/validator.ex b/apps/domain/lib/domain/validator.ex similarity index 97% rename from apps/domain/fz_http/validator.ex rename to apps/domain/lib/domain/validator.ex index 5a6574a60..90a7a4847 100644 --- a/apps/domain/fz_http/validator.ex +++ b/apps/domain/lib/domain/validator.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.Validator do +defmodule Domain.Validator do @doc """ A set of changeset helpers and schema extensions to simplify our changesets and make validation more reliable. """ @@ -156,7 +156,7 @@ defmodule FzHttp.Validator do def validate_in_cidr(changeset, ip_field, cidr) do validate_change(changeset, ip_field, fn _ip_field, ip -> - if FzHttp.Types.CIDR.contains?(cidr, ip) do + if Domain.Types.CIDR.contains?(cidr, ip) do [] else [{ip_field, "is not in the CIDR #{cidr}"}] @@ -166,7 +166,7 @@ defmodule FzHttp.Validator do def validate_cidr(changeset, field, _opts \\ []) do validate_change(changeset, field, fn _current_field, value -> - case FzHttp.Types.CIDR.cast(value) do + case Domain.Types.CIDR.cast(value) do {:ok, _cidr} -> [] @@ -226,7 +226,7 @@ defmodule FzHttp.Validator do def put_hash(%Ecto.Changeset{} = changeset, value_field, to: hash_field) do with {:ok, value} when is_binary(value) and value != "" <- fetch_change(changeset, value_field) do - put_change(changeset, hash_field, FzHttp.Crypto.hash(value)) + put_change(changeset, hash_field, Domain.Crypto.hash(value)) else _ -> changeset end @@ -238,7 +238,7 @@ defmodule FzHttp.Validator do def validate_hash(changeset, value_field, hash_field: hash_field) do with {:data, hash} <- fetch_field(changeset, hash_field) do validate_change(changeset, value_field, fn value_field, token -> - if FzHttp.Crypto.equal?(token, hash) do + if Domain.Crypto.equal?(token, hash) do [] else [{value_field, {"is invalid", [validation: :hash]}}] diff --git a/apps/domain/lib/domain/vault.ex b/apps/domain/lib/domain/vault.ex new file mode 100644 index 000000000..cc15b9c9f --- /dev/null +++ b/apps/domain/lib/domain/vault.ex @@ -0,0 +1,6 @@ +defmodule Domain.Vault do + @moduledoc """ + Manages encrypted DB fields. + """ + use Cloak.Vault, otp_app: :domain +end diff --git a/apps/domain/mix.exs b/apps/domain/mix.exs new file mode 100644 index 000000000..ce921da68 --- /dev/null +++ b/apps/domain/mix.exs @@ -0,0 +1,86 @@ +defmodule Domain.MixProject do + use Mix.Project + + def project do + [ + app: :domain, + version: version(), + build_path: "../../_build", + config_path: "../../config/config.exs", + deps_path: "../../deps", + lockfile: "../../mix.lock", + elixir: "~> 1.12", + elixirc_paths: elixirc_paths(Mix.env()), + compilers: Mix.compilers(), + start_permanent: Mix.env() == :prod, + test_coverage: [tool: ExCoveralls], + preferred_cli_env: [ + coveralls: :test, + "coveralls.detail": :test, + "coveralls.post": :test, + "coveralls.html": :test + ], + aliases: aliases(), + deps: deps() + ] + end + + def version do + # Use dummy version for dev and test + System.get_env("VERSION", "0.0.0+git.0.deadbeef") + end + + def application do + [ + mod: {Domain.Application, []}, + extra_applications: [ + :logger, + :runtime_tools + ] + ] + end + + # Specifies which paths to compile per environment. + defp elixirc_paths(:test), do: ["test/support", "lib"] + defp elixirc_paths(_), do: ["lib"] + + defp deps do + [ + # Ecto-related deps + {:postgrex, "~> 0.16"}, + {:decimal, "~> 2.0"}, + {:ecto_sql, "~> 3.7"}, + {:cloak, "~> 1.1"}, + {:cloak_ecto, "~> 1.2"}, + + # PubSub + {:phoenix_pubsub, "~> 2.0"}, + + # Auth-related deps + {:plug_crypto, "~> 1.2"}, + {:openid_connect, github: "firezone/openid_connect", branch: "master"}, + {:argon2_elixir, "~> 2.0"}, + {:nimble_totp, "~> 0.2"}, + + # Other deps + {:telemetry, "~> 1.0"}, + {:posthog, "~> 0.1"}, + + # Runtime debugging + {:recon, "~> 2.5"}, + {:observer_cli, "~> 1.7"}, + + # Test and dev deps + {:bypass, "~> 2.1", only: :test} + ] + end + + defp aliases do + [ + "ecto.seed": ["ecto.create", "ecto.migrate", "run priv/repo/seeds.exs"], + "ecto.setup": ["ecto.create", "ecto.migrate"], + "ecto.reset": ["ecto.drop", "ecto.setup"], + test: ["ecto.create --quiet", "ecto.migrate", "test"] + ] + end +end diff --git a/apps/web/test/fz_http/api_tokens_test.exs b/apps/domain/test/domain/api_tokens_test.exs similarity index 98% rename from apps/web/test/fz_http/api_tokens_test.exs rename to apps/domain/test/domain/api_tokens_test.exs index 6aaaa1c97..59a6ab363 100644 --- a/apps/web/test/fz_http/api_tokens_test.exs +++ b/apps/domain/test/domain/api_tokens_test.exs @@ -1,10 +1,10 @@ -defmodule FzHttp.ApiTokensTest do - use FzHttp.DataCase, async: true - import FzHttp.ApiTokens - alias FzHttp.ApiTokens.{ApiToken, Authorizer} - alias FzHttp.ApiTokensFixtures - alias FzHttp.SubjectFixtures - alias FzHttp.UsersFixtures +defmodule Domain.ApiTokensTest do + use Domain.DataCase, async: true + import Domain.ApiTokens + alias Domain.ApiTokens.{ApiToken, Authorizer} + alias Domain.ApiTokensFixtures + alias Domain.SubjectFixtures + alias Domain.UsersFixtures setup do user = UsersFixtures.create_user_with_role(:admin) diff --git a/apps/web/test/fz_http/auth/mfa_test.exs b/apps/domain/test/domain/auth/mfa_test.exs similarity index 98% rename from apps/web/test/fz_http/auth/mfa_test.exs rename to apps/domain/test/domain/auth/mfa_test.exs index 06265aaef..ae2b8a453 100644 --- a/apps/web/test/fz_http/auth/mfa_test.exs +++ b/apps/domain/test/domain/auth/mfa_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttp.Auth.MFATest do - use FzHttp.DataCase, async: true - alias FzHttp.UsersFixtures - alias FzHttp.MFAFixtures - alias FzHttp.Auth.MFA +defmodule Domain.Auth.MFATest do + use Domain.DataCase, async: true + alias Domain.UsersFixtures + alias Domain.MFAFixtures + alias Domain.Auth.MFA describe "count_users_with_mfa_enabled/0" do test "returns 0 when there are no methods" do diff --git a/apps/web/test/fz_http/auth/oidc/refresher_test.exs b/apps/domain/test/domain/auth/oidc/refresher_test.exs similarity index 72% rename from apps/web/test/fz_http/auth/oidc/refresher_test.exs rename to apps/domain/test/domain/auth/oidc/refresher_test.exs index 549e01a43..f84f8b052 100644 --- a/apps/web/test/fz_http/auth/oidc/refresher_test.exs +++ b/apps/domain/test/domain/auth/oidc/refresher_test.exs @@ -1,14 +1,14 @@ -defmodule FzHttp.Auth.OIDC.RefresherTest do - use FzHttp.DataCase, async: true - alias FzHttp.Auth.OIDC.Refresher - alias FzHttp.UsersFixtures +defmodule Domain.Auth.OIDC.RefresherTest do + use Domain.DataCase, async: true + alias Domain.Auth.OIDC.Refresher + alias Domain.UsersFixtures setup do user = UsersFixtures.create_user_with_role(:admin) - {bypass, [provider_attrs]} = FzHttp.ConfigFixtures.start_openid_providers(["google"]) + {bypass, [provider_attrs]} = Domain.ConfigFixtures.start_openid_providers(["google"]) conn = - Repo.insert!(%FzHttp.Auth.OIDC.Connection{ + Repo.insert!(%Domain.Auth.OIDC.Connection{ user_id: user.id, provider: "google", refresh_token: "REFRESH_TOKEN" @@ -19,7 +19,7 @@ defmodule FzHttp.Auth.OIDC.RefresherTest do describe "refresh failed" do test "disable user", %{user: user, conn: conn, bypass: bypass} do - FzHttp.ConfigFixtures.expect_refresh_token_failure(bypass) + Domain.ConfigFixtures.expect_refresh_token_failure(bypass) assert Refresher.refresh(user.id) == {:stop, :shutdown, user.id} user = Repo.reload(user) @@ -32,7 +32,7 @@ defmodule FzHttp.Auth.OIDC.RefresherTest do describe "refresh succeeded" do test "does not change user", %{user: user, conn: conn, bypass: bypass} do - FzHttp.ConfigFixtures.expect_refresh_token(bypass) + Domain.ConfigFixtures.expect_refresh_token(bypass) assert Refresher.refresh(user.id) == {:stop, :shutdown, user.id} user = Repo.reload(user) diff --git a/apps/web/test/fz_http/auth_test.exs b/apps/domain/test/domain/auth_test.exs similarity index 93% rename from apps/web/test/fz_http/auth_test.exs rename to apps/domain/test/domain/auth_test.exs index b362ebc46..637841831 100644 --- a/apps/web/test/fz_http/auth_test.exs +++ b/apps/domain/test/domain/auth_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttp.AuthTest do - use FzHttp.DataCase - import FzHttp.Auth - alias FzHttp.ConfigFixtures +defmodule Domain.AuthTest do + use Domain.DataCase + import Domain.Auth + alias Domain.ConfigFixtures describe "fetch_oidc_provider_config/1" do test "returns error when provider does not exist" do @@ -25,7 +25,7 @@ defmodule FzHttp.AuthTest do end test "puts default redirect_uri" do - FzHttp.Config.put_env_override(:external_url, "http://foo.bar.com/") + Domain.Config.put_env_override(:web, :external_url, "http://foo.bar.com/") {_bypass, [attrs]} = ConfigFixtures.start_openid_providers(["google"], %{"redirect_uri" => nil}) diff --git a/apps/web/test/fz_http/config/caster_test.exs b/apps/domain/test/domain/config/caster_test.exs similarity index 96% rename from apps/web/test/fz_http/config/caster_test.exs rename to apps/domain/test/domain/config/caster_test.exs index 27c731d69..c83109658 100644 --- a/apps/web/test/fz_http/config/caster_test.exs +++ b/apps/domain/test/domain/config/caster_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttp.Config.CasterTest do +defmodule Domain.Config.CasterTest do use ExUnit.Case, async: true - import FzHttp.Config.Caster + import Domain.Config.Caster describe "cast/2" do test "casts a binary to an array of integers" do diff --git a/apps/web/test/fz_http/config/definition_test.exs b/apps/domain/test/domain/config/definition_test.exs similarity index 93% rename from apps/web/test/fz_http/config/definition_test.exs rename to apps/domain/test/domain/config/definition_test.exs index 37522c9c1..754a83d3f 100644 --- a/apps/web/test/fz_http/config/definition_test.exs +++ b/apps/domain/test/domain/config/definition_test.exs @@ -1,15 +1,15 @@ -defmodule FzHttp.Config.DefinitionTest do +defmodule Domain.Config.DefinitionTest do use ExUnit.Case, async: true - import FzHttp.Config.Definition + import Domain.Config.Definition defmodule InvalidDefinitions do - use FzHttp.Config.Definition + use Domain.Config.Definition defconfig(:required, Types.IP, foo: :bar) end defmodule Definitions do - use FzHttp.Config.Definition + use Domain.Config.Definition defconfig(:required, Types.IP) @@ -57,7 +57,7 @@ defmodule FzHttp.Config.DefinitionTest do end test "inserts a function which returns definition doc" do - assert fetch_doc(FzHttp.Config.Definitions, :default_admin_email) == + assert fetch_doc(Domain.Config.Definitions, :default_admin_email) == {:ok, "Primary administrator email.\n"} assert fetch_doc(Foo, :bar) == diff --git a/apps/web/test/fz_http/config/fetcher_test.exs b/apps/domain/test/domain/config/fetcher_test.exs similarity index 98% rename from apps/web/test/fz_http/config/fetcher_test.exs rename to apps/domain/test/domain/config/fetcher_test.exs index 4b6b5e7dd..af8953d89 100644 --- a/apps/web/test/fz_http/config/fetcher_test.exs +++ b/apps/domain/test/domain/config/fetcher_test.exs @@ -1,10 +1,10 @@ -defmodule FzHttp.Config.FetcherTest do +defmodule Domain.Config.FetcherTest do use ExUnit.Case, async: true - import FzHttp.Config.Fetcher + import Domain.Config.Fetcher defmodule Test do - use FzHttp.Config.Definition - alias FzHttp.Types + use Domain.Config.Definition + alias Domain.Types defconfig(:required, Types.IP) diff --git a/apps/web/test/fz_http/config/resolver_test.exs b/apps/domain/test/domain/config/resolver_test.exs similarity index 94% rename from apps/web/test/fz_http/config/resolver_test.exs rename to apps/domain/test/domain/config/resolver_test.exs index 857837f29..398972b9d 100644 --- a/apps/web/test/fz_http/config/resolver_test.exs +++ b/apps/domain/test/domain/config/resolver_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttp.Config.ResolverTest do +defmodule Domain.Config.ResolverTest do use ExUnit.Case, async: true - import FzHttp.Config.Resolver + import Domain.Config.Resolver describe "resolve/4" do test "returns nil when variable is not found" do @@ -37,7 +37,7 @@ defmodule FzHttp.Config.ResolverTest do test "returns variable from database" do env_configurations = %{} - db_configurations = %FzHttp.Config.Configuration{default_client_dns: "1.2.3.4"} + db_configurations = %Domain.Config.Configuration{default_client_dns: "1.2.3.4"} assert resolve(:default_client_dns, env_configurations, db_configurations, []) == {:ok, {{:db, :default_client_dns}, "1.2.3.4"}} diff --git a/apps/web/test/fz_http/config/validator_test.exs b/apps/domain/test/domain/config/validator_test.exs similarity index 86% rename from apps/web/test/fz_http/config/validator_test.exs rename to apps/domain/test/domain/config/validator_test.exs index 24ca5b88f..acdd70b20 100644 --- a/apps/web/test/fz_http/config/validator_test.exs +++ b/apps/domain/test/domain/config/validator_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttp.Config.ValidatorTest do +defmodule Domain.Config.ValidatorTest do use ExUnit.Case, async: true - import FzHttp.Config.Validator - alias FzHttp.Types + import Domain.Config.Validator + alias Domain.Types describe "validate/4" do test "validates an array of integers" do @@ -47,7 +47,7 @@ defmodule FzHttp.Config.ValidatorTest do assert validate(:key, "invalid", type, []) == {:error, - {"invalid", ["must be one of: Elixir.FzHttp.Types.IP, Elixir.FzHttp.Types.CIDR"]}} + {"invalid", ["must be one of: Elixir.Domain.Types.IP, Elixir.Domain.Types.CIDR"]}} type = {:json_array, {:one_of, [:integer, :boolean]}} @@ -56,18 +56,18 @@ defmodule FzHttp.Config.ValidatorTest do end test "validates embeds" do - type = {:json_array, {:embed, FzHttp.Config.Configuration.SAMLIdentityProvider}} + type = {:json_array, {:embed, Domain.Config.Configuration.SAMLIdentityProvider}} opts = [ - changeset: {FzHttp.Config.Configuration.SAMLIdentityProvider, :create_changeset, []} + changeset: {Domain.Config.Configuration.SAMLIdentityProvider, :create_changeset, []} ] - attrs = FzHttp.ConfigFixtures.saml_identity_providers_attrs() + attrs = Domain.ConfigFixtures.saml_identity_providers_attrs() assert validate(:key, [attrs], type, opts) == {:ok, [ - %FzHttp.Config.Configuration.SAMLIdentityProvider{ + %Domain.Config.Configuration.SAMLIdentityProvider{ auto_create_users: attrs["auto_create_users"], base_url: "http://localhost:13000/auth/saml", id: attrs["id"], diff --git a/apps/web/test/fz_http/config_test.exs b/apps/domain/test/domain/config_test.exs similarity index 95% rename from apps/web/test/fz_http/config_test.exs rename to apps/domain/test/domain/config_test.exs index 7d41bfc33..54da8cf81 100644 --- a/apps/web/test/fz_http/config_test.exs +++ b/apps/domain/test/domain/config_test.exs @@ -1,10 +1,10 @@ -defmodule FzHttp.ConfigTest do - use FzHttp.DataCase, async: true - import FzHttp.Config +defmodule Domain.ConfigTest do + use Domain.DataCase, async: true + import Domain.Config defmodule Test do - use FzHttp.Config.Definition - alias FzHttp.Types + use Domain.Config.Definition + alias Domain.Types defconfig(:required, Types.IP) @@ -63,8 +63,8 @@ defmodule FzHttp.ConfigTest do defconfig(:url, :string, changeset: fn changeset, key -> changeset - |> FzHttp.Validator.validate_uri(key) - |> FzHttp.Validator.normalize_url(key) + |> Domain.Validator.validate_uri(key) + |> Domain.Validator.normalize_url(key) end ) @@ -202,7 +202,7 @@ defmodule FzHttp.ConfigTest do assert fetch_config(:external_url) == {:error, {{nil, ["is required"]}, - [module: FzHttp.Config.Definitions, key: :external_url, source: :not_found]}} + [module: Domain.Config.Definitions, key: :external_url, source: :not_found]}} end end @@ -383,10 +383,10 @@ defmodule FzHttp.ConfigTest do test "casts module name enums" do assert compile_config!(Test, :enum, %{"ENUM" => "value1"}) == :foo - assert compile_config!(Test, :enum, %{"ENUM" => "value2"}) == FzHttp.ConfigTest.Test + assert compile_config!(Test, :enum, %{"ENUM" => "value2"}) == Domain.ConfigTest.Test - assert compile_config!(Test, :enum, %{"ENUM" => "Elixir.FzHttp.ConfigTest.Test"}) == - FzHttp.ConfigTest.Test + assert compile_config!(Test, :enum, %{"ENUM" => "Elixir.Domain.ConfigTest.Test"}) == + Domain.ConfigTest.Test end end @@ -535,7 +535,7 @@ defmodule FzHttp.ConfigTest do describe "fetch_db_config!" do test "returns config from db table" do - assert fetch_db_config!() == Repo.one(FzHttp.Config.Configuration) + assert fetch_db_config!() == Repo.one(Domain.Config.Configuration) end end @@ -547,7 +547,7 @@ defmodule FzHttp.ConfigTest do describe "update_config/2" do test "returns error when changeset is invalid" do - config = Repo.one(FzHttp.Config.Configuration) + config = Repo.one(Domain.Config.Configuration) attrs = %{ local_auth_enabled: 1, @@ -571,7 +571,7 @@ defmodule FzHttp.ConfigTest do default_client_allowed_ips: ["is invalid"], default_client_dns: [ "!!! is not a valid FQDN", - "must be one of: Elixir.FzHttp.Types.IP, string" + "must be one of: Elixir.Domain.Types.IP, string" ], default_client_persistent_keepalive: ["must be greater than or equal to 0"], disable_vpn_on_oidc_error: ["is invalid"], @@ -583,7 +583,7 @@ defmodule FzHttp.ConfigTest do test "returns error when trying to change overridden value" do put_system_env_override(:local_auth_enabled, false) - config = Repo.one(FzHttp.Config.Configuration) + config = Repo.one(Domain.Config.Configuration) attrs = %{ local_auth_enabled: false @@ -600,7 +600,7 @@ defmodule FzHttp.ConfigTest do end test "trims binary fields" do - config = Repo.one(FzHttp.Config.Configuration) + config = Repo.one(Domain.Config.Configuration) attrs = %{ default_client_dns: [" foobar.com", "google.com "], @@ -613,7 +613,7 @@ defmodule FzHttp.ConfigTest do end test "changes database config value" do - config = Repo.one(FzHttp.Config.Configuration) + config = Repo.one(Domain.Config.Configuration) attrs = %{default_client_dns: ["foobar.com", "google.com"]} assert {:ok, config} = update_config(config, attrs) assert config.default_client_dns == attrs.default_client_dns @@ -624,7 +624,7 @@ defmodule FzHttp.ConfigTest do test "updates config field in a database" do assert config = put_config!(:default_client_endpoint, " 127.0.0.1") assert config.default_client_endpoint == "127.0.0.1" - assert Repo.one(FzHttp.Config.Configuration).default_client_endpoint == "127.0.0.1" + assert Repo.one(Domain.Config.Configuration).default_client_endpoint == "127.0.0.1" end test "raises when config field is not valid" do diff --git a/apps/web/test/fz_http/connectivity_checks/poller_test.exs b/apps/domain/test/domain/connectivity_checks/poller_test.exs similarity index 84% rename from apps/web/test/fz_http/connectivity_checks/poller_test.exs rename to apps/domain/test/domain/connectivity_checks/poller_test.exs index 4b83ae2be..4ffeab777 100644 --- a/apps/web/test/fz_http/connectivity_checks/poller_test.exs +++ b/apps/domain/test/domain/connectivity_checks/poller_test.exs @@ -1,10 +1,10 @@ -defmodule FzHttp.ConnectivityChecks.PollerTest do +defmodule Domain.ConnectivityChecks.PollerTest do @moduledoc """ Tests the ConnectivityCheckService module. """ - use FzHttp.DataCase, async: true - alias FzHttp.ConnectivityChecks - import FzHttp.ConnectivityChecks.Poller + use Domain.DataCase, async: true + alias Domain.ConnectivityChecks + import Domain.ConnectivityChecks.Poller describe "every tick" do test "checks connectivity of a given url" do diff --git a/apps/web/test/fz_http/connectivity_checks_test.exs b/apps/domain/test/domain/connectivity_checks_test.exs similarity index 91% rename from apps/web/test/fz_http/connectivity_checks_test.exs rename to apps/domain/test/domain/connectivity_checks_test.exs index fdd47cb13..8e0897956 100644 --- a/apps/web/test/fz_http/connectivity_checks_test.exs +++ b/apps/domain/test/domain/connectivity_checks_test.exs @@ -1,9 +1,9 @@ -defmodule FzHttp.ConnectivityChecksTest do - use FzHttp.DataCase, async: true - alias FzHttp.SubjectFixtures - alias FzHttp.ConnectivityChecksFixtures - alias FzHttp.ConnectivityChecks - import FzHttp.ConnectivityChecks +defmodule Domain.ConnectivityChecksTest do + use Domain.DataCase, async: true + alias Domain.SubjectFixtures + alias Domain.ConnectivityChecksFixtures + alias Domain.ConnectivityChecks + import Domain.ConnectivityChecks setup do subject = SubjectFixtures.create_subject() diff --git a/apps/web/test/fz_http/crypto_test.exs b/apps/domain/test/domain/crypto_test.exs similarity index 95% rename from apps/web/test/fz_http/crypto_test.exs rename to apps/domain/test/domain/crypto_test.exs index 7fd2cc4ab..886a693fd 100644 --- a/apps/web/test/fz_http/crypto_test.exs +++ b/apps/domain/test/domain/crypto_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttp.CryptoTest do +defmodule Domain.CryptoTest do use ExUnit.Case, async: true - import FzHttp.Crypto + import Domain.Crypto describe "psk/0" do test "it returns a string of proper length" do diff --git a/apps/web/test/fz_http/devices/device/query_test.exs b/apps/domain/test/domain/devices/device/query_test.exs similarity index 84% rename from apps/web/test/fz_http/devices/device/query_test.exs rename to apps/domain/test/domain/devices/device/query_test.exs index ea6925d2c..972582c6f 100644 --- a/apps/web/test/fz_http/devices/device/query_test.exs +++ b/apps/domain/test/domain/devices/device/query_test.exs @@ -1,12 +1,12 @@ -defmodule FzHttp.Devices.Device.QueryTest do - use FzHttp.DataCase, async: true - import FzHttp.Devices.Device.Query - alias FzHttp.DevicesFixtures +defmodule Domain.Devices.Device.QueryTest do + use Domain.DataCase, async: true + import Domain.Devices.Device.Query + alias Domain.DevicesFixtures describe "next_available_address/3" do test "selects available IPv4 in CIDR range at the offset" do cidr = string_to_cidr("10.3.2.0/29") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) gateway_ip = string_to_ip("10.3.2.0") offset = 3 @@ -17,7 +17,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "skips addresses taken by the gateway" do cidr = string_to_cidr("10.3.3.0/29") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) gateway_ip = string_to_ip("10.3.3.3") offset = 3 @@ -28,7 +28,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "forward scans available address after offset it it's assigned to a device" do cidr = string_to_cidr("10.3.4.0/29") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) gateway_ip = string_to_ip("10.3.4.0") offset = 3 @@ -44,7 +44,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "backward scans available address if forward scan found not available IPs" do cidr = string_to_cidr("10.3.5.0/29") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) gateway_ip = string_to_ip("10.3.5.0") offset = 5 @@ -62,7 +62,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "selects nothing when CIDR range is exhausted" do cidr = string_to_cidr("10.3.6.0/30") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) gateway_ip = string_to_ip("10.3.6.1") offset = 1 @@ -80,7 +80,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "prevents two concurrent transactions from acquiring the same address" do cidr = string_to_cidr("10.3.7.0/29") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) gateway_ip = string_to_ip("10.3.7.3") offset = 3 @@ -110,7 +110,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "selects available IPv6 in CIDR range at the offset" do cidr = string_to_cidr("fd00::3:3:0/120") - FzHttp.Config.put_env_override(:wireguard_ipv6_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv6_network, cidr) gateway_ip = string_to_ip("fd00::3:3:3") offset = 3 @@ -121,7 +121,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "selects available IPv6 at end of CIDR range" do cidr = string_to_cidr("fd00::/106") - FzHttp.Config.put_env_override(:wireguard_ipv6_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv6_network, cidr) gateway_ip = string_to_ip("fd00::3:3:3") offset = 4_194_304 @@ -132,7 +132,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "works when offset is out of IPv6 CIDR range" do cidr = string_to_cidr("fd00::/106") - FzHttp.Config.put_env_override(:wireguard_ipv6_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv6_network, cidr) gateway_ip = string_to_ip("fd00::3:3:3") offset = 4_194_305 @@ -143,7 +143,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "works when netmask allows a large number of devices" do cidr = string_to_cidr("fd00::/70") - FzHttp.Config.put_env_override(:wireguard_ipv6_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv6_network, cidr) gateway_ip = string_to_ip("fd00::3:3:3") offset = 9_223_372_036_854_775_807 @@ -156,7 +156,7 @@ defmodule FzHttp.Devices.Device.QueryTest do test "selects nothing when IPv6 CIDR range is exhausted" do cidr = string_to_cidr("fd00::3:2:0/126") - FzHttp.Config.put_env_override(:wireguard_ipv6_network, cidr) + Domain.Config.put_env_override(:wireguard_ipv6_network, cidr) gateway_ip = string_to_ip("fd00::3:2:1") offset = 3 @@ -168,12 +168,12 @@ defmodule FzHttp.Devices.Device.QueryTest do end defp string_to_cidr(string) do - {:ok, inet} = FzHttp.Types.CIDR.cast(string) + {:ok, inet} = Domain.Types.CIDR.cast(string) inet end defp string_to_ip(string) do - {:ok, inet} = FzHttp.Types.IP.cast(string) + {:ok, inet} = Domain.Types.IP.cast(string) inet end end diff --git a/apps/web/test/fz_http/devices/stats_updater_test.exs b/apps/domain/test/domain/devices/stats_updater_test.exs similarity index 74% rename from apps/web/test/fz_http/devices/stats_updater_test.exs rename to apps/domain/test/domain/devices/stats_updater_test.exs index 3c2991459..7cbdb5092 100644 --- a/apps/web/test/fz_http/devices/stats_updater_test.exs +++ b/apps/domain/test/domain/devices/stats_updater_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttp.Devices.StatsUpdaterTest do - use FzHttp.DataCase, async: true - import FzHttp.Devices.StatsUpdater +defmodule Domain.Devices.StatsUpdaterTest do + use Domain.DataCase, async: true + import Domain.Devices.StatsUpdater describe "endpoint_to_ip/1" do test "IPv4" do diff --git a/apps/web/test/fz_http/devices_test.exs b/apps/domain/test/domain/devices_test.exs similarity index 97% rename from apps/web/test/fz_http/devices_test.exs rename to apps/domain/test/domain/devices_test.exs index c296c1cb7..669408b14 100644 --- a/apps/web/test/fz_http/devices_test.exs +++ b/apps/domain/test/domain/devices_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttp.DevicesTest do - use FzHttp.DataCase, async: true - import FzHttp.Devices - alias FzHttp.{UsersFixtures, SubjectFixtures, DevicesFixtures} - alias FzHttp.Devices +defmodule Domain.DevicesTest do + use Domain.DataCase, async: true + import Domain.Devices + alias Domain.{UsersFixtures, SubjectFixtures, DevicesFixtures} + alias Domain.Devices setup do unprivileged_user = UsersFixtures.create_user_with_role(:unprivileged) @@ -182,7 +182,7 @@ defmodule FzHttp.DevicesTest do describe "new_device/0" do test "returns changeset with default values" do - assert %Ecto.Changeset{data: %FzHttp.Devices.Device{}} = changeset = new_device() + assert %Ecto.Changeset{data: %Domain.Devices.Device{}} = changeset = new_device() assert Map.keys(changeset.changes) == [:name, :preshared_key] end @@ -196,7 +196,7 @@ defmodule FzHttp.DevicesTest do assert changeset = new_device(attrs) - assert %Ecto.Changeset{data: %FzHttp.Devices.Device{}} = changeset + assert %Ecto.Changeset{data: %Domain.Devices.Device{}} = changeset assert changeset.changes == %{ name: attrs["name"], @@ -211,7 +211,7 @@ defmodule FzHttp.DevicesTest do device = DevicesFixtures.create_device(user: user) assert changeset = change_device(device, %{"name" => "foo", "use_default_mtu" => false}) - assert %Ecto.Changeset{data: %FzHttp.Devices.Device{}} = changeset + assert %Ecto.Changeset{data: %Domain.Devices.Device{}} = changeset assert changeset.changes == %{name: "foo", use_default_mtu: false} end @@ -322,8 +322,8 @@ defmodule FzHttp.DevicesTest do test "ignores configuration attrs when there are no configure permission", %{ unprivileged_user: user } do - FzHttp.Config.put_system_env_override(:allow_unprivileged_device_configuration, false) - FzHttp.Config.put_env_override(:max_devices_per_user, 100) + Domain.Config.put_system_env_override(:allow_unprivileged_device_configuration, false) + Domain.Config.put_env_override(:max_devices_per_user, 100) subject = SubjectFixtures.create_subject(user) @@ -363,7 +363,7 @@ defmodule FzHttp.DevicesTest do } do DevicesFixtures.create_device(user: user) - FzHttp.Config.put_env_override(:max_devices_per_user, 1) + Domain.Config.put_env_override(:max_devices_per_user, 1) attrs = DevicesFixtures.device_attrs() @@ -386,8 +386,8 @@ defmodule FzHttp.DevicesTest do DevicesFixtures.device_attrs() |> Map.take([:public_key]) - {:ok, cidr} = FzHttp.Types.CIDR.cast("fd00::/20") - FzHttp.Config.put_env_override(:wireguard_ipv6_network, cidr) + {:ok, cidr} = Domain.Types.CIDR.cast("fd00::/20") + Domain.Config.put_env_override(:wireguard_ipv6_network, cidr) assert {:ok, device} = create_device_for_user(user, attrs, subject) assert %Postgrex.INET{address: {64_768, 0, 0, 0, _, _, _, _}, netmask: nil} = device.ipv6 end @@ -400,8 +400,8 @@ defmodule FzHttp.DevicesTest do DevicesFixtures.device_attrs() |> Map.take([:public_key]) - {:ok, cidr} = FzHttp.Types.CIDR.cast("10.3.2.0/30") - FzHttp.Config.put_env_override(:wireguard_ipv4_network, cidr) + {:ok, cidr} = Domain.Types.CIDR.cast("10.3.2.0/30") + Domain.Config.put_env_override(:wireguard_ipv4_network, cidr) assert {:ok, _device} = create_device_for_user(user, attrs, subject) assert {:error, changeset} = create_device_for_user(user, attrs, subject) @@ -853,7 +853,7 @@ defmodule FzHttp.DevicesTest do end test "does not render peers for users with expired VPN session" do - FzHttp.Config.put_system_env_override(:vpn_session_duration, 1) + Domain.Config.put_system_env_override(:vpn_session_duration, 1) two_seconds_in_future = DateTime.utc_now() |> DateTime.add(2, :second) user = UsersFixtures.create_user_with_role(:unprivileged) DevicesFixtures.create_device(user: user) diff --git a/apps/web/test/fz_http/name_generator_test.exs b/apps/domain/test/domain/name_generator_test.exs similarity index 80% rename from apps/web/test/fz_http/name_generator_test.exs rename to apps/domain/test/domain/name_generator_test.exs index e61c93b5e..ce40e66c7 100644 --- a/apps/web/test/fz_http/name_generator_test.exs +++ b/apps/domain/test/domain/name_generator_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttp.NameGeneratorTest do +defmodule Domain.NameGeneratorTest do use ExUnit.Case, async: true - import FzHttp.NameGenerator + import Domain.NameGenerator describe "generate/0" do test "generates a name" do diff --git a/apps/web/test/fz_http/notifications_test.exs b/apps/domain/test/domain/notifications_test.exs similarity index 91% rename from apps/web/test/fz_http/notifications_test.exs rename to apps/domain/test/domain/notifications_test.exs index 77bd81d04..6a2d9a851 100644 --- a/apps/web/test/fz_http/notifications_test.exs +++ b/apps/domain/test/domain/notifications_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttp.NotificationsTest do - use FzHttp.DataCase, async: true - import FzHttp.TestHelpers - alias FzHttp.Notifications +defmodule Domain.NotificationsTest do + use Domain.DataCase, async: true + import Domain.TestHelpers + alias Domain.Notifications setup do {:ok, test_pid: start_supervised!(Notifications)} diff --git a/apps/web/test/fz_http/release_test.exs b/apps/domain/test/domain/release_test.exs similarity index 83% rename from apps/web/test/fz_http/release_test.exs rename to apps/domain/test/domain/release_test.exs index 5e52c06fb..de486ff8c 100644 --- a/apps/web/test/fz_http/release_test.exs +++ b/apps/domain/test/domain/release_test.exs @@ -1,12 +1,12 @@ -defmodule FzHttp.ReleaseTest do +defmodule Domain.ReleaseTest do @moduledoc """ XXX: Write more meaningful tests for this module. Perhaps the best way to test this module is through functional tests. """ - use FzHttp.DataCase, async: true - alias FzHttp.{ApiTokens, Users} - alias FzHttp.Release - alias FzHttp.UsersFixtures + use Domain.DataCase, async: true + alias Domain.{ApiTokens, Users} + alias Domain.Release + alias Domain.UsersFixtures describe "migrate/0" do test "function runs without error" do @@ -17,7 +17,7 @@ defmodule FzHttp.ReleaseTest do describe "create_admin_user/0" do test "creates admin when none exists" do Release.create_admin_user() - email = FzHttp.Config.fetch_env!(:fz_http, :admin_email) + email = Domain.Config.fetch_env!(:domain, :admin_email) assert {:ok, %Users.User{}} = Users.fetch_user_by_email(email) end @@ -34,7 +34,7 @@ defmodule FzHttp.ReleaseTest do test "creates api_token_token for default admin user" do admin_user = UsersFixtures.create_user_with_role(:admin, %{ - email: FzHttp.Config.fetch_env!(:fz_http, :admin_email) + email: Domain.Config.fetch_env!(:domain, :admin_email) }) assert :ok = Release.create_api_token() diff --git a/apps/web/test/fz_http/rules_test.exs b/apps/domain/test/domain/rules_test.exs similarity index 96% rename from apps/web/test/fz_http/rules_test.exs rename to apps/domain/test/domain/rules_test.exs index 2a0f30f55..7aaafa294 100644 --- a/apps/web/test/fz_http/rules_test.exs +++ b/apps/domain/test/domain/rules_test.exs @@ -1,16 +1,16 @@ -defmodule FzHttp.RulesTest do - use FzHttp.DataCase, async: true - import FzHttp.Rules - alias FzHttp.{UsersFixtures, SubjectFixtures, RulesFixtures} - alias FzHttp.Rules +defmodule Domain.RulesTest do + use Domain.DataCase, async: true + import Domain.Rules + alias Domain.{UsersFixtures, SubjectFixtures, RulesFixtures} + alias Domain.Rules setup do - FzHttp.Config.put_env_override(:wireguard_ipv4_network, %Postgrex.INET{ + Domain.Config.put_env_override(:wireguard_ipv4_network, %Postgrex.INET{ address: {100, 64, 0, 0}, netmask: 10 }) - FzHttp.Config.put_env_override(:wireguard_ipv6_network, %Postgrex.INET{ + Domain.Config.put_env_override(:wireguard_ipv6_network, %Postgrex.INET{ address: {64_768, 0, 0, 0, 0, 0, 0, 0}, netmask: 106 }) @@ -363,24 +363,6 @@ defmodule FzHttp.RulesTest do assert rule.user_id == user.id end - test "ignores port-based rule fields when they are not supported", %{ - subject: subject - } do - FzHttp.Config.put_env_override(:fz_wall, :port_based_rules_supported, false) - - attrs = %{ - action: :drop, - destination: "255.0.0.1", - port_type: :foo, - port_range: "foo" - } - - assert {:ok, rule} = create_rule(attrs, subject) - - assert is_nil(rule.port_type) - assert is_nil(rule.port_range) - end - test "returns error when subject has no permission to create devices", %{ subject: subject } do diff --git a/apps/web/test/fz_http/telemetry_test.exs b/apps/domain/test/domain/telemetry_test.exs similarity index 73% rename from apps/web/test/fz_http/telemetry_test.exs rename to apps/domain/test/domain/telemetry_test.exs index 8cc38a0d5..a7eff6ff1 100644 --- a/apps/web/test/fz_http/telemetry_test.exs +++ b/apps/domain/test/domain/telemetry_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttp.TelemetryTest do - use FzHttp.DataCase, async: true - import FzHttp.TestHelpers - alias FzHttp.Telemetry - alias FzHttp.MFAFixtures +defmodule Domain.TelemetryTest do + use Domain.DataCase, async: true + import Domain.TestHelpers + alias Domain.Telemetry + alias Domain.MFAFixtures describe "user" do setup :create_user @@ -42,7 +42,7 @@ defmodule FzHttp.TelemetryTest do describe "auth" do test "count openid providers" do - FzHttp.ConfigFixtures.start_openid_providers([ + Domain.ConfigFixtures.start_openid_providers([ "google", "okta", "auth0", @@ -58,7 +58,7 @@ defmodule FzHttp.TelemetryTest do end test "disable vpn on oidc error enabled" do - FzHttp.Config.put_config!(:disable_vpn_on_oidc_error, true) + Domain.Config.put_config!(:disable_vpn_on_oidc_error, true) ping_data = Telemetry.ping_data() @@ -66,7 +66,7 @@ defmodule FzHttp.TelemetryTest do end test "disable vpn on oidc error disabled" do - FzHttp.Config.put_config!(:disable_vpn_on_oidc_error, false) + Domain.Config.put_config!(:disable_vpn_on_oidc_error, false) ping_data = Telemetry.ping_data() @@ -74,7 +74,7 @@ defmodule FzHttp.TelemetryTest do end test "local authentication enabled" do - FzHttp.Config.put_config!(:local_auth_enabled, true) + Domain.Config.put_config!(:local_auth_enabled, true) ping_data = Telemetry.ping_data() @@ -82,7 +82,7 @@ defmodule FzHttp.TelemetryTest do end test "local authentication disabled" do - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) ping_data = Telemetry.ping_data() @@ -90,7 +90,7 @@ defmodule FzHttp.TelemetryTest do end test "unprivileged device management enabled" do - FzHttp.Config.put_config!(:allow_unprivileged_device_management, true) + Domain.Config.put_config!(:allow_unprivileged_device_management, true) ping_data = Telemetry.ping_data() @@ -98,7 +98,7 @@ defmodule FzHttp.TelemetryTest do end test "unprivileged device configuration enabled" do - FzHttp.Config.put_config!(:allow_unprivileged_device_configuration, true) + Domain.Config.put_config!(:allow_unprivileged_device_configuration, true) ping_data = Telemetry.ping_data() @@ -106,7 +106,7 @@ defmodule FzHttp.TelemetryTest do end test "unprivileged device configuration disabled" do - FzHttp.Config.put_config!(:allow_unprivileged_device_configuration, false) + Domain.Config.put_config!(:allow_unprivileged_device_configuration, false) ping_data = Telemetry.ping_data() @@ -116,7 +116,7 @@ defmodule FzHttp.TelemetryTest do describe "database" do test "local hostname" do - FzHttp.Config.put_env_override(:fz_http, FzHttp.Repo, hostname: "localhost") + Domain.Config.put_env_override(:domain, Domain.Repo, hostname: "localhost") ping_data = Telemetry.ping_data() @@ -124,7 +124,7 @@ defmodule FzHttp.TelemetryTest do end test "local url" do - FzHttp.Config.put_env_override(:fz_http, FzHttp.Repo, url: "postgres://127.0.0.1") + Domain.Config.put_env_override(:domain, Domain.Repo, url: "postgres://127.0.0.1") ping_data = Telemetry.ping_data() @@ -132,7 +132,7 @@ defmodule FzHttp.TelemetryTest do end test "external hostname" do - FzHttp.Config.put_env_override(:fz_http, FzHttp.Repo, hostname: "firezone.dev") + Domain.Config.put_env_override(:domain, Domain.Repo, hostname: "firezone.dev") ping_data = Telemetry.ping_data() @@ -140,7 +140,7 @@ defmodule FzHttp.TelemetryTest do end test "external url" do - FzHttp.Config.put_env_override(:fz_http, FzHttp.Repo, url: "postgres://firezone.dev") + Domain.Config.put_env_override(:domain, Domain.Repo, url: "postgres://firezone.dev") ping_data = Telemetry.ping_data() @@ -150,7 +150,7 @@ defmodule FzHttp.TelemetryTest do describe "email" do test "outbound set" do - FzHttp.Config.put_env_override(:fz_http, FzHttpWeb.Mailer, + Domain.Config.put_env_override(:domain, Web.Mailer, adapter: Swoosh.Adapters.NoopAdapter, from_email: "test@firezone.dev" ) @@ -161,14 +161,14 @@ defmodule FzHttp.TelemetryTest do end test "outbound unset" do - FzHttp.Config.put_env_override(:fz_http, FzHttpWeb.Mailer, + Domain.Config.put_env_override(:domain, Web.Mailer, adapter: SwooshAdapters.NoopAdapter, from_email: nil ) ping_data = Telemetry.ping_data() - refute ping_data[:outbound_email] + assert ping_data[:outbound_email] == Web.MailerTestAdapter end end end diff --git a/apps/web/test/fz_http/types/cidr_test.exs b/apps/domain/test/domain/types/cidr_test.exs similarity index 98% rename from apps/web/test/fz_http/types/cidr_test.exs rename to apps/domain/test/domain/types/cidr_test.exs index b7b3b4930..f23861cac 100644 --- a/apps/web/test/fz_http/types/cidr_test.exs +++ b/apps/domain/test/domain/types/cidr_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttp.Types.CIDRTest do +defmodule Domain.Types.CIDRTest do use ExUnit.Case, async: true - import FzHttp.Types.CIDR + import Domain.Types.CIDR describe "count_hosts/2" do test "ipv4" do diff --git a/apps/web/test/fz_http/users_test.exs b/apps/domain/test/domain/users_test.exs similarity index 98% rename from apps/web/test/fz_http/users_test.exs rename to apps/domain/test/domain/users_test.exs index 7510758eb..2f655966d 100644 --- a/apps/web/test/fz_http/users_test.exs +++ b/apps/domain/test/domain/users_test.exs @@ -1,11 +1,11 @@ -defmodule FzHttp.UsersTest do - use FzHttp.DataCase, async: true - import FzHttp.Users - alias FzHttp.SubjectFixtures - alias FzHttp.UsersFixtures - alias FzHttp.DevicesFixtures - alias FzHttp.Config - alias FzHttp.Users +defmodule Domain.UsersTest do + use Domain.DataCase, async: true + import Domain.Users + alias Domain.SubjectFixtures + alias Domain.UsersFixtures + alias Domain.DevicesFixtures + alias Domain.Config + alias Domain.Users describe "count/0" do test "returns correct count of all users" do @@ -405,7 +405,7 @@ defmodule FzHttp.UsersTest do assert user.role == :unprivileged assert user.email == attrs.email - assert FzHttp.Crypto.equal?(attrs.password, user.password_hash) + assert Domain.Crypto.equal?(attrs.password, user.password_hash) assert is_nil(user.password) assert is_nil(user.password_confirmation) diff --git a/apps/domain/test/support/case_template.ex b/apps/domain/test/support/case_template.ex new file mode 100644 index 000000000..fadabfe8c --- /dev/null +++ b/apps/domain/test/support/case_template.ex @@ -0,0 +1,21 @@ +defmodule Domain.CaseTemplate do + @moduledoc """ + Our wrapper for the ExUnit.CaseTemplate to provide SQL sandbox helpers to all tests. + """ + use ExUnit.CaseTemplate + alias Ecto.Adapters.SQL.Sandbox + + using do + quote do + setup tags do + :ok = Sandbox.checkout(Domain.Repo) + + unless tags[:async] do + Sandbox.mode(Domain.Repo, {:shared, self()}) + end + + :ok + end + end + end +end diff --git a/apps/web/test/support/data_case.ex b/apps/domain/test/support/data_case.ex similarity index 87% rename from apps/web/test/support/data_case.ex rename to apps/domain/test/support/data_case.ex index 649d194d6..d7b161c57 100644 --- a/apps/web/test/support/data_case.ex +++ b/apps/domain/test/support/data_case.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.DataCase do +defmodule Domain.DataCase do @moduledoc """ This module defines the setup for tests requiring access to the application's data layer. @@ -10,18 +10,18 @@ defmodule FzHttp.DataCase do we enable the SQL sandbox, so changes done to the database are reverted at the end of every test. If you are using PostgreSQL, you can even run database tests asynchronously - by setting `use FzHttp.DataCase, async: true`, although + by setting `use Domain.DataCase, async: true`, although this option is not recommended for other databases. """ use ExUnit.CaseTemplate - use FzHttp.CaseTemplate + use Domain.CaseTemplate using do quote do import Ecto import Ecto.Changeset - import FzHttp.DataCase - alias FzHttp.Repo + import Domain.DataCase + alias Domain.Repo end end diff --git a/apps/web/test/support/fixtures/api_tokens_fixtures.ex b/apps/domain/test/support/fixtures/api_tokens_fixtures.ex similarity index 73% rename from apps/web/test/support/fixtures/api_tokens_fixtures.ex rename to apps/domain/test/support/fixtures/api_tokens_fixtures.ex index 6a3cdfad5..28723b81a 100644 --- a/apps/web/test/support/fixtures/api_tokens_fixtures.ex +++ b/apps/domain/test/support/fixtures/api_tokens_fixtures.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.ApiTokensFixtures do - alias FzHttp.UsersFixtures - alias FzHttp.SubjectFixtures +defmodule Domain.ApiTokensFixtures do + alias Domain.UsersFixtures + alias Domain.SubjectFixtures def api_token_attrs(attrs \\ %{}) do Enum.into(attrs, %{}) @@ -15,7 +15,7 @@ defmodule FzHttp.ApiTokensFixtures do end) subject = SubjectFixtures.create_subject(user) - {:ok, api_token} = FzHttp.ApiTokens.create_api_token(attrs, subject) + {:ok, api_token} = Domain.ApiTokens.create_api_token(attrs, subject) api_token end @@ -23,6 +23,6 @@ defmodule FzHttp.ApiTokensFixtures do one_second_ago = DateTime.utc_now() |> DateTime.add(-1, :second) Ecto.Changeset.change(api_token, expires_at: one_second_ago) - |> FzHttp.Repo.update!() + |> Domain.Repo.update!() end end diff --git a/apps/web/test/support/fixtures/config_fixtures.ex b/apps/domain/test/support/fixtures/config_fixtures.ex similarity index 99% rename from apps/web/test/support/fixtures/config_fixtures.ex rename to apps/domain/test/support/fixtures/config_fixtures.ex index c7e76e49c..7262295d2 100644 --- a/apps/web/test/support/fixtures/config_fixtures.ex +++ b/apps/domain/test/support/fixtures/config_fixtures.ex @@ -1,9 +1,9 @@ -defmodule FzHttp.ConfigFixtures do +defmodule Domain.ConfigFixtures do @moduledoc """ Allows for easily updating configuration in tests. """ - alias FzHttp.Repo - alias FzHttp.Config + alias Domain.Repo + alias Domain.Config def configuration(%Config.Configuration{} = conf \\ Config.fetch_db_config!(), attrs) do {:ok, configuration} = diff --git a/apps/web/test/support/fixtures/connectivity_checks_fixtures.ex b/apps/domain/test/support/fixtures/connectivity_checks_fixtures.ex similarity index 82% rename from apps/web/test/support/fixtures/connectivity_checks_fixtures.ex rename to apps/domain/test/support/fixtures/connectivity_checks_fixtures.ex index f74be54f8..231ffbd59 100644 --- a/apps/web/test/support/fixtures/connectivity_checks_fixtures.ex +++ b/apps/domain/test/support/fixtures/connectivity_checks_fixtures.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.ConnectivityChecksFixtures do - alias FzHttp.Repo - alias FzHttp.ConnectivityChecks +defmodule Domain.ConnectivityChecksFixtures do + alias Domain.Repo + alias Domain.ConnectivityChecks def connectivity_check_attrs(attrs \\ []) do Enum.into(attrs, %{ diff --git a/apps/web/test/support/fixtures/devices_fixtures.ex b/apps/domain/test/support/fixtures/devices_fixtures.ex similarity index 84% rename from apps/web/test/support/fixtures/devices_fixtures.ex rename to apps/domain/test/support/fixtures/devices_fixtures.ex index c5fc8662c..5e23bb32b 100644 --- a/apps/web/test/support/fixtures/devices_fixtures.ex +++ b/apps/domain/test/support/fixtures/devices_fixtures.ex @@ -1,11 +1,11 @@ -defmodule FzHttp.DevicesFixtures do +defmodule Domain.DevicesFixtures do @moduledoc """ This module defines test helpers for creating - entities via the `FzHttp.Devices` context. + entities via the `Domain.Devices` context. """ - alias FzHttp.Devices - alias FzHttp.UsersFixtures - alias FzHttp.SubjectFixtures + alias Domain.Devices + alias Domain.UsersFixtures + alias Domain.SubjectFixtures def device_attrs(attrs \\ %{}) do Enum.into(attrs, %{ diff --git a/apps/web/test/support/fixtures/mfa_fixtures.ex b/apps/domain/test/support/fixtures/mfa_fixtures.ex similarity index 90% rename from apps/web/test/support/fixtures/mfa_fixtures.ex rename to apps/domain/test/support/fixtures/mfa_fixtures.ex index 848c0be17..4662bebdb 100644 --- a/apps/web/test/support/fixtures/mfa_fixtures.ex +++ b/apps/domain/test/support/fixtures/mfa_fixtures.ex @@ -1,7 +1,7 @@ -defmodule FzHttp.MFAFixtures do - alias FzHttp.Repo - alias FzHttp.Auth.MFA - alias FzHttp.UsersFixtures +defmodule Domain.MFAFixtures do + alias Domain.Repo + alias Domain.Auth.MFA + alias Domain.UsersFixtures def totp_method_attrs(attrs \\ %{}) do secret = NimbleTOTP.secret() diff --git a/apps/web/test/support/fixtures/notifications_fixtures.ex b/apps/domain/test/support/fixtures/notifications_fixtures.ex similarity index 89% rename from apps/web/test/support/fixtures/notifications_fixtures.ex rename to apps/domain/test/support/fixtures/notifications_fixtures.ex index b07b6acff..f206df846 100644 --- a/apps/web/test/support/fixtures/notifications_fixtures.ex +++ b/apps/domain/test/support/fixtures/notifications_fixtures.ex @@ -1,4 +1,4 @@ -defmodule FzHttp.NotificationsFixtures do +defmodule Domain.NotificationsFixtures do @moduledoc """ This module defines test helpers for creating notifications. """ diff --git a/apps/web/test/support/fixtures/rules_fixtures.ex b/apps/domain/test/support/fixtures/rules_fixtures.ex similarity index 90% rename from apps/web/test/support/fixtures/rules_fixtures.ex rename to apps/domain/test/support/fixtures/rules_fixtures.ex index 7593c038e..f4c5160d2 100644 --- a/apps/web/test/support/fixtures/rules_fixtures.ex +++ b/apps/domain/test/support/fixtures/rules_fixtures.ex @@ -1,7 +1,7 @@ -defmodule FzHttp.RulesFixtures do - alias FzHttp.UsersFixtures - alias FzHttp.SubjectFixtures - alias FzHttp.Rules +defmodule Domain.RulesFixtures do + alias Domain.UsersFixtures + alias Domain.SubjectFixtures + alias Domain.Rules defp rule_attrs(attrs, default) do attrs = Enum.into(attrs, default) diff --git a/apps/web/test/support/fixtures/subject_fixtures.ex b/apps/domain/test/support/fixtures/subject_fixtures.ex similarity index 79% rename from apps/web/test/support/fixtures/subject_fixtures.ex rename to apps/domain/test/support/fixtures/subject_fixtures.ex index cae16b56d..7e91b136b 100644 --- a/apps/web/test/support/fixtures/subject_fixtures.ex +++ b/apps/domain/test/support/fixtures/subject_fixtures.ex @@ -1,6 +1,6 @@ -defmodule FzHttp.SubjectFixtures do - alias FzHttp.Auth - alias FzHttp.UsersFixtures +defmodule Domain.SubjectFixtures do + alias Domain.Auth + alias Domain.UsersFixtures def new(user \\ nil) do %Auth.Subject{ @@ -10,7 +10,7 @@ defmodule FzHttp.SubjectFixtures do end def create_subject(user \\ UsersFixtures.create_user_with_role(:admin)) do - FzHttp.Auth.fetch_subject!(user, {127, 0, 0, 1}, "DummyAgent (1.0.0)") + Domain.Auth.fetch_subject!(user, {127, 0, 0, 1}, "DummyAgent (1.0.0)") end def remove_permissions(%Auth.Subject{} = subject) do diff --git a/apps/web/test/support/fixtures/users_fixtures.ex b/apps/domain/test/support/fixtures/users_fixtures.ex similarity index 89% rename from apps/web/test/support/fixtures/users_fixtures.ex rename to apps/domain/test/support/fixtures/users_fixtures.ex index f2d002851..3b2ce8677 100644 --- a/apps/web/test/support/fixtures/users_fixtures.ex +++ b/apps/domain/test/support/fixtures/users_fixtures.ex @@ -1,7 +1,7 @@ -defmodule FzHttp.UsersFixtures do - alias FzHttp.Repo - alias FzHttp.Users - alias FzHttp.SubjectFixtures +defmodule Domain.UsersFixtures do + alias Domain.Repo + alias Domain.Users + alias Domain.SubjectFixtures def user_attrs(attrs \\ %{}) do Enum.into(attrs, %{ diff --git a/apps/domain/test/support/test_helpers.ex b/apps/domain/test/support/test_helpers.ex new file mode 100644 index 000000000..3bee77636 --- /dev/null +++ b/apps/domain/test/support/test_helpers.ex @@ -0,0 +1,175 @@ +# Removeme +defmodule Domain.TestHelpers do + @moduledoc """ + Test setup helpers + """ + + alias Domain.{ + ConnectivityChecksFixtures, + DevicesFixtures, + NotificationsFixtures, + Repo, + RulesFixtures, + Users.User, + UsersFixtures + } + + def clear_users do + Repo.delete_all(User) + end + + def create_unprivileged_device(%{unprivileged_user: user}) do + {:ok, device: DevicesFixtures.create_device(user: user)} + end + + def create_device(tags) do + device = + if tags[:unauthed] || is_nil(tags[:user_id]) do + DevicesFixtures.create_device() + else + DevicesFixtures.create_device(%{user_id: tags[:user_id]}) + end + + {:ok, device: device} + end + + def create_other_user_device(_) do + user = UsersFixtures.create_user_with_role(:unprivileged, %{email: "other_user@test"}) + + device = + DevicesFixtures.create_device(%{ + user: user, + name: "other device" + }) + + {:ok, other_device: device} + end + + def create_connectivity_checks(_tags) do + connectivity_checks = + Enum.map(1..5, fn _i -> + ConnectivityChecksFixtures.create_connectivity_check() + end) + + {:ok, connectivity_checks: connectivity_checks} + end + + def create_devices(tags) do + user = + if tags[:unathed] || is_nil(tags[:user_id]) do + UsersFixtures.create_user_with_role(:admin) + else + Repo.get!(User, tags[:user_id]) + end + + devices = + Enum.map(1..5, fn num -> + DevicesFixtures.create_device(%{ + name: "device #{num}", + user: user + }) + end) + + {:ok, devices: devices} + end + + def create_user(tags) do + role = tags[:role] || :admin + user = UsersFixtures.create_user_with_role(role) + + {:ok, user: user} + end + + def create_accept_rule(_) do + rule = RulesFixtures.create_rule(%{action: :accept}) + {:ok, rule: rule} + end + + def create_drop_rule(_) do + rule = RulesFixtures.create_rule(%{action: :drop}) + {:ok, rule: rule} + end + + def create_rule(_) do + rule = RulesFixtures.create_rule(%{}) + {:ok, rule: rule} + end + + def create_rule_accept(_) do + rule = RulesFixtures.create_rule(%{action: :accept}) + {:ok, rule: rule} + end + + def create_rule_with_user_and_device(_) do + user = UsersFixtures.create_user_with_role(:admin) + rule = RulesFixtures.create_rule(user_id: user.id, destination: "10.20.30.0/24") + + device = + DevicesFixtures.create_device( + user: user, + name: "device" + ) + + {:ok, rule: rule, user: user, device: device} + end + + def create_rule_with_user(opts \\ %{}) do + user = UsersFixtures.create_user_with_role(:admin) + rule = RulesFixtures.create_rule(Map.merge(%{user_id: user.id}, opts)) + + {:ok, rule: rule, user: user} + end + + def create_rule_with_ports(opts \\ %{}) do + rule = RulesFixtures.create_rule(Map.merge(%{port_range: "10 - 20", port_type: :udp}, opts)) + + {:ok, rule: rule} + end + + def create_user_with_valid_sign_in_token(_) do + {:ok, user: %User{}} = UsersFixtures.create_user_with_role(:admin) + end + + def create_user_with_expired_sign_in_token(_) do + expired_at = DateTime.add(DateTime.utc_now(), -1 * 86_401) + + {:ok, + user: + UsersFixtures.create_user_with_role(:admin, %{ + sign_in_token: "EXPIRED_TOKEN", + sign_in_token_created_at: expired_at + })} + end + + def create_users(tags) do + count = tags[:count] || 5 + role = tags[:role] || :admin + + users = + Enum.map(1..count, fn i -> + UsersFixtures.create_user_with_role(role, %{email: "userlist#{i}@test"}) + end) + + {:ok, users: users} + end + + def clear_users(_) do + {count, _result} = Repo.delete_all(User) + {:ok, count: count} + end + + def create_notifications(opts \\ []) do + count = opts[:count] || 5 + + notifications = + for i <- 1..count do + NotificationsFixtures.notification_fixture(user: "test#{i}@localhost") + end + + {:ok, notifications: notifications} + end + + def create_notification(attrs \\ []) do + {:ok, notification: NotificationsFixtures.notification_fixture(attrs)} + end +end diff --git a/apps/domain/test/test_helper.exs b/apps/domain/test/test_helper.exs new file mode 100644 index 000000000..22fb7efd0 --- /dev/null +++ b/apps/domain/test/test_helper.exs @@ -0,0 +1,2 @@ +Ecto.Adapters.SQL.Sandbox.mode(Domain.Repo, :manual) +ExUnit.start(formatters: [ExUnit.CLIFormatter, JUnitFormatter]) diff --git a/apps/web/.formatter.exs b/apps/web/.formatter.exs index ae02b79cd..f174e5dfd 100644 --- a/apps/web/.formatter.exs +++ b/apps/web/.formatter.exs @@ -4,7 +4,6 @@ assert_unauthenticated: 1 ], import_deps: [ - :ecto, :phoenix, :phoenix_live_view ], diff --git a/apps/web/README.md b/apps/web/README.md index 01340d794..e9b4ae911 100644 --- a/apps/web/README.md +++ b/apps/web/README.md @@ -1,3 +1,3 @@ -# FzHttp +# Domain Phoenix app for managing Firezone. diff --git a/apps/web/lib/fz_http_web/live/device_live/admin/show.html.heex b/apps/web/lib/fz_http_web/live/device_live/admin/show.html.heex deleted file mode 100644 index f56524d8c..000000000 --- a/apps/web/lib/fz_http_web/live/device_live/admin/show.html.heex +++ /dev/null @@ -1,2 +0,0 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", page_title: "Devices |> #{@page_title}") %> -<%= render(FzHttpWeb.SharedView, "show_device.html", assigns) %> diff --git a/apps/web/lib/fz_http_web/live/hooks/allow_ecto_sandbox.ex b/apps/web/lib/fz_http_web/live/hooks/allow_ecto_sandbox.ex deleted file mode 100644 index 6272d0a1d..000000000 --- a/apps/web/lib/fz_http_web/live/hooks/allow_ecto_sandbox.ex +++ /dev/null @@ -1,6 +0,0 @@ -defmodule FzHttpWeb.Hooks.AllowEctoSandbox do - def on_mount(:default, _params, _session, socket) do - socket = FzHttpWeb.Sandbox.allow_live_ecto_sandbox(socket) - {:cont, socket} - end -end diff --git a/apps/web/lib/fz_http_web/presence.ex b/apps/web/lib/fz_http_web/presence.ex deleted file mode 100644 index 3ae0efd10..000000000 --- a/apps/web/lib/fz_http_web/presence.ex +++ /dev/null @@ -1,11 +0,0 @@ -defmodule FzHttpWeb.Presence do - @moduledoc """ - Provides presence tracking to channels and processes. - - See the [`Phoenix.Presence`](https://hexdocs.pm/phoenix/Phoenix.Presence.html) - docs for more details. - """ - use Phoenix.Presence, - otp_app: :fz_http, - pubsub_server: FzHttp.PubSub -end diff --git a/apps/web/lib/fz_http_web/views/auth_view.ex b/apps/web/lib/fz_http_web/views/auth_view.ex deleted file mode 100644 index 14d919245..000000000 --- a/apps/web/lib/fz_http_web/views/auth_view.ex +++ /dev/null @@ -1,3 +0,0 @@ -defmodule FzHttpWeb.AuthView do - use FzHttpWeb, :view -end diff --git a/apps/web/lib/fz_http_web/views/browser_view.ex b/apps/web/lib/fz_http_web/views/browser_view.ex deleted file mode 100644 index 0aa203003..000000000 --- a/apps/web/lib/fz_http_web/views/browser_view.ex +++ /dev/null @@ -1,4 +0,0 @@ -defmodule FzHttpWeb.BrowserView do - use FzHttpWeb, :view - import FzHttpWeb.Endpoint, only: [static_path: 1] -end diff --git a/apps/web/lib/fz_http_web/views/root_view.ex b/apps/web/lib/fz_http_web/views/root_view.ex deleted file mode 100644 index 4d7a3751a..000000000 --- a/apps/web/lib/fz_http_web/views/root_view.ex +++ /dev/null @@ -1,3 +0,0 @@ -defmodule FzHttpWeb.RootView do - use FzHttpWeb, :view -end diff --git a/apps/web/lib/fz_http_web/views/rule_view.ex b/apps/web/lib/fz_http_web/views/rule_view.ex deleted file mode 100644 index eea8579b9..000000000 --- a/apps/web/lib/fz_http_web/views/rule_view.ex +++ /dev/null @@ -1,3 +0,0 @@ -defmodule FzHttpWeb.RuleView do - use FzHttpWeb, :view -end diff --git a/apps/web/lib/fz_http_web.ex b/apps/web/lib/web.ex similarity index 73% rename from apps/web/lib/fz_http_web.ex rename to apps/web/lib/web.ex index d2dc83785..50fb9a4ea 100644 --- a/apps/web/lib/fz_http_web.ex +++ b/apps/web/lib/web.ex @@ -1,12 +1,12 @@ -defmodule FzHttpWeb do +defmodule Web do @moduledoc """ The entrypoint for defining your web interface, such as controllers, views, channels and so on. This can be used in your application as: - use FzHttpWeb, :controller - use FzHttpWeb, :view + use Web, :controller + use Web, :view The definitions below will be executed for every view, controller, etc, so keep them short and clean, focused @@ -19,13 +19,13 @@ defmodule FzHttpWeb do def controller do quote do - use Phoenix.Controller, namespace: FzHttpWeb + use Phoenix.Controller, namespace: Web import Plug.Conn - import FzHttpWeb.Gettext + import Web.Gettext import Phoenix.LiveView.Controller - import FzHttpWeb.ControllerHelpers - import FzHttpWeb.DocHelpers + import Web.ControllerHelpers + import Web.DocHelpers unquote(verified_routes()) end @@ -34,8 +34,8 @@ defmodule FzHttpWeb do def view do quote do use Phoenix.View, - root: "lib/fz_http_web/templates", - namespace: FzHttpWeb + root: "lib/web/templates", + namespace: Web # Import convenience functions from controllers import Phoenix.Controller, only: [view_module: 1] @@ -46,10 +46,10 @@ defmodule FzHttpWeb do # Use all LiveView functionality use Phoenix.Component, global_prefixes: ~w(x-) - import FzHttpWeb.ErrorHelpers - import FzHttpWeb.AuthorizationHelpers - import FzHttpWeb.Gettext - import FzHttpWeb.LiveHelpers + import Web.ErrorHelpers + import Web.AuthorizationHelpers + import Web.Gettext + import Web.LiveHelpers unquote(verified_routes()) end @@ -57,8 +57,8 @@ defmodule FzHttpWeb do def live_view do quote do - use Phoenix.LiveView, layout: {FzHttpWeb.LayoutView, :live} - import FzHttpWeb.LiveHelpers + use Phoenix.LiveView, layout: {Web.LayoutView, :live} + import Web.LiveHelpers alias Phoenix.LiveView.JS @@ -69,7 +69,7 @@ defmodule FzHttpWeb do def live_view_without_layout do quote do use Phoenix.LiveView - import FzHttpWeb.LiveHelpers + import Web.LiveHelpers alias Phoenix.LiveView.JS @@ -82,7 +82,7 @@ defmodule FzHttpWeb do import Phoenix.LiveView use Phoenix.LiveComponent use Phoenix.Component, global_prefixes: ~w(x-) - import FzHttpWeb.LiveHelpers + import Web.LiveHelpers unquote(view_helpers()) end @@ -100,7 +100,7 @@ defmodule FzHttpWeb do def channel do quote do use Phoenix.Channel - import FzHttpWeb.Gettext + import Web.Gettext end end @@ -122,10 +122,10 @@ defmodule FzHttpWeb do import Phoenix.View # Authorization Helpers - import FzHttpWeb.AuthorizationHelpers + import Web.AuthorizationHelpers - import FzHttpWeb.ErrorHelpers - import FzHttpWeb.Gettext + import Web.ErrorHelpers + import Web.Gettext unquote(verified_routes()) end @@ -136,9 +136,9 @@ defmodule FzHttpWeb do def verified_routes do quote do use Phoenix.VerifiedRoutes, - endpoint: FzHttpWeb.Endpoint, - router: FzHttpWeb.Router, - statics: FzHttpWeb.static_paths() + endpoint: Web.Endpoint, + router: Web.Router, + statics: Web.static_paths() end end diff --git a/apps/web/lib/web/application.ex b/apps/web/lib/web/application.ex new file mode 100644 index 000000000..fffd5445e --- /dev/null +++ b/apps/web/lib/web/application.ex @@ -0,0 +1,19 @@ +defmodule Web.Application do + use Application + + def start(_type, _args) do + Supervisor.start_link(children(), strategy: :one_for_one, name: __MODULE__.Supervisor) + end + + def config_change(changed, _new, removed) do + Web.Endpoint.config_change(changed, removed) + :ok + end + + defp children do + [ + Web.Presence, + Web.Endpoint + ] + end +end diff --git a/apps/web/lib/fz_http_web/auth/html/authentication.ex b/apps/web/lib/web/auth/html/authentication.ex similarity index 93% rename from apps/web/lib/fz_http_web/auth/html/authentication.ex rename to apps/web/lib/web/auth/html/authentication.ex index 04ed2eed3..90eef762c 100644 --- a/apps/web/lib/fz_http_web/auth/html/authentication.ex +++ b/apps/web/lib/web/auth/html/authentication.ex @@ -1,13 +1,13 @@ -defmodule FzHttpWeb.Auth.HTML.Authentication do +defmodule Web.Auth.HTML.Authentication do @moduledoc """ HTML Authentication implementation module for Guardian. """ - use Guardian, otp_app: :fz_http - use FzHttpWeb, :controller - alias FzHttp.Auth - alias FzHttp.Telemetry - alias FzHttp.Users - alias FzHttp.Users.User + use Guardian, otp_app: :web + use Web, :controller + alias Domain.Auth + alias Domain.Telemetry + alias Domain.Users + alias Domain.Users.User @guardian_token_name "guardian_default_token" diff --git a/apps/web/lib/fz_http_web/auth/html/error_handler.ex b/apps/web/lib/web/auth/html/error_handler.ex similarity index 82% rename from apps/web/lib/fz_http_web/auth/html/error_handler.ex rename to apps/web/lib/web/auth/html/error_handler.ex index 361d870ca..8528e14db 100644 --- a/apps/web/lib/fz_http_web/auth/html/error_handler.ex +++ b/apps/web/lib/web/auth/html/error_handler.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.Auth.HTML.ErrorHandler do +defmodule Web.Auth.HTML.ErrorHandler do @moduledoc """ HTML Error Handler module implementation for Guardian. """ - use FzHttpWeb, :controller - alias FzHttpWeb.Auth.HTML.Authentication - import FzHttpWeb.ControllerHelpers, only: [root_path_for_user: 1] + use Web, :controller + alias Web.Auth.HTML.Authentication + import Web.ControllerHelpers, only: [root_path_for_user: 1] require Logger @behaviour Guardian.Plug.ErrorHandler diff --git a/apps/web/lib/fz_http_web/auth/html/pipeline.ex b/apps/web/lib/web/auth/html/pipeline.ex similarity index 62% rename from apps/web/lib/fz_http_web/auth/html/pipeline.ex rename to apps/web/lib/web/auth/html/pipeline.ex index 1704d5324..a405d5e6d 100644 --- a/apps/web/lib/fz_http_web/auth/html/pipeline.ex +++ b/apps/web/lib/web/auth/html/pipeline.ex @@ -1,12 +1,12 @@ -defmodule FzHttpWeb.Auth.HTML.Pipeline do +defmodule Web.Auth.HTML.Pipeline do @moduledoc """ HTML Plug implementation module for Guardian. """ use Guardian.Plug.Pipeline, - otp_app: :fz_http, - error_handler: FzHttpWeb.Auth.HTML.ErrorHandler, - module: FzHttpWeb.Auth.HTML.Authentication + otp_app: :web, + error_handler: Web.Auth.HTML.ErrorHandler, + module: Web.Auth.HTML.Authentication @claims %{"typ" => "access"} diff --git a/apps/web/lib/fz_http_web/auth/json/authentication.ex b/apps/web/lib/web/auth/json/authentication.ex similarity index 90% rename from apps/web/lib/fz_http_web/auth/json/authentication.ex rename to apps/web/lib/web/auth/json/authentication.ex index 705bd7b81..f521fce88 100644 --- a/apps/web/lib/fz_http_web/auth/json/authentication.ex +++ b/apps/web/lib/web/auth/json/authentication.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.Auth.JSON.Authentication do +defmodule Web.Auth.JSON.Authentication do @moduledoc """ API Authentication implementation module for Guardian. """ - use Guardian, otp_app: :fz_http + use Guardian, otp_app: :web - alias FzHttp.{ + alias Domain.{ Auth, ApiTokens.ApiToken, ApiTokens diff --git a/apps/web/lib/fz_http_web/auth/json/error_handler.ex b/apps/web/lib/web/auth/json/error_handler.ex similarity index 85% rename from apps/web/lib/fz_http_web/auth/json/error_handler.ex rename to apps/web/lib/web/auth/json/error_handler.ex index 03acb00e2..250f45e42 100644 --- a/apps/web/lib/fz_http_web/auth/json/error_handler.ex +++ b/apps/web/lib/web/auth/json/error_handler.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.Auth.JSON.ErrorHandler do +defmodule Web.Auth.JSON.ErrorHandler do @moduledoc """ API Error Handler module implementation for Guardian. """ - use FzHttpWeb, :controller + use Web, :controller require Logger @behaviour Guardian.Plug.ErrorHandler diff --git a/apps/web/lib/fz_http_web/auth/json/pipeline.ex b/apps/web/lib/web/auth/json/pipeline.ex similarity index 62% rename from apps/web/lib/fz_http_web/auth/json/pipeline.ex rename to apps/web/lib/web/auth/json/pipeline.ex index 16d858a38..e2c1d43e6 100644 --- a/apps/web/lib/fz_http_web/auth/json/pipeline.ex +++ b/apps/web/lib/web/auth/json/pipeline.ex @@ -1,12 +1,12 @@ -defmodule FzHttpWeb.Auth.JSON.Pipeline do +defmodule Web.Auth.JSON.Pipeline do @moduledoc """ API Plug implementation module for Guardian. """ use Guardian.Plug.Pipeline, - otp_app: :fz_http, - error_handler: FzHttpWeb.Auth.JSON.ErrorHandler, - module: FzHttpWeb.Auth.JSON.Authentication + otp_app: :web, + error_handler: Web.Auth.JSON.ErrorHandler, + module: Web.Auth.JSON.Authentication # 90 days @max_age 60 * 60 * 24 * 90 diff --git a/apps/web/lib/fz_http_web/authorization_helpers.ex b/apps/web/lib/web/authorization_helpers.ex similarity index 74% rename from apps/web/lib/fz_http_web/authorization_helpers.ex rename to apps/web/lib/web/authorization_helpers.ex index 25131821f..41f79869c 100644 --- a/apps/web/lib/fz_http_web/authorization_helpers.ex +++ b/apps/web/lib/web/authorization_helpers.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.AuthorizationHelpers do +defmodule Web.AuthorizationHelpers do @moduledoc """ Authorization-related helpers """ - use FzHttpWeb, :helper + use Web, :helper import Phoenix.LiveView def not_authorized(socket) do diff --git a/apps/web/lib/fz_http_web/channels/notification_channel.ex b/apps/web/lib/web/channels/notification_channel.ex similarity index 86% rename from apps/web/lib/fz_http_web/channels/notification_channel.ex rename to apps/web/lib/web/channels/notification_channel.ex index 88a46e9f6..2b9e440ed 100644 --- a/apps/web/lib/fz_http_web/channels/notification_channel.ex +++ b/apps/web/lib/web/channels/notification_channel.ex @@ -1,14 +1,14 @@ -defmodule FzHttpWeb.NotificationChannel do +defmodule Web.NotificationChannel do @moduledoc """ Handles dispatching realtime notifications to users' browser sessions. """ - use FzHttpWeb, :channel - alias FzHttp.Users - alias FzHttpWeb.Presence + use Web, :channel + alias Domain.Users + alias Web.Presence @impl Phoenix.Channel def join("notification:session", _attrs, socket) do - socket = FzHttpWeb.Sandbox.allow_channel_sql_sandbox(socket) + socket = Web.Sandbox.allow_channel_sql_sandbox(socket) with {:ok, user} <- Users.fetch_user_by_id(socket.assigns.current_user_id) do socket = assign(socket, :current_user, user) diff --git a/apps/web/lib/fz_http_web/controller_helpers.ex b/apps/web/lib/web/controller_helpers.ex similarity index 74% rename from apps/web/lib/fz_http_web/controller_helpers.ex rename to apps/web/lib/web/controller_helpers.ex index 348dd9778..4ccda7508 100644 --- a/apps/web/lib/fz_http_web/controller_helpers.ex +++ b/apps/web/lib/web/controller_helpers.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.ControllerHelpers do +defmodule Web.ControllerHelpers do @moduledoc """ Useful helpers for controllers """ - use FzHttpWeb, :helper + use Web, :helper - alias FzHttp.Users.User + alias Domain.Users.User def root_path_for_user(nil) do ~p"/" diff --git a/apps/web/lib/fz_http_web/controllers/auth_controller.ex b/apps/web/lib/web/controllers/auth_controller.ex similarity index 93% rename from apps/web/lib/fz_http_web/controllers/auth_controller.ex rename to apps/web/lib/web/controllers/auth_controller.ex index d753794a0..806f18c4f 100644 --- a/apps/web/lib/fz_http_web/controllers/auth_controller.ex +++ b/apps/web/lib/web/controllers/auth_controller.ex @@ -1,14 +1,14 @@ -defmodule FzHttpWeb.AuthController do +defmodule Web.AuthController do @moduledoc """ Implements the CRUD for a Session """ - use FzHttpWeb, :controller - alias FzHttp.Users - alias FzHttp.Auth - alias FzHttpWeb.Auth.HTML.Authentication - alias FzHttpWeb.OAuth.PKCE - alias FzHttpWeb.OIDC.State - alias FzHttpWeb.UserFromAuth + use Web, :controller + alias Domain.Users + alias Domain.Auth + alias Web.Auth.HTML.Authentication + alias Web.OAuth.PKCE + alias Web.OIDC.State + alias Web.UserFromAuth require Logger # Uncomment when Helpers.callback_url/1 is fixed @@ -72,7 +72,7 @@ defmodule FzHttpWeb.AuthController do # only first-time connect will include refresh token # XXX: Remove this when SCIM 2.0 is implemented with %{"refresh_token" => refresh_token} <- tokens do - FzHttp.Auth.OIDC.create_connection(user.id, provider_id, refresh_token) + Domain.Auth.OIDC.create_connection(user.id, provider_id, refresh_token) end conn @@ -133,8 +133,8 @@ defmodule FzHttpWeb.AuthController do def magic_link(conn, %{"email" => email}) do with {:ok, user} <- Users.fetch_user_by_email(email), {:ok, user} <- Users.request_sign_in_token(user) do - FzHttpWeb.Mailer.AuthEmail.magic_link(user) - |> FzHttpWeb.Mailer.deliver!() + Web.Mailer.AuthEmail.magic_link(user) + |> Web.Mailer.deliver!() conn |> put_flash(:info, "Please check your inbox for the magic link.") diff --git a/apps/web/lib/fz_http_web/controllers/browser_controller.ex b/apps/web/lib/web/controllers/browser_controller.ex similarity index 53% rename from apps/web/lib/fz_http_web/controllers/browser_controller.ex rename to apps/web/lib/web/controllers/browser_controller.ex index cccf6aefa..1b35903c7 100644 --- a/apps/web/lib/fz_http_web/controllers/browser_controller.ex +++ b/apps/web/lib/web/controllers/browser_controller.ex @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.BrowserController do - use FzHttpWeb, :controller +defmodule Web.BrowserController do + use Web, :controller def config(conn, _params) do render(conn, "browserconfig.xml") diff --git a/apps/web/lib/fz_http_web/controllers/debug_controller.ex b/apps/web/lib/web/controllers/debug_controller.ex similarity index 90% rename from apps/web/lib/fz_http_web/controllers/debug_controller.ex rename to apps/web/lib/web/controllers/debug_controller.ex index 78691c20e..7715dee0a 100644 --- a/apps/web/lib/fz_http_web/controllers/debug_controller.ex +++ b/apps/web/lib/web/controllers/debug_controller.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.DebugController do +defmodule Web.DebugController do @moduledoc """ Dev only: /dev/session /dev/samly """ - use FzHttpWeb, :controller + use Web, :controller def samly(conn, _params) do resp = """ diff --git a/apps/web/lib/fz_http_web/controllers/json/configuration_controller.ex b/apps/web/lib/web/controllers/json/configuration_controller.ex similarity index 82% rename from apps/web/lib/fz_http_web/controllers/json/configuration_controller.ex rename to apps/web/lib/web/controllers/json/configuration_controller.ex index d22b15255..d8f2005f0 100644 --- a/apps/web/lib/fz_http_web/controllers/json/configuration_controller.ex +++ b/apps/web/lib/web/controllers/json/configuration_controller.ex @@ -1,15 +1,15 @@ -defmodule FzHttpWeb.JSON.ConfigurationController do +defmodule Web.JSON.ConfigurationController do @moduledoc api_doc: [title: "Configurations", group: "Configuration"] @moduledoc """ This endpoint allows an administrator to manage Configurations. Updates here can be applied at runtime with little to no downtime of affected services. """ - use FzHttpWeb, :controller - alias FzHttp.Config - alias FzHttpWeb.Auth.JSON.Authentication + use Web, :controller + alias Domain.Config + alias Web.Auth.JSON.Authentication - action_fallback(FzHttpWeb.JSON.FallbackController) + action_fallback(Web.JSON.FallbackController) @doc api_doc: [summary: "Get Configuration"] def show(conn, _params) do diff --git a/apps/web/lib/fz_http_web/controllers/json/device_controller.ex b/apps/web/lib/web/controllers/json/device_controller.ex similarity index 91% rename from apps/web/lib/fz_http_web/controllers/json/device_controller.ex rename to apps/web/lib/web/controllers/json/device_controller.ex index 283693ff9..5ef8eae65 100644 --- a/apps/web/lib/fz_http_web/controllers/json/device_controller.ex +++ b/apps/web/lib/web/controllers/json/device_controller.ex @@ -1,13 +1,13 @@ -defmodule FzHttpWeb.JSON.DeviceController do +defmodule Web.JSON.DeviceController do @moduledoc api_doc: [title: "Devices", group: "Devices"] @moduledoc """ This endpoint allows an administrator to manage Devices. """ - use FzHttpWeb, :controller - alias FzHttp.{Users, Devices} - alias FzHttpWeb.Auth.JSON.Authentication + use Web, :controller + alias Domain.{Users, Devices} + alias Web.Auth.JSON.Authentication - action_fallback(FzHttpWeb.JSON.FallbackController) + action_fallback(Web.JSON.FallbackController) @doc api_doc: [summary: "List all Devices"] def index(conn, _attrs) do diff --git a/apps/web/lib/fz_http_web/controllers/json/fallback_controller.ex b/apps/web/lib/web/controllers/json/fallback_controller.ex similarity index 77% rename from apps/web/lib/fz_http_web/controllers/json/fallback_controller.ex rename to apps/web/lib/web/controllers/json/fallback_controller.ex index d0691876e..0dcb9cd5a 100644 --- a/apps/web/lib/fz_http_web/controllers/json/fallback_controller.ex +++ b/apps/web/lib/web/controllers/json/fallback_controller.ex @@ -1,44 +1,44 @@ -defmodule FzHttpWeb.JSON.FallbackController do +defmodule Web.JSON.FallbackController do @moduledoc """ Translates controller action results into valid `Plug.Conn` responses. See `Phoenix.Controller.action_fallback/1` for more details. """ - use FzHttpWeb, :controller + use Web, :controller # This clause is an example of how to handle resources that cannot be found. def call(conn, {:error, :not_found}) do conn |> put_status(:not_found) - |> put_view(FzHttpWeb.ErrorView) + |> put_view(Web.ErrorView) |> render("404.json") end def call(conn, {:error, :unauthorized}) do conn |> put_status(:unauthorized) - |> put_view(FzHttpWeb.ErrorView) + |> put_view(Web.ErrorView) |> render("401.json") end def call(conn, {:error, {:unauthorized, _context}}) do conn |> put_status(:unauthorized) - |> put_view(FzHttpWeb.ErrorView) + |> put_view(Web.ErrorView) |> render("401.json") end def call(conn, {:error, :internal_server_error}) do conn |> put_status(:internal_server_error) - |> put_view(FzHttpWeb.ErrorView) + |> put_view(Web.ErrorView) |> render("500.json") end def call(conn, {:error, %Ecto.Changeset{valid?: false} = changeset}) do conn |> put_status(422) - |> put_view(FzHttpWeb.JSON.ChangesetView) + |> put_view(Web.JSON.ChangesetView) |> render("error.json", changeset: changeset) end end diff --git a/apps/web/lib/fz_http_web/controllers/json/rule_controller.ex b/apps/web/lib/web/controllers/json/rule_controller.ex similarity index 89% rename from apps/web/lib/fz_http_web/controllers/json/rule_controller.ex rename to apps/web/lib/web/controllers/json/rule_controller.ex index 7ab65f42b..d8bdef9d3 100644 --- a/apps/web/lib/fz_http_web/controllers/json/rule_controller.ex +++ b/apps/web/lib/web/controllers/json/rule_controller.ex @@ -1,13 +1,13 @@ -defmodule FzHttpWeb.JSON.RuleController do +defmodule Web.JSON.RuleController do @moduledoc api_doc: [title: "Rules", group: "Rules"] @moduledoc """ This endpoint allows an adminisrator to manage Rules. """ - use FzHttpWeb, :controller - alias FzHttp.Rules - alias FzHttpWeb.Auth.JSON.Authentication + use Web, :controller + alias Domain.Rules + alias Web.Auth.JSON.Authentication - action_fallback(FzHttpWeb.JSON.FallbackController) + action_fallback(Web.JSON.FallbackController) @doc api_doc: [summary: "List all Rules"] def index(conn, _params) do diff --git a/apps/web/lib/fz_http_web/controllers/json/user_controller.ex b/apps/web/lib/web/controllers/json/user_controller.ex similarity index 95% rename from apps/web/lib/fz_http_web/controllers/json/user_controller.ex rename to apps/web/lib/web/controllers/json/user_controller.ex index 382be16e8..6bf48dceb 100644 --- a/apps/web/lib/fz_http_web/controllers/json/user_controller.ex +++ b/apps/web/lib/web/controllers/json/user_controller.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.JSON.UserController do +defmodule Web.JSON.UserController do @moduledoc api_doc: [title: "Users", sidebar_position: 2, toc_max_heading_level: 4] @moduledoc """ This endpoint allows an administrator to manage Users. @@ -17,11 +17,11 @@ defmodule FzHttpWeb.JSON.UserController do Even though API returns `disabled_at` attribute, currently, it's not possible to disable users via API, since this field is only for internal use by automatic user disabling mechanism on OIDC/SAML errors. """ - use FzHttpWeb, :controller - alias FzHttp.Users - alias FzHttpWeb.Auth.JSON.Authentication + use Web, :controller + alias Domain.Users + alias Web.Auth.JSON.Authentication - action_fallback(FzHttpWeb.JSON.FallbackController) + action_fallback(Web.JSON.FallbackController) @doc api_doc: [action: "List all Users"] def index(conn, _attrs) do diff --git a/apps/web/lib/fz_http_web/controllers/root_controller.ex b/apps/web/lib/web/controllers/root_controller.ex similarity index 84% rename from apps/web/lib/fz_http_web/controllers/root_controller.ex rename to apps/web/lib/web/controllers/root_controller.ex index 41f40758e..735f26d48 100644 --- a/apps/web/lib/fz_http_web/controllers/root_controller.ex +++ b/apps/web/lib/web/controllers/root_controller.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.RootController do +defmodule Web.RootController do @moduledoc """ Firezone landing page -- show auth methods. """ - use FzHttpWeb, :controller + use Web, :controller def index(conn, _params) do %{ @@ -10,7 +10,7 @@ defmodule FzHttpWeb.RootController do openid_connect_providers: {_, openid_connect_providers}, saml_identity_providers: {_, saml_identity_providers} } = - FzHttp.Config.fetch_source_and_configs!([ + Domain.Config.fetch_source_and_configs!([ :local_auth_enabled, :openid_connect_providers, :saml_identity_providers diff --git a/apps/web/lib/fz_http_web/controllers/user_controller.ex b/apps/web/lib/web/controllers/user_controller.ex similarity index 73% rename from apps/web/lib/fz_http_web/controllers/user_controller.ex rename to apps/web/lib/web/controllers/user_controller.ex index fda10d66e..28fc739b7 100644 --- a/apps/web/lib/fz_http_web/controllers/user_controller.ex +++ b/apps/web/lib/web/controllers/user_controller.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.UserController do +defmodule Web.UserController do @moduledoc """ Implements synchronous User requests. """ - use FzHttpWeb, :controller - alias FzHttp.Users - alias FzHttpWeb.Auth.HTML.Authentication + use Web, :controller + alias Domain.Users + alias Web.Auth.HTML.Authentication require Logger def delete(conn, _params) do @@ -12,13 +12,13 @@ defmodule FzHttpWeb.UserController do case Users.delete_user(user, subject) do {:ok, _user} -> - FzHttpWeb.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) + Web.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) Authentication.sign_out(conn) {:error, :cant_delete_the_last_admin} -> conn |> put_status(:unprocessable_entity) - |> put_view(FzHttpWeb.ErrorView) + |> put_view(Web.ErrorView) |> render("422.json", reason: "Can't delete the last admin user.") {:error, %Ecto.Changeset{errors: [id: {"is stale", _}]}} -> @@ -35,7 +35,7 @@ defmodule FzHttpWeb.UserController do defp not_found(conn) do conn |> put_status(:not_found) - |> put_view(FzHttpWeb.ErrorView) + |> put_view(Web.ErrorView) |> render("404.json") end end diff --git a/apps/web/lib/fz_http_web/doc_helpers.ex b/apps/web/lib/web/doc_helpers.ex similarity index 93% rename from apps/web/lib/fz_http_web/doc_helpers.ex rename to apps/web/lib/web/doc_helpers.ex index a959c9c17..3aeef3c57 100644 --- a/apps/web/lib/fz_http_web/doc_helpers.ex +++ b/apps/web/lib/web/doc_helpers.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.DocHelpers do +defmodule Web.DocHelpers do def group(name, children) do {:group, {name, children}} end diff --git a/apps/web/lib/fz_http_web/endpoint.ex b/apps/web/lib/web/endpoint.ex similarity index 79% rename from apps/web/lib/fz_http_web/endpoint.ex rename to apps/web/lib/web/endpoint.ex index 4ac85878e..0edfc8bfd 100644 --- a/apps/web/lib/fz_http_web/endpoint.ex +++ b/apps/web/lib/web/endpoint.ex @@ -1,16 +1,16 @@ -defmodule FzHttpWeb.Endpoint do - use Phoenix.Endpoint, otp_app: :fz_http - alias FzHttpWeb.ProxyHeaders - alias FzHttpWeb.HeaderHelpers - alias FzHttpWeb.Session +defmodule Web.Endpoint do + use Phoenix.Endpoint, otp_app: :web + alias Web.ProxyHeaders + alias Web.HeaderHelpers + alias Web.Session - plug FzHttpWeb.Plug.PathPrefix + plug Web.Plug.PathPrefix - if Application.compile_env(:fz_http, :sql_sandbox) do + if Application.compile_env(:web, :sql_sandbox) do plug Phoenix.Ecto.SQL.Sandbox end - socket "/socket", FzHttpWeb.UserSocket, + socket "/socket", Web.UserSocket, websocket: [ connect_info: [:user_agent, :peer_data, :x_headers, :uri], # XXX: channel token should prevent CSWH but double check @@ -38,9 +38,9 @@ defmodule FzHttpWeb.Endpoint do # when deploying your static files in production. plug Plug.Static, at: "/", - from: :fz_http, + from: :web, gzip: false, - only: FzHttpWeb.static_paths() + only: Web.static_paths() # Code reloading can be explicitly enabled under the # :code_reloader configuration of your endpoint. @@ -56,7 +56,7 @@ defmodule FzHttpWeb.Endpoint do plug Phoenix.LiveReloader plug Phoenix.CodeReloader - plug Phoenix.Ecto.CheckRepoStatus, otp_app: :fz_http + plug Phoenix.Ecto.CheckRepoStatus, otp_app: :domain end plug Plug.RequestId @@ -75,7 +75,7 @@ defmodule FzHttpWeb.Endpoint do plug ProxyHeaders end - plug FzHttpWeb.Router + plug Web.Router defp session(conn, _opts) do Plug.Session.call(conn, Plug.Session.init(Session.options())) diff --git a/apps/web/lib/fz_http_web/error_helpers.ex b/apps/web/lib/web/error_helpers.ex similarity index 92% rename from apps/web/lib/fz_http_web/error_helpers.ex rename to apps/web/lib/web/error_helpers.ex index c6391e719..a20466198 100644 --- a/apps/web/lib/fz_http_web/error_helpers.ex +++ b/apps/web/lib/web/error_helpers.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.ErrorHelpers do +defmodule Web.ErrorHelpers do @moduledoc """ Conveniences for translating and building error messages. """ @@ -72,9 +72,9 @@ defmodule FzHttpWeb.ErrorHelpers do # should be written to the errors.po file. The :count option is # set by Ecto and indicates we should also apply plural rules. if count = opts[:count] do - Gettext.dngettext(FzHttpWeb.Gettext, "errors", msg, msg, count, opts) + Gettext.dngettext(Web.Gettext, "errors", msg, msg, count, opts) else - Gettext.dgettext(FzHttpWeb.Gettext, "errors", msg, opts) + Gettext.dgettext(Web.Gettext, "errors", msg, opts) end end end diff --git a/apps/web/lib/fz_http_web/gettext.ex b/apps/web/lib/web/gettext.ex similarity index 86% rename from apps/web/lib/fz_http_web/gettext.ex rename to apps/web/lib/web/gettext.ex index 182633423..6c93d0608 100644 --- a/apps/web/lib/fz_http_web/gettext.ex +++ b/apps/web/lib/web/gettext.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.Gettext do +defmodule Web.Gettext do @moduledoc """ A module providing Internationalization with a gettext-based API. By using [Gettext](https://hexdocs.pm/gettext), your module gains a set of macros for translations, for example: - import FzHttpWeb.Gettext + import Web.Gettext # Simple translation gettext("Here is the string to translate") @@ -20,5 +20,5 @@ defmodule FzHttpWeb.Gettext do See the [Gettext Docs](https://hexdocs.pm/gettext) for detailed usage. """ - use Gettext, otp_app: :fz_http + use Gettext, otp_app: :web end diff --git a/apps/web/lib/fz_http_web/header_helpers.ex b/apps/web/lib/web/header_helpers.ex similarity index 73% rename from apps/web/lib/fz_http_web/header_helpers.ex rename to apps/web/lib/web/header_helpers.ex index 3848a0643..99609fca0 100644 --- a/apps/web/lib/fz_http_web/header_helpers.ex +++ b/apps/web/lib/web/header_helpers.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.HeaderHelpers do +defmodule Web.HeaderHelpers do @moduledoc """ Helper functionalities with regards to headers """ @@ -6,12 +6,12 @@ defmodule FzHttpWeb.HeaderHelpers do @remote_ip_headers ["x-forwarded-for"] def external_trusted_proxies do - FzHttp.Config.fetch_env!(:fz_http, :external_trusted_proxies) + Domain.Config.fetch_env!(:web, :external_trusted_proxies) |> Enum.map(&to_string/1) end def clients do - FzHttp.Config.fetch_env!(:fz_http, :private_clients) + Domain.Config.fetch_env!(:web, :private_clients) |> Enum.map(&to_string/1) end diff --git a/apps/web/lib/fz_http_web/live/connectivity_check_live/index.html.heex b/apps/web/lib/web/live/connectivity_check_live/index.html.heex similarity index 91% rename from apps/web/lib/fz_http_web/live/connectivity_check_live/index.html.heex rename to apps/web/lib/web/live/connectivity_check_live/index.html.heex index 504e4472f..7d7a9d337 100644 --- a/apps/web/lib/fz_http_web/live/connectivity_check_live/index.html.heex +++ b/apps/web/lib/web/live/connectivity_check_live/index.html.heex @@ -1,10 +1,10 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
diff --git a/apps/web/lib/fz_http_web/live/connectivity_check_live/index_live.ex b/apps/web/lib/web/live/connectivity_check_live/index_live.ex similarity index 86% rename from apps/web/lib/fz_http_web/live/connectivity_check_live/index_live.ex rename to apps/web/lib/web/live/connectivity_check_live/index_live.ex index d2a3f405b..64f7bcae3 100644 --- a/apps/web/lib/fz_http_web/live/connectivity_check_live/index_live.ex +++ b/apps/web/lib/web/live/connectivity_check_live/index_live.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.ConnectivityCheckLive.Index do +defmodule Web.ConnectivityCheckLive.Index do @moduledoc """ Manages the connectivity_checks view. """ - use FzHttpWeb, :live_view + use Web, :live_view - alias FzHttp.ConnectivityChecks + alias Domain.ConnectivityChecks @page_title "WAN Connectivity Checks" @page_subtitle """ diff --git a/apps/web/lib/fz_http_web/live/device_live/admin/index.html.heex b/apps/web/lib/web/live/device_live/admin/index.html.heex similarity index 69% rename from apps/web/lib/fz_http_web/live/device_live/admin/index.html.heex rename to apps/web/lib/web/live/device_live/admin/index.html.heex index 66827e4c2..312b8768c 100644 --- a/apps/web/lib/fz_http_web/live/device_live/admin/index.html.heex +++ b/apps/web/lib/web/live/device_live/admin/index.html.heex @@ -1,13 +1,13 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
- <%= render(FzHttpWeb.SharedView, "devices_table.html", + <%= render(Web.SharedView, "devices_table.html", devices: @devices, show_user: true, socket: @socket diff --git a/apps/web/lib/fz_http_web/live/device_live/admin/index_live.ex b/apps/web/lib/web/live/device_live/admin/index_live.ex similarity index 88% rename from apps/web/lib/fz_http_web/live/device_live/admin/index_live.ex rename to apps/web/lib/web/live/device_live/admin/index_live.ex index 928c863e0..695bab35e 100644 --- a/apps/web/lib/fz_http_web/live/device_live/admin/index_live.ex +++ b/apps/web/lib/web/live/device_live/admin/index_live.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.DeviceLive.Admin.Index do +defmodule Web.DeviceLive.Admin.Index do @moduledoc """ Handles Device LiveViews. """ - use FzHttpWeb, :live_view - alias FzHttp.{Devices, Repo} + use Web, :live_view + alias Domain.{Devices, Repo} @page_title "All Devices" @page_subtitle """ diff --git a/apps/web/lib/web/live/device_live/admin/show.html.heex b/apps/web/lib/web/live/device_live/admin/show.html.heex new file mode 100644 index 000000000..bac77952e --- /dev/null +++ b/apps/web/lib/web/live/device_live/admin/show.html.heex @@ -0,0 +1,2 @@ +<%= render(Web.SharedView, "heading.html", page_title: "Devices |> #{@page_title}") %> +<%= render(Web.SharedView, "show_device.html", assigns) %> diff --git a/apps/web/lib/fz_http_web/live/device_live/admin/show_live.ex b/apps/web/lib/web/live/device_live/admin/show_live.ex similarity index 86% rename from apps/web/lib/fz_http_web/live/device_live/admin/show_live.ex rename to apps/web/lib/web/live/device_live/admin/show_live.ex index 3efcd8fe6..2d386b907 100644 --- a/apps/web/lib/fz_http_web/live/device_live/admin/show_live.ex +++ b/apps/web/lib/web/live/device_live/admin/show_live.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.DeviceLive.Admin.Show do +defmodule Web.DeviceLive.Admin.Show do @moduledoc """ Shows a device for an admin user. """ - use FzHttpWeb, :live_view - alias FzHttp.{Devices, Users} + use Web, :live_view + alias Domain.{Devices, Users} @impl Phoenix.LiveView def mount(%{"id" => device_id} = _params, _session, socket) do @@ -50,10 +50,10 @@ defmodule FzHttpWeb.DeviceLive.Admin.Show do allowed_ips: Devices.get_allowed_ips(device, defaults), dns: Devices.get_dns(device, defaults), endpoint: Devices.get_endpoint(device, defaults), - port: FzHttp.Config.fetch_env!(:fz_vpn, :wireguard_port), + port: Domain.Config.fetch_env!(:domain, :wireguard_port), mtu: Devices.get_mtu(device, defaults), persistent_keepalive: Devices.get_persistent_keepalive(device, defaults), - config: FzHttpWeb.WireguardConfigView.render("device.conf", %{device: device}) + config: Web.WireguardConfigView.render("device.conf", %{device: device}) ] end end diff --git a/apps/web/lib/fz_http_web/live/device_live/new_form_component.ex b/apps/web/lib/web/live/device_live/new_form_component.ex similarity index 87% rename from apps/web/lib/fz_http_web/live/device_live/new_form_component.ex rename to apps/web/lib/web/live/device_live/new_form_component.ex index 3c2ed655f..870f198a0 100644 --- a/apps/web/lib/fz_http_web/live/device_live/new_form_component.ex +++ b/apps/web/lib/web/live/device_live/new_form_component.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.DeviceLive.NewFormComponent do +defmodule Web.DeviceLive.NewFormComponent do @moduledoc """ Handles device form. """ - use FzHttpWeb, :live_component - alias FzHttp.Devices - alias FzHttpWeb.ErrorHelpers + use Web, :live_component + alias Domain.Devices + alias Web.ErrorHelpers @impl Phoenix.LiveComponent def mount(socket) do @@ -21,7 +21,7 @@ defmodule FzHttpWeb.DeviceLive.NewFormComponent do changeset = Devices.new_device() config = - FzHttp.Config.fetch_source_and_configs!(~w( + Domain.Config.fetch_source_and_configs!(~w( default_client_mtu default_client_endpoint default_client_persistent_keepalive @@ -68,10 +68,9 @@ defmodule FzHttpWeb.DeviceLive.NewFormComponent do |> create_device(socket) |> case do {:ok, device} -> - send_update(FzHttpWeb.ModalComponent, id: :modal, hide_footer_content: true) + send_update(Web.ModalComponent, id: :modal, hide_footer_content: true) - device_config = - FzHttpWeb.WireguardConfigView.render("base64_device.conf", %{device: device}) + device_config = Web.WireguardConfigView.render("base64_device.conf", %{device: device}) socket = socket diff --git a/apps/web/lib/fz_http_web/live/device_live/new_form_component.html.heex b/apps/web/lib/web/live/device_live/new_form_component.html.heex similarity index 99% rename from apps/web/lib/fz_http_web/live/device_live/new_form_component.html.heex rename to apps/web/lib/web/live/device_live/new_form_component.html.heex index 6a8a0d181..3fd98d882 100644 --- a/apps/web/lib/fz_http_web/live/device_live/new_form_component.html.heex +++ b/apps/web/lib/web/live/device_live/new_form_component.html.heex @@ -93,7 +93,7 @@

- <%= if FzHttp.Devices.authorize_device_configuration(@subject) == :ok do %> + <%= if Domain.Devices.authorize_device_configuration(@subject) == :ok do %>
<%= label(f, :use_default_allowed_ips, "Use Default Allowed IPs", class: "label") %>
diff --git a/apps/web/lib/fz_http_web/live/device_live/unprivileged/index.html.heex b/apps/web/lib/web/live/device_live/unprivileged/index.html.heex similarity index 95% rename from apps/web/lib/fz_http_web/live/device_live/unprivileged/index.html.heex rename to apps/web/lib/web/live/device_live/unprivileged/index.html.heex index 7653cf9ce..5a3d5326f 100644 --- a/apps/web/lib/fz_http_web/live/device_live/unprivileged/index.html.heex +++ b/apps/web/lib/web/live/device_live/unprivileged/index.html.heex @@ -1,6 +1,6 @@ <%= if @live_action == :new do %> <%= live_modal( - FzHttpWeb.DeviceLive.NewFormComponent, + Web.DeviceLive.NewFormComponent, return_to: ~p"/user_devices", title: "Add Device", current_user: @current_user, @@ -13,7 +13,7 @@ <% end %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>

<%= @page_title %>

@@ -70,7 +70,7 @@ <% end %>
- <%= if FzHttp.Devices.authorize_user_device_management(@current_user.id, @subject) == :ok do %> + <%= if Domain.Devices.authorize_user_device_management(@current_user.id, @subject) == :ok do %>
<.link replace={true} patch={~p"/user_devices/new"} class="button"> Add Device diff --git a/apps/web/lib/fz_http_web/live/device_live/unprivileged/index_live.ex b/apps/web/lib/web/live/device_live/unprivileged/index_live.ex similarity index 92% rename from apps/web/lib/fz_http_web/live/device_live/unprivileged/index_live.ex rename to apps/web/lib/web/live/device_live/unprivileged/index_live.ex index 7b15a290e..6bf2b45a5 100644 --- a/apps/web/lib/fz_http_web/live/device_live/unprivileged/index_live.ex +++ b/apps/web/lib/web/live/device_live/unprivileged/index_live.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.DeviceLive.Unprivileged.Index do +defmodule Web.DeviceLive.Unprivileged.Index do @moduledoc """ Handles Device LiveViews. """ - use FzHttpWeb, :live_view - alias FzHttp.Devices + use Web, :live_view + alias Domain.Devices @page_title "Your Devices" @page_subtitle """ diff --git a/apps/web/lib/fz_http_web/live/device_live/unprivileged/show.html.heex b/apps/web/lib/web/live/device_live/unprivileged/show.html.heex similarity index 61% rename from apps/web/lib/fz_http_web/live/device_live/unprivileged/show.html.heex rename to apps/web/lib/web/live/device_live/unprivileged/show.html.heex index caf632d57..d219b5808 100644 --- a/apps/web/lib/fz_http_web/live/device_live/unprivileged/show.html.heex +++ b/apps/web/lib/web/live/device_live/unprivileged/show.html.heex @@ -3,4 +3,4 @@ <- Back to devices
-<%= render(FzHttpWeb.SharedView, "show_device.html", assigns) %> +<%= render(Web.SharedView, "show_device.html", assigns) %> diff --git a/apps/web/lib/fz_http_web/live/device_live/unprivileged/show_live.ex b/apps/web/lib/web/live/device_live/unprivileged/show_live.ex similarity index 83% rename from apps/web/lib/fz_http_web/live/device_live/unprivileged/show_live.ex rename to apps/web/lib/web/live/device_live/unprivileged/show_live.ex index ff30459fb..cc832fab5 100644 --- a/apps/web/lib/fz_http_web/live/device_live/unprivileged/show_live.ex +++ b/apps/web/lib/web/live/device_live/unprivileged/show_live.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.DeviceLive.Unprivileged.Show do +defmodule Web.DeviceLive.Unprivileged.Show do @moduledoc """ Shows a device for an unprivileged user. """ - use FzHttpWeb, :live_view + use Web, :live_view - alias FzHttp.Devices - alias FzHttp.Users + alias Domain.Devices + alias Domain.Users @impl Phoenix.LiveView def mount(%{"id" => device_id} = _params, _session, socket) do @@ -44,12 +44,12 @@ defmodule FzHttpWeb.DeviceLive.Unprivileged.Show do user: Users.fetch_user_by_id!(device.user_id), page_title: device.name, allowed_ips: Devices.get_allowed_ips(device, defaults), - port: FzHttp.Config.fetch_env!(:fz_vpn, :wireguard_port), + port: Domain.Config.fetch_env!(:domain, :wireguard_port), dns: Devices.get_dns(device, defaults), endpoint: Devices.get_endpoint(device, defaults), mtu: Devices.get_mtu(device, defaults), persistent_keepalive: Devices.get_persistent_keepalive(device, defaults), - config: FzHttpWeb.WireguardConfigView.render("device.conf", %{device: device}) + config: Web.WireguardConfigView.render("device.conf", %{device: device}) ] end end diff --git a/apps/web/lib/web/live/hooks/allow_ecto_sandbox.ex b/apps/web/lib/web/live/hooks/allow_ecto_sandbox.ex new file mode 100644 index 000000000..4701bc737 --- /dev/null +++ b/apps/web/lib/web/live/hooks/allow_ecto_sandbox.ex @@ -0,0 +1,6 @@ +defmodule Web.Hooks.AllowEctoSandbox do + def on_mount(:default, _params, _session, socket) do + socket = Web.Sandbox.allow_live_ecto_sandbox(socket) + {:cont, socket} + end +end diff --git a/apps/web/lib/fz_http_web/live/hooks/live_auth.ex b/apps/web/lib/web/live/hooks/live_auth.ex similarity index 84% rename from apps/web/lib/fz_http_web/live/hooks/live_auth.ex rename to apps/web/lib/web/live/hooks/live_auth.ex index 4c89e4c7c..6559c9145 100644 --- a/apps/web/lib/fz_http_web/live/hooks/live_auth.ex +++ b/apps/web/lib/web/live/hooks/live_auth.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.LiveAuth do +defmodule Web.LiveAuth do @moduledoc """ Handles loading default assigns and authorizing. """ import Phoenix.Component - import FzHttpWeb.AuthorizationHelpers - alias FzHttpWeb.Auth.HTML.Authentication - alias FzHttp.Auth + import Web.AuthorizationHelpers + alias Web.Auth.HTML.Authentication + alias Domain.Auth require Logger def on_mount(role, _params, conn, socket) do @@ -30,7 +30,7 @@ defmodule FzHttpWeb.LiveAuth do socket.assigns.current_user && socket.assigns.current_user.role == role end - def has_role?(%FzHttp.Users.User{} = user, role) do + def has_role?(%Domain.Users.User{} = user, role) do user.role == role end diff --git a/apps/web/lib/fz_http_web/live/hooks/live_mfa.ex b/apps/web/lib/web/live/hooks/live_mfa.ex similarity index 88% rename from apps/web/lib/fz_http_web/live/hooks/live_mfa.ex rename to apps/web/lib/web/live/hooks/live_mfa.ex index 4b3e62c0c..57faf7463 100644 --- a/apps/web/lib/fz_http_web/live/hooks/live_mfa.ex +++ b/apps/web/lib/web/live/hooks/live_mfa.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.LiveMFA do +defmodule Web.LiveMFA do @moduledoc """ Guards content behind MFA """ use Phoenix.Component - use FzHttpWeb, :helper + use Web, :helper import Phoenix.LiveView - alias FzHttp.Auth.MFA + alias Domain.Auth.MFA def on_mount(_arg, _params, %{"logged_in_at" => logged_in_at}, socket) do with {:ok, mfa} <- MFA.fetch_last_used_method_by_user_id(socket.assigns.current_user.id), diff --git a/apps/web/lib/fz_http_web/live/hooks/live_nav.ex b/apps/web/lib/web/live/hooks/live_nav.ex similarity index 93% rename from apps/web/lib/fz_http_web/live/hooks/live_nav.ex rename to apps/web/lib/web/live/hooks/live_nav.ex index ef830d172..88326ba94 100644 --- a/apps/web/lib/fz_http_web/live/hooks/live_nav.ex +++ b/apps/web/lib/web/live/hooks/live_nav.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.LiveNav do +defmodule Web.LiveNav do @moduledoc """ Handles admin navigation link highlight """ diff --git a/apps/web/lib/fz_http_web/live/logo_component.ex b/apps/web/lib/web/live/logo_component.ex similarity index 84% rename from apps/web/lib/fz_http_web/live/logo_component.ex rename to apps/web/lib/web/live/logo_component.ex index 105e5dee2..3f76664b6 100644 --- a/apps/web/lib/fz_http_web/live/logo_component.ex +++ b/apps/web/lib/web/live/logo_component.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.LogoComponent do +defmodule Web.LogoComponent do @moduledoc """ Logo component displays default, url and data logo """ - use FzHttpWeb, :live_component - import FzHttpWeb.Endpoint, only: [static_path: 1] + use Web, :live_component + import Web.Endpoint, only: [static_path: 1] def render(%{url: url} = assigns) when is_binary(url) do ~H""" diff --git a/apps/web/lib/fz_http_web/live/mfa_live/auth_live.ex b/apps/web/lib/web/live/mfa_live/auth_live.ex similarity index 96% rename from apps/web/lib/fz_http_web/live/mfa_live/auth_live.ex rename to apps/web/lib/web/live/mfa_live/auth_live.ex index df3a08b33..e5085eb21 100644 --- a/apps/web/lib/fz_http_web/live/mfa_live/auth_live.ex +++ b/apps/web/lib/web/live/mfa_live/auth_live.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.MFALive.Auth do +defmodule Web.MFALive.Auth do @moduledoc """ Handles MFA LiveViews. """ - use FzHttpWeb, :live_view - import FzHttpWeb.ControllerHelpers - alias FzHttp.Auth.MFA + use Web, :live_view + import Web.ControllerHelpers + alias Domain.Auth.MFA @page_title "Multi-factor Authentication" diff --git a/apps/web/lib/fz_http_web/live/mfa_live/register_component.ex b/apps/web/lib/web/live/mfa_live/register_component.ex similarity index 94% rename from apps/web/lib/fz_http_web/live/mfa_live/register_component.ex rename to apps/web/lib/web/live/mfa_live/register_component.ex index 80b44f0bb..b1475c7ed 100644 --- a/apps/web/lib/fz_http_web/live/mfa_live/register_component.ex +++ b/apps/web/lib/web/live/mfa_live/register_component.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.MFA.RegisterComponent do +defmodule Web.MFA.RegisterComponent do @moduledoc """ MFA registration container """ - use FzHttpWeb, :live_component - alias FzHttp.Auth.MFA + use Web, :live_component + alias Domain.Auth.MFA @steps [ {:pick_type, fields: ~w[type]a}, @@ -44,7 +44,7 @@ defmodule FzHttpWeb.MFA.RegisterComponent do ~H"""
<%= live_modal( - FzHttpWeb.MFA.RegisterStepsComponent.render_step(%{ + Web.MFA.RegisterStepsComponent.render_step(%{ secret: @secret, step: @step, changeset: @changeset, diff --git a/apps/web/lib/fz_http_web/live/mfa_live/register_steps_component.ex b/apps/web/lib/web/live/mfa_live/register_steps_component.ex similarity index 97% rename from apps/web/lib/fz_http_web/live/mfa_live/register_steps_component.ex rename to apps/web/lib/web/live/mfa_live/register_steps_component.ex index 6b4eb05ed..0d950b19e 100644 --- a/apps/web/lib/fz_http_web/live/mfa_live/register_steps_component.ex +++ b/apps/web/lib/web/live/mfa_live/register_steps_component.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.MFA.RegisterStepsComponent do +defmodule Web.MFA.RegisterStepsComponent do @moduledoc """ MFA registration steps """ use Phoenix.Component - import FzHttpWeb.ErrorHelpers + import Web.ErrorHelpers def render_step(assigns) do apply(__MODULE__, assigns.step, [assigns]) diff --git a/apps/web/lib/fz_http_web/live/modal_component.ex b/apps/web/lib/web/live/modal_component.ex similarity index 90% rename from apps/web/lib/fz_http_web/live/modal_component.ex rename to apps/web/lib/web/live/modal_component.ex index bf57c94ad..5c26ca726 100644 --- a/apps/web/lib/fz_http_web/live/modal_component.ex +++ b/apps/web/lib/web/live/modal_component.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.ModalComponent do +defmodule Web.ModalComponent do @moduledoc """ Wraps a component in a modal. """ - use FzHttpWeb, :live_component + use Web, :live_component @impl Phoenix.LiveComponent def render(assigns) do @@ -33,7 +33,7 @@ defmodule FzHttpWeb.ModalComponent do
<%= if !(assigns[:hide_footer_content] || @opts[:hide_footer_content]) do %> - <%= Phoenix.View.render(FzHttpWeb.SharedView, "submit_button.html", + <%= Phoenix.View.render(Web.SharedView, "submit_button.html", button_text: @opts[:button_text], form: @opts[:form] ) %> diff --git a/apps/web/lib/fz_http_web/live/notifications_live/badge.ex b/apps/web/lib/web/live/notifications_live/badge.ex similarity index 81% rename from apps/web/lib/fz_http_web/live/notifications_live/badge.ex rename to apps/web/lib/web/live/notifications_live/badge.ex index 4765c7b63..4667e0e41 100644 --- a/apps/web/lib/fz_http_web/live/notifications_live/badge.ex +++ b/apps/web/lib/web/live/notifications_live/badge.ex @@ -1,17 +1,17 @@ -defmodule FzHttpWeb.NotificationsLive.Badge do +defmodule Web.NotificationsLive.Badge do @moduledoc """ Notifications badge that shows the status of current notifications. """ - use FzHttpWeb, :live_view_without_layout + use Web, :live_view_without_layout - alias FzHttp.Notifications + alias Domain.Notifications alias Phoenix.PubSub @topic "notifications_live" @impl Phoenix.LiveView def mount(_params, session, socket) do - PubSub.subscribe(FzHttp.PubSub, @topic) + PubSub.subscribe(Domain.PubSub, @topic) pid = session["notifications_pid"] {:ok, diff --git a/apps/web/lib/fz_http_web/live/notifications_live/badge.html.heex b/apps/web/lib/web/live/notifications_live/badge.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/live/notifications_live/badge.html.heex rename to apps/web/lib/web/live/notifications_live/badge.html.heex diff --git a/apps/web/lib/fz_http_web/live/notifications_live/index.html.heex b/apps/web/lib/web/live/notifications_live/index.html.heex similarity index 97% rename from apps/web/lib/fz_http_web/live/notifications_live/index.html.heex rename to apps/web/lib/web/live/notifications_live/index.html.heex index 1645057d0..68d00e2b8 100644 --- a/apps/web/lib/fz_http_web/live/notifications_live/index.html.heex +++ b/apps/web/lib/web/live/notifications_live/index.html.heex @@ -1,4 +1,4 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %> diff --git a/apps/web/lib/fz_http_web/live/notifications_live/index_live.ex b/apps/web/lib/web/live/notifications_live/index_live.ex similarity index 88% rename from apps/web/lib/fz_http_web/live/notifications_live/index_live.ex rename to apps/web/lib/web/live/notifications_live/index_live.ex index 0dae8ab98..8b4c2c6cc 100644 --- a/apps/web/lib/fz_http_web/live/notifications_live/index_live.ex +++ b/apps/web/lib/web/live/notifications_live/index_live.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.NotificationsLive.Index do +defmodule Web.NotificationsLive.Index do @moduledoc """ Real time notifications live view. """ - use FzHttpWeb, :live_view + use Web, :live_view - alias FzHttp.Notifications + alias Domain.Notifications alias Phoenix.PubSub require Logger @@ -15,7 +15,7 @@ defmodule FzHttpWeb.NotificationsLive.Index do @impl Phoenix.LiveView def mount(_params, session, socket) do - PubSub.subscribe(FzHttp.PubSub, @topic) + PubSub.subscribe(Domain.PubSub, @topic) pid = session["notifications_pid"] {:ok, diff --git a/apps/web/lib/fz_http_web/live/oidc_live/connections_table_component.ex b/apps/web/lib/web/live/oidc_live/connections_table_component.ex similarity index 80% rename from apps/web/lib/fz_http_web/live/oidc_live/connections_table_component.ex rename to apps/web/lib/web/live/oidc_live/connections_table_component.ex index 604fb1957..9301a24b7 100644 --- a/apps/web/lib/fz_http_web/live/oidc_live/connections_table_component.ex +++ b/apps/web/lib/web/live/oidc_live/connections_table_component.ex @@ -1,14 +1,14 @@ -defmodule FzHttpWeb.OIDCLive.ConnectionsTableComponent do +defmodule Web.OIDCLive.ConnectionsTableComponent do @moduledoc """ OIDC Connections table """ - use FzHttpWeb, :live_component - alias FzHttp.Auth.OIDC + use Web, :live_component + alias Domain.Auth.OIDC def handle_event("refresh", _payload, socket) do DynamicSupervisor.start_child( - FzHttp.RefresherSupervisor, - {FzHttp.Auth.OIDC.Refresher, {socket.assigns.user.id, 1000}} + Domain.RefresherSupervisor, + {Domain.Auth.OIDC.Refresher, {socket.assigns.user.id, 1000}} ) {:noreply, diff --git a/apps/web/lib/fz_http_web/live/oidc_live/connections_table_component.html.heex b/apps/web/lib/web/live/oidc_live/connections_table_component.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/live/oidc_live/connections_table_component.html.heex rename to apps/web/lib/web/live/oidc_live/connections_table_component.html.heex diff --git a/apps/web/lib/fz_http_web/live/rule_live/index.html.heex b/apps/web/lib/web/live/rule_live/index.html.heex similarity index 80% rename from apps/web/lib/fz_http_web/live/rule_live/index.html.heex rename to apps/web/lib/web/live/rule_live/index.html.heex index 3b234e81f..be650a188 100644 --- a/apps/web/lib/fz_http_web/live/rule_live/index.html.heex +++ b/apps/web/lib/web/live/rule_live/index.html.heex @@ -1,4 +1,4 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %> @@ -14,11 +14,11 @@

- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
<%= live_component( - FzHttpWeb.RuleLive.RuleListComponent, + Web.RuleLive.RuleListComponent, title: "Allowlist", header_icon: "mdi mdi-arrow-decision-outline", id: :allowlist, @@ -27,7 +27,7 @@
<%= live_component( - FzHttpWeb.RuleLive.RuleListComponent, + Web.RuleLive.RuleListComponent, title: "Denylist", header_icon: "mdi mdi-alert-octagon", id: :denylist, diff --git a/apps/web/lib/fz_http_web/live/rule_live/index_live.ex b/apps/web/lib/web/live/rule_live/index_live.ex similarity index 82% rename from apps/web/lib/fz_http_web/live/rule_live/index_live.ex rename to apps/web/lib/web/live/rule_live/index_live.ex index 7aad0351b..9df7f6a49 100644 --- a/apps/web/lib/fz_http_web/live/rule_live/index_live.ex +++ b/apps/web/lib/web/live/rule_live/index_live.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.RuleLive.Index do +defmodule Web.RuleLive.Index do @moduledoc """ Handles Rule LiveViews. """ - use FzHttpWeb, :live_view + use Web, :live_view @page_title "Egress Rules" @page_subtitle "Firewall rules to apply to the kernel's forward chain." diff --git a/apps/web/lib/fz_http_web/live/rule_live/rule_list_component.ex b/apps/web/lib/web/live/rule_live/rule_list_component.ex similarity index 90% rename from apps/web/lib/fz_http_web/live/rule_live/rule_list_component.ex rename to apps/web/lib/web/live/rule_live/rule_list_component.ex index 64ca0eec5..408424e88 100644 --- a/apps/web/lib/fz_http_web/live/rule_live/rule_list_component.ex +++ b/apps/web/lib/web/live/rule_live/rule_list_component.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.RuleLive.RuleListComponent do +defmodule Web.RuleLive.RuleListComponent do @moduledoc """ Manages the Allowlist view. """ - use FzHttpWeb, :live_component + use Web, :live_component - alias FzHttp.Rules - alias FzHttp.Users + alias Domain.Rules + alias Domain.Users @impl Phoenix.LiveComponent def update(assigns, socket) do @@ -16,8 +16,7 @@ defmodule FzHttpWeb.RuleLive.RuleListComponent do action: action(assigns.id), rule_list: rule_list(assigns), users: users(assigns.subject), - changeset: Rules.new_rule(), - port_rules_supported: Rules.port_rules_supported?() + changeset: Rules.new_rule() )} end diff --git a/apps/web/lib/fz_http_web/live/rule_live/rule_list_component.html.heex b/apps/web/lib/web/live/rule_live/rule_list_component.html.heex similarity index 80% rename from apps/web/lib/fz_http_web/live/rule_live/rule_list_component.html.heex rename to apps/web/lib/web/live/rule_live/rule_list_component.html.heex index d5b9e1ff1..ff3c8ecaf 100644 --- a/apps/web/lib/fz_http_web/live/rule_live/rule_list_component.html.heex +++ b/apps/web/lib/web/live/rule_live/rule_list_component.html.heex @@ -50,9 +50,7 @@ f, :port_type, port_type_options(), - prompt: "All protocols", - title: if(!@port_rules_supported, do: "Kernel 5.6.9 required for port-based rules."), - disabled: !@port_rules_supported + prompt: "All protocols" ) %>

@@ -66,7 +64,7 @@ <%= text_input(f, :port_range, class: "input #{input_error_class(f, :port_range)}", placeholder: "23000-24000", - disabled: FzHttp.Validator.empty?(@changeset, :port_type) + disabled: Domain.Validator.empty?(@changeset, :port_type) ) %>

@@ -97,11 +95,7 @@

<%= for rule <- @rule_list do %> - + <% end %> - - <%= if !@port_rules_supported && Enum.any?(@rule_list, fn rule -> rule.port_range != nil end) do %> -

- Port-based rules are only applied when Linux Kernel is 5.6.9 or greater -

- <% end %> <% end %>
<%= rule.destination %> @@ -128,13 +122,6 @@
diff --git a/apps/web/lib/fz_http_web/live/setting_live/account.html.heex b/apps/web/lib/web/live/setting_live/account.html.heex similarity index 92% rename from apps/web/lib/fz_http_web/live/setting_live/account.html.heex rename to apps/web/lib/web/live/setting_live/account.html.heex index ff735d9fc..eda8f2b31 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/account.html.heex +++ b/apps/web/lib/web/live/setting_live/account.html.heex @@ -1,6 +1,6 @@ <%= if @live_action == :edit do %> <%= live_modal( - FzHttpWeb.SettingLive.AccountFormComponent, + Web.SettingLive.AccountFormComponent, return_to: ~p"/settings/account", title: "Edit Account", id: "user-#{@current_user.id}", @@ -13,20 +13,20 @@ <%= if @live_action == :new_api_token do %> <%= live_modal( - FzHttpWeb.SettingLive.NewApiTokenComponent, + Web.SettingLive.NewApiTokenComponent, return_to: ~p"/settings/account", title: "Add API Token", id: "new_api_token", form: "api-token-form", user: @current_user, subject: @subject, - changeset: FzHttp.ApiTokens.new_api_token() + changeset: Domain.ApiTokens.new_api_token() ) %> <% end %> <%= if @live_action == :show_api_token do %> <%= live_modal( - FzHttpWeb.SettingLive.ShowApiTokenComponent, + Web.SettingLive.ShowApiTokenComponent, return_to: ~p"/settings/account", title: "API Token #{@api_token_id}", id: "show_api_token", @@ -39,7 +39,7 @@ <%= if @live_action == :register_mfa do %> <.live_component - module={FzHttpWeb.MFA.RegisterComponent} + module={Web.MFA.RegisterComponent} id="register-mfa" user={@current_user} return_to={~p"/settings/account"} @@ -47,13 +47,13 @@ /> <% end %> -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
@@ -70,7 +70,7 @@
- <%= render(FzHttpWeb.SharedView, "user_details.html", + <%= render(Web.SharedView, "user_details.html", user: @current_user, rules_path: @rules_path, subject: @subject @@ -205,7 +205,7 @@ <% end %>
- <%= if length(@api_tokens) < FzHttp.ApiTokens.ApiToken.Changeset.max_per_user() do %> + <%= if length(@api_tokens) < Domain.ApiTokens.ApiToken.Changeset.max_per_user() do %> <.link patch={~p"/settings/account/api_token"} class="button"> @@ -228,7 +228,7 @@
<%= if length(@methods) > 0 do %> - <%= render(FzHttpWeb.SharedView, "mfa_methods_table.html", methods: @methods) %> + <%= render(Web.SharedView, "mfa_methods_table.html", methods: @methods) %> <% else %>
No MFA methods added.
<% end %> diff --git a/apps/web/lib/fz_http_web/live/setting_live/account_form_component.ex b/apps/web/lib/web/live/setting_live/account_form_component.ex similarity index 85% rename from apps/web/lib/fz_http_web/live/setting_live/account_form_component.ex rename to apps/web/lib/web/live/setting_live/account_form_component.ex index 8b3f1a33a..2331f55d5 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/account_form_component.ex +++ b/apps/web/lib/web/live/setting_live/account_form_component.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.SettingLive.AccountFormComponent do +defmodule Web.SettingLive.AccountFormComponent do @moduledoc """ Handles the edit account form for admins. """ - use FzHttpWeb, :live_component + use Web, :live_component - alias FzHttp.Users + alias Domain.Users def update(assigns, socket) do changeset = Users.change_user(assigns.user) diff --git a/apps/web/lib/fz_http_web/live/setting_live/account_form_component.html.heex b/apps/web/lib/web/live/setting_live/account_form_component.html.heex similarity index 94% rename from apps/web/lib/fz_http_web/live/setting_live/account_form_component.html.heex rename to apps/web/lib/web/live/setting_live/account_form_component.html.heex index 9c0eca424..421c64048 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/account_form_component.html.heex +++ b/apps/web/lib/web/live/setting_live/account_form_component.html.heex @@ -23,7 +23,7 @@
<%= render( - FzHttpWeb.SharedView, + Web.SharedView, "password_field.html", context: f, field: :password, @@ -32,7 +32,7 @@ ) %> <%= render( - FzHttpWeb.SharedView, + Web.SharedView, "password_field.html", context: f, field: :password_confirmation, diff --git a/apps/web/lib/fz_http_web/live/setting_live/account_live.ex b/apps/web/lib/web/live/setting_live/account_live.ex similarity index 94% rename from apps/web/lib/fz_http_web/live/setting_live/account_live.ex rename to apps/web/lib/web/live/setting_live/account_live.ex index d1c072fde..f2a8f977c 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/account_live.ex +++ b/apps/web/lib/web/live/setting_live/account_live.ex @@ -1,16 +1,16 @@ -defmodule FzHttpWeb.SettingLive.Account do +defmodule Web.SettingLive.Account do @moduledoc """ Handles Account-related things for admins. """ - use FzHttpWeb, :live_view + use Web, :live_view - alias FzHttp.{ + alias Domain.{ ApiTokens, Auth.MFA, Users } - alias FzHttpWeb.{ + alias Web.{ Endpoint, Presence } @@ -115,6 +115,6 @@ defmodule FzHttpWeb.SettingLive.Account do end defp subscribe_link do - "https://www.firezone.dev/sales?utm_source=product&uid=#{FzHttp.Telemetry.id()}" + "https://www.firezone.dev/sales?utm_source=product&uid=#{Domain.Telemetry.id()}" end end diff --git a/apps/web/lib/fz_http_web/live/setting_live/client_defaults.html.heex b/apps/web/lib/web/live/setting_live/client_defaults.html.heex similarity index 66% rename from apps/web/lib/fz_http_web/live/setting_live/client_defaults.html.heex rename to apps/web/lib/web/live/setting_live/client_defaults.html.heex index c36aac793..85e1b1bb3 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/client_defaults.html.heex +++ b/apps/web/lib/web/live/setting_live/client_defaults.html.heex @@ -1,16 +1,16 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>

Client Defaults

<%= live_component( - FzHttpWeb.SettingLive.ClientDefaultsFormComponent, + Web.SettingLive.ClientDefaultsFormComponent, subject: @subject, changeset: @changeset, id: :client_defaults_form_component diff --git a/apps/web/lib/fz_http_web/live/setting_live/client_defaults_form_component.ex b/apps/web/lib/web/live/setting_live/client_defaults_form_component.ex similarity index 89% rename from apps/web/lib/fz_http_web/live/setting_live/client_defaults_form_component.ex rename to apps/web/lib/web/live/setting_live/client_defaults_form_component.ex index b4b5a6bba..20afe3127 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/client_defaults_form_component.ex +++ b/apps/web/lib/web/live/setting_live/client_defaults_form_component.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.SettingLive.ClientDefaultsFormComponent do +defmodule Web.SettingLive.ClientDefaultsFormComponent do @moduledoc """ Handles updating client defaults form. """ - use FzHttpWeb, :live_component - alias FzHttp.Config + use Web, :live_component + alias Domain.Config @configs ~w[ default_client_allowed_ips @@ -18,7 +18,7 @@ defmodule FzHttpWeb.SettingLive.ClientDefaultsFormComponent do socket = socket |> assign(assigns) - |> assign(:configs, FzHttp.Config.fetch_source_and_configs!(@configs)) + |> assign(:configs, Domain.Config.fetch_source_and_configs!(@configs)) {:ok, socket} end diff --git a/apps/web/lib/fz_http_web/live/setting_live/client_defaults_form_component.html.heex b/apps/web/lib/web/live/setting_live/client_defaults_form_component.html.heex similarity index 98% rename from apps/web/lib/fz_http_web/live/setting_live/client_defaults_form_component.html.heex rename to apps/web/lib/web/live/setting_live/client_defaults_form_component.html.heex index 3842c513f..af72ec717 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/client_defaults_form_component.html.heex +++ b/apps/web/lib/web/live/setting_live/client_defaults_form_component.html.heex @@ -147,6 +147,6 @@

- <%= Phoenix.View.render(FzHttpWeb.SharedView, "submit_button.html", []) %> + <%= Phoenix.View.render(Web.SharedView, "submit_button.html", []) %> diff --git a/apps/web/lib/fz_http_web/live/setting_live/client_defaults_live.ex b/apps/web/lib/web/live/setting_live/client_defaults_live.ex similarity index 81% rename from apps/web/lib/fz_http_web/live/setting_live/client_defaults_live.ex rename to apps/web/lib/web/live/setting_live/client_defaults_live.ex index 43b4e02bf..fa21ea6a6 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/client_defaults_live.ex +++ b/apps/web/lib/web/live/setting_live/client_defaults_live.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.SettingLive.ClientDefaults do +defmodule Web.SettingLive.ClientDefaults do @moduledoc """ Manages the defaults view. """ - use FzHttpWeb, :live_view - alias FzHttp.Config + use Web, :live_view + alias Domain.Config @page_title "Client Defaults" @page_subtitle "Configure default values for generating WireGuard client configurations." diff --git a/apps/web/lib/fz_http_web/live/setting_live/customization.html.heex b/apps/web/lib/web/live/setting_live/customization.html.heex similarity index 90% rename from apps/web/lib/fz_http_web/live/setting_live/customization.html.heex rename to apps/web/lib/web/live/setting_live/customization.html.heex index 30ceb9d80..7db316bbf 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/customization.html.heex +++ b/apps/web/lib/web/live/setting_live/customization.html.heex @@ -1,10 +1,10 @@ -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>

Logo

@@ -25,7 +25,7 @@ <%= unless has_override?(@logo_source) do %>
- <%= for type <- FzHttp.Config.Logo.__types__() do %> + <%= for type <- Domain.Config.Logo.__types__() do %>
diff --git a/apps/web/lib/fz_http_web/live/setting_live/customization_live.ex b/apps/web/lib/web/live/setting_live/customization_live.ex similarity index 91% rename from apps/web/lib/fz_http_web/live/setting_live/customization_live.ex rename to apps/web/lib/web/live/setting_live/customization_live.ex index c01e30e7e..ba435f55a 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/customization_live.ex +++ b/apps/web/lib/web/live/setting_live/customization_live.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.SettingLive.Customization do +defmodule Web.SettingLive.Customization do @moduledoc """ Manages the app customizations. """ - use FzHttpWeb, :live_view - alias FzHttp.Config + use Web, :live_view + alias Domain.Config @max_logo_size 1024 ** 2 @page_title "Customization" @@ -11,8 +11,8 @@ defmodule FzHttpWeb.SettingLive.Customization do @impl Phoenix.LiveView def mount(_params, _session, socket) do - {source, logo} = FzHttp.Config.fetch_source_and_config!(:logo) - logo_type = FzHttp.Config.Logo.type(logo) + {source, logo} = Domain.Config.fetch_source_and_config!(:logo) + logo_type = Domain.Config.Logo.type(logo) socket = socket diff --git a/apps/web/lib/fz_http_web/live/setting_live/new_api_token_component.ex b/apps/web/lib/web/live/setting_live/new_api_token_component.ex similarity index 93% rename from apps/web/lib/fz_http_web/live/setting_live/new_api_token_component.ex rename to apps/web/lib/web/live/setting_live/new_api_token_component.ex index e55410377..395467c9c 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/new_api_token_component.ex +++ b/apps/web/lib/web/live/setting_live/new_api_token_component.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.SettingLive.NewApiTokenComponent do +defmodule Web.SettingLive.NewApiTokenComponent do @moduledoc """ Live component to manage creating API Tokens """ - use FzHttpWeb, :live_component + use Web, :live_component - alias FzHttp.ApiTokens + alias Domain.ApiTokens def render(assigns) do ~H""" diff --git a/apps/web/lib/fz_http_web/live/setting_live/oidc_form_component.ex b/apps/web/lib/web/live/setting_live/oidc_form_component.ex similarity index 95% rename from apps/web/lib/fz_http_web/live/setting_live/oidc_form_component.ex rename to apps/web/lib/web/live/setting_live/oidc_form_component.ex index cb6e7cbad..f4ac6ac1c 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/oidc_form_component.ex +++ b/apps/web/lib/web/live/setting_live/oidc_form_component.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.SettingLive.OIDCFormComponent do +defmodule Web.SettingLive.OIDCFormComponent do @moduledoc """ Form for OIDC configs """ - use FzHttpWeb, :live_component - alias FzHttp.Config + use Web, :live_component + alias Domain.Config def render(assigns) do ~H""" @@ -182,19 +182,19 @@ defmodule FzHttpWeb.SettingLive.OIDCFormComponent do changeset = assigns.provider |> Map.delete(:__struct__) - |> FzHttp.Config.Configuration.OpenIDConnectProvider.create_changeset() + |> Domain.Config.Configuration.OpenIDConnectProvider.create_changeset() socket = socket |> assign(assigns) - |> assign(:external_url, FzHttp.Config.fetch_env!(:fz_http, :external_url)) + |> assign(:external_url, Domain.Config.fetch_env!(:web, :external_url)) |> assign(:changeset, changeset) {:ok, socket} end def handle_event("save", %{"open_id_connect_provider" => params}, socket) do - changeset = FzHttp.Config.Configuration.OpenIDConnectProvider.create_changeset(params) + changeset = Domain.Config.Configuration.OpenIDConnectProvider.create_changeset(params) if changeset.valid? do attrs = Ecto.Changeset.apply_changes(changeset) diff --git a/apps/web/lib/fz_http_web/live/setting_live/saml_form_component.ex b/apps/web/lib/web/live/setting_live/saml_form_component.ex similarity index 96% rename from apps/web/lib/fz_http_web/live/setting_live/saml_form_component.ex rename to apps/web/lib/web/live/setting_live/saml_form_component.ex index e94691aa8..51432af42 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/saml_form_component.ex +++ b/apps/web/lib/web/live/setting_live/saml_form_component.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.SettingLive.SAMLFormComponent do +defmodule Web.SettingLive.SAMLFormComponent do @moduledoc """ Form for SAML configs """ - use FzHttpWeb, :live_component - alias FzHttp.Config + use Web, :live_component + alias Domain.Config def render(assigns) do ~H""" @@ -196,7 +196,7 @@ defmodule FzHttpWeb.SettingLive.SAMLFormComponent do changeset = assigns.provider |> Map.delete(:__struct__) - |> FzHttp.Config.Configuration.SAMLIdentityProvider.create_changeset() + |> Domain.Config.Configuration.SAMLIdentityProvider.create_changeset() socket = socket @@ -207,7 +207,7 @@ defmodule FzHttpWeb.SettingLive.SAMLFormComponent do end def handle_event("save", %{"saml_identity_provider" => params}, socket) do - changeset = FzHttp.Config.Configuration.SAMLIdentityProvider.create_changeset(params) + changeset = Domain.Config.Configuration.SAMLIdentityProvider.create_changeset(params) if changeset.valid? do attrs = Ecto.Changeset.apply_changes(changeset) diff --git a/apps/web/lib/fz_http_web/live/setting_live/security.html.heex b/apps/web/lib/web/live/setting_live/security.html.heex similarity index 98% rename from apps/web/lib/fz_http_web/live/setting_live/security.html.heex rename to apps/web/lib/web/live/setting_live/security.html.heex index e38848935..e11b363ac 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/security.html.heex +++ b/apps/web/lib/web/live/setting_live/security.html.heex @@ -3,7 +3,7 @@ <%= if @live_action == :edit_oidc do %> <%= live_modal( - FzHttpWeb.SettingLive.OIDCFormComponent, + Web.SettingLive.OIDCFormComponent, subject: @subject, return_to: ~p"/settings/security", title: "OIDC Configuration", @@ -15,7 +15,7 @@ <%= if @live_action == :edit_saml do %> <%= live_modal( - FzHttpWeb.SettingLive.SAMLFormComponent, + Web.SettingLive.SAMLFormComponent, subject: @subject, return_to: ~p"/settings/security", title: "SAML Configuration", @@ -25,13 +25,13 @@ ) %> <% end %> -<%= render(FzHttpWeb.SharedView, "heading.html", +<%= render(Web.SharedView, "heading.html", page_subtitle: @page_subtitle, page_title: @page_title ) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>

Authentication

diff --git a/apps/web/lib/fz_http_web/live/setting_live/security_live.ex b/apps/web/lib/web/live/setting_live/security_live.ex similarity index 88% rename from apps/web/lib/fz_http_web/live/setting_live/security_live.ex rename to apps/web/lib/web/live/setting_live/security_live.ex index 0ec14c59b..09615aa3d 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/security_live.ex +++ b/apps/web/lib/web/live/setting_live/security_live.ex @@ -1,10 +1,7 @@ -defmodule FzHttpWeb.SettingLive.Security do - @moduledoc """ - Manages security LiveView - """ - use FzHttpWeb, :live_view - import FzHttp.Crypto, only: [rand_string: 1] - alias FzHttp.Config +defmodule Web.SettingLive.Security do + use Web, :live_view + import Domain.Crypto, only: [rand_string: 1] + alias Domain.Config @page_title "Security Settings" @page_subtitle "Configure security-related settings." @@ -30,7 +27,7 @@ defmodule FzHttpWeb.SettingLive.Security do |> assign(:page_subtitle, @page_subtitle) |> assign(:form_changed, false) |> assign(:configuration_changeset, configuration_changeset()) - |> assign(:configs, FzHttp.Config.fetch_source_and_configs!(@configs)) + |> assign(:configs, Domain.Config.fetch_source_and_configs!(@configs)) {:ok, socket} end @@ -71,7 +68,7 @@ defmodule FzHttpWeb.SettingLive.Security do Config.fetch_db_config!() |> Config.update_config(%{key => !!params["value"]}, socket.assigns.subject) - configs = FzHttp.Config.fetch_source_and_configs!(@configs) + configs = Domain.Config.fetch_source_and_configs!(@configs) {:noreply, assign(socket, :configs, configs)} end @@ -90,7 +87,7 @@ defmodule FzHttpWeb.SettingLive.Security do {:ok, _config} = Config.update_config(config, %{field_key => providers}, socket.assigns.subject) - configs = FzHttp.Config.fetch_source_and_configs!(@configs) + configs = Domain.Config.fetch_source_and_configs!(@configs) {:noreply, assign(socket, :configs, configs)} end @@ -117,7 +114,7 @@ defmodule FzHttpWeb.SettingLive.Security do def session_duration_options(vpn_session_duration) do options = [ {"Never", 0}, - {"Once", FzHttp.Config.Configuration.Changeset.max_vpn_session_duration()}, + {"Once", Domain.Config.Configuration.Changeset.max_vpn_session_duration()}, {"Every Hour", @hour}, {"Every Day", @day}, {"Every Week", 7 * @day}, diff --git a/apps/web/lib/fz_http_web/live/setting_live/show_api_token_component.ex b/apps/web/lib/web/live/setting_live/show_api_token_component.ex similarity index 88% rename from apps/web/lib/fz_http_web/live/setting_live/show_api_token_component.ex rename to apps/web/lib/web/live/setting_live/show_api_token_component.ex index f89a4fcf8..2f660424c 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/show_api_token_component.ex +++ b/apps/web/lib/web/live/setting_live/show_api_token_component.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.SettingLive.ShowApiTokenComponent do - use FzHttpWeb, :live_component +defmodule Web.SettingLive.ShowApiTokenComponent do + use Web, :live_component alias Phoenix.LiveView.JS - alias FzHttpWeb.Auth.JSON.Authentication + alias Web.Auth.JSON.Authentication def update(assigns, socket) do if connected?(socket) do @@ -49,7 +49,7 @@ defmodule FzHttpWeb.SettingLive.ShowApiTokenComponent do 
# List all users
     curl -H 'Content-Type: application/json' \
          -H 'Authorization: Bearer <%= @secret %>' \
-         <%= FzHttp.Config.fetch_env!(:fz_http, :external_url) %>/v0/users
+ <%= Domain.Config.fetch_env!(:web, :external_url) %>/v0/users
diff --git a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account.html.heex b/apps/web/lib/web/live/setting_live/unprivileged/account.html.heex similarity index 88% rename from apps/web/lib/fz_http_web/live/setting_live/unprivileged/account.html.heex rename to apps/web/lib/web/live/setting_live/unprivileged/account.html.heex index 5d0adec84..e5943c51b 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account.html.heex +++ b/apps/web/lib/web/live/setting_live/unprivileged/account.html.heex @@ -1,6 +1,6 @@ <%= if @live_action == :change_password do %> <%= live_modal( - FzHttpWeb.SettingLive.Unprivileged.AccountFormComponent, + Web.SettingLive.Unprivileged.AccountFormComponent, return_to: ~p"/user_account", title: "Change password", id: "account-form-component", @@ -12,7 +12,7 @@ <%= if @live_action == :register_mfa do %> <.live_component - module={FzHttpWeb.MFA.RegisterComponent} + module={Web.MFA.RegisterComponent} id="register-mfa" user={@current_user} return_to={~p"/user_account"} @@ -23,10 +23,10 @@ <- Back to devices -<%= render(FzHttpWeb.SharedView, "heading.html", page_title: @page_title) %> +<%= render(Web.SharedView, "heading.html", page_title: @page_title) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
<%= @page_subtitle %> @@ -49,7 +49,7 @@
- <%= render(FzHttpWeb.SharedView, "user_details.html", + <%= render(Web.SharedView, "user_details.html", user: @current_user, rules_path: nil, subject: @subject @@ -117,7 +117,7 @@
<%= if length(@methods) > 0 do %> - <%= render(FzHttpWeb.SharedView, "mfa_methods_table.html", methods: @methods) %> + <%= render(Web.SharedView, "mfa_methods_table.html", methods: @methods) %> <% else %>
No MFA methods added.
<% end %> diff --git a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_form_component.ex b/apps/web/lib/web/live/setting_live/unprivileged/account_form_component.ex similarity index 84% rename from apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_form_component.ex rename to apps/web/lib/web/live/setting_live/unprivileged/account_form_component.ex index 351aa175f..0759b1e9d 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_form_component.ex +++ b/apps/web/lib/web/live/setting_live/unprivileged/account_form_component.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.SettingLive.Unprivileged.AccountFormComponent do +defmodule Web.SettingLive.Unprivileged.AccountFormComponent do @moduledoc """ Handles the edit account form for unprivileged users. """ - use FzHttpWeb, :live_component + use Web, :live_component - alias FzHttp.Users + alias Domain.Users def update(assigns, socket) do changeset = Users.change_user(assigns.current_user) diff --git a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_form_component.html.heex b/apps/web/lib/web/live/setting_live/unprivileged/account_form_component.html.heex similarity index 91% rename from apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_form_component.html.heex rename to apps/web/lib/web/live/setting_live/unprivileged/account_form_component.html.heex index f276970e3..8df9240e6 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_form_component.html.heex +++ b/apps/web/lib/web/live/setting_live/unprivileged/account_form_component.html.heex @@ -12,7 +12,7 @@
<%= render( - FzHttpWeb.SharedView, + Web.SharedView, "password_field.html", context: f, field: :password, @@ -21,7 +21,7 @@ ) %> <%= render( - FzHttpWeb.SharedView, + Web.SharedView, "password_field.html", context: f, field: :password_confirmation, diff --git a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_live.ex b/apps/web/lib/web/live/setting_live/unprivileged/account_live.ex similarity index 90% rename from apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_live.ex rename to apps/web/lib/web/live/setting_live/unprivileged/account_live.ex index 8ee550fad..2e33bb42f 100644 --- a/apps/web/lib/fz_http_web/live/setting_live/unprivileged/account_live.ex +++ b/apps/web/lib/web/live/setting_live/unprivileged/account_live.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.SettingLive.Unprivileged.Account do +defmodule Web.SettingLive.Unprivileged.Account do @moduledoc """ Handles Account-related things for unprivileged users. @@ -6,10 +6,10 @@ defmodule FzHttpWeb.SettingLive.Unprivileged.Account do Only the html is going to be different. This serves its purpose until a redesign happens. """ - use FzHttpWeb, :live_view + use Web, :live_view - alias FzHttp.{Auth.MFA, Users} - alias FzHttpWeb.{Endpoint, Presence} + alias Domain.{Auth.MFA, Users} + alias Web.{Endpoint, Presence} @live_sessions_topic "notification:session" @page_title "Account Settings" @@ -23,7 +23,7 @@ defmodule FzHttpWeb.SettingLive.Unprivileged.Account do socket = socket - |> assign(:local_auth_enabled, FzHttp.Config.fetch_config!(:local_auth_enabled)) + |> assign(:local_auth_enabled, Domain.Config.fetch_config!(:local_auth_enabled)) |> assign(:changeset, Users.change_user(socket.assigns.current_user)) |> assign(:methods, methods) |> assign(:page_title, @page_title) diff --git a/apps/web/lib/fz_http_web/live/sidebar_component.ex b/apps/web/lib/web/live/sidebar_component.ex similarity index 97% rename from apps/web/lib/fz_http_web/live/sidebar_component.ex rename to apps/web/lib/web/live/sidebar_component.ex index 13287402f..7639812ef 100644 --- a/apps/web/lib/fz_http_web/live/sidebar_component.ex +++ b/apps/web/lib/web/live/sidebar_component.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.SidebarComponent do +defmodule Web.SidebarComponent do @moduledoc """ Admin Sidebar """ - use FzHttpWeb, :live_component + use Web, :live_component def render(assigns) do ~H""" diff --git a/apps/web/lib/fz_http_web/live/user_live/form_component.ex b/apps/web/lib/web/live/user_live/form_component.ex similarity index 93% rename from apps/web/lib/fz_http_web/live/user_live/form_component.ex rename to apps/web/lib/web/live/user_live/form_component.ex index a9921bb2e..76b57b8ef 100644 --- a/apps/web/lib/fz_http_web/live/user_live/form_component.ex +++ b/apps/web/lib/web/live/user_live/form_component.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.UserLive.FormComponent do +defmodule Web.UserLive.FormComponent do @moduledoc """ Handles user form for admins. """ - use FzHttpWeb, :live_component + use Web, :live_component - alias FzHttp.Users + alias Domain.Users @impl Phoenix.LiveComponent def update(%{action: :new} = assigns, socket) do diff --git a/apps/web/lib/fz_http_web/live/user_live/form_component.html.heex b/apps/web/lib/web/live/user_live/form_component.html.heex similarity index 94% rename from apps/web/lib/fz_http_web/live/user_live/form_component.html.heex rename to apps/web/lib/web/live/user_live/form_component.html.heex index 5cd1b4384..931767ce2 100644 --- a/apps/web/lib/fz_http_web/live/user_live/form_component.html.heex +++ b/apps/web/lib/web/live/user_live/form_component.html.heex @@ -25,7 +25,7 @@ <%= render( - FzHttpWeb.SharedView, + Web.SharedView, "password_field.html", context: f, field: :password, @@ -34,7 +34,7 @@ ) %> <%= render( - FzHttpWeb.SharedView, + Web.SharedView, "password_field.html", context: f, field: :password_confirmation, diff --git a/apps/web/lib/fz_http_web/live/user_live/index.html.heex b/apps/web/lib/web/live/user_live/index.html.heex similarity index 85% rename from apps/web/lib/fz_http_web/live/user_live/index.html.heex rename to apps/web/lib/web/live/user_live/index.html.heex index d1a78908e..a39073b47 100644 --- a/apps/web/lib/fz_http_web/live/user_live/index.html.heex +++ b/apps/web/lib/web/live/user_live/index.html.heex @@ -1,6 +1,6 @@ <%= if @live_action == :new do %> <%= live_modal( - FzHttpWeb.UserLive.FormComponent, + Web.UserLive.FormComponent, return_to: ~p"/users", title: "Add User", id: "user-form-component", @@ -12,10 +12,10 @@ ) %> <% end %> -<%= render(FzHttpWeb.SharedView, "heading.html", page_title: @page_title) %> +<%= render(Web.SharedView, "heading.html", page_title: @page_title) %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
@@ -40,10 +40,7 @@
<%= user.device_count %> - + <%= live_modal( - FzHttpWeb.UserLive.FormComponent, + Web.UserLive.FormComponent, return_to: ~p"/users/#{@user}", title: "Edit #{@user.email}", id: "user-form-component", @@ -13,7 +13,7 @@ <% end %> <%= if @live_action == :new_device do %> <%= live_modal( - FzHttpWeb.DeviceLive.NewFormComponent, + Web.DeviceLive.NewFormComponent, return_to: ~p"/users/#{@user}", title: "Add Device", current_user: @current_user, @@ -25,10 +25,10 @@ ) %> <% end %> -<%= render(FzHttpWeb.SharedView, "heading.html", page_title: "Users |> #{@user.email}") %> +<%= render(Web.SharedView, "heading.html", page_title: "Users |> #{@user.email}") %>
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>
@@ -44,7 +44,7 @@
- <%= render(FzHttpWeb.SharedView, "user_details.html", + <%= render(Web.SharedView, "user_details.html", user: @user, rules_path: @rules_path, subject: @subject @@ -54,7 +54,7 @@ <%= if length(@connections) > 0 do %> <.live_component id="connections-table" - module={FzHttpWeb.OIDCLive.ConnectionsTableComponent} + module={Web.OIDCLive.ConnectionsTableComponent} connections={@connections} user={@user} /> @@ -65,7 +65,7 @@
<%= if length(@devices) > 0 do %> - <%= render(FzHttpWeb.SharedView, "devices_table.html", + <%= render(Web.SharedView, "devices_table.html", devices: @devices, show_user: false, socket: @socket @@ -95,7 +95,7 @@
<.live_component id="allowed-to-connect" - module={FzHttpWeb.UserLive.VPNConnectionComponent} + module={Web.UserLive.VPNConnectionComponent} user={@user} />
diff --git a/apps/web/lib/fz_http_web/live/user_live/show_live.ex b/apps/web/lib/web/live/user_live/show_live.ex similarity index 91% rename from apps/web/lib/fz_http_web/live/user_live/show_live.ex rename to apps/web/lib/web/live/user_live/show_live.ex index 1fe9b1ff0..03929b4ad 100644 --- a/apps/web/lib/fz_http_web/live/user_live/show_live.ex +++ b/apps/web/lib/web/live/user_live/show_live.ex @@ -1,12 +1,12 @@ -defmodule FzHttpWeb.UserLive.Show do +defmodule Web.UserLive.Show do @moduledoc """ Handles showing users. XXX: Admin only """ - use FzHttpWeb, :live_view + use Web, :live_view - alias FzHttp.{Devices, Auth.OIDC, Users} - alias FzHttpWeb.ErrorHelpers + alias Domain.{Devices, Auth.OIDC, Users} + alias Web.ErrorHelpers @impl Phoenix.LiveView @@ -51,7 +51,7 @@ defmodule FzHttpWeb.UserLive.Show do case Users.delete_user(user, socket.assigns.subject) do {:ok, _} -> - FzHttpWeb.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) + Web.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) {:noreply, socket @@ -80,7 +80,7 @@ defmodule FzHttpWeb.UserLive.Show do with {:ok, user} <- Users.fetch_user_by_id(user_id, socket.assigns.subject), {:ok, user} <- Users.update_user(user, %{role: role}, socket.assigns.subject) do # Force reconnect with new role - FzHttpWeb.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) + Web.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) socket = socket diff --git a/apps/web/lib/fz_http_web/live/user_live/vpn_connection_component.ex b/apps/web/lib/web/live/user_live/vpn_connection_component.ex similarity index 82% rename from apps/web/lib/fz_http_web/live/user_live/vpn_connection_component.ex rename to apps/web/lib/web/live/user_live/vpn_connection_component.ex index a18ca91ab..efba8b68f 100644 --- a/apps/web/lib/fz_http_web/live/user_live/vpn_connection_component.ex +++ b/apps/web/lib/web/live/user_live/vpn_connection_component.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.UserLive.VPNConnectionComponent do +defmodule Web.UserLive.VPNConnectionComponent do @moduledoc """ Handles user form. """ - use FzHttpWeb, :live_component + use Web, :live_component import Ecto.Changeset - alias FzHttp.Repo + alias Domain.Repo @impl Phoenix.LiveComponent def render(assigns) do @@ -42,8 +42,8 @@ defmodule FzHttpWeb.UserLive.VPNConnectionComponent do changeset %{data: user} = changeset -> - FzHttp.Telemetry.disable_user() - FzHttpWeb.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) + Domain.Telemetry.disable_user() + Web.Endpoint.broadcast("users_socket:#{user.id}", "disconnect", %{}) changeset end) |> Repo.update!() diff --git a/apps/web/lib/fz_http_web/live/user_live/vpn_status_component.ex b/apps/web/lib/web/live/user_live/vpn_status_component.ex similarity index 95% rename from apps/web/lib/fz_http_web/live/user_live/vpn_status_component.ex rename to apps/web/lib/web/live/user_live/vpn_status_component.ex index 91c263a0a..c2e02236e 100644 --- a/apps/web/lib/fz_http_web/live/user_live/vpn_status_component.ex +++ b/apps/web/lib/web/live/user_live/vpn_status_component.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.UserLive.VPNStatusComponent do +defmodule Web.UserLive.VPNStatusComponent do @moduledoc """ Handles VPN status tag. """ diff --git a/apps/web/lib/fz_http_web/live_helpers.ex b/apps/web/lib/web/live_helpers.ex similarity index 91% rename from apps/web/lib/fz_http_web/live_helpers.ex rename to apps/web/lib/web/live_helpers.ex index c1bb6a55e..28c96acd9 100644 --- a/apps/web/lib/fz_http_web/live_helpers.ex +++ b/apps/web/lib/web/live_helpers.ex @@ -1,17 +1,17 @@ -defmodule FzHttpWeb.LiveHelpers do +defmodule Web.LiveHelpers do @moduledoc """ Helpers available to all LiveViews. XXX: Consider splitting these up using one of the techniques at https://bernheisel.com/blog/phoenix-liveview-and-views """ use Phoenix.Component - alias FzHttp.{Config, Users} + alias Domain.{Config, Users} def live_modal(component, opts) do path = Keyword.fetch!(opts, :return_to) live_component(%{ - module: FzHttpWeb.ModalComponent, + module: Web.ModalComponent, id: :modal, return_to: path, component: component, @@ -36,7 +36,7 @@ defmodule FzHttpWeb.LiveHelpers do end def admin_email do - FzHttp.Config.fetch_env!(:fz_http, :admin_email) + Domain.Config.fetch_env!(:domain, :admin_email) end def vpn_sessions_expire? do diff --git a/apps/web/lib/fz_http_web/mailer.ex b/apps/web/lib/web/mailer.ex similarity index 61% rename from apps/web/lib/fz_http_web/mailer.ex rename to apps/web/lib/web/mailer.ex index d5ec94620..72a9770de 100644 --- a/apps/web/lib/fz_http_web/mailer.ex +++ b/apps/web/lib/web/mailer.ex @@ -1,19 +1,19 @@ -defmodule FzHttpWeb.Mailer do +defmodule Web.Mailer do @moduledoc """ Outbound Email Sender. """ - use Swoosh.Mailer, otp_app: :fz_http + use Swoosh.Mailer, otp_app: :web alias Swoosh.Email def active? do - mailer_config = FzHttp.Config.fetch_env!(:fz_http, FzHttpWeb.Mailer) + mailer_config = Domain.Config.fetch_env!(:web, Web.Mailer) mailer_config[:from_email] && mailer_config[:adapter] end def default_email do # Fail hard if email not configured from_email = - FzHttp.Config.fetch_env!(:fz_http, FzHttpWeb.Mailer) + Domain.Config.fetch_env!(:web, Web.Mailer) |> Keyword.fetch!(:from_email) Email.new() diff --git a/apps/web/lib/fz_http_web/mailer/auth_email.ex b/apps/web/lib/web/mailer/auth_email.ex similarity index 73% rename from apps/web/lib/fz_http_web/mailer/auth_email.ex rename to apps/web/lib/web/mailer/auth_email.ex index 6ee19f927..30e6f4e8c 100644 --- a/apps/web/lib/fz_http_web/mailer/auth_email.ex +++ b/apps/web/lib/web/mailer/auth_email.ex @@ -1,16 +1,16 @@ -defmodule FzHttpWeb.Mailer.AuthEmail do +defmodule Web.Mailer.AuthEmail do @moduledoc """ This module generates emails that are Auth related. """ - use FzHttpWeb, :helper + use Web, :helper use Phoenix.Swoosh, template_root: Path.join(__DIR__, "templates"), template_path: "auth_email" - alias FzHttpWeb.Mailer + alias Web.Mailer - def magic_link(%FzHttp.Users.User{} = user) do + def magic_link(%Domain.Users.User{} = user) do Mailer.default_email() |> subject("Firezone Magic Link") |> to(user.email) diff --git a/apps/web/lib/fz_http_web/mailer/noop_adapter.ex b/apps/web/lib/web/mailer/noop_adapter.ex similarity index 82% rename from apps/web/lib/fz_http_web/mailer/noop_adapter.ex rename to apps/web/lib/web/mailer/noop_adapter.ex index 6e24a17ea..465139fa5 100644 --- a/apps/web/lib/fz_http_web/mailer/noop_adapter.ex +++ b/apps/web/lib/web/mailer/noop_adapter.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.Mailer.NoopAdapter do +defmodule Web.Mailer.NoopAdapter do @moduledoc """ When mailer is not configure, use noop adapter as a drop-in replacement so that we don't have to add conditional logic to every single call to - `FzHttpWeb.Mailer.deliver/2`. + `Web.Mailer.deliver/2`. """ use Swoosh.Adapter diff --git a/apps/web/lib/fz_http_web/mailer/templates/auth_email/magic_link.html.heex b/apps/web/lib/web/mailer/templates/auth_email/magic_link.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/mailer/templates/auth_email/magic_link.html.heex rename to apps/web/lib/web/mailer/templates/auth_email/magic_link.html.heex diff --git a/apps/web/lib/fz_http_web/mailer/templates/auth_email/magic_link.text.eex b/apps/web/lib/web/mailer/templates/auth_email/magic_link.text.eex similarity index 100% rename from apps/web/lib/fz_http_web/mailer/templates/auth_email/magic_link.text.eex rename to apps/web/lib/web/mailer/templates/auth_email/magic_link.text.eex diff --git a/apps/web/lib/fz_http_web/oauth/pkce.ex b/apps/web/lib/web/oauth/pkce.ex similarity index 90% rename from apps/web/lib/fz_http_web/oauth/pkce.ex rename to apps/web/lib/web/oauth/pkce.ex index 20b2bc444..0a33e5321 100644 --- a/apps/web/lib/fz_http_web/oauth/pkce.ex +++ b/apps/web/lib/web/oauth/pkce.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.OAuth.PKCE do +defmodule Web.OAuth.PKCE do @moduledoc """ Helpers related to PKCE for OAuth2. """ @@ -43,7 +43,7 @@ defmodule FzHttpWeb.OAuth.PKCE do max_age: @pkce_valid_duration, sign: true, same_site: "Lax", - secure: FzHttp.Config.fetch_env!(:fz_http, :cookie_secure) + secure: Domain.Config.fetch_env!(:web, :cookie_secure) ] end end diff --git a/apps/web/lib/fz_http_web/oidc/state.ex b/apps/web/lib/web/oidc/state.ex similarity index 84% rename from apps/web/lib/fz_http_web/oidc/state.ex rename to apps/web/lib/web/oidc/state.ex index 8f0137ffe..ee5504781 100644 --- a/apps/web/lib/fz_http_web/oidc/state.ex +++ b/apps/web/lib/web/oidc/state.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.OIDC.State do +defmodule Web.OIDC.State do @moduledoc """ Helpers to manage the OIDC CSRF token, otherwise known as the state param, throughout the login flow. @@ -25,7 +25,7 @@ defmodule FzHttpWeb.OIDC.State do end def new do - FzHttp.Crypto.rand_string() + Domain.Crypto.rand_string() end defp cookie_opts do @@ -33,7 +33,7 @@ defmodule FzHttpWeb.OIDC.State do max_age: @oidc_state_valid_duration, sign: true, same_site: "Lax", - secure: FzHttp.Config.fetch_env!(:fz_http, :cookie_secure) + secure: Domain.Config.fetch_env!(:web, :cookie_secure) ] end end diff --git a/apps/web/lib/fz_http_web/plug/path_prefix.ex b/apps/web/lib/web/plug/path_prefix.ex similarity index 91% rename from apps/web/lib/fz_http_web/plug/path_prefix.ex rename to apps/web/lib/web/plug/path_prefix.ex index d0aa3ff64..f31faccdd 100644 --- a/apps/web/lib/fz_http_web/plug/path_prefix.ex +++ b/apps/web/lib/web/plug/path_prefix.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.Plug.PathPrefix do +defmodule Web.Plug.PathPrefix do @moduledoc """ This Plug removes prefix from Plug.Conn path fields which allows to run Firezone under non root directory without recompiling it. @@ -17,7 +17,7 @@ defmodule FzHttpWeb.Plug.PathPrefix do end defp get_path_prefix do - case FzHttp.Config.fetch_env!(:fz_http, :path_prefix) do + case Domain.Config.fetch_env!(:web, :path_prefix) do "/" -> nil nil -> nil prefix when is_binary(prefix) -> String.trim(prefix, "/") diff --git a/apps/web/lib/fz_http_web/plug/require_local_authentication.ex b/apps/web/lib/web/plug/require_local_authentication.ex similarity index 63% rename from apps/web/lib/fz_http_web/plug/require_local_authentication.ex rename to apps/web/lib/web/plug/require_local_authentication.ex index 35491efff..6faa14322 100644 --- a/apps/web/lib/fz_http_web/plug/require_local_authentication.ex +++ b/apps/web/lib/web/plug/require_local_authentication.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.Plug.RequireLocalAuthentication do - use FzHttpWeb, :controller +defmodule Web.Plug.RequireLocalAuthentication do + use Web, :controller def init(opts), do: opts def call(conn, _opts) do # XXX: This should be moved to Auth - if FzHttp.Config.fetch_config!(:local_auth_enabled) do + if Domain.Config.fetch_config!(:local_auth_enabled) do conn else conn diff --git a/apps/web/lib/fz_http_web/plug/samly_target_url.ex b/apps/web/lib/web/plug/samly_target_url.ex similarity index 85% rename from apps/web/lib/fz_http_web/plug/samly_target_url.ex rename to apps/web/lib/web/plug/samly_target_url.ex index 8c61ed7d7..d5039c4a7 100644 --- a/apps/web/lib/fz_http_web/plug/samly_target_url.ex +++ b/apps/web/lib/web/plug/samly_target_url.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.Plug.SamlyTargetUrl do +defmodule Web.Plug.SamlyTargetUrl do @moduledoc """ Plug to set target url for samly to later on redirect to after auth success """ diff --git a/apps/web/lib/web/presence.ex b/apps/web/lib/web/presence.ex new file mode 100644 index 000000000..4e0c299d1 --- /dev/null +++ b/apps/web/lib/web/presence.ex @@ -0,0 +1,5 @@ +defmodule Web.Presence do + use Phoenix.Presence, + otp_app: :domain, + pubsub_server: Domain.PubSub +end diff --git a/apps/web/lib/fz_http_web/proxy_headers.ex b/apps/web/lib/web/proxy_headers.ex similarity index 84% rename from apps/web/lib/fz_http_web/proxy_headers.ex rename to apps/web/lib/web/proxy_headers.ex index 350237c69..6ef764738 100644 --- a/apps/web/lib/fz_http_web/proxy_headers.ex +++ b/apps/web/lib/web/proxy_headers.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.ProxyHeaders do +defmodule Web.ProxyHeaders do @moduledoc """ Loads proxy-related headers when it corresponds using runtime config """ - alias FzHttpWeb.HeaderHelpers + alias Web.HeaderHelpers @behaviour Plug diff --git a/apps/web/lib/fz_http_web/router.ex b/apps/web/lib/web/router.ex similarity index 80% rename from apps/web/lib/fz_http_web/router.ex rename to apps/web/lib/web/router.ex index 48052fdc2..743c2ed5d 100644 --- a/apps/web/lib/fz_http_web/router.ex +++ b/apps/web/lib/web/router.ex @@ -1,22 +1,22 @@ -defmodule FzHttpWeb.Router do +defmodule Web.Router do @moduledoc """ Main Application Router """ - use FzHttpWeb, :router + use Web, :router pipeline :browser do plug :accepts, ["html"] plug :fetch_session plug :fetch_live_flash - plug :put_root_layout, {FzHttpWeb.LayoutView, :root} + plug :put_root_layout, {Web.LayoutView, :root} plug :protect_from_forgery plug :put_secure_browser_headers end pipeline :api do plug :accepts, ["json"] - plug FzHttpWeb.Auth.JSON.Pipeline + plug Web.Auth.JSON.Pipeline end pipeline :browser_static do @@ -32,20 +32,20 @@ defmodule FzHttpWeb.Router do end pipeline :html_auth do - plug FzHttpWeb.Auth.HTML.Pipeline + plug Web.Auth.HTML.Pipeline end pipeline :require_local_auth do - plug FzHttpWeb.Plug.RequireLocalAuthentication + plug Web.Plug.RequireLocalAuthentication end pipeline :samly do plug :fetch_session - plug FzHttpWeb.Plug.SamlyTargetUrl + plug Web.Plug.SamlyTargetUrl end # Local auth routes - scope "/auth", FzHttpWeb do + scope "/auth", Web do pipe_through [ :browser, :html_auth, @@ -63,7 +63,7 @@ defmodule FzHttpWeb.Router do end # OIDC auth routes - scope "/auth", FzHttpWeb do + scope "/auth", Web do scope "/oidc" do pipe_through [ :browser, @@ -77,7 +77,7 @@ defmodule FzHttpWeb.Router do end # SAML auth routes - scope "/auth/saml", FzHttpWeb do + scope "/auth/saml", Web do pipe_through [ :browser, :require_unauthenticated @@ -97,7 +97,7 @@ defmodule FzHttpWeb.Router do end # Unauthenticated routes - scope "/", FzHttpWeb do + scope "/", Web do pipe_through [ :browser, :html_auth, @@ -107,7 +107,7 @@ defmodule FzHttpWeb.Router do get "/", RootController, :index end - scope "/mfa", FzHttpWeb do + scope "/mfa", Web do pipe_through([ :browser, :html_auth @@ -116,11 +116,11 @@ defmodule FzHttpWeb.Router do live_session( :authenticated, on_mount: [ - FzHttpWeb.Hooks.AllowEctoSandbox, - {FzHttpWeb.LiveAuth, :any}, - {FzHttpWeb.LiveNav, nil} + Web.Hooks.AllowEctoSandbox, + {Web.LiveAuth, :any}, + {Web.LiveNav, nil} ], - root_layout: {FzHttpWeb.LayoutView, :root} + root_layout: {Web.LayoutView, :root} ) do live "/auth", MFALive.Auth, :auth live "/auth/:id", MFALive.Auth, :auth @@ -129,7 +129,7 @@ defmodule FzHttpWeb.Router do end # Authenticated routes - scope "/", FzHttpWeb do + scope "/", Web do pipe_through [ :browser, :html_auth, @@ -143,12 +143,12 @@ defmodule FzHttpWeb.Router do live_session( :unprivileged, on_mount: [ - FzHttpWeb.Hooks.AllowEctoSandbox, - {FzHttpWeb.LiveAuth, :unprivileged}, - {FzHttpWeb.LiveNav, nil}, - FzHttpWeb.LiveMFA + Web.Hooks.AllowEctoSandbox, + {Web.LiveAuth, :unprivileged}, + {Web.LiveNav, nil}, + Web.LiveMFA ], - root_layout: {FzHttpWeb.LayoutView, :unprivileged} + root_layout: {Web.LayoutView, :unprivileged} ) do live "/user_devices", DeviceLive.Unprivileged.Index, :index live "/user_devices/new", DeviceLive.Unprivileged.Index, :new @@ -163,12 +163,12 @@ defmodule FzHttpWeb.Router do live_session( :admin, on_mount: [ - FzHttpWeb.Hooks.AllowEctoSandbox, - {FzHttpWeb.LiveAuth, :admin}, - FzHttpWeb.LiveNav, - FzHttpWeb.LiveMFA + Web.Hooks.AllowEctoSandbox, + {Web.LiveAuth, :admin}, + Web.LiveNav, + Web.LiveMFA ], - root_layout: {FzHttpWeb.LayoutView, :admin} + root_layout: {Web.LayoutView, :admin} ) do live "/users", UserLive.Index, :index live "/users/new", UserLive.Index, :new @@ -195,7 +195,7 @@ defmodule FzHttpWeb.Router do end end - scope "/v0", FzHttpWeb.JSON do + scope "/v0", Web.JSON do pipe_through :api resources "/configuration", ConfigurationController, singleton: true, only: [:show, :update] @@ -204,7 +204,7 @@ defmodule FzHttpWeb.Router do resources "/rules", RuleController, except: [:new, :edit] end - scope "/browser", FzHttpWeb do + scope "/browser", Web do pipe_through :browser_static get "/config.xml", BrowserController, :config @@ -219,8 +219,8 @@ defmodule FzHttpWeb.Router do forward "/mailbox", Plug.Swoosh.MailboxPreview live_dashboard "/dashboard" - get "/samly", FzHttpWeb.DebugController, :samly - get "/session", FzHttpWeb.DebugController, :session + get "/samly", Web.DebugController, :samly + get "/session", Web.DebugController, :session end end end diff --git a/apps/web/lib/fz_http_web/sandbox.ex b/apps/web/lib/web/sandbox.ex similarity index 97% rename from apps/web/lib/fz_http_web/sandbox.ex rename to apps/web/lib/web/sandbox.ex index 0f9be1747..e953f7f06 100644 --- a/apps/web/lib/fz_http_web/sandbox.ex +++ b/apps/web/lib/web/sandbox.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.Sandbox do +defmodule Web.Sandbox do @moduledoc """ A set of helpers that allow Phoenix components (Channels and LiveView) to access SQL sandbox in test environment. """ diff --git a/apps/web/lib/fz_http_web/session.ex b/apps/web/lib/web/session.ex similarity index 73% rename from apps/web/lib/fz_http_web/session.ex rename to apps/web/lib/web/session.ex index c4c77c692..bc6771146 100644 --- a/apps/web/lib/fz_http_web/session.ex +++ b/apps/web/lib/web/session.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.Session do +defmodule Web.Session do @moduledoc """ Dynamically configures session. """ @@ -11,7 +11,7 @@ defmodule FzHttpWeb.Session do # Set :encryption_salt if you would also like to encrypt it. @session_options [ store: :cookie, - key: "_fz_http_key", + key: "_firezone_key", # XXX: Strict doesn't work for SSO auth # same_site: "Strict", max_age: @max_cookie_age, @@ -25,19 +25,19 @@ defmodule FzHttpWeb.Session do end defp cookie_secure do - FzHttp.Config.fetch_env!(:fz_http, :cookie_secure) + Domain.Config.fetch_env!(:web, :cookie_secure) end defp signing_salt do [vsn | _] = - Application.spec(:fz_http, :vsn) + Application.spec(:domain, :vsn) |> to_string() |> String.split("+") - FzHttp.Config.fetch_env!(:fz_http, :cookie_signing_salt) <> vsn + Domain.Config.fetch_env!(:web, :cookie_signing_salt) <> vsn end defp encryption_salt do - FzHttp.Config.fetch_env!(:fz_http, :cookie_encryption_salt) + Domain.Config.fetch_env!(:web, :cookie_encryption_salt) end end diff --git a/apps/web/lib/fz_http_web/sockets/user_socket.ex b/apps/web/lib/web/sockets/user_socket.ex similarity index 90% rename from apps/web/lib/fz_http_web/sockets/user_socket.ex rename to apps/web/lib/web/sockets/user_socket.ex index d52c7ad9b..ee0daefcd 100644 --- a/apps/web/lib/fz_http_web/sockets/user_socket.ex +++ b/apps/web/lib/web/sockets/user_socket.ex @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.UserSocket do +defmodule Web.UserSocket do use Phoenix.Socket - alias FzHttpWeb.HeaderHelpers + alias Web.HeaderHelpers @blank_ip_warning """ Client IP couldn't be determined! Check to ensure your reverse proxy is properly sending the \ @@ -14,8 +14,8 @@ defmodule FzHttpWeb.UserSocket do require Logger ## Channels - # channel "room:*", FzHttpWeb.RoomChannel - channel("notification:session", FzHttpWeb.NotificationChannel) + # channel "room:*", Web.RoomChannel + channel("notification:session", Web.NotificationChannel) # Socket params are passed from the client and can # be used to verify and authenticate a user. After @@ -79,7 +79,7 @@ defmodule FzHttpWeb.UserSocket do # Would allow you to broadcast a "disconnect" event and terminate # all active sockets and channels for a given user: # - # FzHttpWeb.Endpoint.broadcast("user_socket:#{user.id}", "disconnect", %{}) + # Web.Endpoint.broadcast("user_socket:#{user.id}", "disconnect", %{}) # # Returning `nil` makes this socket anonymous. # def id(_socket), do: nil diff --git a/apps/web/lib/fz_http_web/templates/auth/request.html.heex b/apps/web/lib/web/templates/auth/request.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/auth/request.html.heex rename to apps/web/lib/web/templates/auth/request.html.heex diff --git a/apps/web/lib/fz_http_web/templates/auth/reset_password.html.heex b/apps/web/lib/web/templates/auth/reset_password.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/auth/reset_password.html.heex rename to apps/web/lib/web/templates/auth/reset_password.html.heex diff --git a/apps/web/lib/fz_http_web/templates/browser/browserconfig.xml.eex b/apps/web/lib/web/templates/browser/browserconfig.xml.eex similarity index 100% rename from apps/web/lib/fz_http_web/templates/browser/browserconfig.xml.eex rename to apps/web/lib/web/templates/browser/browserconfig.xml.eex diff --git a/apps/web/lib/fz_http_web/templates/layout/admin.html.heex b/apps/web/lib/web/templates/layout/admin.html.heex similarity index 93% rename from apps/web/lib/fz_http_web/templates/layout/admin.html.heex rename to apps/web/lib/web/templates/layout/admin.html.heex index 76e287ac6..c9ede37cd 100644 --- a/apps/web/lib/fz_http_web/templates/layout/admin.html.heex +++ b/apps/web/lib/web/templates/layout/admin.html.heex @@ -10,8 +10,8 @@ - <%= render(FzHttpWeb.SharedView, "head.html", assigns) %> - <%= render(FzHttpWeb.SharedView, "socket_token_headers.html", + <%= render(Web.SharedView, "head.html", assigns) %> + <%= render(Web.SharedView, "socket_token_headers.html", conn: @conn, current_user: @current_user ) %> @@ -48,8 +48,8 @@ <% end %>
- <%= Phoenix.Component.live_render(@conn, FzHttpWeb.NotificationsLive.Badge, - router: FzHttpWeb.Router + <%= Phoenix.Component.live_render(@conn, Web.NotificationsLive.Badge, + router: Web.Router ) %> 0.7.0 is here! - + Click here to read more. diff --git a/apps/web/lib/fz_http_web/templates/layout/app.html.heex b/apps/web/lib/web/templates/layout/app.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/layout/app.html.heex rename to apps/web/lib/web/templates/layout/app.html.heex diff --git a/apps/web/lib/fz_http_web/templates/layout/email.html.heex b/apps/web/lib/web/templates/layout/email.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/layout/email.html.heex rename to apps/web/lib/web/templates/layout/email.html.heex diff --git a/apps/web/lib/fz_http_web/templates/layout/live.html.heex b/apps/web/lib/web/templates/layout/live.html.heex similarity index 55% rename from apps/web/lib/fz_http_web/templates/layout/live.html.heex rename to apps/web/lib/web/templates/layout/live.html.heex index 67a373716..62607db07 100644 --- a/apps/web/lib/fz_http_web/templates/layout/live.html.heex +++ b/apps/web/lib/web/templates/layout/live.html.heex @@ -1,5 +1,5 @@ <%= if @path do %> - + <% end %>
diff --git a/apps/web/lib/fz_http_web/templates/layout/root.html.heex b/apps/web/lib/web/templates/layout/root.html.heex similarity index 85% rename from apps/web/lib/fz_http_web/templates/layout/root.html.heex rename to apps/web/lib/web/templates/layout/root.html.heex index 544ea5446..48cc6f434 100644 --- a/apps/web/lib/fz_http_web/templates/layout/root.html.heex +++ b/apps/web/lib/web/templates/layout/root.html.heex @@ -8,7 +8,7 @@ - <%= render(FzHttpWeb.SharedView, "head.html", assigns) %> + <%= render(Web.SharedView, "head.html", assigns) %> <%= csrf_meta_tag() %> @@ -20,7 +20,7 @@
- <%= FzHttpWeb.LogoComponent.render(FzHttp.Config.fetch_config!(:logo)) %> + <%= Web.LogoComponent.render(Domain.Config.fetch_config!(:logo)) %>
<%= @inner_content %> diff --git a/apps/web/lib/fz_http_web/templates/layout/unprivileged.html.heex b/apps/web/lib/web/templates/layout/unprivileged.html.heex similarity index 80% rename from apps/web/lib/fz_http_web/templates/layout/unprivileged.html.heex rename to apps/web/lib/web/templates/layout/unprivileged.html.heex index c1464527b..8f8400608 100644 --- a/apps/web/lib/fz_http_web/templates/layout/unprivileged.html.heex +++ b/apps/web/lib/web/templates/layout/unprivileged.html.heex @@ -12,11 +12,11 @@ src={static_path("/dist/unprivileged.js")} > - <%= render(FzHttpWeb.SharedView, "socket_token_headers.html", + <%= render(Web.SharedView, "socket_token_headers.html", current_user: @current_user, conn: @conn ) %> - <%= render(FzHttpWeb.SharedView, "head.html", assigns) %> + <%= render(Web.SharedView, "head.html", assigns) %>
@@ -26,7 +26,7 @@
- <%= FzHttpWeb.LogoComponent.render(FzHttp.Config.fetch_config!(:logo)) %> + <%= Web.LogoComponent.render(Domain.Config.fetch_config!(:logo)) %>
diff --git a/apps/web/lib/fz_http_web/templates/root/auth.html.heex b/apps/web/lib/web/templates/root/auth.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/root/auth.html.heex rename to apps/web/lib/web/templates/root/auth.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/device_details.html.heex b/apps/web/lib/web/templates/shared/device_details.html.heex similarity index 90% rename from apps/web/lib/fz_http_web/templates/shared/device_details.html.heex rename to apps/web/lib/web/templates/shared/device_details.html.heex index d06022dc9..fc5614942 100644 --- a/apps/web/lib/fz_http_web/templates/shared/device_details.html.heex +++ b/apps/web/lib/web/templates/shared/device_details.html.heex @@ -1,6 +1,6 @@ - <%= if FzHttpWeb.LiveAuth.has_role?(@current_user, :admin) do %> + <%= if Web.LiveAuth.has_role?(@current_user, :admin) do %> - <%= if FzHttp.Config.fetch_env!(:fz_http, :wireguard_ipv4_enabled) do %> + <%= if Domain.Config.fetch_env!(:domain, :wireguard_ipv4_enabled) do %> <% end %> - <%= if FzHttp.Config.fetch_env!(:fz_http, :wireguard_ipv6_enabled) do %> + <%= if Domain.Config.fetch_env!(:domain, :wireguard_ipv6_enabled) do %> diff --git a/apps/web/lib/fz_http_web/templates/shared/devices_table.html.heex b/apps/web/lib/web/templates/shared/devices_table.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/devices_table.html.heex rename to apps/web/lib/web/templates/shared/devices_table.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/flash.html.heex b/apps/web/lib/web/templates/shared/flash.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/flash.html.heex rename to apps/web/lib/web/templates/shared/flash.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/head.html.heex b/apps/web/lib/web/templates/shared/head.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/head.html.heex rename to apps/web/lib/web/templates/shared/head.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/heading.html.heex b/apps/web/lib/web/templates/shared/heading.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/heading.html.heex rename to apps/web/lib/web/templates/shared/heading.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/mfa_methods_table.html.heex b/apps/web/lib/web/templates/shared/mfa_methods_table.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/mfa_methods_table.html.heex rename to apps/web/lib/web/templates/shared/mfa_methods_table.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/password_field.html.heex b/apps/web/lib/web/templates/shared/password_field.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/password_field.html.heex rename to apps/web/lib/web/templates/shared/password_field.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/show_device.html.heex b/apps/web/lib/web/templates/shared/show_device.html.heex similarity index 77% rename from apps/web/lib/fz_http_web/templates/shared/show_device.html.heex rename to apps/web/lib/web/templates/shared/show_device.html.heex index 43fa86019..8069312f1 100644 --- a/apps/web/lib/fz_http_web/templates/shared/show_device.html.heex +++ b/apps/web/lib/web/templates/shared/show_device.html.heex @@ -1,12 +1,12 @@
- <%= render(FzHttpWeb.SharedView, "flash.html", assigns) %> + <%= render(Web.SharedView, "flash.html", assigns) %>

Details

- <%= render(FzHttpWeb.SharedView, "device_details.html", assigns) %> + <%= render(Web.SharedView, "device_details.html", assigns) %>
-<%= if FzHttp.Devices.authorize_user_device_management(@current_user.id, @subject) == :ok do %> +<%= if Domain.Devices.authorize_user_device_management(@current_user.id, @subject) == :ok do %>

Danger Zone diff --git a/apps/web/lib/fz_http_web/templates/shared/socket_token_headers.html.heex b/apps/web/lib/web/templates/shared/socket_token_headers.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/socket_token_headers.html.heex rename to apps/web/lib/web/templates/shared/socket_token_headers.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/submit_button.html.heex b/apps/web/lib/web/templates/shared/submit_button.html.heex similarity index 100% rename from apps/web/lib/fz_http_web/templates/shared/submit_button.html.heex rename to apps/web/lib/web/templates/shared/submit_button.html.heex diff --git a/apps/web/lib/fz_http_web/templates/shared/user_details.html.heex b/apps/web/lib/web/templates/shared/user_details.html.heex similarity index 90% rename from apps/web/lib/fz_http_web/templates/shared/user_details.html.heex rename to apps/web/lib/web/templates/shared/user_details.html.heex index 24425b8f5..9175feba0 100644 --- a/apps/web/lib/fz_http_web/templates/shared/user_details.html.heex +++ b/apps/web/lib/web/templates/shared/user_details.html.heex @@ -45,11 +45,11 @@

- + <%= if @rules_path do %> - <%= with {:ok, rules_count} <- FzHttp.Rules.fetch_count_by_user_id(@user.id, @subject) do %> + <%= with {:ok, rules_count} <- Domain.Rules.fetch_count_by_user_id(@user.id, @subject) do %>
User @@ -19,14 +19,14 @@ <%= @device.description %>
Tunnel IPv4 <%= @device.ipv4 %>
Tunnel IPv6 <%= @device.ipv6 %>
Number of Devices<%= FzHttp.Devices.count_by_user_id(@user.id) %><%= Domain.Devices.count_by_user_id(@user.id) %>
Number of Rules diff --git a/apps/web/lib/fz_http_web/user_from_auth.ex b/apps/web/lib/web/user_from_auth.ex similarity index 91% rename from apps/web/lib/fz_http_web/user_from_auth.ex rename to apps/web/lib/web/user_from_auth.ex index 76f3c38c8..4ad9dc7ad 100644 --- a/apps/web/lib/fz_http_web/user_from_auth.ex +++ b/apps/web/lib/web/user_from_auth.ex @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.UserFromAuth do +defmodule Web.UserFromAuth do @moduledoc """ Authenticates users. """ - alias FzHttp.{Auth, Users} - alias FzHttpWeb.Auth.HTML.Authentication + alias Domain.{Auth, Users} + alias Web.Auth.HTML.Authentication # Local auth def find_or_create( diff --git a/apps/web/lib/web/views/auth_view.ex b/apps/web/lib/web/views/auth_view.ex new file mode 100644 index 000000000..a1e7a1954 --- /dev/null +++ b/apps/web/lib/web/views/auth_view.ex @@ -0,0 +1,3 @@ +defmodule Web.AuthView do + use Web, :view +end diff --git a/apps/web/lib/web/views/browser_view.ex b/apps/web/lib/web/views/browser_view.ex new file mode 100644 index 000000000..13c042551 --- /dev/null +++ b/apps/web/lib/web/views/browser_view.ex @@ -0,0 +1,4 @@ +defmodule Web.BrowserView do + use Web, :view + import Web.Endpoint, only: [static_path: 1] +end diff --git a/apps/web/lib/fz_http_web/views/error_view.ex b/apps/web/lib/web/views/error_view.ex similarity index 92% rename from apps/web/lib/fz_http_web/views/error_view.ex rename to apps/web/lib/web/views/error_view.ex index 7b0832e68..2766d4bb9 100644 --- a/apps/web/lib/fz_http_web/views/error_view.ex +++ b/apps/web/lib/web/views/error_view.ex @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.ErrorView do - use FzHttpWeb, :view +defmodule Web.ErrorView do + use Web, :view # If you want to customize a particular status code # for a certain format, you may uncomment below. diff --git a/apps/web/lib/fz_http_web/views/json/changeset_view.ex b/apps/web/lib/web/views/json/changeset_view.ex similarity index 77% rename from apps/web/lib/fz_http_web/views/json/changeset_view.ex rename to apps/web/lib/web/views/json/changeset_view.ex index bf29f87c6..907188595 100644 --- a/apps/web/lib/fz_http_web/views/json/changeset_view.ex +++ b/apps/web/lib/web/views/json/changeset_view.ex @@ -1,11 +1,11 @@ -defmodule FzHttpWeb.JSON.ChangesetView do - use FzHttpWeb, :view +defmodule Web.JSON.ChangesetView do + use Web, :view @doc """ Traverses and translates changeset errors. See `Ecto.Changeset.traverse_errors/2` and - `FzHttpWeb.ErrorHelpers.translate_error/1` for more details. + `Web.ErrorHelpers.translate_error/1` for more details. """ def translate_errors(changeset) do Ecto.Changeset.traverse_errors(changeset, &translate_error/1) diff --git a/apps/web/lib/fz_http_web/views/json/configuration_view.ex b/apps/web/lib/web/views/json/configuration_view.ex similarity index 88% rename from apps/web/lib/fz_http_web/views/json/configuration_view.ex rename to apps/web/lib/web/views/json/configuration_view.ex index 1db69781e..72d70802f 100644 --- a/apps/web/lib/fz_http_web/views/json/configuration_view.ex +++ b/apps/web/lib/web/views/json/configuration_view.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.JSON.ConfigurationView do +defmodule Web.JSON.ConfigurationView do @moduledoc """ Handles JSON rendering of Configuration records. """ - use FzHttpWeb, :view + use Web, :view def render("show.json", %{configuration: configuration}) do %{data: render_one(configuration, __MODULE__, "configuration.json")} @@ -30,13 +30,13 @@ defmodule FzHttpWeb.JSON.ConfigurationView do openid_connect_providers: render_many( configuration.openid_connect_providers, - FzHttpWeb.JSON.OpenIDConnectProviderView, + Web.JSON.OpenIDConnectProviderView, "openid_connect_provider.json" ), saml_identity_providers: render_many( configuration.saml_identity_providers, - FzHttpWeb.JSON.SAMLIdentityProviderView, + Web.JSON.SAMLIdentityProviderView, "saml_identity_provider.json" ), logo: render("logo.json", %{logo: configuration.logo}) diff --git a/apps/web/lib/fz_http_web/views/json/device_view.ex b/apps/web/lib/web/views/json/device_view.ex similarity index 89% rename from apps/web/lib/fz_http_web/views/json/device_view.ex rename to apps/web/lib/web/views/json/device_view.ex index c4f565d0c..2b443dd8e 100644 --- a/apps/web/lib/fz_http_web/views/json/device_view.ex +++ b/apps/web/lib/web/views/json/device_view.ex @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.JSON.DeviceView do +defmodule Web.JSON.DeviceView do @moduledoc """ Handles JSON rendering of Device records. """ - use FzHttpWeb, :view + use Web, :view - alias FzHttp.Devices + alias Domain.Devices def render("index.json", %{devices: devices, defaults: defaults}) do %{data: render_many(devices, __MODULE__, "device.json", defaults: defaults)} @@ -44,7 +44,7 @@ defmodule FzHttpWeb.JSON.DeviceView do Map.merge( Map.take(device, @keys_to_render), %{ - server_public_key: Application.get_env(:fz_vpn, :wireguard_public_key), + server_public_key: Application.get_env(:domain, :wireguard_public_key), endpoint: Devices.get_endpoint(device, defaults), allowed_ips: Devices.get_allowed_ips(device, defaults), dns: Devices.get_dns(device, defaults), diff --git a/apps/web/lib/fz_http_web/views/json/openid_connect_provider_view.ex b/apps/web/lib/web/views/json/openid_connect_provider_view.ex similarity index 81% rename from apps/web/lib/fz_http_web/views/json/openid_connect_provider_view.ex rename to apps/web/lib/web/views/json/openid_connect_provider_view.ex index 966d625a0..270e4bf1f 100644 --- a/apps/web/lib/fz_http_web/views/json/openid_connect_provider_view.ex +++ b/apps/web/lib/web/views/json/openid_connect_provider_view.ex @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.JSON.OpenIDConnectProviderView do - use FzHttpWeb, :view +defmodule Web.JSON.OpenIDConnectProviderView do + use Web, :view @keys_to_render ~w[ id diff --git a/apps/web/lib/fz_http_web/views/json/rule_view.ex b/apps/web/lib/web/views/json/rule_view.ex similarity index 89% rename from apps/web/lib/fz_http_web/views/json/rule_view.ex rename to apps/web/lib/web/views/json/rule_view.ex index ad16ce0f4..d1d3c1cb0 100644 --- a/apps/web/lib/fz_http_web/views/json/rule_view.ex +++ b/apps/web/lib/web/views/json/rule_view.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.JSON.RuleView do +defmodule Web.JSON.RuleView do @moduledoc """ Handles JSON rendering of Rule records. """ - use FzHttpWeb, :view + use Web, :view def render("index.json", %{rules: rules}) do %{data: render_many(rules, __MODULE__, "rule.json")} diff --git a/apps/web/lib/fz_http_web/views/json/saml_identity_provider_view.ex b/apps/web/lib/web/views/json/saml_identity_provider_view.ex similarity index 82% rename from apps/web/lib/fz_http_web/views/json/saml_identity_provider_view.ex rename to apps/web/lib/web/views/json/saml_identity_provider_view.ex index b18126eaa..d13994588 100644 --- a/apps/web/lib/fz_http_web/views/json/saml_identity_provider_view.ex +++ b/apps/web/lib/web/views/json/saml_identity_provider_view.ex @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.JSON.SAMLIdentityProviderView do - use FzHttpWeb, :view +defmodule Web.JSON.SAMLIdentityProviderView do + use Web, :view @keys_to_render ~w[ id diff --git a/apps/web/lib/fz_http_web/views/json/user_view.ex b/apps/web/lib/web/views/json/user_view.ex similarity index 89% rename from apps/web/lib/fz_http_web/views/json/user_view.ex rename to apps/web/lib/web/views/json/user_view.ex index b52fc1a1d..b16e2fb8c 100644 --- a/apps/web/lib/fz_http_web/views/json/user_view.ex +++ b/apps/web/lib/web/views/json/user_view.ex @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.JSON.UserView do +defmodule Web.JSON.UserView do @moduledoc """ Handles JSON rendering of User records. """ - use FzHttpWeb, :view + use Web, :view def render("index.json", %{users: users}) do %{data: render_many(users, __MODULE__, "user.json")} diff --git a/apps/web/lib/fz_http_web/views/layout_view.ex b/apps/web/lib/web/views/layout_view.ex similarity index 60% rename from apps/web/lib/fz_http_web/views/layout_view.ex rename to apps/web/lib/web/views/layout_view.ex index 8bbdcca72..9fabe3237 100644 --- a/apps/web/lib/fz_http_web/views/layout_view.ex +++ b/apps/web/lib/web/views/layout_view.ex @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.LayoutView do - use FzHttpWeb, :view - import FzHttpWeb.Endpoint, only: [static_path: 1] +defmodule Web.LayoutView do + use Web, :view + import Web.Endpoint, only: [static_path: 1] @doc """ Generate a random feedback email to avoid spam. @@ -13,6 +13,6 @@ defmodule FzHttpWeb.LayoutView do The application version from mix.exs. """ def application_version do - Application.spec(:fz_http, :vsn) + Application.spec(:domain, :vsn) end end diff --git a/apps/web/lib/web/views/root_view.ex b/apps/web/lib/web/views/root_view.ex new file mode 100644 index 000000000..1f368bd36 --- /dev/null +++ b/apps/web/lib/web/views/root_view.ex @@ -0,0 +1,3 @@ +defmodule Web.RootView do + use Web, :view +end diff --git a/apps/web/lib/web/views/rule_view.ex b/apps/web/lib/web/views/rule_view.ex new file mode 100644 index 000000000..8a710b9b9 --- /dev/null +++ b/apps/web/lib/web/views/rule_view.ex @@ -0,0 +1,3 @@ +defmodule Web.RuleView do + use Web, :view +end diff --git a/apps/web/lib/fz_http_web/views/shared_view.ex b/apps/web/lib/web/views/shared_view.ex similarity index 78% rename from apps/web/lib/fz_http_web/views/shared_view.ex rename to apps/web/lib/web/views/shared_view.ex index 6017a8d11..918a802d8 100644 --- a/apps/web/lib/fz_http_web/views/shared_view.ex +++ b/apps/web/lib/web/views/shared_view.ex @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.SharedView do - use FzHttpWeb, :view - import FzHttpWeb.Endpoint, only: [static_path: 1] +defmodule Web.SharedView do + use Web, :view + import Web.Endpoint, only: [static_path: 1] @byte_size_opts [ precision: 2, diff --git a/apps/web/lib/fz_http_web/views/user_view.ex b/apps/web/lib/web/views/user_view.ex similarity index 52% rename from apps/web/lib/fz_http_web/views/user_view.ex rename to apps/web/lib/web/views/user_view.ex index 2f027608a..dfd11d92b 100644 --- a/apps/web/lib/fz_http_web/views/user_view.ex +++ b/apps/web/lib/web/views/user_view.ex @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.UserView do +defmodule Web.UserView do @moduledoc """ Helper functions for User views. """ - use FzHttpWeb, :view + use Web, :view end diff --git a/apps/web/lib/fz_http_web/views/wireguard_config_view.ex b/apps/web/lib/web/views/wireguard_config_view.ex similarity index 83% rename from apps/web/lib/fz_http_web/views/wireguard_config_view.ex rename to apps/web/lib/web/views/wireguard_config_view.ex index 37766f6eb..63eef5ada 100644 --- a/apps/web/lib/fz_http_web/views/wireguard_config_view.ex +++ b/apps/web/lib/web/views/wireguard_config_view.ex @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.WireguardConfigView do - use FzHttpWeb, :view - alias FzHttp.Config - alias FzHttp.Devices +defmodule Web.WireguardConfigView do + use Web, :view + alias Domain.Config + alias Domain.Devices require Logger def render("base64_device.conf", %{device: device}) do @@ -10,7 +10,7 @@ defmodule FzHttpWeb.WireguardConfigView do end def render("device.conf", %{device: device}) do - server_public_key = Application.get_env(:fz_vpn, :wireguard_public_key) + server_public_key = Application.get_env(:domain, :wireguard_public_key) defaults = Devices.defaults() if is_nil(server_public_key) do @@ -93,19 +93,19 @@ defmodule FzHttpWeb.WireguardConfigView do end end - defp maybe_add_port(%FzHttp.Types.IPPort{port: nil} = ip_port) do - wireguard_port = Config.fetch_env!(:fz_vpn, :wireguard_port) - FzHttp.Types.IPPort.to_string(%{ip_port | port: wireguard_port}) + defp maybe_add_port(%Domain.Types.IPPort{port: nil} = ip_port) do + wireguard_port = Config.fetch_env!(:domain, :wireguard_port) + Domain.Types.IPPort.to_string(%{ip_port | port: wireguard_port}) end - defp maybe_add_port(%FzHttp.Types.IPPort{} = ip_port) do - FzHttp.Types.IPPort.to_string(ip_port) + defp maybe_add_port(%Domain.Types.IPPort{} = ip_port) do + Domain.Types.IPPort.to_string(ip_port) end # Finds a port in IPv6-formatted address, e.g. [2001::1]:51820 @capture_port ~r/\[.*]:(?[\d]+)/ defp maybe_add_port(endpoint) do - wireguard_port = FzHttp.Config.fetch_env!(:fz_vpn, :wireguard_port) + wireguard_port = Domain.Config.fetch_env!(:domain, :wireguard_port) colon_count = endpoint |> String.graphemes() |> Enum.count(&(&1 == ":")) if colon_count == 1 or !is_nil(Regex.named_captures(@capture_port, endpoint)) do diff --git a/apps/web/mix.exs b/apps/web/mix.exs index 3aea0b857..c616d6299 100644 --- a/apps/web/mix.exs +++ b/apps/web/mix.exs @@ -1,9 +1,9 @@ -defmodule FzHttp.MixProject do +defmodule Web.MixProject do use Mix.Project def project do [ - app: :fz_http, + app: :web, version: version(), build_path: "../../_build", config_path: "../../config/config.exs", @@ -32,7 +32,7 @@ defmodule FzHttp.MixProject do def application do [ - mod: {FzHttp.Application, []}, + mod: {Web.Application, []}, extra_applications: [ :logger, :runtime_tools @@ -46,13 +46,15 @@ defmodule FzHttp.MixProject do defp deps do [ + # Umbrella deps + {:domain, in_umbrella: true}, + # Phoenix/Plug deps {:plug, "~> 1.13"}, {:plug_cowboy, "~> 2.5"}, {:phoenix, "~> 1.7.0"}, {:phoenix_ecto, "~> 4.4"}, {:phoenix_html, "~> 3.2"}, - {:phoenix_pubsub, "~> 2.0"}, {:phoenix_live_view, "~> 0.18.8"}, {:phoenix_live_dashboard, "~> 0.7.2"}, {:phoenix_live_reload, "~> 1.3", only: :dev}, @@ -60,35 +62,21 @@ defmodule FzHttp.MixProject do {:gettext, "~> 0.18"}, {:file_size, "~> 3.0.1"}, - # Ecto-related deps - {:postgrex, "~> 0.16"}, - {:decimal, "~> 2.0"}, - {:ecto_sql, "~> 3.7"}, - {:cloak, "~> 1.1"}, - {:cloak_ecto, "~> 1.2"}, - # Auth-related deps {:guardian, "~> 2.0"}, {:guardian_db, "~> 2.0"}, - {:openid_connect, github: "firezone/openid_connect", branch: "andrew/rewrite"}, + {:openid_connect, github: "firezone/openid_connect", branch: "master"}, # XXX: All github deps should use ref instead of always updating from master branch {:esaml, github: "firezone/esaml", override: true}, {:samly, github: "firezone/samly"}, {:ueberauth, "~> 0.7"}, {:ueberauth_identity, "~> 0.4"}, - {:argon2_elixir, "~> 2.0"}, - {:nimble_totp, "~> 0.2"}, # Other deps {:remote_ip, "~> 1.0"}, {:telemetry, "~> 1.0"}, # Used in Swoosh SMTP adapter {:gen_smtp, "~> 1.0"}, - {:posthog, "~> 0.1"}, - - # Runtime debugging - {:recon, "~> 2.5"}, - {:observer_cli, "~> 1.7"}, # Test and dev deps {:bypass, "~> 2.1", only: :test}, diff --git a/apps/web/priv/repo/migrations/20200225005454_create_users.exs b/apps/web/priv/repo/migrations/20200225005454_create_users.exs index 52ecc7fbc..5db9f6ceb 100644 --- a/apps/web/priv/repo/migrations/20200225005454_create_users.exs +++ b/apps/web/priv/repo/migrations/20200225005454_create_users.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateUsers do +defmodule Domain.Repo.Migrations.CreateUsers do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20200228145810_create_devices.exs b/apps/web/priv/repo/migrations/20200228145810_create_devices.exs index e0cd446ca..b20681d2c 100644 --- a/apps/web/priv/repo/migrations/20200228145810_create_devices.exs +++ b/apps/web/priv/repo/migrations/20200228145810_create_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateDevices do +defmodule Domain.Repo.Migrations.CreateDevices do use Ecto.Migration @default_allowed_ips "0.0.0.0/0,::/0" diff --git a/apps/web/priv/repo/migrations/20200228154815_create_rules.exs b/apps/web/priv/repo/migrations/20200228154815_create_rules.exs index c69049369..4150744f7 100644 --- a/apps/web/priv/repo/migrations/20200228154815_create_rules.exs +++ b/apps/web/priv/repo/migrations/20200228154815_create_rules.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateRules do +defmodule Domain.Repo.Migrations.CreateRules do use Ecto.Migration @create_query "CREATE TYPE action_enum AS ENUM ('drop', 'accept')" diff --git a/apps/web/priv/repo/migrations/20210929172417_add_dns_servers_to_devices.exs b/apps/web/priv/repo/migrations/20210929172417_add_dns_servers_to_devices.exs index 29a0940c0..25e942716 100644 --- a/apps/web/priv/repo/migrations/20210929172417_add_dns_servers_to_devices.exs +++ b/apps/web/priv/repo/migrations/20210929172417_add_dns_servers_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddDnsServersToDevices do +defmodule Domain.Repo.Migrations.AddDnsServersToDevices do use Ecto.Migration @default_dns_servers "1.1.1.1, 1.0.0.1" diff --git a/apps/web/priv/repo/migrations/20211116172808_create_connectivity_checks.exs b/apps/web/priv/repo/migrations/20211116172808_create_connectivity_checks.exs index fd22b6767..59f9dd98e 100644 --- a/apps/web/priv/repo/migrations/20211116172808_create_connectivity_checks.exs +++ b/apps/web/priv/repo/migrations/20211116172808_create_connectivity_checks.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateConnectivityChecks do +defmodule Domain.Repo.Migrations.CreateConnectivityChecks do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20211116173236_create_settings.exs b/apps/web/priv/repo/migrations/20211116173236_create_settings.exs index 72aab30e5..60a830571 100644 --- a/apps/web/priv/repo/migrations/20211116173236_create_settings.exs +++ b/apps/web/priv/repo/migrations/20211116173236_create_settings.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateSettings do +defmodule Domain.Repo.Migrations.CreateSettings do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20211203012238_change_device_column_defaults.exs b/apps/web/priv/repo/migrations/20211203012238_change_device_column_defaults.exs index e98411cab..036a443e2 100644 --- a/apps/web/priv/repo/migrations/20211203012238_change_device_column_defaults.exs +++ b/apps/web/priv/repo/migrations/20211203012238_change_device_column_defaults.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeDeviceColumnDefaults do +defmodule Domain.Repo.Migrations.ChangeDeviceColumnDefaults do @moduledoc """ Removes the device defaults in favor of using values from the settings table. diff --git a/apps/web/priv/repo/migrations/20211216155557_add_config_token_to_devices.exs b/apps/web/priv/repo/migrations/20211216155557_add_config_token_to_devices.exs index 16716698a..e63ce64a0 100644 --- a/apps/web/priv/repo/migrations/20211216155557_add_config_token_to_devices.exs +++ b/apps/web/priv/repo/migrations/20211216155557_add_config_token_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddConfigTokenToDevices do +defmodule Domain.Repo.Migrations.AddConfigTokenToDevices do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20211217003247_add_persistent_keepalives.exs b/apps/web/priv/repo/migrations/20211217003247_add_persistent_keepalives.exs index 8444ffec5..6f15ac35f 100644 --- a/apps/web/priv/repo/migrations/20211217003247_add_persistent_keepalives.exs +++ b/apps/web/priv/repo/migrations/20211217003247_add_persistent_keepalives.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddPersistentKeepalives do +defmodule Domain.Repo.Migrations.AddPersistentKeepalives do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20211221183311_add_role_to_users.exs b/apps/web/priv/repo/migrations/20211221183311_add_role_to_users.exs index 3098793ff..cee1307d6 100644 --- a/apps/web/priv/repo/migrations/20211221183311_add_role_to_users.exs +++ b/apps/web/priv/repo/migrations/20211221183311_add_role_to_users.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddRoleToUsers do +defmodule Domain.Repo.Migrations.AddRoleToUsers do use Ecto.Migration @create_query "CREATE TYPE role_enum AS ENUM ('unprivileged', 'admin')" diff --git a/apps/web/priv/repo/migrations/20211223161545_add_require_auth_for_vpn_setting.exs b/apps/web/priv/repo/migrations/20211223161545_add_require_auth_for_vpn_setting.exs index 2a6d21a7e..79c1be980 100644 --- a/apps/web/priv/repo/migrations/20211223161545_add_require_auth_for_vpn_setting.exs +++ b/apps/web/priv/repo/migrations/20211223161545_add_require_auth_for_vpn_setting.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddRequireAuthForVpnSetting do +defmodule Domain.Repo.Migrations.AddRequireAuthForVpnSetting do use Ecto.Migration @setting_key "security.require_auth_for_vpn_frequency" diff --git a/apps/web/priv/repo/migrations/20220103175026_add_inets_to_devices.exs b/apps/web/priv/repo/migrations/20220103175026_add_inets_to_devices.exs index 64448de7a..88011f5ed 100644 --- a/apps/web/priv/repo/migrations/20220103175026_add_inets_to_devices.exs +++ b/apps/web/priv/repo/migrations/20220103175026_add_inets_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddInetsToDevices do +defmodule Domain.Repo.Migrations.AddInetsToDevices do use Ecto.Migration @ipv4_prefix "10.3.2." diff --git a/apps/web/priv/repo/migrations/20220111004847_add_mtu_to_devices.exs b/apps/web/priv/repo/migrations/20220111004847_add_mtu_to_devices.exs index 77fe460da..39baaa1ac 100644 --- a/apps/web/priv/repo/migrations/20220111004847_add_mtu_to_devices.exs +++ b/apps/web/priv/repo/migrations/20220111004847_add_mtu_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddMtuToDevices do +defmodule Domain.Repo.Migrations.AddMtuToDevices do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220124162404_add_uuids.exs b/apps/web/priv/repo/migrations/20220124162404_add_uuids.exs index a265f0360..c254b5ed8 100644 --- a/apps/web/priv/repo/migrations/20220124162404_add_uuids.exs +++ b/apps/web/priv/repo/migrations/20220124162404_add_uuids.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddUuids do +defmodule Domain.Repo.Migrations.AddUuids do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220127021835_rename_persistent_keepalives.exs b/apps/web/priv/repo/migrations/20220127021835_rename_persistent_keepalives.exs index 4f373aa43..bde31d4d0 100644 --- a/apps/web/priv/repo/migrations/20220127021835_rename_persistent_keepalives.exs +++ b/apps/web/priv/repo/migrations/20220127021835_rename_persistent_keepalives.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.RenamePersistentKeepalives do +defmodule Domain.Repo.Migrations.RenamePersistentKeepalives do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220127191440_rename_dns_servers_to_dns.exs b/apps/web/priv/repo/migrations/20220127191440_rename_dns_servers_to_dns.exs index 52200f4e6..576947ee0 100644 --- a/apps/web/priv/repo/migrations/20220127191440_rename_dns_servers_to_dns.exs +++ b/apps/web/priv/repo/migrations/20220127191440_rename_dns_servers_to_dns.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.RenameDnsServersToDns do +defmodule Domain.Repo.Migrations.RenameDnsServersToDns do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220208184257_settings_to_sites.exs b/apps/web/priv/repo/migrations/20220208184257_settings_to_sites.exs index e603ee3fe..5f8152189 100644 --- a/apps/web/priv/repo/migrations/20220208184257_settings_to_sites.exs +++ b/apps/web/priv/repo/migrations/20220208184257_settings_to_sites.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.SettingsToSites do +defmodule Domain.Repo.Migrations.SettingsToSites do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220209005201_rename_use_default_to_use_site.exs b/apps/web/priv/repo/migrations/20220209005201_rename_use_default_to_use_site.exs index 123084df8..579e3268e 100644 --- a/apps/web/priv/repo/migrations/20220209005201_rename_use_default_to_use_site.exs +++ b/apps/web/priv/repo/migrations/20220209005201_rename_use_default_to_use_site.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.RenameUseDefaultToUseSite do +defmodule Domain.Repo.Migrations.RenameUseDefaultToUseSite do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220211201727_remove_private_keys.exs b/apps/web/priv/repo/migrations/20220211201727_remove_private_keys.exs index 2388239bb..4e7b4c8a7 100644 --- a/apps/web/priv/repo/migrations/20220211201727_remove_private_keys.exs +++ b/apps/web/priv/repo/migrations/20220211201727_remove_private_keys.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.RemovePrivateKeys do +defmodule Domain.Repo.Migrations.RemovePrivateKeys do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220219165023_add_key_regenerated_at.exs b/apps/web/priv/repo/migrations/20220219165023_add_key_regenerated_at.exs index c6f78fea1..b667a8f51 100644 --- a/apps/web/priv/repo/migrations/20220219165023_add_key_regenerated_at.exs +++ b/apps/web/priv/repo/migrations/20220219165023_add_key_regenerated_at.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddKeyRegeneratedAt do +defmodule Domain.Repo.Migrations.AddKeyRegeneratedAt do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220227215313_add_last_signed_in_method_to_user.exs b/apps/web/priv/repo/migrations/20220227215313_add_last_signed_in_method_to_user.exs index e565cd50f..6d53b4ded 100644 --- a/apps/web/priv/repo/migrations/20220227215313_add_last_signed_in_method_to_user.exs +++ b/apps/web/priv/repo/migrations/20220227215313_add_last_signed_in_method_to_user.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddLastSignedInMethodToUser do +defmodule Domain.Repo.Migrations.AddLastSignedInMethodToUser do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220412144151_add_psk_to_devices.exs b/apps/web/priv/repo/migrations/20220412144151_add_psk_to_devices.exs index a4c28a9e3..2505f726a 100644 --- a/apps/web/priv/repo/migrations/20220412144151_add_psk_to_devices.exs +++ b/apps/web/priv/repo/migrations/20220412144151_add_psk_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddPskToDevices do +defmodule Domain.Repo.Migrations.AddPskToDevices do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220419172036_add_stats_to_devices.exs b/apps/web/priv/repo/migrations/20220419172036_add_stats_to_devices.exs index ebe4691bb..5a86d381f 100644 --- a/apps/web/priv/repo/migrations/20220419172036_add_stats_to_devices.exs +++ b/apps/web/priv/repo/migrations/20220419172036_add_stats_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddStatsToDevices do +defmodule Domain.Repo.Migrations.AddStatsToDevices do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220427140943_add_description_to_devices.exs b/apps/web/priv/repo/migrations/20220427140943_add_description_to_devices.exs index f59b8fe9d..89e8055b8 100644 --- a/apps/web/priv/repo/migrations/20220427140943_add_description_to_devices.exs +++ b/apps/web/priv/repo/migrations/20220427140943_add_description_to_devices.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddDescriptionToDevices do +defmodule Domain.Repo.Migrations.AddDescriptionToDevices do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220516063916_change_allowed_ips_to_text.exs b/apps/web/priv/repo/migrations/20220516063916_change_allowed_ips_to_text.exs index 221d7c2a4..7b320c3cd 100644 --- a/apps/web/priv/repo/migrations/20220516063916_change_allowed_ips_to_text.exs +++ b/apps/web/priv/repo/migrations/20220516063916_change_allowed_ips_to_text.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeAllowedIpsToText do +defmodule Domain.Repo.Migrations.ChangeAllowedIpsToText do use Ecto.Migration def up do diff --git a/apps/web/priv/repo/migrations/20220519034545_create_oidc_connections.exs b/apps/web/priv/repo/migrations/20220519034545_create_oidc_connections.exs index fb08b787b..faee8448f 100644 --- a/apps/web/priv/repo/migrations/20220519034545_create_oidc_connections.exs +++ b/apps/web/priv/repo/migrations/20220519034545_create_oidc_connections.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateOidcConnections do +defmodule Domain.Repo.Migrations.CreateOidcConnections do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220520072323_add_disabled_at_to_user.exs b/apps/web/priv/repo/migrations/20220520072323_add_disabled_at_to_user.exs index dcd9f4bdd..185e32b21 100644 --- a/apps/web/priv/repo/migrations/20220520072323_add_disabled_at_to_user.exs +++ b/apps/web/priv/repo/migrations/20220520072323_add_disabled_at_to_user.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddDisabledAtToUser do +defmodule Domain.Repo.Migrations.AddDisabledAtToUser do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220530073152_create_mfa_methods.exs b/apps/web/priv/repo/migrations/20220530073152_create_mfa_methods.exs index b27245081..9204abec0 100644 --- a/apps/web/priv/repo/migrations/20220530073152_create_mfa_methods.exs +++ b/apps/web/priv/repo/migrations/20220530073152_create_mfa_methods.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateMfaMethods do +defmodule Domain.Repo.Migrations.CreateMfaMethods do use Ecto.Migration @create_query "CREATE TYPE mfa_type_enum AS ENUM ('totp', 'native', 'portable')" diff --git a/apps/web/priv/repo/migrations/20220609232854_change_refresh_token_to_text.exs b/apps/web/priv/repo/migrations/20220609232854_change_refresh_token_to_text.exs index 0798495d3..a1f59ebb1 100644 --- a/apps/web/priv/repo/migrations/20220609232854_change_refresh_token_to_text.exs +++ b/apps/web/priv/repo/migrations/20220609232854_change_refresh_token_to_text.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeRefreshTokenToText do +defmodule Domain.Repo.Migrations.ChangeRefreshTokenToText do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220614192937_add_user_id_to_rules.exs b/apps/web/priv/repo/migrations/20220614192937_add_user_id_to_rules.exs index cdda2e12a..9d18a6939 100644 --- a/apps/web/priv/repo/migrations/20220614192937_add_user_id_to_rules.exs +++ b/apps/web/priv/repo/migrations/20220614192937_add_user_id_to_rules.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddUserIdToRules do +defmodule Domain.Repo.Migrations.AddUserIdToRules do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220713050742_create_configurations.exs b/apps/web/priv/repo/migrations/20220713050742_create_configurations.exs index 5a6728118..4c0f906dc 100644 --- a/apps/web/priv/repo/migrations/20220713050742_create_configurations.exs +++ b/apps/web/priv/repo/migrations/20220713050742_create_configurations.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateConfigurations do +defmodule Domain.Repo.Migrations.CreateConfigurations do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220719014442_add_auth_configs.exs b/apps/web/priv/repo/migrations/20220719014442_add_auth_configs.exs index 9b9f454d1..d0055d1e0 100644 --- a/apps/web/priv/repo/migrations/20220719014442_add_auth_configs.exs +++ b/apps/web/priv/repo/migrations/20220719014442_add_auth_configs.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddAuthConfigs do +defmodule Domain.Repo.Migrations.AddAuthConfigs do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220721164925_add_device_rule_user_notify_triggers.exs b/apps/web/priv/repo/migrations/20220721164925_add_device_rule_user_notify_triggers.exs index f128778b2..c1463ac66 100644 --- a/apps/web/priv/repo/migrations/20220721164925_add_device_rule_user_notify_triggers.exs +++ b/apps/web/priv/repo/migrations/20220721164925_add_device_rule_user_notify_triggers.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddDeviceRuleUserNotifyTriggers do +defmodule Domain.Repo.Migrations.AddDeviceRuleUserNotifyTriggers do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220726205646_add_rule_port_range.exs b/apps/web/priv/repo/migrations/20220726205646_add_rule_port_range.exs index 73d4fc59e..0c17d4234 100644 --- a/apps/web/priv/repo/migrations/20220726205646_add_rule_port_range.exs +++ b/apps/web/priv/repo/migrations/20220726205646_add_rule_port_range.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddRulePortRange do +defmodule Domain.Repo.Migrations.AddRulePortRange do use Ecto.Migration @create_query "CREATE TYPE port_type_enum AS ENUM ('tcp', 'udp')" diff --git a/apps/web/priv/repo/migrations/20220810002432_add_unprivileged_device_configuration.exs b/apps/web/priv/repo/migrations/20220810002432_add_unprivileged_device_configuration.exs index 995fb3360..28e54acfd 100644 --- a/apps/web/priv/repo/migrations/20220810002432_add_unprivileged_device_configuration.exs +++ b/apps/web/priv/repo/migrations/20220810002432_add_unprivileged_device_configuration.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddUnprivilegedDeviceConfiguration do +defmodule Domain.Repo.Migrations.AddUnprivilegedDeviceConfiguration do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20220831060724_add_saml_identity_providers_to_configuration.exs b/apps/web/priv/repo/migrations/20220831060724_add_saml_identity_providers_to_configuration.exs index e7934e848..75e374706 100644 --- a/apps/web/priv/repo/migrations/20220831060724_add_saml_identity_providers_to_configuration.exs +++ b/apps/web/priv/repo/migrations/20220831060724_add_saml_identity_providers_to_configuration.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddSamlIdentityProvidersToConfiguration do +defmodule Domain.Repo.Migrations.AddSamlIdentityProvidersToConfiguration do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221012123308_move_auto_create_users_to_providers.exs b/apps/web/priv/repo/migrations/20221012123308_move_auto_create_users_to_providers.exs index f18008470..7e0fe2de3 100644 --- a/apps/web/priv/repo/migrations/20221012123308_move_auto_create_users_to_providers.exs +++ b/apps/web/priv/repo/migrations/20221012123308_move_auto_create_users_to_providers.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.MoveAutoCreateUsersToProviders do +defmodule Domain.Repo.Migrations.MoveAutoCreateUsersToProviders do @moduledoc """ I know this migration is hacky, but doing this in pure SQL is non-trivial for my level of Postgres-fu, so this will have to do. @@ -23,7 +23,7 @@ defmodule FzHttp.Repo.Migrations.MoveAutoCreateUsersToProviders do # } # ] defp oid_provider_keys do - FzHttp.Repo.all(from("configurations", select: [:openid_connect_providers])) + Domain.Repo.all(from("configurations", select: [:openid_connect_providers])) # only one configuration at this point |> List.first() |> Map.get(:openid_connect_providers) @@ -31,7 +31,7 @@ defmodule FzHttp.Repo.Migrations.MoveAutoCreateUsersToProviders do end defp saml_provider_keys do - FzHttp.Repo.all(from("configurations", select: [:saml_identity_providers])) + Domain.Repo.all(from("configurations", select: [:saml_identity_providers])) # only one configuration at this point |> List.first() |> Map.get(:saml_identity_providers) @@ -42,7 +42,7 @@ defmodule FzHttp.Repo.Migrations.MoveAutoCreateUsersToProviders do defp keys(map), do: Map.keys(map) defp cur_oidc_create_users do - FzHttp.Repo.all(from("configurations", select: [:auto_create_oidc_users])) + Domain.Repo.all(from("configurations", select: [:auto_create_oidc_users])) |> List.first() |> Map.get(:auto_create_oidc_users) end diff --git a/apps/web/priv/repo/migrations/20221129002233_update_on_delete_behavior.exs b/apps/web/priv/repo/migrations/20221129002233_update_on_delete_behavior.exs index 5485e052c..a93e9910f 100644 --- a/apps/web/priv/repo/migrations/20221129002233_update_on_delete_behavior.exs +++ b/apps/web/priv/repo/migrations/20221129002233_update_on_delete_behavior.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.UpdateOnDeleteBehavior do +defmodule Domain.Repo.Migrations.UpdateOnDeleteBehavior do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221223190406_migrate_pks_to_uuid.exs b/apps/web/priv/repo/migrations/20221223190406_migrate_pks_to_uuid.exs index 4be4e9b5c..388bb8b29 100644 --- a/apps/web/priv/repo/migrations/20221223190406_migrate_pks_to_uuid.exs +++ b/apps/web/priv/repo/migrations/20221223190406_migrate_pks_to_uuid.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.MigratePksToUuid do +defmodule Domain.Repo.Migrations.MigratePksToUuid do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221223223357_migrate_datetimes_to_timestamptz.exs b/apps/web/priv/repo/migrations/20221223223357_migrate_datetimes_to_timestamptz.exs index 1809f7fc3..e2a2d530b 100644 --- a/apps/web/priv/repo/migrations/20221223223357_migrate_datetimes_to_timestamptz.exs +++ b/apps/web/priv/repo/migrations/20221223223357_migrate_datetimes_to_timestamptz.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.MigrateDatetimesToTimestamptz do +defmodule Domain.Repo.Migrations.MigrateDatetimesToTimestamptz do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221223223931_order_connectivity_checks_inserted_at_index.exs b/apps/web/priv/repo/migrations/20221223223931_order_connectivity_checks_inserted_at_index.exs index 4d15bc9b6..4411b848c 100644 --- a/apps/web/priv/repo/migrations/20221223223931_order_connectivity_checks_inserted_at_index.exs +++ b/apps/web/priv/repo/migrations/20221223223931_order_connectivity_checks_inserted_at_index.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.OrderConnectivityChecksInsertedAtIndex do +defmodule Domain.Repo.Migrations.OrderConnectivityChecksInsertedAtIndex do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221224210654_fix_sites_nullable_fields.exs b/apps/web/priv/repo/migrations/20221224210654_fix_sites_nullable_fields.exs index e1b2033bd..cb02b0207 100644 --- a/apps/web/priv/repo/migrations/20221224210654_fix_sites_nullable_fields.exs +++ b/apps/web/priv/repo/migrations/20221224210654_fix_sites_nullable_fields.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.FixSitesNullableFields do +defmodule Domain.Repo.Migrations.FixSitesNullableFields do use Ecto.Migration require Logger diff --git a/apps/web/priv/repo/migrations/20221226044850_create_api_tokens.exs b/apps/web/priv/repo/migrations/20221226044850_create_api_tokens.exs index eafd4c5ed..f224f1439 100644 --- a/apps/web/priv/repo/migrations/20221226044850_create_api_tokens.exs +++ b/apps/web/priv/repo/migrations/20221226044850_create_api_tokens.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.CreateApiTokens do +defmodule Domain.Repo.Migrations.CreateApiTokens do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221226143651_move_sites_fields_to_configurations.exs b/apps/web/priv/repo/migrations/20221226143651_move_sites_fields_to_configurations.exs index 05436bcc3..e38029734 100644 --- a/apps/web/priv/repo/migrations/20221226143651_move_sites_fields_to_configurations.exs +++ b/apps/web/priv/repo/migrations/20221226143651_move_sites_fields_to_configurations.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.MoveSitesFieldsToConfigurations do +defmodule Domain.Repo.Migrations.MoveSitesFieldsToConfigurations do use Ecto.Migration @doc """ diff --git a/apps/web/priv/repo/migrations/20221226171558_rename_use_site_to_use_default.exs b/apps/web/priv/repo/migrations/20221226171558_rename_use_site_to_use_default.exs index 83a6caa29..de496e977 100644 --- a/apps/web/priv/repo/migrations/20221226171558_rename_use_site_to_use_default.exs +++ b/apps/web/priv/repo/migrations/20221226171558_rename_use_site_to_use_default.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.RenameUseSiteToUseDefault do +defmodule Domain.Repo.Migrations.RenameUseSiteToUseDefault do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221226193228_drop_sites.exs b/apps/web/priv/repo/migrations/20221226193228_drop_sites.exs index 1ed36c3f7..28a856963 100644 --- a/apps/web/priv/repo/migrations/20221226193228_drop_sites.exs +++ b/apps/web/priv/repo/migrations/20221226193228_drop_sites.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.DropSites do +defmodule Domain.Repo.Migrations.DropSites do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221227181727_move_cache_fallbacks_to_configurations.exs b/apps/web/priv/repo/migrations/20221227181727_move_cache_fallbacks_to_configurations.exs index 37f67392d..3f2a42fb2 100644 --- a/apps/web/priv/repo/migrations/20221227181727_move_cache_fallbacks_to_configurations.exs +++ b/apps/web/priv/repo/migrations/20221227181727_move_cache_fallbacks_to_configurations.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.MoveCacheFallbacksToConfigurations do +defmodule Domain.Repo.Migrations.MoveCacheFallbacksToConfigurations do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20221229154115_migrate_providers_configs.exs b/apps/web/priv/repo/migrations/20221229154115_migrate_providers_configs.exs index ec243825f..614226164 100644 --- a/apps/web/priv/repo/migrations/20221229154115_migrate_providers_configs.exs +++ b/apps/web/priv/repo/migrations/20221229154115_migrate_providers_configs.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.MigrateProvidersConfigs do +defmodule Domain.Repo.Migrations.MigrateProvidersConfigs do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230104000803_add_users_sign_in_token_hash.exs b/apps/web/priv/repo/migrations/20230104000803_add_users_sign_in_token_hash.exs index 1ce9693eb..bc97f7015 100644 --- a/apps/web/priv/repo/migrations/20230104000803_add_users_sign_in_token_hash.exs +++ b/apps/web/priv/repo/migrations/20230104000803_add_users_sign_in_token_hash.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddUsersSignInTokenHash do +defmodule Domain.Repo.Migrations.AddUsersSignInTokenHash do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230104181853_change_users_email_to_citext.exs b/apps/web/priv/repo/migrations/20230104181853_change_users_email_to_citext.exs index 7005deeee..9a693774e 100644 --- a/apps/web/priv/repo/migrations/20230104181853_change_users_email_to_citext.exs +++ b/apps/web/priv/repo/migrations/20230104181853_change_users_email_to_citext.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeUsersEmailToCitext do +defmodule Domain.Repo.Migrations.ChangeUsersEmailToCitext do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230113184557_add_default_pks_values.exs b/apps/web/priv/repo/migrations/20230113184557_add_default_pks_values.exs index 511a4217b..ce6f219a7 100644 --- a/apps/web/priv/repo/migrations/20230113184557_add_default_pks_values.exs +++ b/apps/web/priv/repo/migrations/20230113184557_add_default_pks_values.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddDefaultPksValues do +defmodule Domain.Repo.Migrations.AddDefaultPksValues do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230116200524_add_not_null_to_mfa_methods.exs b/apps/web/priv/repo/migrations/20230116200524_add_not_null_to_mfa_methods.exs index c98a3e577..9999d50b3 100644 --- a/apps/web/priv/repo/migrations/20230116200524_add_not_null_to_mfa_methods.exs +++ b/apps/web/priv/repo/migrations/20230116200524_add_not_null_to_mfa_methods.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.AddNotNullToMfaMethods do +defmodule Domain.Repo.Migrations.AddNotNullToMfaMethods do use Ecto.Migration def change do @@ -11,8 +11,8 @@ defmodule FzHttp.Repo.Migrations.AddNotNullToMfaMethods do # Installations that have empty payload fields (which means MFA doesn't work for them) # will be unable to decrypt it and will get an error: # - # ** (ArgumentError) cannot load `"..."`as type FzHttp.Encrypted.Map - # for field :payload in %FzHttp.Auth.MFA.Method{...} + # ** (ArgumentError) cannot load `"..."`as type Domain.Encrypted.Map + # for field :payload in %Domain.Auth.MFA.Method{...} execute(""" UPDATE mfa_methods SET payload = '#{Base.encode64(:crypto.strong_rand_bytes(32))}' diff --git a/apps/web/priv/repo/migrations/20230127164048_change_configurations_default_client_allowed_ips_type.exs b/apps/web/priv/repo/migrations/20230127164048_change_configurations_default_client_allowed_ips_type.exs index 3d6c66435..2d05f3cf0 100644 --- a/apps/web/priv/repo/migrations/20230127164048_change_configurations_default_client_allowed_ips_type.exs +++ b/apps/web/priv/repo/migrations/20230127164048_change_configurations_default_client_allowed_ips_type.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeConfigurationsDefaultClientAllowedIpsType do +defmodule Domain.Repo.Migrations.ChangeConfigurationsDefaultClientAllowedIpsType do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230203143621_change_mfa_methods_unique_index.exs b/apps/web/priv/repo/migrations/20230203143621_change_mfa_methods_unique_index.exs index 8321187e2..22dcc3a48 100644 --- a/apps/web/priv/repo/migrations/20230203143621_change_mfa_methods_unique_index.exs +++ b/apps/web/priv/repo/migrations/20230203143621_change_mfa_methods_unique_index.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeMfaMethodsUniqueIndex do +defmodule Domain.Repo.Migrations.ChangeMfaMethodsUniqueIndex do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230206172556_change_dns_and_allowed_ips_to_inet_array.exs b/apps/web/priv/repo/migrations/20230206172556_change_dns_and_allowed_ips_to_inet_array.exs index b2005dfda..4eb85c3f7 100644 --- a/apps/web/priv/repo/migrations/20230206172556_change_dns_and_allowed_ips_to_inet_array.exs +++ b/apps/web/priv/repo/migrations/20230206172556_change_dns_and_allowed_ips_to_inet_array.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.ChangeDnsAndAllowedIpsToInetArray do +defmodule Domain.Repo.Migrations.ChangeDnsAndAllowedIpsToInetArray do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230223175621_trim_dns_fields.exs b/apps/web/priv/repo/migrations/20230223175621_trim_dns_fields.exs index 7089dce79..76a227e09 100644 --- a/apps/web/priv/repo/migrations/20230223175621_trim_dns_fields.exs +++ b/apps/web/priv/repo/migrations/20230223175621_trim_dns_fields.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.TrimDNSFields do +defmodule Domain.Repo.Migrations.TrimDNSFields do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/migrations/20230317161258_remove_devices_key_regenerated_at.exs b/apps/web/priv/repo/migrations/20230317161258_remove_devices_key_regenerated_at.exs index e3b7bcd7f..57888590a 100644 --- a/apps/web/priv/repo/migrations/20230317161258_remove_devices_key_regenerated_at.exs +++ b/apps/web/priv/repo/migrations/20230317161258_remove_devices_key_regenerated_at.exs @@ -1,4 +1,4 @@ -defmodule FzHttp.Repo.Migrations.RemoveDevicesKeyRegeneratedAt do +defmodule Domain.Repo.Migrations.RemoveDevicesKeyRegeneratedAt do use Ecto.Migration def change do diff --git a/apps/web/priv/repo/seeds.exs b/apps/web/priv/repo/seeds.exs index a4fc06090..e559ed0cb 100644 --- a/apps/web/priv/repo/seeds.exs +++ b/apps/web/priv/repo/seeds.exs @@ -5,12 +5,12 @@ # Inside the script, you can read and write to any of your # repositories directly: # -# FzHttp.Repo.insert!(%FzHttp.SomeSchema{}) +# Domain.Repo.insert!(%Domain.SomeSchema{}) # # We recommend using the bang functions (`insert!`, `update!` # and so on) as they will fail if something goes wrong. -alias FzHttp.{ +alias Domain.{ Repo, ConnectivityChecks, Devices, @@ -217,9 +217,9 @@ Rules.create_rule(%{ destination: "1.2.3.4" }) -FzHttp.Config.put_config!(:default_client_dns, ["4.3.2.1", "1.2.3.4"]) +Domain.Config.put_config!(:default_client_dns, ["4.3.2.1", "1.2.3.4"]) -FzHttp.Config.put_config!( +Domain.Config.put_config!( :default_client_allowed_ips, [ %Postgrex.INET{address: {10, 0, 0, 1}, netmask: 20}, @@ -228,7 +228,7 @@ FzHttp.Config.put_config!( ] ) -FzHttp.Config.put_config!( +Domain.Config.put_config!( :openid_connect_providers, [ %{ diff --git a/apps/web/test/fz_http/events_test.exs b/apps/web/test/fz_http/events_test.exs deleted file mode 100644 index e77fc035a..000000000 --- a/apps/web/test/fz_http/events_test.exs +++ /dev/null @@ -1,262 +0,0 @@ -defmodule FzHttp.EventsTest do - @moduledoc """ - XXX: Use start_supervised! somehow here to allow async tests. - """ - use FzHttp.DataCase, async: false - import FzHttp.TestHelpers - alias FzHttp.{UsersFixtures, RulesFixtures, DevicesFixtures, SubjectFixtures} - alias FzHttp.{Devices, Events} - - # XXX: Not needed with start_supervised! - setup do - on_exit(fn -> - :sys.replace_state(Events.vpn_pid(), fn _state -> %{} end) - - :sys.replace_state(Events.wall_pid(), fn _state -> - %{users: MapSet.new(), devices: MapSet.new(), rules: MapSet.new()} - end) - end) - end - - describe "add_device/1" do - test "adds device to wall and vpn state" do - user = UsersFixtures.create_user_with_role(:admin) - - device = - DevicesFixtures.create_device( - user: user, - name: "device" - ) - - :ok = Events.add("devices", device) - - assert :sys.get_state(Events.wall_pid()) == - %{ - users: MapSet.new(), - devices: - MapSet.new([%{ip: "#{device.ipv4}", ip6: "#{device.ipv6}", user_id: user.id}]), - rules: MapSet.new() - } - - assert :sys.get_state(Events.vpn_pid()) == %{ - device.public_key => %{ - allowed_ips: "#{device.ipv4}/32,#{device.ipv6}/128", - preshared_key: device.preshared_key - } - } - end - end - - describe "delete_device/1" do - setup [:create_rule_with_user_and_device] - - test "removes device from vpn and wall state", %{device: device} do - :ok = Events.add("devices", device) - - assert :ok = Events.delete("devices", device) - - assert :sys.get_state(Events.vpn_pid()) == %{} - - assert :sys.get_state(Events.wall_pid()) == - %{users: MapSet.new(), devices: MapSet.new(), rules: MapSet.new()} - end - end - - describe "create_user/1" do - setup [:create_rule_with_user_and_device] - - test "Adds user to wall state", %{user: user} do - :ok = Events.add("users", user) - - assert :sys.get_state(Events.wall_pid()) == - %{users: MapSet.new([user.id]), devices: MapSet.new(), rules: MapSet.new()} - end - end - - describe "delete_user/1" do - setup [:create_rule_with_user_and_device] - - test "removes user from wall state", %{user: user} do - :ok = Events.add("users", user) - :ok = Events.delete("users", user) - - assert :sys.get_state(Events.wall_pid()) == - %{users: MapSet.new(), devices: MapSet.new(), rules: MapSet.new()} - end - end - - describe "add_rule/1" do - setup [:create_rule] - - test "adds rule to wall state", %{rule: rule} do - :ok = Events.add("rules", rule) - - assert :sys.get_state(Events.wall_pid()) == - %{ - users: MapSet.new(), - devices: MapSet.new(), - rules: - MapSet.new([ - %{ - destination: "10.10.10.0/24", - port_range: nil, - port_type: nil, - user_id: nil, - action: :drop - } - ]) - } - end - end - - describe "add_rule/1 accept" do - setup [:create_rule_accept] - - test "adds rule to wall state", %{rule: rule} do - :ok = Events.add("rules", rule) - - assert :sys.get_state(Events.wall_pid()) == - %{ - users: MapSet.new(), - devices: MapSet.new(), - rules: - MapSet.new([ - %{ - destination: "10.10.10.0/24", - user_id: nil, - action: :accept, - port_type: nil, - port_range: nil - } - ]) - } - end - end - - describe "remove_rule/1" do - setup [:create_rule] - - test "adds rule to wall state", %{rule: rule} do - :ok = Events.add("rules", rule) - :ok = Events.delete("rules", rule) - - assert :sys.get_state(Events.wall_pid()) == %{ - users: MapSet.new(), - rules: MapSet.new(), - devices: MapSet.new() - } - end - end - - describe "set_config/0" do - setup [:create_devices] - - test "sets config" do - :ok = Events.set_config() - - assert :sys.get_state(Events.vpn_pid()) == - Map.new(Devices.to_peer_list(), fn peer -> - {peer.public_key, %{allowed_ips: peer.inet, preshared_key: peer.preshared_key}} - end) - end - end - - describe "set_rules/0" do - setup do - user = UsersFixtures.create_user_with_role(:admin) - subject = SubjectFixtures.create_subject(user) - - rules = - 1..5 - |> Enum.map(fn num -> - RulesFixtures.create_rule(destination: "#{num}.#{num}.#{num}.0/24", subject: subject) - end) - - {rules_with_users, users_and_devices} = - 7..9 - |> Enum.map(fn num -> - user = UsersFixtures.create_user_with_role(:admin) - - rule = - RulesFixtures.create_rule( - subject: subject, - user_id: user.id, - destination: "#{num}.#{num}.#{num}.0/24" - ) - - device = - DevicesFixtures.create_device( - user: user, - subject: subject, - name: "device #{num}" - ) - - {rule, {user, device}} - end) - |> Enum.unzip() - - {users, devices} = Enum.unzip(users_and_devices) - - destination = "7.7.7.0/24" - - rule_without_device = - RulesFixtures.create_rule(subject: subject, user_id: user.id, destination: destination) - - rules = rules ++ [rule_without_device] ++ rules_with_users - users = [user] ++ users - - %{rules: rules, users: users, devices: devices} - end - - test "sets rules", %{ - rules: expected_rules, - users: expected_users, - devices: expected_devices - } do - :ok = Events.set_rules() - - expected_user_ids = MapSet.new(Enum.map(expected_users, fn user -> user.id end)) - - expected_devices = - MapSet.new( - Enum.map(expected_devices, fn device -> - %{ - # XXX: Ideally we could hardcode the expected ips here as not to depend on the `decode` implementation - # However, we can't know user_id in advance, perhaps we can test the user_id part and ip parts separately - user_id: device.user_id, - ip: to_string(device.ipv4), - ip6: to_string(device.ipv6) - } - end) - ) - - expected_rules = - MapSet.new( - Enum.map(expected_rules, fn rule -> - %{ - user_id: rule.user_id, - destination: to_string(rule.destination), - action: rule.action, - port_range: nil, - port_type: nil - } - end) - ) - - assert :sys.get_state(Events.wall_pid()) == - %{users: expected_user_ids, devices: expected_devices, rules: expected_rules} - end - end - - describe "vpn_pid/0" do - test "uses the correct pid" do - assert Events.vpn_pid() == :global.whereis_name(:fz_vpn_server) - end - end - - describe "wall_pid/0" do - test "uses the correct pid" do - assert Events.wall_pid() == :global.whereis_name(:fz_wall_server) - end - end -end diff --git a/apps/web/test/fz_http/repo/notifier_test.exs b/apps/web/test/fz_http/repo/notifier_test.exs deleted file mode 100644 index 5bc0db3cd..000000000 --- a/apps/web/test/fz_http/repo/notifier_test.exs +++ /dev/null @@ -1,123 +0,0 @@ -defmodule FzHttp.Repo.NotifierTest do - use FzHttp.DataCase, async: false - import FzHttp.TestHelpers - alias FzHttp.Repo.Notifier - alias FzHttp.Events - - setup do - on_exit(fn -> - :sys.replace_state(Events.vpn_pid(), fn _state -> %{} end) - - :sys.replace_state(Events.wall_pid(), fn _state -> - %{users: MapSet.new(), devices: MapSet.new(), rules: MapSet.new()} - end) - end) - end - - describe "users changed" do - setup :create_user - - test "adds user to wall state", %{user: user} do - Notifier.handle_event("users", %{op: "INSERT", row: user}) - - expected_state = %{ - users: MapSet.new([user.id]), - rules: MapSet.new([]), - devices: MapSet.new([]) - } - - assert :sys.get_state(Events.wall_pid()) == expected_state - end - - test "user delete removes user from wall state", %{user: user} do - Notifier.handle_event("users", %{op: "INSERT", row: user}) - Notifier.handle_event("users", %{op: "DELETE", row: user}) - - expected_state = %{ - users: MapSet.new([]), - rules: MapSet.new([]), - devices: MapSet.new([]) - } - - assert :sys.get_state(Events.wall_pid()) == expected_state - end - end - - describe "rules changed" do - setup :create_rule - - test "rule insert adds rule to wall state", %{rule: rule} do - Notifier.handle_event("rules", %{op: "INSERT", row: rule}) - - expected_state = %{ - users: MapSet.new([]), - rules: - MapSet.new([ - %{ - action: rule.action, - destination: "10.10.10.0/24", - user_id: rule.user_id, - port_range: nil, - port_type: nil - } - ]), - devices: MapSet.new([]) - } - - assert :sys.get_state(Events.wall_pid()) == expected_state - end - - test "rule delete removes rule from wall state", %{rule: rule} do - Notifier.handle_event("rules", %{op: "INSERT", row: rule}) - Notifier.handle_event("rules", %{op: "DELETE", row: rule}) - - expected_state = %{ - users: MapSet.new([]), - rules: MapSet.new([]), - devices: MapSet.new([]) - } - - assert :sys.get_state(Events.wall_pid()) == expected_state - end - end - - describe "devices changed" do - setup :create_rule_with_user_and_device - - test "device insert adds device to vpn and wall state", %{device: device, user: user} do - Notifier.handle_event("devices", %{op: "INSERT", row: device}) - - expected_vpn_state = %{ - device.public_key => %{ - allowed_ips: "#{device.ipv4}/32,#{device.ipv6}/128", - preshared_key: device.preshared_key - } - } - - expected_wall_state = %{ - users: MapSet.new([]), - rules: MapSet.new([]), - devices: MapSet.new([%{ip: "#{device.ipv4}", ip6: "#{device.ipv6}", user_id: user.id}]) - } - - assert :sys.get_state(Events.vpn_pid()) == expected_vpn_state - assert :sys.get_state(Events.wall_pid()) == expected_wall_state - end - - test "device delete removes device from vpn and wall state", %{device: device} do - Notifier.handle_event("devices", %{op: "INSERT", row: device}) - Notifier.handle_event("devices", %{op: "DELETE", row: device}) - - expected_vpn_state = %{} - - expected_wall_state = %{ - users: MapSet.new([]), - rules: MapSet.new([]), - devices: MapSet.new([]) - } - - assert :sys.get_state(Events.vpn_pid()) == expected_vpn_state - assert :sys.get_state(Events.wall_pid()) == expected_wall_state - end - end -end diff --git a/apps/web/test/fz_http_web/views/error_view_test.exs b/apps/web/test/fz_http_web/views/error_view_test.exs deleted file mode 100644 index 9bba2d367..000000000 --- a/apps/web/test/fz_http_web/views/error_view_test.exs +++ /dev/null @@ -1,14 +0,0 @@ -defmodule FzHttpWeb.ErrorViewTest do - use FzHttpWeb.ConnCase, async: true - - # Bring render/3 and render_to_string/3 for testing custom views - import Phoenix.View - - test "renders 404.html" do - assert render_to_string(FzHttpWeb.ErrorView, "404.html", []) == "Not Found" - end - - test "renders 500.html" do - assert render_to_string(FzHttpWeb.ErrorView, "500.html", []) == "Internal Server Error" - end -end diff --git a/apps/web/test/support/acceptance_case.ex b/apps/web/test/support/acceptance_case.ex index 4386a09f5..420d6888f 100644 --- a/apps/web/test/support/acceptance_case.ex +++ b/apps/web/test/support/acceptance_case.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.AcceptanceCase do +defmodule Web.AcceptanceCase do use ExUnit.CaseTemplate alias Wallaby.Query import Wallaby.Browser @@ -7,13 +7,13 @@ defmodule FzHttpWeb.AcceptanceCase do quote do # Import conveniences for testing with browser use Wallaby.DSL - use FzHttpWeb, :verified_routes - import FzHttpWeb.AcceptanceCase - alias FzHttp.Repo - alias FzHttpWeb.AcceptanceCase.{Vault, SimpleSAML, Auth} + use Web, :verified_routes + import Web.AcceptanceCase + alias Domain.Repo + alias Web.AcceptanceCase.{Vault, SimpleSAML, Auth} # The default endpoint for testing - @endpoint FzHttpWeb.Endpoint + @endpoint Web.Endpoint @moduletag :acceptance @moduletag timeout: 120_000 @@ -25,10 +25,10 @@ defmodule FzHttpWeb.AcceptanceCase do end setup tags do - :ok = Ecto.Adapters.SQL.Sandbox.checkout(FzHttp.Repo) + :ok = Ecto.Adapters.SQL.Sandbox.checkout(Domain.Repo) unless tags[:async] do - Ecto.Adapters.SQL.Sandbox.mode(FzHttp.Repo, {:shared, self()}) + Ecto.Adapters.SQL.Sandbox.mode(Domain.Repo, {:shared, self()}) end headless? = @@ -38,7 +38,7 @@ defmodule FzHttpWeb.AcceptanceCase do true end - metadata = Phoenix.Ecto.SQL.Sandbox.metadata_for(FzHttp.Repo, self()) + metadata = Phoenix.Ecto.SQL.Sandbox.metadata_for(Domain.Repo, self()) {:ok, session} = start_session(headless?, metadata) user_agent = diff --git a/apps/web/test/support/acceptance_case/auth.ex b/apps/web/test/support/acceptance_case/auth.ex index 22942120a..a8fc2f9af 100644 --- a/apps/web/test/support/acceptance_case/auth.ex +++ b/apps/web/test/support/acceptance_case/auth.ex @@ -1,13 +1,13 @@ -defmodule FzHttpWeb.AcceptanceCase.Auth do +defmodule Web.AcceptanceCase.Auth do import ExUnit.Assertions def fetch_session_cookie(session) do - options = FzHttpWeb.Session.options() + options = Web.Session.options() key = Keyword.fetch!(options, :key) encryption_salt = Keyword.fetch!(options, :encryption_salt) signing_salt = Keyword.fetch!(options, :signing_salt) - secret_key_base = FzHttpWeb.Endpoint.config(:secret_key_base) + secret_key_base = Web.Endpoint.config(:secret_key_base) with {:ok, cookie} <- fetch_cookie(session, key), encryption_key = Plug.Crypto.KeyGenerator.generate(secret_key_base, encryption_salt, []), @@ -32,20 +32,20 @@ defmodule FzHttpWeb.AcceptanceCase.Auth do end end - def authenticate(session, %FzHttp.Users.User{} = user) do - subject = FzHttp.Auth.fetch_subject!(user, "127.0.0.1", "AcceptanceCase") + def authenticate(session, %Domain.Users.User{} = user) do + subject = Domain.Auth.fetch_subject!(user, "127.0.0.1", "AcceptanceCase") authenticate(session, subject) end - def authenticate(session, %FzHttp.Auth.Subject{} = subject) do - options = FzHttpWeb.Session.options() + def authenticate(session, %Domain.Auth.Subject{} = subject) do + options = Web.Session.options() key = Keyword.fetch!(options, :key) encryption_salt = Keyword.fetch!(options, :encryption_salt) signing_salt = Keyword.fetch!(options, :signing_salt) - secret_key_base = FzHttpWeb.Endpoint.config(:secret_key_base) + secret_key_base = Web.Endpoint.config(:secret_key_base) - with {:ok, token, _claims} <- FzHttpWeb.Auth.HTML.Authentication.encode_and_sign(subject) do + with {:ok, token, _claims} <- Web.Auth.HTML.Authentication.encode_and_sign(subject) do encryption_key = Plug.Crypto.KeyGenerator.generate(secret_key_base, encryption_salt, []) signing_key = Plug.Crypto.KeyGenerator.generate(secret_key_base, signing_salt, []) @@ -71,7 +71,7 @@ defmodule FzHttpWeb.AcceptanceCase.Auth do def assert_unauthenticated(session) do with {:ok, cookie} <- fetch_session_cookie(session) do if token = cookie["guardian_default_token"] do - {:ok, claims} = FzHttpWeb.Auth.HTML.Authentication.decode_and_verify(token) + {:ok, claims} = Web.Auth.HTML.Authentication.decode_and_verify(token) flunk("User is authenticated, claims: #{inspect(claims)}") else session @@ -84,9 +84,9 @@ defmodule FzHttpWeb.AcceptanceCase.Auth do def assert_authenticated(session, user) do with {:ok, cookie} <- fetch_session_cookie(session), {:ok, claims} <- - FzHttpWeb.Auth.HTML.Authentication.decode_and_verify(cookie["guardian_default_token"]), + Web.Auth.HTML.Authentication.decode_and_verify(cookie["guardian_default_token"]), {:ok, subject} <- - FzHttpWeb.Auth.HTML.Authentication.resource_from_claims(claims) do + Web.Auth.HTML.Authentication.resource_from_claims(claims) do assert elem(subject.actor, 1).id == user.id session else diff --git a/apps/web/test/support/acceptance_case/simple_saml.ex b/apps/web/test/support/acceptance_case/simple_saml.ex index 1747582e1..b0189d780 100644 --- a/apps/web/test/support/acceptance_case/simple_saml.ex +++ b/apps/web/test/support/acceptance_case/simple_saml.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.AcceptanceCase.SimpleSAML do +defmodule Web.AcceptanceCase.SimpleSAML do @endpoint "http://localhost:8400" def fetch_metadata!(endpoint) do @@ -10,7 +10,7 @@ defmodule FzHttpWeb.AcceptanceCase.SimpleSAML do def setup_saml_provider(attrs_overrides \\ %{}) do metadata = fetch_metadata!(@endpoint) - FzHttp.Config.put_config!(:saml_identity_providers, [ + Domain.Config.put_config!(:saml_identity_providers, [ %{ "id" => "mysamlidp", "label" => "test-saml-idp", diff --git a/apps/web/test/support/acceptance_case/vault.ex b/apps/web/test/support/acceptance_case/vault.ex index 33b09dbc9..a93a29ed2 100644 --- a/apps/web/test/support/acceptance_case/vault.ex +++ b/apps/web/test/support/acceptance_case/vault.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.AcceptanceCase.Vault do +defmodule Web.AcceptanceCase.Vault do use Wallaby.DSL @vault_root_token "firezone" @@ -50,7 +50,7 @@ defmodule FzHttpWeb.AcceptanceCase.Vault do {:ok, {200, params}} = request(:get, "identity/oidc/client/firezone") - FzHttp.Config.put_config!( + Domain.Config.put_config!( :openid_connect_providers, [ %{ diff --git a/apps/web/test/support/api_case.ex b/apps/web/test/support/api_case.ex index 0ece97acf..97f2f00a9 100644 --- a/apps/web/test/support/api_case.ex +++ b/apps/web/test/support/api_case.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.ApiCase do +defmodule Web.ApiCase do @moduledoc """ This module defines the test case to be used by tests that require setting up a connection. @@ -11,31 +11,31 @@ defmodule FzHttpWeb.ApiCase do we enable the SQL sandbox, so changes done to the database are reverted at the end of every test. If you are using PostgreSQL, you can even run database tests asynchronously - by setting `use FzHttpWeb.ConnCase, async: true`, although + by setting `use Web.ConnCase, async: true`, although this option is not recommended for other databases. """ use ExUnit.CaseTemplate - use FzHttp.CaseTemplate + use Domain.CaseTemplate - alias FzHttp.{ + alias Domain.{ ApiTokensFixtures, UsersFixtures } using do quote do - use FzHttpWeb, :verified_routes + use Web, :verified_routes # Import conveniences for testing with connections import Plug.Conn import Phoenix.ConnTest - import FzHttpWeb.ApiCase - import FzHttp.TestHelpers + import Web.ApiCase + import Domain.TestHelpers import Bureaucrat.Helpers - import FzHttpWeb.ApiCase - alias FzHttp.Repo + import Web.ApiCase + alias Domain.Repo # The default endpoint for testing - @endpoint FzHttpWeb.Endpoint + @endpoint Web.Endpoint end end @@ -54,10 +54,10 @@ defmodule FzHttpWeb.ApiCase do user = UsersFixtures.create_user_with_role(:admin) api_token = ApiTokensFixtures.create_api_token(user: user) - {:ok, token, _claims} = FzHttpWeb.Auth.JSON.Authentication.fz_encode_and_sign(api_token) + {:ok, token, _claims} = Web.Auth.JSON.Authentication.fz_encode_and_sign(api_token) api_conn() |> Plug.Conn.put_req_header("authorization", "bearer #{token}") - |> FzHttpWeb.Auth.JSON.Pipeline.call([]) + |> Web.Auth.JSON.Pipeline.call([]) end end diff --git a/apps/web/test/support/case_template.ex b/apps/web/test/support/case_template.ex deleted file mode 100644 index 62bc18073..000000000 --- a/apps/web/test/support/case_template.ex +++ /dev/null @@ -1,23 +0,0 @@ -defmodule FzHttp.CaseTemplate do - @moduledoc """ - Our wrapper for the ExUnit.CaseTemplate to provide metaprogrammed - helpers to all tests. - """ - - use ExUnit.CaseTemplate - alias Ecto.Adapters.SQL.Sandbox - - using do - quote do - setup tags do - :ok = Sandbox.checkout(FzHttp.Repo) - - unless tags[:async] do - Sandbox.mode(FzHttp.Repo, {:shared, self()}) - end - - :ok - end - end - end -end diff --git a/apps/web/test/support/channel_case.ex b/apps/web/test/support/channel_case.ex index 1461259ec..0c8e40e35 100644 --- a/apps/web/test/support/channel_case.ex +++ b/apps/web/test/support/channel_case.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.ChannelCase do +defmodule Web.ChannelCase do @moduledoc """ This module defines the test case to be used by channel tests. @@ -11,21 +11,21 @@ defmodule FzHttpWeb.ChannelCase do we enable the SQL sandbox, so changes done to the database are reverted at the end of every test. If you are using PostgreSQL, you can even run database tests asynchronously - by setting `use FzHttpWeb.ChannelCase, async: true`, although + by setting `use Web.ChannelCase, async: true`, although this option is not recommended for other databases. """ use ExUnit.CaseTemplate - use FzHttp.CaseTemplate + use Domain.CaseTemplate using do quote do # Import conveniences for testing with channels import Phoenix.ChannelTest - import FzHttp.TestHelpers + import Domain.TestHelpers # The default endpoint for testing - @endpoint FzHttpWeb.Endpoint + @endpoint Web.Endpoint end end end diff --git a/apps/web/test/support/conn_case.ex b/apps/web/test/support/conn_case.ex index be8865858..6f53fb454 100644 --- a/apps/web/test/support/conn_case.ex +++ b/apps/web/test/support/conn_case.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.ConnCase do +defmodule Web.ConnCase do @moduledoc """ This module defines the test case to be used by tests that require setting up a connection. @@ -11,29 +11,29 @@ defmodule FzHttpWeb.ConnCase do we enable the SQL sandbox, so changes done to the database are reverted at the end of every test. If you are using PostgreSQL, you can even run database tests asynchronously - by setting `use FzHttpWeb.ConnCase, async: true`, although + by setting `use Web.ConnCase, async: true`, although this option is not recommended for other databases. """ use ExUnit.CaseTemplate - use FzHttp.CaseTemplate + use Domain.CaseTemplate - alias FzHttp.UsersFixtures - alias FzHttpWeb.Auth.HTML.Authentication + alias Domain.UsersFixtures + alias Web.Auth.HTML.Authentication using do quote do # Import conveniences for testing with connections - alias FzHttp.Repo + alias Domain.Repo import Plug.Conn import Phoenix.ConnTest import Phoenix.LiveViewTest - import FzHttp.TestHelpers - import FzHttpWeb.ConnCase + import Domain.TestHelpers + import Web.ConnCase # The default endpoint for testing - @endpoint FzHttpWeb.Endpoint + @endpoint Web.Endpoint - use FzHttpWeb, :verified_routes + use Web, :verified_routes def current_user(test_conn) do %{actor: {:user, user}} = diff --git a/apps/web/test/support/docs_generator.ex b/apps/web/test/support/docs_generator.ex index fbffd1fd5..07a08aba5 100644 --- a/apps/web/test/support/docs_generator.ex +++ b/apps/web/test/support/docs_generator.ex @@ -1,11 +1,11 @@ defmodule DocsGenerator do - alias FzHttp.Config.Definition + alias Domain.Config.Definition @keep_req_headers ["authorization"] @keep_resp_headers ["content-type", "location"] def write(conns, path) do - write_config_doc!(FzHttp.Config.Definitions, "../../www/docs/reference/env-vars.mdx") + write_config_doc!(Domain.Config.Definitions, "../../www/docs/reference/env-vars.mdx") File.mkdir_p!(path) write_api_doc!(conns, path) end @@ -68,7 +68,7 @@ defmodule DocsGenerator do default = Keyword.get(resolve_opts, :default) required? = if Keyword.has_key?(resolve_opts, :default), do: false, else: true - key = FzHttp.Config.Resolver.env_key(key) + key = Domain.Config.Resolver.env_key(key) key = if required?, do: "**#{key}**", else: key doc = doc_env(doc) @@ -114,13 +114,13 @@ defmodule DocsGenerator do {"One of #{values}", "`#{default}`"} end - defp type_and_default(FzHttp.Types.CIDR, default), + defp type_and_default(Domain.Types.CIDR, default), do: {"CIDR", default} - defp type_and_default(FzHttp.Types.IP, default), + defp type_and_default(Domain.Types.IP, default), do: {"IP", default} - defp type_and_default(FzHttp.Types.IPPort, default), + defp type_and_default(Domain.Types.IPPort, default), do: {"IP with port", default} defp type_and_default(:integer, default), diff --git a/apps/web/test/support/mailer_case.ex b/apps/web/test/support/mailer_case.ex index dea0aa9c7..0d356a247 100644 --- a/apps/web/test/support/mailer_case.ex +++ b/apps/web/test/support/mailer_case.ex @@ -1,21 +1,21 @@ -defmodule FzHttpWeb.MailerCase do +defmodule Web.MailerCase do @moduledoc """ A case template for Mailers. """ use ExUnit.CaseTemplate - use FzHttp.CaseTemplate + use Domain.CaseTemplate using do quote do - alias FzHttp.Repo + alias Domain.Repo import Ecto import Ecto.Changeset import Ecto.Query - import FzHttp.DataCase - import FzHttp.TestHelpers + import Domain.DataCase + import Domain.TestHelpers - use FzHttpWeb, :verified_routes + use Web, :verified_routes end end end diff --git a/apps/web/test/support/mailer_test_adapter.ex b/apps/web/test/support/mailer_test_adapter.ex index 6df57393f..8ca8237fa 100644 --- a/apps/web/test/support/mailer_test_adapter.ex +++ b/apps/web/test/support/mailer_test_adapter.ex @@ -1,4 +1,4 @@ -defmodule FzHttpWeb.MailerTestAdapter do +defmodule Web.MailerTestAdapter do use Swoosh.Adapter @impl true diff --git a/apps/web/test/support/test_helpers.ex b/apps/web/test/support/test_helpers.ex index 113053f03..21ad4ce76 100644 --- a/apps/web/test/support/test_helpers.ex +++ b/apps/web/test/support/test_helpers.ex @@ -1,9 +1,10 @@ -defmodule FzHttp.TestHelpers do +# Removeme +defmodule Web.TestHelpers do @moduledoc """ Test setup helpers """ - alias FzHttp.{ + alias Domain.{ ConnectivityChecksFixtures, DevicesFixtures, NotificationsFixtures, diff --git a/apps/web/test/test_helper.exs b/apps/web/test/test_helper.exs index ec27e1228..459141307 100644 --- a/apps/web/test/test_helper.exs +++ b/apps/web/test/test_helper.exs @@ -6,5 +6,5 @@ Bureaucrat.start( default_path: "../../www/docs/reference/rest-api" ) -Ecto.Adapters.SQL.Sandbox.mode(FzHttp.Repo, :manual) +Ecto.Adapters.SQL.Sandbox.mode(Domain.Repo, :manual) ExUnit.start(formatters: [ExUnit.CLIFormatter, JUnitFormatter, Bureaucrat.Formatter]) diff --git a/apps/web/test/fz_http_web/acceptance/admin_test.exs b/apps/web/test/web/acceptance/admin_test.exs similarity index 91% rename from apps/web/test/fz_http_web/acceptance/admin_test.exs rename to apps/web/test/web/acceptance/admin_test.exs index 6c65267f2..6d73646e4 100644 --- a/apps/web/test/fz_http_web/acceptance/admin_test.exs +++ b/apps/web/test/web/acceptance/admin_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.Acceptance.AdminTest do - use FzHttpWeb.AcceptanceCase, async: true - alias FzHttp.UsersFixtures - alias FzHttp.DevicesFixtures +defmodule Web.Acceptance.AdminTest do + use Web.AcceptanceCase, async: true + alias Domain.UsersFixtures + alias Domain.DevicesFixtures setup tags do user = UsersFixtures.create_user_with_role(:admin) @@ -34,7 +34,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("User created successfully.")) |> assert_el(Query.text(attrs.email, minimum: 1)) - assert Repo.get_by(FzHttp.Users.User, email: attrs.email) + assert Repo.get_by(Domain.Users.User, email: attrs.email) end feature "create new unprivileged users with password auth", %{session: session, user: user} do @@ -70,9 +70,9 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("unprivileged", minimum: 1)) |> assert_el(Query.text(attrs.email, minimum: 1)) - assert user = Repo.get_by(FzHttp.Users.User, email: attrs.email) + assert user = Repo.get_by(Domain.Users.User, email: attrs.email) assert user.role == :unprivileged - assert FzHttp.Crypto.equal?(attrs.password, user.password_hash) + assert Domain.Crypto.equal?(attrs.password, user.password_hash) end feature "change user email and password", %{session: session} do @@ -100,7 +100,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> click(Query.button("Save")) |> assert_el(Query.text("User updated successfully.")) - assert updated_user = Repo.get(FzHttp.Users.User, user.id) + assert updated_user = Repo.get(Domain.Users.User, user.id) assert updated_user.password_hash != user.password_hash assert updated_user.email == "foo@xample.com" end @@ -119,7 +119,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("User updated successfully.")) end) - assert updated_user = Repo.get(FzHttp.Users.User, user.id) + assert updated_user = Repo.get(Domain.Users.User, user.id) assert updated_user.role == :unprivileged accept_confirm(session, fn session -> @@ -128,7 +128,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("User updated successfully.")) end) - assert updated_user = Repo.get(FzHttp.Users.User, user.id) + assert updated_user = Repo.get(Domain.Users.User, user.id) assert updated_user.role == :admin end @@ -146,7 +146,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do end) wait_for(fn -> - assert updated_user = Repo.get(FzHttp.Users.User, user.id) + assert updated_user = Repo.get(Domain.Users.User, user.id) refute is_nil(updated_user.disabled_at) end) @@ -156,7 +156,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do end) wait_for(fn -> - assert updated_user = Repo.get(FzHttp.Users.User, user.id) + assert updated_user = Repo.get(Domain.Users.User, user.id) assert is_nil(updated_user.disabled_at) end) end @@ -175,7 +175,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do assert_el(session, Query.text("Use the account section to delete your account.")) - assert Repo.get(FzHttp.Users.User, user.id) + assert Repo.get(Domain.Users.User, user.id) session |> visit(~p"/users/#{unprivileged_user.id}") @@ -187,7 +187,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do assert_el(session, Query.text("User deleted successfully.")) - refute Repo.get(FzHttp.Users.User, unprivileged_user.id) + refute Repo.get(Domain.Users.User, unprivileged_user.id) end end @@ -228,7 +228,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.link("big-leg-007")) |> assert_path(~p"/users/#{user.id}") - assert device = Repo.one(FzHttp.Devices.Device) + assert device = Repo.one(Domain.Devices.Device) assert device.name == "big-leg-007" assert device.description == "Dummy description" assert device.allowed_ips == [%Postgrex.INET{address: {127, 0, 0, 1}, netmask: nil}] @@ -259,7 +259,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do assert_el(session, Query.text("All Devices")) - assert Repo.aggregate(FzHttp.Devices.Device, :count) == 1 + assert Repo.aggregate(Domain.Devices.Device, :count) == 1 end end @@ -282,7 +282,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_has(Query.text("8.8.4.4")) |> assert_has(Query.link("Delete")) - assert rule = Repo.one(FzHttp.Rules.Rule) + assert rule = Repo.one(Domain.Rules.Rule) assert rule.destination == %Postgrex.INET{address: {8, 8, 4, 4}} assert rule.port_range == "1 - 8000" assert rule.port_type == :tcp @@ -292,7 +292,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do # XXX: We need to show a confirmation dialog on delete, # and message once record was saved or deleted. wait_for(fn -> - assert is_nil(Repo.one(FzHttp.Rules.Rule)) + assert is_nil(Repo.one(Domain.Rules.Rule)) end) end end @@ -314,7 +314,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> visit(~p"/settings/client_defaults") |> assert_el(Query.text("Client Defaults", count: 2)) - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.default_client_persistent_keepalive == 10 assert configuration.default_client_mtu == 1234 assert configuration.default_client_endpoint == "example.com:8123" @@ -343,7 +343,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> visit(~p"/settings/client_defaults") |> assert_el(Query.text("Client Defaults", count: 2)) - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.default_client_endpoint == "1.2.3.4:8123" assert configuration.default_client_dns == ["dns.example.com"] end @@ -359,7 +359,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> click(Query.button("Save")) |> assert_el(Query.css("img[src=\"https://http.cat/200\"]")) - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.logo.url == "https://http.cat/200" end end @@ -368,7 +368,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do feature "change security settings", %{ session: session } do - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.local_auth_enabled == true assert configuration.allow_unprivileged_device_management == true assert configuration.allow_unprivileged_device_configuration == true @@ -383,7 +383,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> toggle("disable_vpn_on_oidc_error") |> assert_el(Query.text("Security Settings")) - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.local_auth_enabled == false assert configuration.allow_unprivileged_device_management == false assert configuration.allow_unprivileged_device_configuration == false @@ -391,7 +391,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do end feature "change required authentication timeout", %{session: session} do - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.vpn_session_duration == 0 session @@ -405,13 +405,13 @@ defmodule FzHttpWeb.Acceptance.AdminTest do # XXX: We need to show a flash that settings are saved wait_for(fn -> - assert configuration = FzHttp.Config.fetch_db_config!() + assert configuration = Domain.Config.fetch_db_config!() assert configuration.vpn_session_duration == 604_800 end) end feature "manage OpenIDConnect providers", %{session: session} do - {_bypass, uri} = FzHttp.ConfigFixtures.discovery_document_server() + {_bypass, uri} = Domain.ConfigFixtures.discovery_document_server() # Create session = @@ -441,10 +441,10 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("oidc-foo-bar")) |> assert_el(Query.text("Firebook")) - assert [open_id_connect_provider] = FzHttp.Config.fetch_config!(:openid_connect_providers) + assert [open_id_connect_provider] = Domain.Config.fetch_config!(:openid_connect_providers) assert open_id_connect_provider == - %FzHttp.Config.Configuration.OpenIDConnectProvider{ + %Domain.Config.Configuration.OpenIDConnectProvider{ id: "oidc-foo-bar", label: "Firebook", scope: "openid email eyes_color", @@ -466,7 +466,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("Updated successfully.")) |> assert_el(Query.text("Metabook")) - assert [open_id_connect_provider] = FzHttp.Config.fetch_config!(:openid_connect_providers) + assert [open_id_connect_provider] = Domain.Config.fetch_config!(:openid_connect_providers) assert open_id_connect_provider.label == "Metabook" # Delete @@ -476,11 +476,11 @@ defmodule FzHttpWeb.Acceptance.AdminTest do assert_el(session, Query.text("Updated successfully.")) - assert FzHttp.Config.fetch_config!(:openid_connect_providers) == [] + assert Domain.Config.fetch_config!(:openid_connect_providers) == [] end feature "manage SAML providers", %{session: session} do - saml_metadata = FzHttp.ConfigFixtures.saml_metadata() + saml_metadata = Domain.ConfigFixtures.saml_metadata() # Create session = @@ -507,10 +507,10 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("foo-bar-buz")) |> assert_el(Query.text("Sneaky ID")) - assert [saml_identity_provider] = FzHttp.Config.fetch_config!(:saml_identity_providers) + assert [saml_identity_provider] = Domain.Config.fetch_config!(:saml_identity_providers) assert saml_identity_provider == - %FzHttp.Config.Configuration.SAMLIdentityProvider{ + %Domain.Config.Configuration.SAMLIdentityProvider{ id: "foo-bar-buz", label: "Sneaky ID", base_url: "http://localhost:13000/autX/saml#foo", @@ -532,7 +532,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> assert_el(Query.text("Updated successfully.")) |> assert_el(Query.text("Sneaky XID")) - assert [saml_identity_provider] = FzHttp.Config.fetch_config!(:saml_identity_providers) + assert [saml_identity_provider] = Domain.Config.fetch_config!(:saml_identity_providers) assert saml_identity_provider.label == "Sneaky XID" # Delete @@ -542,7 +542,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do assert_el(session, Query.text("Updated successfully.")) - assert FzHttp.Config.fetch_config!(:saml_identity_providers) == [] + assert Domain.Config.fetch_config!(:saml_identity_providers) == [] end end @@ -573,7 +573,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do |> click(Query.button("Save")) |> assert_el(Query.text("Account updated successfully.")) - assert updated_user = Repo.one(FzHttp.Users.User) + assert updated_user = Repo.one(Domain.Users.User) assert updated_user.password_hash != user.password_hash assert updated_user.email == "foo@xample.com" end @@ -638,7 +638,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do curl_example = String.replace(curl_example, ~r/^.*curl/is, "curl") assert String.contains?(curl_example, api_token_secret) - assert api_token = Repo.one(FzHttp.ApiTokens.ApiToken) + assert api_token = Repo.one(Domain.ApiTokens.ApiToken) assert api_token.user_id == user.id args = @@ -673,7 +673,7 @@ defmodule FzHttpWeb.Acceptance.AdminTest do assert_el(session, Query.text("No API tokens.")) - assert is_nil(Repo.one(FzHttp.ApiTokens.ApiToken)) + assert is_nil(Repo.one(Domain.ApiTokens.ApiToken)) end end diff --git a/apps/web/test/fz_http_web/acceptance/authentication_test.exs b/apps/web/test/web/acceptance/authentication_test.exs similarity index 97% rename from apps/web/test/fz_http_web/acceptance/authentication_test.exs rename to apps/web/test/web/acceptance/authentication_test.exs index 040cde95e..5178e00f3 100644 --- a/apps/web/test/fz_http_web/acceptance/authentication_test.exs +++ b/apps/web/test/web/acceptance/authentication_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.Acceptance.AuthenticationTest do - use FzHttpWeb.AcceptanceCase, async: true - alias FzHttp.UsersFixtures - alias FzHttp.MFAFixtures +defmodule Web.Acceptance.AuthenticationTest do + use Web.AcceptanceCase, async: true + alias Domain.UsersFixtures + alias Domain.MFAFixtures describe "using login and password" do feature "renders error on invalid login or password", %{session: session} do @@ -122,7 +122,7 @@ defmodule FzHttpWeb.Acceptance.AuthenticationTest do end feature "does not create new users when auto_create_users is false", %{session: session} do - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) :ok = SimpleSAML.setup_saml_provider(%{"auto_create_users" => false}) session @@ -154,7 +154,7 @@ defmodule FzHttpWeb.Acceptance.AuthenticationTest do |> assert_el(Query.text("Your Devices")) |> assert_path("/user_devices") - assert user = FzHttp.Repo.one(FzHttp.Users.User) + assert user = Domain.Repo.one(Domain.Users.User) assert user.email == attrs.email assert user.role == :unprivileged assert user.last_signed_in_method == "vault" @@ -177,7 +177,7 @@ defmodule FzHttpWeb.Acceptance.AuthenticationTest do |> find(Query.text("Users", count: 2), fn _ -> :ok end) |> assert_path("/users") - assert user = FzHttp.Repo.one(FzHttp.Users.User) + assert user = Domain.Repo.one(Domain.Users.User) assert user.email == user.email assert user.role == :admin assert user.last_signed_in_method == "vault" @@ -210,7 +210,7 @@ defmodule FzHttpWeb.Acceptance.AuthenticationTest do :ok = Vault.setup_oidc_provider(@endpoint.url, %{"auto_create_users" => false}) :ok = Vault.upsert_user(oidc_login, user_attrs.email, oidc_password) - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) session = visit(session, ~p"/") assert find(session, Query.css(".input", count: 0)) @@ -477,7 +477,7 @@ defmodule FzHttpWeb.Acceptance.AuthenticationTest do |> click(Query.button("Save")) |> assert_el(Query.text("MFA method added!")) - assert mfa_method = Repo.one(FzHttp.Auth.MFA.Method) + assert mfa_method = Repo.one(Domain.Auth.MFA.Method) assert mfa_method.name == "My MFA Name" assert mfa_method.payload["secret"] == Base.encode64(secret) diff --git a/apps/web/test/fz_http_web/acceptance/unprivileged_user_test.exs b/apps/web/test/web/acceptance/unprivileged_user_test.exs similarity index 90% rename from apps/web/test/fz_http_web/acceptance/unprivileged_user_test.exs rename to apps/web/test/web/acceptance/unprivileged_user_test.exs index ba32ff455..75e0c60e7 100644 --- a/apps/web/test/fz_http_web/acceptance/unprivileged_user_test.exs +++ b/apps/web/test/web/acceptance/unprivileged_user_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do - use FzHttpWeb.AcceptanceCase, async: true - alias FzHttp.{UsersFixtures, DevicesFixtures} +defmodule Web.Acceptance.UnprivilegedUserTest do + use Web.AcceptanceCase, async: true + alias Domain.{UsersFixtures, DevicesFixtures} describe "device management" do setup tags do @@ -19,7 +19,7 @@ defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do feature "allows user to add and configure a device", %{ session: session } do - FzHttp.Config.put_config!(:allow_unprivileged_device_configuration, true) + Domain.Config.put_config!(:allow_unprivileged_device_configuration, true) session |> visit(~p"/user_devices") @@ -51,7 +51,7 @@ defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do |> assert_el(Query.text("big-head-007")) |> assert_path(~p"/user_devices") - assert device = Repo.one(FzHttp.Devices.Device) + assert device = Repo.one(Domain.Devices.Device) assert device.name == "big-head-007" assert device.description == "Dummy description" assert device.allowed_ips == [%Postgrex.INET{address: {127, 0, 0, 1}, netmask: nil}] @@ -66,7 +66,7 @@ defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do feature "allows user to add a device, download config and close the modal", %{ session: session } do - FzHttp.Config.put_config!(:allow_unprivileged_device_configuration, false) + Domain.Config.put_config!(:allow_unprivileged_device_configuration, false) session |> visit(~p"/user_devices") @@ -84,13 +84,13 @@ defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do |> assert_el(Query.text("big-hand-007")) |> assert_path(~p"/user_devices") - assert device = Repo.one(FzHttp.Devices.Device) + assert device = Repo.one(Domain.Devices.Device) assert device.name == "big-hand-007" assert device.description == "Dummy description" end feature "does not allow adding devices", %{session: session} do - FzHttp.Config.put_config!(:allow_unprivileged_device_management, false) + Domain.Config.put_config!(:allow_unprivileged_device_management, false) session |> visit(~p"/user_devices") @@ -118,7 +118,7 @@ defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do assert_el(session, Query.text("No devices to show.")) - assert Repo.one(FzHttp.Devices.Device) == nil + assert Repo.one(Domain.Devices.Device) == nil end end @@ -161,7 +161,7 @@ defmodule FzHttpWeb.Acceptance.UnprivilegedUserTest do |> click(Query.button("Save")) |> assert_el(Query.text("Password updated successfully")) - assert Repo.one(FzHttp.Users.User).password_hash != user.password_hash + assert Repo.one(Domain.Users.User).password_hash != user.password_hash end end end diff --git a/apps/web/test/fz_http_web/auth/json/authentication_test.exs b/apps/web/test/web/auth/json/authentication_test.exs similarity index 65% rename from apps/web/test/fz_http_web/auth/json/authentication_test.exs rename to apps/web/test/web/auth/json/authentication_test.exs index ebe3589bf..df3c71b4d 100644 --- a/apps/web/test/fz_http_web/auth/json/authentication_test.exs +++ b/apps/web/test/web/auth/json/authentication_test.exs @@ -1,20 +1,20 @@ -defmodule FzHttpWeb.Auth.JSON.AuthenticationTest do - use FzHttpWeb.ApiCase, async: true - alias FzHttp.UsersFixtures - import FzHttpWeb.ApiCase +defmodule Web.Auth.JSON.AuthenticationTest do + use Web.ApiCase, async: true + alias Domain.UsersFixtures + import Web.ApiCase test "renders error when api token is invalid" do conn = api_conn() |> Plug.Conn.put_req_header("authorization", "bearer invalid") - |> FzHttpWeb.Auth.JSON.Pipeline.call([]) + |> Web.Auth.JSON.Pipeline.call([]) assert json_response(conn, 401) == %{"errors" => %{"auth" => "invalid_token"}} end test "renders error when api token resource is invalid" do user = UsersFixtures.create_user_with_role(:admin) - subject = FzHttp.Auth.fetch_subject!(user, "127.0.0.1", "AuthTest") + subject = Domain.Auth.fetch_subject!(user, "127.0.0.1", "AuthTest") claims = %{ "api" => Ecto.UUID.generate(), @@ -22,12 +22,12 @@ defmodule FzHttpWeb.Auth.JSON.AuthenticationTest do } {:ok, token, _claims} = - Guardian.encode_and_sign(FzHttpWeb.Auth.JSON.Authentication, subject, claims) + Guardian.encode_and_sign(Web.Auth.JSON.Authentication, subject, claims) conn = api_conn() |> Plug.Conn.put_req_header("authorization", "bearer #{token}") - |> FzHttpWeb.Auth.JSON.Pipeline.call([]) + |> Web.Auth.JSON.Pipeline.call([]) assert json_response(conn, 401) == %{"errors" => %{"auth" => "no_resource_found"}} end diff --git a/apps/web/test/fz_http_web/channels/notification_channel_test.exs b/apps/web/test/web/channels/notification_channel_test.exs similarity index 77% rename from apps/web/test/fz_http_web/channels/notification_channel_test.exs rename to apps/web/test/web/channels/notification_channel_test.exs index 47363c307..9bad19ed1 100644 --- a/apps/web/test/fz_http_web/channels/notification_channel_test.exs +++ b/apps/web/test/web/channels/notification_channel_test.exs @@ -1,15 +1,15 @@ -defmodule FzHttpWeb.NotificationChannelTest do - use FzHttpWeb.ChannelCase, async: true +defmodule Web.NotificationChannelTest do + use Web.ChannelCase, async: true - alias FzHttp.UsersFixtures - alias FzHttpWeb.NotificationChannel + alias Domain.UsersFixtures + alias Web.NotificationChannel describe "channel join" do setup _tags do user = UsersFixtures.create_user_with_role(:admin) socket = - FzHttpWeb.UserSocket + Web.UserSocket |> socket(user.id, %{remote_ip: "127.0.0.1", user_agent: "test", current_user_id: user.id}) %{ diff --git a/apps/web/test/fz_http_web/controllers/auth_controller_test.exs b/apps/web/test/web/controllers/auth_controller_test.exs similarity index 91% rename from apps/web/test/fz_http_web/controllers/auth_controller_test.exs rename to apps/web/test/web/controllers/auth_controller_test.exs index 1a3e4ca4f..b5376df7b 100644 --- a/apps/web/test/fz_http_web/controllers/auth_controller_test.exs +++ b/apps/web/test/web/controllers/auth_controller_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.AuthControllerTest do - use FzHttpWeb.ConnCase, async: true - alias FzHttp.ConfigFixtures - alias FzHttp.Repo +defmodule Web.AuthControllerTest do + use Web.ConnCase, async: true + alias Domain.ConfigFixtures + alias Domain.Repo setup do {bypass, _openid_connect_providers_attrs} = @@ -15,9 +15,9 @@ defmodule FzHttpWeb.AuthControllerTest do "vault" ]) - FzHttp.Config.put_config!( + Domain.Config.put_config!( :saml_identity_providers, - [FzHttp.ConfigFixtures.saml_identity_providers_attrs(%{"label" => "SAML"})] + [Domain.ConfigFixtures.saml_identity_providers_attrs(%{"label" => "SAML"})] ) %{bypass: bypass} @@ -68,14 +68,14 @@ defmodule FzHttpWeb.AuthControllerTest do test "GET /auth/identity omits forgot password link when local_auth disabled", %{ unauthed_conn: conn } do - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) test_conn = get(conn, ~p"/auth/identity") assert text_response(test_conn, 404) == "Local auth disabled" end test "when local_auth is disabled responds with 404", %{unauthed_conn: conn} do - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) test_conn = post(conn, ~p"/auth/identity/callback", %{}) assert text_response(test_conn, 404) == "Local auth disabled" @@ -127,7 +127,7 @@ defmodule FzHttpWeb.AuthControllerTest do "password" => "password1234" } - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) test_conn = post(conn, ~p"/auth/identity/callback", params) assert text_response(test_conn, 404) == "Local auth disabled" @@ -136,7 +136,7 @@ defmodule FzHttpWeb.AuthControllerTest do describe "GET /auth/reset_password" do test "protects route when local_auth is disabled", %{unauthed_conn: conn} do - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) test_conn = get(conn, ~p"/auth/reset_password") assert text_response(test_conn, 404) == "Local auth disabled" @@ -158,7 +158,7 @@ defmodule FzHttpWeb.AuthControllerTest do setup %{unauthed_conn: conn} = context do signed_state = Plug.Crypto.sign( - FzHttp.Config.fetch_env!(:fz_http, FzHttpWeb.Endpoint)[:secret_key_base], + Domain.Config.fetch_env!(:web, Web.Endpoint)[:secret_key_base], @key <> "_cookie", @state, key: Plug.Keys, @@ -257,7 +257,7 @@ defmodule FzHttpWeb.AuthControllerTest do assert Phoenix.Flash.get(test_conn.assigns.flash, :info) == "Please check your inbox for the magic link." - user = Repo.get(FzHttp.Users.User, user.id) + user = Repo.get(Domain.Users.User, user.id) assert user.sign_in_token_hash assert_receive {:email, email} @@ -268,7 +268,7 @@ defmodule FzHttpWeb.AuthControllerTest do token = String.split(email.assigns.link, "/") |> List.last() - assert {:ok, _user} = FzHttp.Users.consume_sign_in_token(user, token) + assert {:ok, _user} = Domain.Users.consume_sign_in_token(user, token) end end @@ -276,7 +276,7 @@ defmodule FzHttpWeb.AuthControllerTest do setup :create_user setup context do - {:ok, user} = FzHttp.Users.request_sign_in_token(context.user) + {:ok, user} = Domain.Users.request_sign_in_token(context.user) Map.put(context, :user, user) end @@ -307,7 +307,7 @@ defmodule FzHttpWeb.AuthControllerTest do end test "prevents signing in when local_auth_disabled", %{unauthed_conn: conn, user: user} do - FzHttp.Config.put_config!(:local_auth_enabled, false) + Domain.Config.put_config!(:local_auth_enabled, false) test_conn = get(conn, ~p"/auth/magic/#{user.id}/#{user.sign_in_token}") assert text_response(test_conn, 404) == "Local auth disabled" @@ -320,7 +320,7 @@ defmodule FzHttpWeb.AuthControllerTest do query = URI.encode_query(%{ "id_token_hint" => "abc", - "post_logout_redirect_uri" => FzHttp.Config.fetch_env!(:fz_http, :external_url), + "post_logout_redirect_uri" => Domain.Config.fetch_env!(:web, :external_url), "client_id" => "okta-client-id" }) diff --git a/apps/web/test/fz_http_web/controllers/browser_controller_test.exs b/apps/web/test/web/controllers/browser_controller_test.exs similarity index 78% rename from apps/web/test/fz_http_web/controllers/browser_controller_test.exs rename to apps/web/test/web/controllers/browser_controller_test.exs index 1c9225c6e..d9d7ea1e5 100644 --- a/apps/web/test/fz_http_web/controllers/browser_controller_test.exs +++ b/apps/web/test/web/controllers/browser_controller_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.BrowserControllerTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.BrowserControllerTest do + use Web.ConnCase, async: true describe "config/2" do test "returns valid XML browse config", %{unauthed_conn: conn} do diff --git a/apps/web/test/fz_http_web/controllers/json/configuration_controller_test.exs b/apps/web/test/web/controllers/json/configuration_controller_test.exs similarity index 95% rename from apps/web/test/fz_http_web/controllers/json/configuration_controller_test.exs rename to apps/web/test/web/controllers/json/configuration_controller_test.exs index b76906f10..3d6eec73a 100644 --- a/apps/web/test/fz_http_web/controllers/json/configuration_controller_test.exs +++ b/apps/web/test/web/controllers/json/configuration_controller_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.JSON.ConfigurationControllerTest do - use FzHttpWeb.ApiCase, async: true - alias FzHttp.ConfigFixtures +defmodule Web.JSON.ConfigurationControllerTest do + use Web.ApiCase, async: true + alias Domain.ConfigFixtures describe "GET /v0/configuration" do test "renders configuration" do @@ -12,7 +12,7 @@ defmodule FzHttpWeb.JSON.ConfigurationControllerTest do end test "renders logotype" do - FzHttp.Config.put_config!(:logo, %{"url" => "https://example.com/logo.png"}) + Domain.Config.put_config!(:logo, %{"url" => "https://example.com/logo.png"}) conn = get(authed_conn(), ~p"/v0/configuration") @@ -140,7 +140,7 @@ defmodule FzHttpWeb.JSON.ConfigurationControllerTest do end test "renders error when trying to override a value with environment override" do - FzHttp.Config.put_system_env_override(:local_auth_enabled, true) + Domain.Config.put_system_env_override(:local_auth_enabled, true) attrs = %{ "local_auth_enabled" => false diff --git a/apps/web/test/fz_http_web/controllers/json/device_controller_test.exs b/apps/web/test/web/controllers/json/device_controller_test.exs similarity index 97% rename from apps/web/test/fz_http_web/controllers/json/device_controller_test.exs rename to apps/web/test/web/controllers/json/device_controller_test.exs index 8fe6a88ae..fc81cb4f4 100644 --- a/apps/web/test/fz_http_web/controllers/json/device_controller_test.exs +++ b/apps/web/test/web/controllers/json/device_controller_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.JSON.DeviceControllerTest do - use FzHttpWeb.ApiCase, async: true - alias FzHttp.{DevicesFixtures, UsersFixtures} +defmodule Web.JSON.DeviceControllerTest do + use Web.ApiCase, async: true + alias Domain.{DevicesFixtures, UsersFixtures} @params %{ "name" => "create-name", diff --git a/apps/web/test/fz_http_web/controllers/json/rule_controller_test.exs b/apps/web/test/web/controllers/json/rule_controller_test.exs similarity index 97% rename from apps/web/test/fz_http_web/controllers/json/rule_controller_test.exs rename to apps/web/test/web/controllers/json/rule_controller_test.exs index 01657fe88..70f8bf0dd 100644 --- a/apps/web/test/fz_http_web/controllers/json/rule_controller_test.exs +++ b/apps/web/test/web/controllers/json/rule_controller_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.JSON.RuleControllerTest do - use FzHttpWeb.ApiCase, async: true - alias FzHttp.RulesFixtures - import FzHttpWeb.ApiCase +defmodule Web.JSON.RuleControllerTest do + use Web.ApiCase, async: true + alias Domain.RulesFixtures + import Web.ApiCase @accept_rule_params %{ "destination" => "1.1.1.1/24", diff --git a/apps/web/test/fz_http_web/controllers/json/user_controller_test.exs b/apps/web/test/web/controllers/json/user_controller_test.exs similarity index 98% rename from apps/web/test/fz_http_web/controllers/json/user_controller_test.exs rename to apps/web/test/web/controllers/json/user_controller_test.exs index 8a04645ea..d8c6a6664 100644 --- a/apps/web/test/fz_http_web/controllers/json/user_controller_test.exs +++ b/apps/web/test/web/controllers/json/user_controller_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.JSON.UserControllerTest do - use FzHttpWeb.ApiCase, async: true - import FzHttpWeb.ApiCase - alias FzHttp.UsersFixtures - alias FzHttp.Users +defmodule Web.JSON.UserControllerTest do + use Web.ApiCase, async: true + import Web.ApiCase + alias Domain.UsersFixtures + alias Domain.Users @create_attrs %{ "email" => "test@test.com", diff --git a/apps/web/test/fz_http_web/controllers/user_controller_test.exs b/apps/web/test/web/controllers/user_controller_test.exs similarity index 87% rename from apps/web/test/fz_http_web/controllers/user_controller_test.exs rename to apps/web/test/web/controllers/user_controller_test.exs index e73d7c3c7..762ad29a8 100644 --- a/apps/web/test/fz_http_web/controllers/user_controller_test.exs +++ b/apps/web/test/web/controllers/user_controller_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.UserControllerTest do - use FzHttpWeb.ConnCase, async: true - alias FzHttp.UsersFixtures +defmodule Web.UserControllerTest do + use Web.ConnCase, async: true + alias Domain.UsersFixtures describe "delete/2" do test "deletes the admin user if there is at least one additional admin", %{ @@ -12,7 +12,7 @@ defmodule FzHttpWeb.UserControllerTest do conn = delete(conn, ~p"/user") assert redirected_to(conn) == ~p"/" - refute Repo.get(FzHttp.Users.User, user.id) + refute Repo.get(Domain.Users.User, user.id) end test "returns 404 when user is already deleted", %{admin_user: user, admin_conn: conn} do diff --git a/apps/web/test/fz_http_web/header_helpers_test.exs b/apps/web/test/web/header_helpers_test.exs similarity index 79% rename from apps/web/test/fz_http_web/header_helpers_test.exs rename to apps/web/test/web/header_helpers_test.exs index 0cae52e16..b2d394749 100644 --- a/apps/web/test/fz_http_web/header_helpers_test.exs +++ b/apps/web/test/web/header_helpers_test.exs @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.HeaderHelpersTest do +defmodule Web.HeaderHelpersTest do use ExUnit.Case, async: true - import FzHttpWeb.HeaderHelpers + import Web.HeaderHelpers describe "remote_ip_opts/0" do test "returns an empty proxies list for remote_ip/2" do - FzHttp.Config.put_env_override(:fz_http, :external_trusted_proxies, []) + Domain.Config.put_env_override(:web, :external_trusted_proxies, []) assert remote_ip_opts() == [ headers: ["x-forwarded-for"], @@ -14,7 +14,7 @@ defmodule FzHttpWeb.HeaderHelpersTest do end test "returns a list of options for remote_ip/2 with ipv4 proxies" do - FzHttp.Config.put_env_override(:fz_http, :external_trusted_proxies, [ + Domain.Config.put_env_override(:web, :external_trusted_proxies, [ %Postgrex.INET{address: {127, 0, 0, 1}, netmask: nil}, %Postgrex.INET{address: {10, 10, 10, 0}, netmask: 16} ]) @@ -27,7 +27,7 @@ defmodule FzHttpWeb.HeaderHelpersTest do end test "returns a list of options for remote_ip/2 with ipv6 proxies" do - FzHttp.Config.put_env_override(:fz_http, :external_trusted_proxies, [ + Domain.Config.put_env_override(:web, :external_trusted_proxies, [ %Postgrex.INET{address: {1, 0, 0, 0, 0, 0, 0, 0}, netmask: 106}, %Postgrex.INET{address: {1, 1, 1, 1, 1, 1, 1, 1}, netmask: nil} ]) diff --git a/apps/web/test/fz_http_web/html_authentication_test.exs b/apps/web/test/web/html_authentication_test.exs similarity index 84% rename from apps/web/test/fz_http_web/html_authentication_test.exs rename to apps/web/test/web/html_authentication_test.exs index 1b50644af..6654346ca 100644 --- a/apps/web/test/fz_http_web/html_authentication_test.exs +++ b/apps/web/test/web/html_authentication_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.HTMLAuthenticationTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.HTMLAuthenticationTest do + use Web.ConnCase, async: true - alias FzHttpWeb.Auth.HTML.Authentication + alias Web.Auth.HTML.Authentication describe "authenticate/2" do setup :create_user diff --git a/apps/web/test/fz_http_web/layout_view_test.exs b/apps/web/test/web/layout_view_test.exs similarity index 73% rename from apps/web/test/fz_http_web/layout_view_test.exs rename to apps/web/test/web/layout_view_test.exs index e11d007e2..55775b07d 100644 --- a/apps/web/test/fz_http_web/layout_view_test.exs +++ b/apps/web/test/web/layout_view_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.SidebarComponentTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.SidebarComponentTest do + use Web.ConnCase, async: true - alias FzHttpWeb.SidebarComponent + alias Web.SidebarComponent describe "nav_class/2" do test "it computes nav class for account route" do diff --git a/apps/web/test/fz_http_web/live/connectivity_check_live/index_test.exs b/apps/web/test/web/live/connectivity_check_live/index_test.exs similarity index 89% rename from apps/web/test/fz_http_web/live/connectivity_check_live/index_test.exs rename to apps/web/test/web/live/connectivity_check_live/index_test.exs index 69255c0d6..349b35fce 100644 --- a/apps/web/test/fz_http_web/live/connectivity_check_live/index_test.exs +++ b/apps/web/test/web/live/connectivity_check_live/index_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.ConnectivityCheckLive.IndexTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.ConnectivityCheckLive.IndexTest do + use Web.ConnCase, async: true describe "authenticated/connectivity_checks list" do setup :create_connectivity_checks diff --git a/apps/web/test/fz_http_web/live/device_live/admin/index_test.exs b/apps/web/test/web/live/device_live/admin/index_test.exs similarity index 89% rename from apps/web/test/fz_http_web/live/device_live/admin/index_test.exs rename to apps/web/test/web/live/device_live/admin/index_test.exs index 3f727d14f..a39823411 100644 --- a/apps/web/test/fz_http_web/live/device_live/admin/index_test.exs +++ b/apps/web/test/web/live/device_live/admin/index_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.DeviceLive.Admin.IndexTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.DeviceLive.Admin.IndexTest do + use Web.ConnCase, async: true describe "authenticated/device list" do setup :create_devices @@ -21,7 +21,7 @@ defmodule FzHttpWeb.DeviceLive.Admin.IndexTest do assert html =~ "User" - devices = FzHttp.Repo.preload(devices, :user) + devices = Domain.Repo.preload(devices, :user) for device <- devices do assert html =~ device.user.email diff --git a/apps/web/test/fz_http_web/live/device_live/admin/show_test.exs b/apps/web/test/web/live/device_live/admin/show_test.exs similarity index 94% rename from apps/web/test/fz_http_web/live/device_live/admin/show_test.exs rename to apps/web/test/web/live/device_live/admin/show_test.exs index 76d9b2c27..34eefa14c 100644 --- a/apps/web/test/fz_http_web/live/device_live/admin/show_test.exs +++ b/apps/web/test/web/live/device_live/admin/show_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.DeviceLive.Admin.ShowTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.DeviceLive.Admin.ShowTest do + use Web.ConnCase, async: true describe "unauthenticated" do setup :create_device diff --git a/apps/web/test/fz_http_web/live/device_live/unprivileged/index_test.exs b/apps/web/test/web/live/device_live/unprivileged/index_test.exs similarity index 93% rename from apps/web/test/fz_http_web/live/device_live/unprivileged/index_test.exs rename to apps/web/test/web/live/device_live/unprivileged/index_test.exs index ecdbddbd3..cc91d03f8 100644 --- a/apps/web/test/fz_http_web/live/device_live/unprivileged/index_test.exs +++ b/apps/web/test/web/live/device_live/unprivileged/index_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.DeviceLive.Unprivileged.IndexTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.DeviceLive.Unprivileged.IndexTest do + use Web.ConnCase, async: true describe "authenticated/device list" do test "includes the device name in the list", %{ @@ -28,7 +28,7 @@ defmodule FzHttpWeb.DeviceLive.Unprivileged.IndexTest do describe "authenticated device management disabled" do setup do - FzHttp.Config.put_config!(:allow_unprivileged_device_management, false) + Domain.Config.put_config!(:allow_unprivileged_device_management, false) :ok end @@ -42,7 +42,7 @@ defmodule FzHttpWeb.DeviceLive.Unprivileged.IndexTest do describe "authenticated device configuration disabled" do setup do - FzHttp.Config.put_config!(:allow_unprivileged_device_configuration, false) + Domain.Config.put_config!(:allow_unprivileged_device_configuration, false) :ok end diff --git a/apps/web/test/fz_http_web/live/device_live/unprivileged/show_test.exs b/apps/web/test/web/live/device_live/unprivileged/show_test.exs similarity index 89% rename from apps/web/test/fz_http_web/live/device_live/unprivileged/show_test.exs rename to apps/web/test/web/live/device_live/unprivileged/show_test.exs index 94aacbc54..6e8a12e6c 100644 --- a/apps/web/test/fz_http_web/live/device_live/unprivileged/show_test.exs +++ b/apps/web/test/web/live/device_live/unprivileged/show_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.DeviceLive.Unprivileged.ShowTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.DeviceLive.Unprivileged.ShowTest do + use Web.ConnCase, async: true describe "unauthenticated" do setup :create_device @@ -43,7 +43,7 @@ defmodule FzHttpWeb.DeviceLive.Unprivileged.ShowTest do } do {:ok, device: device} = create_device(user: user) - FzHttp.Config.put_config!(:allow_unprivileged_device_management, false) + Domain.Config.put_config!(:allow_unprivileged_device_management, false) path = ~p"/user_devices/#{device}" expected_path = ~p"/" diff --git a/apps/web/test/fz_http_web/live/mfa_live/auth_test.exs b/apps/web/test/web/live/mfa_live/auth_test.exs similarity index 95% rename from apps/web/test/fz_http_web/live/mfa_live/auth_test.exs rename to apps/web/test/web/live/mfa_live/auth_test.exs index 44e7e79d2..48785d3f3 100644 --- a/apps/web/test/fz_http_web/live/mfa_live/auth_test.exs +++ b/apps/web/test/web/live/mfa_live/auth_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.MFALive.AuthTest do - use FzHttpWeb.ConnCase, async: true - alias FzHttp.MFAFixtures +defmodule Web.MFALive.AuthTest do + use Web.ConnCase, async: true + alias Domain.MFAFixtures setup %{admin_user: admin} do method = MFAFixtures.create_totp_method(user: admin) diff --git a/apps/web/test/fz_http_web/live/notifications_live/badge_test.exs b/apps/web/test/web/live/notifications_live/badge_test.exs similarity index 79% rename from apps/web/test/fz_http_web/live/notifications_live/badge_test.exs rename to apps/web/test/web/live/notifications_live/badge_test.exs index 73c830d3e..cdc8758a6 100644 --- a/apps/web/test/fz_http_web/live/notifications_live/badge_test.exs +++ b/apps/web/test/web/live/notifications_live/badge_test.exs @@ -1,10 +1,10 @@ -defmodule FzHttpWeb.NotificationsLive.BadgeTest do +defmodule Web.NotificationsLive.BadgeTest do @moduledoc """ Test notifications badge. """ # async: true causes intermittent failures... - use FzHttpWeb.ConnCase, async: false - alias FzHttp.Notifications + use Web.ConnCase, async: false + alias Domain.Notifications setup tags do # Pass the pid to the Notifications views @@ -16,7 +16,7 @@ defmodule FzHttpWeb.NotificationsLive.BadgeTest do setup [:create_notifications] test "badge has no notifications", %{admin_conn: conn} do - {:ok, _view, html} = live_isolated(conn, FzHttpWeb.NotificationsLive.Badge) + {:ok, _view, html} = live_isolated(conn, Web.NotificationsLive.Badge) assert html =~ "" @@ -31,7 +31,7 @@ defmodule FzHttpWeb.NotificationsLive.BadgeTest do Notifications.add(pid, notification) end - {:ok, _view, html} = live_isolated(conn, FzHttpWeb.NotificationsLive.Badge) + {:ok, _view, html} = live_isolated(conn, Web.NotificationsLive.Badge) assert html =~ "5" end @@ -48,7 +48,7 @@ defmodule FzHttpWeb.NotificationsLive.BadgeTest do Notifications.clear_at(pid, 0) Notifications.clear_at(pid, 1) - {:ok, _view, html} = live_isolated(conn, FzHttpWeb.NotificationsLive.Badge) + {:ok, _view, html} = live_isolated(conn, Web.NotificationsLive.Badge) assert html =~ "3" end @@ -64,7 +64,7 @@ defmodule FzHttpWeb.NotificationsLive.BadgeTest do Notifications.clear_all(pid) - {:ok, _view, html} = live_isolated(conn, FzHttpWeb.NotificationsLive.Badge) + {:ok, _view, html} = live_isolated(conn, Web.NotificationsLive.Badge) assert html =~ "" diff --git a/apps/web/test/fz_http_web/live/notifications_live/index_test.exs b/apps/web/test/web/live/notifications_live/index_test.exs similarity index 93% rename from apps/web/test/fz_http_web/live/notifications_live/index_test.exs rename to apps/web/test/web/live/notifications_live/index_test.exs index 8aae4b41d..8b94e05de 100644 --- a/apps/web/test/fz_http_web/live/notifications_live/index_test.exs +++ b/apps/web/test/web/live/notifications_live/index_test.exs @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.NotificationsLive.IndexTest do +defmodule Web.NotificationsLive.IndexTest do @moduledoc """ Test adding and removing notifications from the notifications table. """ - use FzHttpWeb.ConnCase, async: false - alias FzHttp.Notifications + use Web.ConnCase, async: false + alias Domain.Notifications setup tags do # Pass the pid to the Notifications views diff --git a/apps/web/test/fz_http_web/live/rule_live/index_test.exs b/apps/web/test/web/live/rule_live/index_test.exs similarity index 98% rename from apps/web/test/fz_http_web/live/rule_live/index_test.exs rename to apps/web/test/web/live/rule_live/index_test.exs index 95b5e3a85..509fece63 100644 --- a/apps/web/test/fz_http_web/live/rule_live/index_test.exs +++ b/apps/web/test/web/live/rule_live/index_test.exs @@ -1,5 +1,5 @@ -defmodule FzHttpWeb.RuleLive.IndexTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.RuleLive.IndexTest do + use Web.ConnCase, async: true describe "allowlist" do setup :create_accept_rule diff --git a/apps/web/test/fz_http_web/live/setting_live/account_test.exs b/apps/web/test/web/live/setting_live/account_test.exs similarity index 93% rename from apps/web/test/fz_http_web/live/setting_live/account_test.exs rename to apps/web/test/web/live/setting_live/account_test.exs index 0ceb9fde3..dd5243fcc 100644 --- a/apps/web/test/fz_http_web/live/setting_live/account_test.exs +++ b/apps/web/test/web/live/setting_live/account_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.SettingLive.AccountTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.SettingLive.AccountTest do + use Web.ConnCase, async: true - alias FzHttp.{Users, Users.User} - alias FzHttpWeb.SettingLive.AccountFormComponent + alias Domain.{Users, Users.User} + alias Web.SettingLive.AccountFormComponent describe "when unauthenticated" do test "mount redirects to session path", %{unauthed_conn: conn} do diff --git a/apps/web/test/fz_http_web/live/setting_live/client_defaults_test.exs b/apps/web/test/web/live/setting_live/client_defaults_test.exs similarity index 97% rename from apps/web/test/fz_http_web/live/setting_live/client_defaults_test.exs rename to apps/web/test/web/live/setting_live/client_defaults_test.exs index c3b179b57..f4a032f1d 100644 --- a/apps/web/test/fz_http_web/live/setting_live/client_defaults_test.exs +++ b/apps/web/test/web/live/setting_live/client_defaults_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.SettingLive.ClientDefaultsTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.SettingLive.ClientDefaultsTest do + use Web.ConnCase, async: true - alias FzHttp.Config + alias Domain.Config describe "authenticated/client_defaults" do @valid_allowed_ips %{ @@ -93,7 +93,7 @@ defmodule FzHttpWeb.SettingLive.ClientDefaultsTest do end test "blocks overridden default client endpoint" do - FzHttp.Config.put_system_env_override(:default_client_endpoint, "1.2.3.4:1234") + Domain.Config.put_system_env_override(:default_client_endpoint, "1.2.3.4:1234") {_admin_user, conn} = admin_conn(%{}) {:ok, view, _html} = live(conn, ~p"/settings/client_defaults") diff --git a/apps/web/test/fz_http_web/live/setting_live/customization_test.exs b/apps/web/test/web/live/setting_live/customization_test.exs similarity index 86% rename from apps/web/test/fz_http_web/live/setting_live/customization_test.exs rename to apps/web/test/web/live/setting_live/customization_test.exs index bd720cbdb..6f0f09553 100644 --- a/apps/web/test/fz_http_web/live/setting_live/customization_test.exs +++ b/apps/web/test/web/live/setting_live/customization_test.exs @@ -1,9 +1,9 @@ -defmodule FzHttpWeb.SettingLive.CustomizationTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.SettingLive.CustomizationTest do + use Web.ConnCase, async: true describe "logo" do setup %{admin_conn: conn} = context do - FzHttp.Config.put_config!(:logo, context[:logo]) + Domain.Config.put_config!(:logo, context[:logo]) path = ~p"/settings/customization" {:ok, view, html} = live(conn, path) @@ -50,7 +50,7 @@ defmodule FzHttpWeb.SettingLive.CustomizationTest do view |> element("input[value=Default]") |> render_click() view |> element("form") |> render_submit() - assert FzHttp.Config.fetch_config!(:logo) == nil + assert Domain.Config.fetch_config!(:logo) == nil end test "change to url", %{view: view, html: html} do @@ -58,7 +58,7 @@ defmodule FzHttpWeb.SettingLive.CustomizationTest do view |> element("input[value=URL]") |> render_click() view |> render_submit("save", %{"url" => "new"}) - assert %{url: "new"} = FzHttp.Config.fetch_config!(:logo) + assert %{url: "new"} = Domain.Config.fetch_config!(:logo) end test "change to upload", %{view: view, html: html} do @@ -80,7 +80,7 @@ defmodule FzHttpWeb.SettingLive.CustomizationTest do view |> render_submit("save", %{}) data = Base.encode64("new") - assert %{data: ^data, type: "image/jpeg"} = FzHttp.Config.fetch_config!(:logo) + assert %{data: ^data, type: "image/jpeg"} = Domain.Config.fetch_config!(:logo) end end end diff --git a/apps/web/test/fz_http_web/live/setting_live/security_test.exs b/apps/web/test/web/live/setting_live/security_test.exs similarity index 88% rename from apps/web/test/fz_http_web/live/setting_live/security_test.exs rename to apps/web/test/web/live/setting_live/security_test.exs index 1fe450e1f..e76ed52b9 100644 --- a/apps/web/test/fz_http_web/live/setting_live/security_test.exs +++ b/apps/web/test/web/live/setting_live/security_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.SettingLive.SecurityTest do - use FzHttpWeb.ConnCase, async: true - alias FzHttp.ConfigFixtures - alias FzHttpWeb.SettingLive.Security +defmodule Web.SettingLive.SecurityTest do + use Web.ConnCase, async: true + alias Domain.ConfigFixtures + alias Web.SettingLive.Security describe "authenticated mount" do test "loads the active sessions table", %{admin_conn: conn} do @@ -16,7 +16,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do {:ok, _view, html} = live(conn, path) assert html =~ ~s|| - FzHttp.Config.put_config!(:vpn_session_duration, 3_600) + Domain.Config.put_config!(:vpn_session_duration, 3_600) {:ok, _view, html} = live(conn, path) assert html =~ ~s|| @@ -59,7 +59,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do describe "toggles" do setup %{conf_key: key, conf_val: val} do - FzHttp.Config.put_config!(key, val) + Domain.Config.put_config!(key, val) {:ok, path: ~p"/settings/security"} end @@ -76,7 +76,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do assert html =~ "checked" view |> element("input[phx-value-config=#{unquote(key)}]") |> render_click() - assert FzHttp.Config.fetch_config!(unquote(key)) == false + assert Domain.Config.fetch_config!(unquote(key)) == false end end @@ -93,7 +93,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do refute html =~ "checked" view |> element("input[phx-value-config=#{unquote(key)}]") |> render_click() - assert FzHttp.Config.fetch_config!(unquote(key)) == true + assert Domain.Config.fetch_config!(unquote(key)) == true end end end @@ -164,7 +164,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do assert {:error, {:redirect, _}} = return - assert %FzHttp.Config.Configuration.OpenIDConnectProvider{ + assert %Domain.Config.Configuration.OpenIDConnectProvider{ id: "test", label: "updated", scope: "openid email profile", @@ -175,7 +175,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do "https://common.auth0.com/.well-known/openid-configuration", redirect_uri: nil, auto_create_users: false - } in FzHttp.Config.fetch_config!(:openid_connect_providers) + } in Domain.Config.fetch_config!(:openid_connect_providers) end test "delete", %{view: view} do @@ -183,14 +183,14 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do |> element("button[phx-value-key=\"test\"]", "Delete") |> render_click() - openid_connect_providers = FzHttp.Config.fetch_config!(:openid_connect_providers) + openid_connect_providers = Domain.Config.fetch_config!(:openid_connect_providers) assert Enum.map(openid_connect_providers, & &1.id) == ["test2"] view |> element("button[phx-value-key=\"test2\"]", "Delete") |> render_click() - assert FzHttp.Config.fetch_config!(:openid_connect_providers) == [] + assert Domain.Config.fetch_config!(:openid_connect_providers) == [] end end @@ -248,14 +248,14 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do assert {:error, {:redirect, _}} = return - saml_identity_providers = FzHttp.Config.fetch_config!(:saml_identity_providers) + saml_identity_providers = Domain.Config.fetch_config!(:saml_identity_providers) assert length(saml_identity_providers) == 3 - assert %FzHttp.Config.Configuration.SAMLIdentityProvider{ + assert %Domain.Config.Configuration.SAMLIdentityProvider{ auto_create_users: false, # XXX this field would be nil if we don't "guess" the url when we load the record in StartProxy - base_url: "#{FzHttp.Config.fetch_env!(:fz_http, :external_url)}auth/saml", + base_url: "#{Domain.Config.fetch_env!(:web, :external_url)}auth/saml", id: "FAKEID", label: "FOO", metadata: attrs["metadata"], @@ -291,7 +291,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do assert {:error, {:redirect, %{flash: _, to: "/settings/security"}}} = redirect assert saml_identity_provider = - FzHttp.Config.fetch_config!(:saml_identity_providers) + Domain.Config.fetch_config!(:saml_identity_providers) |> Enum.find(fn saml_identity_provider -> saml_identity_provider.id == "new_id" end) @@ -316,9 +316,9 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do # stays on the modal assert html =~ ~s|

SAML Configuration

| - assert %FzHttp.Config.Configuration.SAMLIdentityProvider{ + assert %Domain.Config.Configuration.SAMLIdentityProvider{ auto_create_users: true, - base_url: "#{FzHttp.Config.fetch_env!(:fz_http, :external_url)}auth/saml", + base_url: "#{Domain.Config.fetch_env!(:web, :external_url)}auth/saml", id: attrs["id"], label: attrs["label"], metadata: attrs["metadata"], @@ -326,7 +326,7 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do sign_requests: true, signed_assertion_in_resp: true, signed_envelopes_in_resp: true - } in FzHttp.Config.fetch_config!(:saml_identity_providers) + } in Domain.Config.fetch_config!(:saml_identity_providers) end test "delete", %{view: view} do @@ -334,14 +334,14 @@ defmodule FzHttpWeb.SettingLive.SecurityTest do |> element("button[phx-value-key=\"test\"]", "Delete") |> render_click() - saml_identity_providers = FzHttp.Config.fetch_config!(:saml_identity_providers) + saml_identity_providers = Domain.Config.fetch_config!(:saml_identity_providers) assert Enum.map(saml_identity_providers, & &1.id) == ["test2"] view |> element("button", "Delete") |> render_click() - assert FzHttp.Config.fetch_config!(:saml_identity_providers) == [] + assert Domain.Config.fetch_config!(:saml_identity_providers) == [] end end end diff --git a/apps/web/test/fz_http_web/live/setting_live/unprivileged/account_test.exs b/apps/web/test/web/live/setting_live/unprivileged/account_test.exs similarity index 91% rename from apps/web/test/fz_http_web/live/setting_live/unprivileged/account_test.exs rename to apps/web/test/web/live/setting_live/unprivileged/account_test.exs index f7c30b5ba..a9556cbaa 100644 --- a/apps/web/test/fz_http_web/live/setting_live/unprivileged/account_test.exs +++ b/apps/web/test/web/live/setting_live/unprivileged/account_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.SettingLive.Unprivileged.AccountTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.SettingLive.Unprivileged.AccountTest do + use Web.ConnCase, async: true - alias FzHttp.{Users, Users.User} - alias FzHttpWeb.SettingLive.Unprivileged.AccountFormComponent + alias Domain.{Users, Users.User} + alias Web.SettingLive.Unprivileged.AccountFormComponent describe "when unauthenticated" do test "mount redirects to session path", %{unauthed_conn: conn} do diff --git a/apps/web/test/fz_http_web/live/user_live/index_test.exs b/apps/web/test/web/live/user_live/index_test.exs similarity index 95% rename from apps/web/test/fz_http_web/live/user_live/index_test.exs rename to apps/web/test/web/live/user_live/index_test.exs index f648c2e83..d791190b5 100644 --- a/apps/web/test/fz_http_web/live/user_live/index_test.exs +++ b/apps/web/test/web/live/user_live/index_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.UserLive.IndexTest do - use FzHttpWeb.ConnCase, async: true - alias FzHttp.SubjectFixtures - alias FzHttp.Users +defmodule Web.UserLive.IndexTest do + use Web.ConnCase, async: true + alias Domain.SubjectFixtures + alias Domain.Users describe "authenticated user list" do setup [:create_devices, :create_users] diff --git a/apps/web/test/fz_http_web/live/user_live/show_test.exs b/apps/web/test/web/live/user_live/show_test.exs similarity index 99% rename from apps/web/test/fz_http_web/live/user_live/show_test.exs rename to apps/web/test/web/live/user_live/show_test.exs index 4be5622aa..f126afe1d 100644 --- a/apps/web/test/fz_http_web/live/user_live/show_test.exs +++ b/apps/web/test/web/live/user_live/show_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.UserLive.ShowTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.UserLive.ShowTest do + use Web.ConnCase, async: true - alias FzHttp.UsersFixtures + alias Domain.UsersFixtures describe "authenticated show" do setup :create_device @@ -620,7 +620,7 @@ defmodule FzHttpWeb.UserLive.ShowTest do describe "disable/enable user" do import Ecto.Changeset - alias FzHttp.Repo + alias Domain.Repo test "enable user", %{admin_conn: conn, unprivileged_user: user} do user = user |> change |> put_change(:disabled_at, DateTime.utc_now()) |> Repo.update!() diff --git a/apps/web/test/fz_http_web/live/user_live/vpn_connection_component_test.exs b/apps/web/test/web/live/user_live/vpn_connection_component_test.exs similarity index 75% rename from apps/web/test/fz_http_web/live/user_live/vpn_connection_component_test.exs rename to apps/web/test/web/live/user_live/vpn_connection_component_test.exs index aba051112..e1c88ae5b 100644 --- a/apps/web/test/fz_http_web/live/user_live/vpn_connection_component_test.exs +++ b/apps/web/test/web/live/user_live/vpn_connection_component_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.UserLive.VPNConnectionComponentTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.UserLive.VPNConnectionComponentTest do + use Web.ConnCase, async: true - alias FzHttpWeb.UserLive.VPNConnectionComponent + alias Web.UserLive.VPNConnectionComponent describe "admin" do setup :create_user diff --git a/apps/web/test/fz_http_web/live/user_live/vpn_status_component_test.exs b/apps/web/test/web/live/user_live/vpn_status_component_test.exs similarity index 90% rename from apps/web/test/fz_http_web/live/user_live/vpn_status_component_test.exs rename to apps/web/test/web/live/user_live/vpn_status_component_test.exs index ad8bc3656..739500875 100644 --- a/apps/web/test/fz_http_web/live/user_live/vpn_status_component_test.exs +++ b/apps/web/test/web/live/user_live/vpn_status_component_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.UserLive.VPNStatusComponentTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.UserLive.VPNStatusComponentTest do + use Web.ConnCase, async: true - alias FzHttpWeb.UserLive.VPNStatusComponent + alias Web.UserLive.VPNStatusComponent describe "admin" do setup :create_user diff --git a/apps/web/test/fz_http_web/mailer_test.exs b/apps/web/test/web/mailer_test.exs similarity index 92% rename from apps/web/test/fz_http_web/mailer_test.exs rename to apps/web/test/web/mailer_test.exs index 657413b7b..ce59a4872 100644 --- a/apps/web/test/fz_http_web/mailer_test.exs +++ b/apps/web/test/web/mailer_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.MailerTest do +defmodule Web.MailerTest do use ExUnit.Case, async: true - alias FzHttpWeb.Mailer + alias Web.Mailer import Swoosh.TestAssertions test "default_email contains from_email" do @@ -11,7 +11,7 @@ defmodule FzHttpWeb.MailerTest do describe "with templates" do defmodule SampleEmail do use Phoenix.Swoosh, - template_root: "test/fz_http_web/mailer_test", + template_root: "test/web/mailer_test", template_path: "sample_email" def test_heex(number) do diff --git a/apps/web/test/fz_http_web/mailer_test/sample_email/test_heex.html.heex b/apps/web/test/web/mailer_test/sample_email/test_heex.html.heex similarity index 100% rename from apps/web/test/fz_http_web/mailer_test/sample_email/test_heex.html.heex rename to apps/web/test/web/mailer_test/sample_email/test_heex.html.heex diff --git a/apps/web/test/fz_http_web/mailer_test/sample_email/test_multipart.html.eex b/apps/web/test/web/mailer_test/sample_email/test_multipart.html.eex similarity index 100% rename from apps/web/test/fz_http_web/mailer_test/sample_email/test_multipart.html.eex rename to apps/web/test/web/mailer_test/sample_email/test_multipart.html.eex diff --git a/apps/web/test/fz_http_web/mailer_test/sample_email/test_multipart.text.eex b/apps/web/test/web/mailer_test/sample_email/test_multipart.text.eex similarity index 100% rename from apps/web/test/fz_http_web/mailer_test/sample_email/test_multipart.text.eex rename to apps/web/test/web/mailer_test/sample_email/test_multipart.text.eex diff --git a/apps/web/test/fz_http_web/plug/path_prefix_test.exs b/apps/web/test/web/plug/path_prefix_test.exs similarity index 79% rename from apps/web/test/fz_http_web/plug/path_prefix_test.exs rename to apps/web/test/web/plug/path_prefix_test.exs index 5370ae1ff..206cf695e 100644 --- a/apps/web/test/fz_http_web/plug/path_prefix_test.exs +++ b/apps/web/test/web/plug/path_prefix_test.exs @@ -1,7 +1,7 @@ -defmodule FzHttpWeb.Plug.PathPrefixTest do - use FzHttpWeb.ConnCase, async: true +defmodule Web.Plug.PathPrefixTest do + use Web.ConnCase, async: true import Plug.Test - import FzHttpWeb.Plug.PathPrefix + import Web.Plug.PathPrefix describe "init/1" do test "returns the opts" do @@ -11,17 +11,17 @@ defmodule FzHttpWeb.Plug.PathPrefixTest do describe "call/2" do test "does nothing when path prefix is not configured" do - FzHttp.Config.put_env_override(:path_prefix, nil) + Domain.Config.put_env_override(:web, :path_prefix, nil) conn = conn(:get, "/") assert call(conn, []) == conn - FzHttp.Config.put_env_override(:path_prefix, "/") + Domain.Config.put_env_override(:web, :path_prefix, "/") conn = conn(:get, "/foo") assert call(conn, []) == conn end test "removes prefix from conn.request_path" do - FzHttp.Config.put_env_override(:path_prefix, "/vpn/") + Domain.Config.put_env_override(:web, :path_prefix, "/vpn/") conn = conn(:get, "/vpn/foo") assert returned_conn = call(conn, []) assert returned_conn.request_path == "/foo" @@ -30,7 +30,7 @@ defmodule FzHttpWeb.Plug.PathPrefixTest do end test "removes prefix from conn.path_info" do - FzHttp.Config.put_env_override(:path_prefix, "/vpn/") + Domain.Config.put_env_override(:web, :path_prefix, "/vpn/") conn = conn(:get, "/vpn/foo") assert returned_conn = call(conn, []) assert returned_conn.path_info == ["foo"] @@ -39,7 +39,7 @@ defmodule FzHttpWeb.Plug.PathPrefixTest do end test "redirects users from not prefixed path" do - FzHttp.Config.put_env_override(:path_prefix, "/vpn/") + Domain.Config.put_env_override(:web, :path_prefix, "/vpn/") conn = conn(:get, "/foo") assert returned_conn = call(conn, []) diff --git a/apps/web/test/fz_http_web/user_from_auth_test.exs b/apps/web/test/web/user_from_auth_test.exs similarity index 80% rename from apps/web/test/fz_http_web/user_from_auth_test.exs rename to apps/web/test/web/user_from_auth_test.exs index 53771959e..3ce5fa286 100644 --- a/apps/web/test/fz_http_web/user_from_auth_test.exs +++ b/apps/web/test/web/user_from_auth_test.exs @@ -1,8 +1,8 @@ -defmodule FzHttpWeb.UserFromAuthTest do - use FzHttp.DataCase, async: true - alias FzHttp.UsersFixtures - alias FzHttpWeb.UserFromAuth - alias FzHttp.Users +defmodule Web.UserFromAuthTest do + use Domain.DataCase, async: true + alias Domain.UsersFixtures + alias Web.UserFromAuth + alias Domain.Users alias Ueberauth.Auth @moduletag email: "sso@test" @@ -24,7 +24,7 @@ defmodule FzHttpWeb.UserFromAuthTest do describe "find_or_create/2 via OIDC with auto create enabled" do test "sign in creates user", %{email: email} do - FzHttp.ConfigFixtures.start_openid_providers(["google"], %{ + Domain.ConfigFixtures.start_openid_providers(["google"], %{ "auto_create_users" => true }) @@ -41,12 +41,12 @@ defmodule FzHttpWeb.UserFromAuthTest do describe "find_or_create/2 via OIDC with auto create disabled" do test "sign in returns error", %{email: email} do {_bypass, [openid_connect_provider_attrs]} = - FzHttp.ConfigFixtures.start_openid_providers(["google"]) + Domain.ConfigFixtures.start_openid_providers(["google"]) openid_connect_provider_attrs = Map.put(openid_connect_provider_attrs, "auto_create_users", false) - FzHttp.Config.put_config!( + Domain.Config.put_config!( :openid_connect_providers, [openid_connect_provider_attrs] ) @@ -62,9 +62,9 @@ defmodule FzHttpWeb.UserFromAuthTest do end describe "find_or_create/2 via SAML with auto create enabled" do - @tag config: [FzHttp.ConfigFixtures.saml_identity_providers_attrs()] + @tag config: [Domain.ConfigFixtures.saml_identity_providers_attrs()] test "sign in creates user", %{config: config, email: email} do - FzHttp.Config.put_config!(:saml_identity_providers, config) + Domain.Config.put_config!(:saml_identity_providers, config) assert {:ok, result} = UserFromAuth.find_or_create(:saml, "test", %{"email" => email, "sub" => :noop}) @@ -75,10 +75,10 @@ defmodule FzHttpWeb.UserFromAuthTest do describe "find_or_create/2 via SAML with auto create disabled" do @tag config: [ - FzHttp.ConfigFixtures.saml_identity_providers_attrs(%{"auto_create_users" => false}) + Domain.ConfigFixtures.saml_identity_providers_attrs(%{"auto_create_users" => false}) ] test "sign in returns error", %{email: email, config: config} do - FzHttp.Config.put_config!(:saml_identity_providers, config) + Domain.Config.put_config!(:saml_identity_providers, config) assert {:error, "user not found and auto_create_users disabled"} = UserFromAuth.find_or_create(:saml, "test", %{"email" => email, "sub" => :noop}) diff --git a/apps/web/test/web/views/error_view_test.exs b/apps/web/test/web/views/error_view_test.exs new file mode 100644 index 000000000..13e60eec8 --- /dev/null +++ b/apps/web/test/web/views/error_view_test.exs @@ -0,0 +1,14 @@ +defmodule Web.ErrorViewTest do + use Web.ConnCase, async: true + + # Bring render/3 and render_to_string/3 for testing custom views + import Phoenix.View + + test "renders 404.html" do + assert render_to_string(Web.ErrorView, "404.html", []) == "Not Found" + end + + test "renders 500.html" do + assert render_to_string(Web.ErrorView, "500.html", []) == "Internal Server Error" + end +end diff --git a/apps/web/test/fz_http_web/views/shared_view_test.exs b/apps/web/test/web/views/shared_view_test.exs similarity index 87% rename from apps/web/test/fz_http_web/views/shared_view_test.exs rename to apps/web/test/web/views/shared_view_test.exs index 19c826b4a..d052f0b0a 100644 --- a/apps/web/test/fz_http_web/views/shared_view_test.exs +++ b/apps/web/test/web/views/shared_view_test.exs @@ -1,6 +1,6 @@ -defmodule FzHttpWeb.SharedViewTest do +defmodule Web.SharedViewTest do use ExUnit.Case, async: true - import FzHttpWeb.SharedView + import Web.SharedView describe "to_human_bytes/1" do test "handles expected cases" do diff --git a/config/config.exs b/config/config.exs index 9d0cdd940..5a5e62722 100644 --- a/config/config.exs +++ b/config/config.exs @@ -8,12 +8,14 @@ # to prevent having too many overrides in other files. import Config -config :fz_http, supervision_tree_mode: :full +############################### +##### Domain ################## +############################### -config :fz_http, ecto_repos: [FzHttp.Repo] -config :fz_http, sql_sandbox: false +config :domain, ecto_repos: [Domain.Repo] +config :domain, sql_sandbox: false -config :fz_http, FzHttp.Repo, +config :domain, Domain.Repo, hostname: "localhost", username: "postgres", password: "postgres", @@ -22,28 +24,10 @@ config :fz_http, FzHttp.Repo, pool_size: :erlang.system_info(:logical_processors_available) * 2, queue_target: 500, queue_interval: 1000, - migration_timestamps: [type: :timestamptz] + migration_timestamps: [type: :timestamptz], + start_apps_before_migration: [:ssl] -config :fz_http, - external_url: "http://localhost:13000/", - # TODO: use endpoint path instead? - path_prefix: "/" - -config :fz_http, FzHttpWeb.Endpoint, - url: [ - scheme: "http", - host: "localhost", - port: 13000, - path: nil - ], - render_errors: [view: FzHttpWeb.ErrorView, accepts: ~w(html json)], - pubsub_server: FzHttp.PubSub, - secret_key_base: "5OVYJ83AcoQcPmdKNksuBhJFBhjHD1uUa9mDOHV/6EIdBQ6pXksIhkVeWIzFk5SD", - live_view: [ - signing_salt: "t01wa0K4lUd7mKa0HAtZdE+jFOPDDejX" - ] - -config :fz_http, +config :domain, wireguard_ipv4_enabled: true, wireguard_ipv4_network: %{__struct__: Postgrex.INET, address: {100, 64, 0, 0}, netmask: 10}, wireguard_ipv4_address: %{__struct__: Postgrex.INET, address: {100, 64, 0, 1}, netmask: nil}, @@ -57,67 +41,62 @@ config :fz_http, __struct__: Postgrex.INET, address: {64768, 0, 0, 0, 0, 0, 0, 1}, netmask: nil - } + }, + wireguard_port: 51_820 -config :fz_http, FzHttp.SAML, - entity_id: "urn:firezone.dev:firezone-app", - certfile_path: Path.expand("../apps/fz_http/priv/cert/saml_selfsigned.pem", __DIR__), - keyfile_path: Path.expand("../apps/fz_http/priv/cert/saml_selfsigned_key.pem", __DIR__) - -config :fz_http, - external_trusted_proxies: [], - private_clients: [%{__struct__: Postgrex.INET, address: {172, 28, 0, 0}, netmask: 16}] - -config :fz_http, FzHttp.Telemetry, +config :domain, Domain.Telemetry, enabled: true, id: "firezone-dev" -config :fz_http, - cookie_secure: false, - cookie_signing_salt: "WjllcThpb2Y=", - cookie_encryption_salt: "M0EzM0R6NEMyaw==" - -config :fz_http, FzHttp.ConnectivityChecks, +config :domain, Domain.ConnectivityChecks, http_client_options: [], enabled: true, interval: 43_200, url: "https://ping-dev.firez.one/" -config :fz_http, +config :domain, admin_email: "firezone@localhost", default_admin_password: "firezone1234" -config :fz_http, +config :domain, max_devices_per_user: 10 ############################### -##### FZ Firewall configs ##### +##### Web ##################### ############################### -config :fz_wall, cli: FzWall.CLI.Sandbox +config :web, + external_url: "http://localhost:13000/", + # TODO: use endpoint path instead? + path_prefix: "/" -config :fz_wall, - wireguard_ipv4_masquerade: true, - wireguard_ipv6_masquerade: true, - wireguard_interface_name: "wg-firezone", - nft_path: "nft", - egress_interface: "dummy" +config :web, Web.Endpoint, + url: [ + scheme: "http", + host: "localhost", + port: 13000, + path: nil + ], + render_errors: [view: Web.ErrorView, accepts: ~w(html json)], + pubsub_server: Domain.PubSub, + secret_key_base: "5OVYJ83AcoQcPmdKNksuBhJFBhjHD1uUa9mDOHV/6EIdBQ6pXksIhkVeWIzFk5SD", + live_view: [ + signing_salt: "t01wa0K4lUd7mKa0HAtZdE+jFOPDDejX" + ] -config :fz_wall, - port_based_rules_supported: true +config :web, Web.SAML, + entity_id: "urn:firezone.dev:firezone-app", + certfile_path: Path.expand("../apps/web/priv/cert/saml_selfsigned.pem", __DIR__), + keyfile_path: Path.expand("../apps/web/priv/cert/saml_selfsigned_key.pem", __DIR__) -############################### -##### FZ VPN configs ########## -############################### +config :web, + cookie_secure: false, + cookie_signing_salt: "WjllcThpb2Y=", + cookie_encryption_salt: "M0EzM0R6NEMyaw==" -# This will be changed per-env -config :fz_vpn, - wireguard_private_key_path: "priv/wg_dev_private_key", - stats_push_service_enabled: true, - wireguard_interface_name: "wg-firezone", - wireguard_port: 51_820, - wg_adapter: FzVpn.Interface.WGAdapter.Live, - supervised_children: [FzVpn.Server, FzVpn.StatsPushService] +config :web, + external_trusted_proxies: [], + private_clients: [%{__struct__: Postgrex.INET, address: {172, 28, 0, 0}, netmask: 16}] ############################### ##### Third-party configs ##### @@ -142,18 +121,18 @@ config :ueberauth, Ueberauth, ] # Guardian configuration -config :fz_http, FzHttpWeb.Auth.HTML.Authentication, - issuer: "fz_http", +config :web, Web.Auth.HTML.Authentication, + issuer: "web", # Generate with mix guardian.gen.secret secret_key: "GApJ4c4a/KJLrBePgTDUk0n67AbjCvI9qdypKZEaJFXl6s9H3uRcIhTt49Fij5UO" -config :fz_http, FzHttpWeb.Auth.JSON.Authentication, - issuer: "fz_http", +config :web, Web.Auth.JSON.Authentication, + issuer: "web", # Generate with mix guardian.gen.secret secret_key: "GApJ4c4a/KJLrBePgTDUk0n67AbjCvI9qdypKZEaJFXl6s9H3uRcIhTt49Fij5UO" # Configures the vault -config :fz_http, FzHttp.Vault, +config :domain, Domain.Vault, ciphers: [ default: { Cloak.Ciphers.AES.GCM, @@ -169,8 +148,8 @@ config :fz_http, FzHttp.Vault, } ] -config :fz_http, FzHttpWeb.Mailer, - adapter: FzHttpWeb.Mailer.NoopAdapter, +config :web, Web.Mailer, + adapter: Web.Mailer.NoopAdapter, from_email: "test@firez.one" config :samly, Samly.State, store: Samly.State.Session diff --git a/config/dev.exs b/config/dev.exs index 9eacfdcaf..794c43740 100644 --- a/config/dev.exs +++ b/config/dev.exs @@ -1,13 +1,21 @@ import Config -config :fz_http, FzHttp.Repo, +############################### +##### Domain ################## +############################### + +config :domain, Domain.Repo, database: System.get_env("DATABASE_NAME", "firezone_dev"), username: System.get_env("DATABASE_USER", "postgres"), hostname: System.get_env("DATABASE_HOST", "localhost"), port: String.to_integer(System.get_env("DATABASE_PORT", "5432")), password: System.get_env("DATABASE_PASSWORD", "postgres") -config :fz_http, FzHttpWeb.Endpoint, +############################### +##### Web ##################### +############################### + +config :web, Web.Endpoint, http: [port: 13000], debug_errors: true, code_reloader: true, @@ -24,40 +32,6 @@ config :fz_http, FzHttpWeb.Endpoint, ] ] -############################### -##### FZ Firewall configs ##### -############################### - -get_egress_interface = fn -> - egress_interface_cmd = - case :os.type() do - {:unix, :darwin} -> "netstat -rn -finet | grep '^default' | awk '{print $NF;}'" - {_os_family, _os_name} -> "route | grep '^default' | grep -o '[^ ]*$'" - end - - System.cmd("/bin/sh", ["-c", egress_interface_cmd], stderr_to_stdout: true) - |> elem(0) - |> String.trim() -end - -egress_interface = System.get_env("EGRESS_INTERFACE") || get_egress_interface.() - -{fz_wall_cli_module, _} = - Code.eval_string(System.get_env("FZ_WALL_CLI_MODULE", "FzWall.CLI.Sandbox")) - -config :fz_wall, - nft_path: System.get_env("NFT_PATH", "nft"), - egress_interface: egress_interface, - cli: fz_wall_cli_module - -############################### -##### FZ VPN configs ########## -############################### - -config :fz_vpn, - wg_adapter: FzVpn.Interface.WGAdapter.Sandbox, - supervised_children: [FzVpn.Interface.WGAdapter.Sandbox, FzVpn.Server, FzVpn.StatsPushService] - ############################### ##### Third-party configs ##### ############################### @@ -72,4 +46,4 @@ config :phoenix, :stacktrace_depth, 20 # Initialize plugs at runtime for faster development compilation config :phoenix, :plug_init_mode, :runtime -config :fz_http, FzHttpWeb.Mailer, adapter: Swoosh.Adapters.Local +config :web, Web.Mailer, adapter: Swoosh.Adapters.Local diff --git a/config/prod.exs b/config/prod.exs index e6fbee5b8..4559f08e4 100644 --- a/config/prod.exs +++ b/config/prod.exs @@ -1,24 +1,22 @@ import Config -config :fz_http, FzHttpWeb.Endpoint, - cache_static_manifest: "priv/static/cache_manifest.json", - server: true +############################### +##### Domain ################## +############################### -# This will be overridden on releases - -config :fz_http, FzHttp.Repo, +config :domain, Domain.Repo, pool_size: 10, show_sensitive_data_on_connection_error: false -config :fz_http, FzHttp.ConnectivityChecks, url: "https://ping.firez.one/" +config :domain, Domain.ConnectivityChecks, url: "https://ping.firez.one/" ############################### -##### FZ VPN configs ########## +##### Web ##################### ############################### -config :fz_wall, - nft_path: "nft", - cli: FzWall.CLI.Sandbox +config :web, Web.Endpoint, + cache_static_manifest: "priv/static/cache_manifest.json", + server: true ############################### ##### Third-party configs ##### diff --git a/config/runtime.exs b/config/runtime.exs index ad4be511e..46afa0f3b 100644 --- a/config/runtime.exs +++ b/config/runtime.exs @@ -1,9 +1,13 @@ import Config if config_env() == :prod do - import FzHttp.Config, only: [compile_config!: 1] + import Domain.Config, only: [compile_config!: 1] - config :fz_http, FzHttp.Repo, + ############################### + ##### Domain ################## + ############################### + + config :domain, Domain.Repo, database: compile_config!(:database_name), username: compile_config!(:database_user), hostname: compile_config!(:database_host), @@ -23,11 +27,39 @@ if config_env() == :prod do path: external_url_path } = URI.parse(external_url) - config :fz_http, + config :domain, + wireguard_ipv4_enabled: compile_config!(:wireguard_ipv4_enabled), + wireguard_ipv4_network: compile_config!(:wireguard_ipv4_network), + wireguard_ipv4_address: compile_config!(:wireguard_ipv4_address), + wireguard_ipv6_enabled: compile_config!(:wireguard_ipv6_enabled), + wireguard_ipv6_network: compile_config!(:wireguard_ipv6_network), + wireguard_ipv6_address: compile_config!(:wireguard_ipv6_address) + + config :domain, Domain.Telemetry, + enabled: compile_config!(:telemetry_enabled), + id: compile_config!(:telemetry_id) + + config :domain, Domain.ConnectivityChecks, + http_client_options: compile_config!(:http_client_ssl_opts), + enabled: compile_config!(:connectivity_checks_enabled), + interval: compile_config!(:connectivity_checks_interval) + + config :domain, + admin_email: compile_config!(:default_admin_email), + default_admin_password: compile_config!(:default_admin_password) + + config :domain, + max_devices_per_user: compile_config!(:max_devices_per_user) + + ############################### + ##### Web ##################### + ############################### + + config :web, external_url: external_url, path_prefix: external_url_path - config :fz_http, FzHttpWeb.Endpoint, + config :web, Web.Endpoint, server: true, http: [ ip: compile_config!(:phoenix_listen_address).address, @@ -46,84 +78,29 @@ if config_env() == :prod do ], check_origin: ["//127.0.0.1", "//localhost", "//#{external_url_host}"] - config :fz_http, - wireguard_ipv4_enabled: compile_config!(:wireguard_ipv4_enabled), - wireguard_ipv4_network: compile_config!(:wireguard_ipv4_network), - wireguard_ipv4_address: compile_config!(:wireguard_ipv4_address), - wireguard_ipv6_enabled: compile_config!(:wireguard_ipv6_enabled), - wireguard_ipv6_network: compile_config!(:wireguard_ipv6_network), - wireguard_ipv6_address: compile_config!(:wireguard_ipv6_address) - - config :fz_http, FzHttp.SAML, + config :web, Web.SAML, entity_id: compile_config!(:saml_entity_id), certfile_path: compile_config!(:saml_certfile_path), keyfile_path: compile_config!(:saml_keyfile_path) - config :fz_http, + config :web, external_trusted_proxies: compile_config!(:phoenix_external_trusted_proxies), private_clients: compile_config!(:phoenix_private_clients) - config :fz_http, FzHttp.Telemetry, - enabled: compile_config!(:telemetry_enabled), - id: compile_config!(:telemetry_id) - - config :fz_http, + config :web, cookie_secure: compile_config!(:phoenix_secure_cookies), cookie_signing_salt: compile_config!(:cookie_signing_salt), cookie_encryption_salt: compile_config!(:cookie_encryption_salt) - config :fz_http, FzHttp.ConnectivityChecks, - http_client_options: compile_config!(:http_client_ssl_opts), - enabled: compile_config!(:connectivity_checks_enabled), - interval: compile_config!(:connectivity_checks_interval) - - config :fz_http, - admin_email: compile_config!(:default_admin_email), - default_admin_password: compile_config!(:default_admin_password) - - config :fz_http, - max_devices_per_user: compile_config!(:max_devices_per_user) - - ############################### - ##### FZ Firewall configs ##### - ############################### - - config :fz_wall, cli: FzWall.CLI.Live - - config :fz_wall, - wireguard_ipv4_masquerade: compile_config!(:wireguard_ipv4_masquerade), - wireguard_ipv6_masquerade: compile_config!(:wireguard_ipv6_masquerade), - wireguard_interface_name: compile_config!(:wireguard_interface_name), - nft_path: compile_config!(:gateway_nft_path), - egress_interface: compile_config!(:gateway_egress_interface) - - config :fz_wall, - port_based_rules_supported: - :os.version() - |> Tuple.to_list() - |> Enum.join(".") - |> Version.match?("> 5.6.8") - - ############################### - ##### FZ VPN configs ########## - ############################### - - config :fz_vpn, - wireguard_private_key_path: compile_config!(:wireguard_private_key_path), - wireguard_interface_name: compile_config!(:wireguard_interface_name), - wireguard_port: compile_config!(:wireguard_port) - ############################### ##### Third-party configs ##### ############################### - config :fz_http, FzHttpWeb.Auth.HTML.Authentication, - secret_key: compile_config!(:guardian_secret_key) + config :web, Web.Auth.HTML.Authentication, secret_key: compile_config!(:guardian_secret_key) - config :fz_http, FzHttpWeb.Auth.JSON.Authentication, - secret_key: compile_config!(:guardian_secret_key) + config :web, Web.Auth.JSON.Authentication, secret_key: compile_config!(:guardian_secret_key) - config :fz_http, FzHttp.Vault, + config :domain, Domain.Vault, ciphers: [ default: { Cloak.Ciphers.AES.GCM, @@ -151,8 +128,8 @@ if config_env() == :prod do uid_field: :email} ] - config :fz_http, - FzHttpWeb.Mailer, + config :web, + Web.Mailer, [ adapter: compile_config!(:outbound_email_adapter), from_email: compile_config!(:outbound_email_from) diff --git a/config/test.exs b/config/test.exs index 1e67f8959..dc2b75034 100644 --- a/config/test.exs +++ b/config/test.exs @@ -1,6 +1,8 @@ import Config -config :fz_http, supervision_tree_mode: :test +############################### +##### Domain ################## +############################### partition_suffix = if partition = System.get_env("MIX_TEST_PARTITION") do @@ -9,34 +11,29 @@ partition_suffix = "" end -config :fz_http, sql_sandbox: true +config :domain, sql_sandbox: true -config :fz_http, FzHttp.Repo, +config :domain, Domain.Repo, database: "firezone_test#{partition_suffix}", pool: Ecto.Adapters.SQL.Sandbox, queue_target: 1000 -config :fz_http, FzHttpWeb.Endpoint, +config :domain, Domain.Telemetry, enabled: false + +config :domain, Domain.ConnectivityChecks, enabled: false + +############################### +##### Web ##################### +############################### + +config :web, Web.Endpoint, http: [port: 13000], server: true -config :fz_http, FzHttp.Telemetry, enabled: false - -config :fz_http, FzHttp.ConnectivityChecks, enabled: false - -############################### -##### FZ VPN configs ########## -############################### - -config :fz_vpn, - # XXX: Bump test coverage by adding a stubbed out module for FzVpn.StatsPushService - supervised_children: [FzVpn.Interface.WGAdapter.Sandbox, FzVpn.Server], - wg_adapter: FzVpn.Interface.WGAdapter.Sandbox - ############################### ##### Third-party configs ##### ############################### -config :fz_http, FzHttpWeb.Mailer, adapter: FzHttpWeb.MailerTestAdapter +config :web, Web.Mailer, adapter: Web.MailerTestAdapter config :logger, level: :warn diff --git a/mix.exs b/mix.exs index b1a03d242..3f24fb1cc 100644 --- a/mix.exs +++ b/mix.exs @@ -1,8 +1,4 @@ -defmodule FirezoneUmbrella.MixProject do - @moduledoc """ - Welcome to the Firezone Elixir Umbrella Project - """ - +defmodule Firezone.MixProject do use Mix.Project def version do diff --git a/mix.lock b/mix.lock index 0cb87f8ea..3eb3134d8 100644 --- a/mix.lock +++ b/mix.lock @@ -57,7 +57,7 @@ "nimble_totp": {:hex, :nimble_totp, "0.2.0", "010ad5a6627f62e070f753752680550ba9e5744d96fc4101683cd037f1f5ee18", [:mix], [], "hexpm", "7fecd15ff14637ccd2fb3bda68476a6a7f107af731c51b1714436b687e5b50b3"}, "number": {:hex, :number, "1.0.3", "932c8a2d478a181c624138958ca88a78070332191b8061717270d939778c9857", [:mix], [{:decimal, "~> 1.5 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}], "hexpm", "dd397bbc096b2ca965a6a430126cc9cf7b9ef7421130def69bcf572232ca0f18"}, "observer_cli": {:hex, :observer_cli, "1.7.4", "3c1bfb6d91bf68f6a3d15f46ae20da0f7740d363ee5bc041191ce8722a6c4fae", [:mix, :rebar3], [{:recon, "~> 2.5.1", [hex: :recon, repo: "hexpm", optional: false]}], "hexpm", "50de6d95d814f447458bd5d72666a74624eddb0ef98bdcee61a0153aae0865ff"}, - "openid_connect": {:git, "https://github.com/firezone/openid_connect.git", "12ebf94f530c25a06636d590c11cac25eb520b6a", [branch: "andrew/rewrite"]}, + "openid_connect": {:git, "https://github.com/firezone/openid_connect.git", "c285419f7801f7cbf9fef0011f9906507f1b160a", [branch: "master"]}, "parse_trans": {:hex, :parse_trans, "3.3.1", "16328ab840cc09919bd10dab29e431da3af9e9e7e7e6f0089dd5a2d2820011d8", [:rebar3], [], "hexpm", "07cd9577885f56362d414e8c4c4e6bdf10d43a8767abb92d24cbe8b24c54888b"}, "phoenix": {:hex, :phoenix, "1.7.2", "c375ffb482beb4e3d20894f84dd7920442884f5f5b70b9f4528cbe0cedefec63", [:mix], [{:castore, ">= 0.0.0", [hex: :castore, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 2.1", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:phoenix_template, "~> 1.0", [hex: :phoenix_template, repo: "hexpm", optional: false]}, {:phoenix_view, "~> 2.0", [hex: :phoenix_view, repo: "hexpm", optional: true]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 2.6", [hex: :plug_cowboy, repo: "hexpm", optional: true]}, {:plug_crypto, "~> 1.2", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:websock_adapter, "~> 0.4", [hex: :websock_adapter, repo: "hexpm", optional: false]}], "hexpm", "1ebca94b32b4d0e097ab2444a9742ed8ff3361acad17365e4e6b2e79b4792159"}, "phoenix_ecto": {:hex, :phoenix_ecto, "4.4.0", "0672ed4e4808b3fbed494dded89958e22fb882de47a97634c0b13e7b0b5f7720", [:mix], [{:ecto, "~> 3.3", [hex: :ecto, repo: "hexpm", optional: false]}, {:phoenix_html, "~> 2.14.2 or ~> 3.0", [hex: :phoenix_html, repo: "hexpm", optional: true]}, {:plug, "~> 1.9", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "09864e558ed31ee00bd48fcc1d4fc58ae9678c9e81649075431e69dbabb43cc1"}, diff --git a/rel/overlays/bin/create-api-token b/rel/overlays/bin/create-api-token index cfa2da372..12c097122 100755 --- a/rel/overlays/bin/create-api-token +++ b/rel/overlays/bin/create-api-token @@ -1,4 +1,4 @@ #!/bin/sh set -e source "$(dirname -- "$0")/bootstrap" -exec ./firezone eval FzHttp.Release.create_api_token +exec ./firezone eval Domain.Release.create_api_token diff --git a/rel/overlays/bin/create-or-reset-admin b/rel/overlays/bin/create-or-reset-admin index 14159f9d8..3574f24b8 100755 --- a/rel/overlays/bin/create-or-reset-admin +++ b/rel/overlays/bin/create-or-reset-admin @@ -1,4 +1,4 @@ #!/bin/sh set -e source "$(dirname -- "$0")/bootstrap" -exec ./firezone eval FzHttp.Release.create_admin_user +exec ./firezone eval Domain.Release.create_admin_user diff --git a/rel/overlays/bin/migrate b/rel/overlays/bin/migrate index 9146f99bb..e673393f6 100755 --- a/rel/overlays/bin/migrate +++ b/rel/overlays/bin/migrate @@ -1,4 +1,4 @@ #!/bin/sh set -e source "$(dirname -- "$0")/bootstrap" -exec ./firezone eval FzHttp.Release.migrate +exec ./firezone eval Domain.Release.migrate diff --git a/rel/overlays/bin/server b/rel/overlays/bin/server index 53cfabba5..14b5de2c7 100755 --- a/rel/overlays/bin/server +++ b/rel/overlays/bin/server @@ -2,10 +2,10 @@ set -e source "$(dirname -- "$0")/bootstrap" -./firezone eval FzHttp.Release.migrate +./firezone eval Domain.Release.migrate if [ "$RESET_ADMIN_ON_BOOT" = "true" ]; then - ./firezone eval FzHttp.Release.create_admin_user + ./firezone eval Domain.Release.create_admin_user fi exec ./firezone start diff --git a/www/docs/reference/env-vars.mdx b/www/docs/reference/env-vars.mdx index 3d7764c6f..981e0debb 100644 --- a/www/docs/reference/env-vars.mdx +++ b/www/docs/reference/env-vars.mdx @@ -31,116 +31,117 @@ It means that if environment variable is set, it will be used, regardless of the and UI to edit database value will be disabled. ## Environment Variable Listing + We recommend setting these in your Docker ENV file (`$HOME/.firezone/.env` by default). Required fields in **bold**. ### WebServer -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| **EXTERNAL_URL** | The external URL the web UI will be accessible at.

Must be a valid and public FQDN for ACME SSL issuance to function.

You can add a path suffix if you want to serve firezone from a non-root path, eg: `https://firezone.mycorp.com/vpn/`. | string | | -| PHOENIX_SECURE_COOKIES | Enable or disable requiring secure cookies. Required for HTTPS. | boolean | true | -| PHOENIX_HTTP_PORT | Internal port to listen on for the Phoenix web server. | integer | 13000 | -| PHOENIX_HTTP_PROTOCOL_OPTIONS | Allows to override Cowboy HTTP server options.

Keep in mind though changing those limits can pose a security risk. Other times, browsers and proxies along the way may have equally strict limits, which means the request will still fail or the URL will be pruned.

You can see all supported options at https://ninenines.eu/docs/en/cowboy/2.5/manual/cowboy_http/. | JSON-encoded map | `{}` | -| PHOENIX_EXTERNAL_TRUSTED_PROXIES | List of trusted reverse proxies.

This is used to determine the correct IP address of the client when the application is behind a reverse proxy by skipping a trusted proxy IP from a list of possible source IPs. | JSON-encoded list | `"[]"` | -| PHOENIX_PRIVATE_CLIENTS | List of trusted clients.

This is used to determine the correct IP address of the client when the application is behind a reverse proxy by picking a trusted client IP from a list of possible source IPs. | JSON-encoded list | `"[]"` | +| Env Key | Description | Format | Default | +| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | ------- | +| **EXTERNAL_URL** | The external URL the web UI will be accessible at.

Must be a valid and public FQDN for ACME SSL issuance to function.

You can add a path suffix if you want to serve firezone from a non-root path, eg: `https://firezone.mycorp.com/vpn/`. | string | | +| PHOENIX_SECURE_COOKIES | Enable or disable requiring secure cookies. Required for HTTPS. | boolean | true | +| PHOENIX_HTTP_PORT | Internal port to listen on for the Phoenix web server. | integer | 13000 | +| PHOENIX_HTTP_PROTOCOL_OPTIONS | Allows to override Cowboy HTTP server options.

Keep in mind though changing those limits can pose a security risk. Other times, browsers and proxies along the way may have equally strict limits, which means the request will still fail or the URL will be pruned.

You can see all supported options at https://ninenines.eu/docs/en/cowboy/2.5/manual/cowboy_http/. | JSON-encoded map | `{}` | +| PHOENIX_EXTERNAL_TRUSTED_PROXIES | List of trusted reverse proxies.

This is used to determine the correct IP address of the client when the application is behind a reverse proxy by skipping a trusted proxy IP from a list of possible source IPs. | JSON-encoded list | `"[]"` | +| PHOENIX_PRIVATE_CLIENTS | List of trusted clients.

This is used to determine the correct IP address of the client when the application is behind a reverse proxy by picking a trusted client IP from a list of possible source IPs. | JSON-encoded list | `"[]"` | ### Database -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| DATABASE_HOST | PostgreSQL host. | string | postgres | -| DATABASE_PORT | PostgreSQL port. | integer | 5432 | -| DATABASE_NAME | Name of the PostgreSQL database. | string | firezone | -| DATABASE_USER | User that will be used to access the PostgreSQL database. | string | postgres | -| DATABASE_PASSWORD | Password that will be used to access the PostgreSQL database. | string | | -| DATABASE_POOL_SIZE | Size of the connection pool to the PostgreSQL database. | integer | generated | -| DATABASE_SSL_ENABLED | Whether to connect to the database over SSL.

If this field is set to `true`, the `database_ssl_opts` config must be set too with at least `cacertfile` option present. | boolean | false | -| DATABASE_SSL_OPTS | SSL options for connecting to the PostgreSQL database.

Typically, to enabled SSL you want following options:
- `cacertfile` - path to the CA certificate file;
- `verify` - set to `verify_peer` to verify the server certificate;
- `fail_if_no_peer_cert` - set to `true` to require the server to present a certificate;
- `server_name_indication` - specify the hostname to be used in TLS Server Name Indication extension.

See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). For list of all supported options, see the [`ssl`](http://erlang.org/doc/man/ssl.html#type-tls_client_option) module documentation. | JSON-encoded map | `{}` | +| Env Key | Description | Format | Default | +| -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | --------- | +| DATABASE_HOST | PostgreSQL host. | string | postgres | +| DATABASE_PORT | PostgreSQL port. | integer | 5432 | +| DATABASE_NAME | Name of the PostgreSQL database. | string | firezone | +| DATABASE_USER | User that will be used to access the PostgreSQL database. | string | postgres | +| DATABASE_PASSWORD | Password that will be used to access the PostgreSQL database. | string | | +| DATABASE_POOL_SIZE | Size of the connection pool to the PostgreSQL database. | integer | generated | +| DATABASE_SSL_ENABLED | Whether to connect to the database over SSL.

If this field is set to `true`, the `database_ssl_opts` config must be set too with at least `cacertfile` option present. | boolean | false | +| DATABASE_SSL_OPTS | SSL options for connecting to the PostgreSQL database.

Typically, to enabled SSL you want following options:
- `cacertfile` - path to the CA certificate file;
- `verify` - set to `verify_peer` to verify the server certificate;
- `fail_if_no_peer_cert` - set to `true` to require the server to present a certificate;
- `server_name_indication` - specify the hostname to be used in TLS Server Name Indication extension.

See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). For list of all supported options, see the [`ssl`](http://erlang.org/doc/man/ssl.html#type-tls_client_option) module documentation. | JSON-encoded map | `{}` | ### Admin Setup + Options responsible for initial admin provisioning and resetting the admin password. For more details see [troubleshooting guide](/docs/administer/troubleshoot/#admin-login-isnt-working). - -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| RESET_ADMIN_ON_BOOT | Set this variable to `true` to create or reset the admin password every time Firezone starts. By default, the admin password is only set when Firezone is installed.

Note: This **will not** change the status of local authentication. | boolean | false | -| DEFAULT_ADMIN_EMAIL | Primary administrator email. | string | | -| DEFAULT_ADMIN_PASSWORD | Default password that will be used for creating or resetting the primary administrator account. | string | | +| Env Key | Description | Format | Default | +| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- | ------- | +| RESET_ADMIN_ON_BOOT | Set this variable to `true` to create or reset the admin password every time Firezone starts. By default, the admin password is only set when Firezone is installed.

Note: This **will not** change the status of local authentication. | boolean | false | +| DEFAULT_ADMIN_EMAIL | Primary administrator email. | string | | +| DEFAULT_ADMIN_PASSWORD | Default password that will be used for creating or resetting the primary administrator account. | string | | ### Secrets and Encryption + Your secrets should be generated during installation automatically and persisted to `.env` file. All secrets should be a **base64-encoded string**. - -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| **GUARDIAN_SECRET_KEY** | Secret key used for signing JWTs. | string | | -| **DATABASE_ENCRYPTION_KEY** | Secret key used for encrypting sensitive data in the database. | string | | -| **SECRET_KEY_BASE** | Primary secret key base for the Phoenix application. | string | | -| **LIVE_VIEW_SIGNING_SALT** | Signing salt for Phoenix LiveView connection tokens. | string | | -| **COOKIE_SIGNING_SALT** | Signing salt for cookies issued by the Phoenix web application. | string | | -| **COOKIE_ENCRYPTION_SALT** | Encryption salt for cookies issued by the Phoenix web application. | string | | +| Env Key | Description | Format | Default | +| --------------------------- | ------------------------------------------------------------------ | ------ | ------- | +| **GUARDIAN_SECRET_KEY** | Secret key used for signing JWTs. | string | | +| **DATABASE_ENCRYPTION_KEY** | Secret key used for encrypting sensitive data in the database. | string | | +| **SECRET_KEY_BASE** | Primary secret key base for the Phoenix application. | string | | +| **LIVE_VIEW_SIGNING_SALT** | Signing salt for Phoenix LiveView connection tokens. | string | | +| **COOKIE_SIGNING_SALT** | Signing salt for cookies issued by the Phoenix web application. | string | | +| **COOKIE_ENCRYPTION_SALT** | Encryption salt for cookies issued by the Phoenix web application. | string | | ### Devices -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| ALLOW_UNPRIVILEGED_DEVICE_MANAGEMENT | Enable or disable management of devices on unprivileged accounts. | boolean | true | -| ALLOW_UNPRIVILEGED_DEVICE_CONFIGURATION | Enable or disable configuration of device network settings for unprivileged users. | boolean | true | -| VPN_SESSION_DURATION | Optionally require users to periodically authenticate to the Firezone web UI in order to keep their VPN sessions active. | integer | 0 | -| DEFAULT_CLIENT_PERSISTENT_KEEPALIVE | Interval for WireGuard [persistent keepalive](https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence).

If you experience NAT or firewall traversal problems, you can enable this to send a keepalive packet every 25 seconds. Otherwise, keep it disabled with a 0 default value. | integer | 25 | -| DEFAULT_CLIENT_MTU | WireGuard interface MTU for devices. 1280 is a safe bet for most networks. Leave this blank to omit this field from generated configs. | integer | 1280 | -| DEFAULT_CLIENT_ENDPOINT | IPv4, IPv6 address, or FQDN that devices will be configured to connect to. Defaults to this server's FQDN. | one of `IP with port`, `string` | generated | -| DEFAULT_CLIENT_DNS | Comma-separated list of DNS servers to use for devices.

It can be either an IP address or a FQDN if you intend to use a DNS-over-TLS server.

Leave this blank to omit the `DNS` section from generated configs. | {:array, ",", {:one_of, [FzHttp.Types.IP, :string]}, [validate_unique: true]} | `[]` | -| DEFAULT_CLIENT_ALLOWED_IPS | Configures the default AllowedIPs setting for devices.

AllowedIPs determines which destination IPs get routed through Firezone.

Specify a comma-separated list of IPs or CIDRs here to achieve split tunneling, or use `0.0.0.0/0, ::/0` to route all device traffic through this Firezone server. | {:array, ",", {:one_of, [FzHttp.Types.CIDR, FzHttp.Types.IP]}, [validate_unique: true]} | `0.0.0.0/0, ::/0` | +| Env Key | Description | Format | Default | +| --------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- | ----------------- | +| ALLOW_UNPRIVILEGED_DEVICE_MANAGEMENT | Enable or disable management of devices on unprivileged accounts. | boolean | true | +| ALLOW_UNPRIVILEGED_DEVICE_CONFIGURATION | Enable or disable configuration of device network settings for unprivileged users. | boolean | true | +| VPN_SESSION_DURATION | Optionally require users to periodically authenticate to the Firezone web UI in order to keep their VPN sessions active. | integer | 0 | +| DEFAULT_CLIENT_PERSISTENT_KEEPALIVE | Interval for WireGuard [persistent keepalive](https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence).

If you experience NAT or firewall traversal problems, you can enable this to send a keepalive packet every 25 seconds. Otherwise, keep it disabled with a 0 default value. | integer | 25 | +| DEFAULT_CLIENT_MTU | WireGuard interface MTU for devices. 1280 is a safe bet for most networks. Leave this blank to omit this field from generated configs. | integer | 1280 | +| DEFAULT_CLIENT_ENDPOINT | IPv4, IPv6 address, or FQDN that devices will be configured to connect to. Defaults to this server's FQDN. | one of `IP with port`, `string` | generated | +| DEFAULT_CLIENT_DNS | Comma-separated list of DNS servers to use for devices.

It can be either an IP address or a FQDN if you intend to use a DNS-over-TLS server.

Leave this blank to omit the `DNS` section from generated configs. | {:array, ",", {:one_of, [Domain.Types.IP, :string]}, [validate_unique: true]} | `[]` | +| DEFAULT_CLIENT_ALLOWED_IPS | Configures the default AllowedIPs setting for devices.

AllowedIPs determines which destination IPs get routed through Firezone.

Specify a comma-separated list of IPs or CIDRs here to achieve split tunneling, or use `0.0.0.0/0, ::/0` to route all device traffic through this Firezone server. | {:array, ",", {:one_of, [Domain.Types.CIDR, Domain.Types.IP]}, [validate_unique: true]} | `0.0.0.0/0, ::/0` | ### Authorization -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| LOCAL_AUTH_ENABLED | Enable or disable the local authentication method for all users. | boolean | true | -| DISABLE_VPN_ON_OIDC_ERROR | Enable or disable auto disabling VPN connection on OIDC refresh error. | boolean | false | -| SAML_ENTITY_ID | Entity ID for SAML authentication. | string | urn:firezone.dev:firezone-app | -| SAML_KEYFILE_PATH | Path to the SAML keyfile inside the container. Should be either a PEM or DER-encoded private key, with file extension `.pem` or `.key`. | string | /var/firezone/saml.key | -| SAML_CERTFILE_PATH | Path to the SAML certificate file inside the container. Should be either a PEM or DER-encoded certificate, with file extension `.crt` or `.pem`. | string | /var/firezone/saml.crt | -| OPENID_CONNECT_PROVIDERS | List of OpenID Connect identity providers configurations.

For example:

``` [ { "auto_create_users": false, "id": "google", "label": "google", "client_id": "test-id", "client_secret": "test-secret", "discovery_document_uri": "https://accounts.google.com/.well-known/openid-configuration", "redirect_uri": "https://invalid", "response_type": "response-type", "scope": "oauth email profile" } ] ```

For more details see https://docs.firezone.dev/authenticate/oidc/. | JSON-encoded list | `"[]"` | -| SAML_IDENTITY_PROVIDERS | List of SAML identity providers configurations.

For example:

``` [ { "auto_create_users": false, "base_url": "https://saml", "id": "okta", "label": "okta", "metadata": "...", "sign_metadata": false, "sign_requests": false, "signed_assertion_in_resp": false, "signed_envelopes_in_resp": false } ] ```

For more details see https://docs.firezone.dev/authenticate/saml/. | JSON-encoded list | `"[]"` | +| Env Key | Description | Format | Default | +| ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | ----------------------------- | +| LOCAL_AUTH_ENABLED | Enable or disable the local authentication method for all users. | boolean | true | +| DISABLE_VPN_ON_OIDC_ERROR | Enable or disable auto disabling VPN connection on OIDC refresh error. | boolean | false | +| SAML_ENTITY_ID | Entity ID for SAML authentication. | string | urn:firezone.dev:firezone-app | +| SAML_KEYFILE_PATH | Path to the SAML keyfile inside the container. Should be either a PEM or DER-encoded private key, with file extension `.pem` or `.key`. | string | /var/firezone/saml.key | +| SAML_CERTFILE_PATH | Path to the SAML certificate file inside the container. Should be either a PEM or DER-encoded certificate, with file extension `.crt` or `.pem`. | string | /var/firezone/saml.crt | +| OPENID_CONNECT_PROVIDERS | List of OpenID Connect identity providers configurations.

For example:

`[ { "auto_create_users": false, "id": "google", "label": "google", "client_id": "test-id", "client_secret": "test-secret", "discovery_document_uri": "https://accounts.google.com/.well-known/openid-configuration", "redirect_uri": "https://invalid", "response_type": "response-type", "scope": "oauth email profile" } ]`

For more details see https://docs.firezone.dev/authenticate/oidc/. | JSON-encoded list | `"[]"` | +| SAML_IDENTITY_PROVIDERS | List of SAML identity providers configurations.

For example:

`[ { "auto_create_users": false, "base_url": "https://saml", "id": "okta", "label": "okta", "metadata": "...", "sign_metadata": false, "sign_requests": false, "signed_assertion_in_resp": false, "signed_envelopes_in_resp": false } ]`

For more details see https://docs.firezone.dev/authenticate/saml/. | JSON-encoded list | `"[]"` | ### WireGuard -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| WIREGUARD_PORT | A port on which WireGuard will listen for incoming connections. | integer | 51820 | -| WIREGUARD_IPV4_ENABLED | Enable or disable IPv4 support for WireGuard. | boolean | true | -| WIREGUARD_IPV6_ENABLED | Enable or disable IPv6 support for WireGuard. | boolean | true | +| Env Key | Description | Format | Default | +| ---------------------- | --------------------------------------------------------------- | ------- | ------- | +| WIREGUARD_PORT | A port on which WireGuard will listen for incoming connections. | integer | 51820 | +| WIREGUARD_IPV4_ENABLED | Enable or disable IPv4 support for WireGuard. | boolean | true | +| WIREGUARD_IPV6_ENABLED | Enable or disable IPv6 support for WireGuard. | boolean | true | ### Outbound Emails -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| OUTBOUND_EMAIL_FROM | From address to use for sending outbound emails. If not set, sending email will be disabled (default). | string | generated | -| OUTBOUND_EMAIL_ADAPTER | Method to use for sending outbound email. | One of `Elixir.Swoosh.Adapters.AmazonSES`, `Elixir.Swoosh.Adapters.CustomerIO`, `Elixir.Swoosh.Adapters.Dyn`, `Elixir.Swoosh.Adapters.ExAwsAmazonSES`, `Elixir.Swoosh.Adapters.Gmail`, `Elixir.Swoosh.Adapters.MailPace`, `Elixir.Swoosh.Adapters.Mailgun`, `Elixir.Swoosh.Adapters.Mailjet`, `Elixir.Swoosh.Adapters.Mandrill`, `Elixir.Swoosh.Adapters.Postmark`, `Elixir.Swoosh.Adapters.ProtonBridge`, `Elixir.Swoosh.Adapters.SMTP`, `Elixir.Swoosh.Adapters.SMTP2GO`, `Elixir.Swoosh.Adapters.Sendgrid`, `Elixir.Swoosh.Adapters.Sendinblue`, `Elixir.Swoosh.Adapters.Sendmail`, `Elixir.Swoosh.Adapters.SocketLabs`, `Elixir.Swoosh.Adapters.SparkPost`, `Elixir.FzHttpWeb.Mailer.NoopAdapter` | `Elixir.FzHttpWeb.Mailer.NoopAdapter` | -| OUTBOUND_EMAIL_ADAPTER_OPTS | Adapter configuration, for list of options see [Swoosh Adapters](https://github.com/swoosh/swoosh#adapters). | JSON-encoded map | `{}` | +| Env Key | Description | Format | Default | +| --------------------------- | ------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| OUTBOUND_EMAIL_FROM | From address to use for sending outbound emails. If not set, sending email will be disabled (default). | string | generated | +| OUTBOUND_EMAIL_ADAPTER | Method to use for sending outbound email. | One of `Elixir.Swoosh.Adapters.AmazonSES`, `Elixir.Swoosh.Adapters.CustomerIO`, `Elixir.Swoosh.Adapters.Dyn`, `Elixir.Swoosh.Adapters.ExAwsAmazonSES`, `Elixir.Swoosh.Adapters.Gmail`, `Elixir.Swoosh.Adapters.MailPace`, `Elixir.Swoosh.Adapters.Mailgun`, `Elixir.Swoosh.Adapters.Mailjet`, `Elixir.Swoosh.Adapters.Mandrill`, `Elixir.Swoosh.Adapters.Postmark`, `Elixir.Swoosh.Adapters.ProtonBridge`, `Elixir.Swoosh.Adapters.SMTP`, `Elixir.Swoosh.Adapters.SMTP2GO`, `Elixir.Swoosh.Adapters.Sendgrid`, `Elixir.Swoosh.Adapters.Sendinblue`, `Elixir.Swoosh.Adapters.Sendmail`, `Elixir.Swoosh.Adapters.SocketLabs`, `Elixir.Swoosh.Adapters.SparkPost`, `Elixir.Web.Mailer.NoopAdapter` | `Elixir.Web.Mailer.NoopAdapter` | +| OUTBOUND_EMAIL_ADAPTER_OPTS | Adapter configuration, for list of options see [Swoosh Adapters](https://github.com/swoosh/swoosh#adapters). | JSON-encoded map | `{}` | ### Connectivity Checks -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| CONNECTIVITY_CHECKS_ENABLED | Enable / disable periodic checking for egress connectivity. Determines the instance's public IP to populate `Endpoint` fields. | boolean | true | -| CONNECTIVITY_CHECKS_INTERVAL | Periodicity in seconds to check for egress connectivity. | integer | 43200 | +| Env Key | Description | Format | Default | +| ---------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ------- | ------- | +| CONNECTIVITY_CHECKS_ENABLED | Enable / disable periodic checking for egress connectivity. Determines the instance's public IP to populate `Endpoint` fields. | boolean | true | +| CONNECTIVITY_CHECKS_INTERVAL | Periodicity in seconds to check for egress connectivity. | integer | 43200 | ### Telemetry -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| TELEMETRY_ENABLED | Enable or disable the Firezone telemetry collection.

For more details see https://docs.firezone.dev/reference/telemetry/. | boolean | true | +| Env Key | Description | Format | Default | +| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------- | ------- | ------- | +| TELEMETRY_ENABLED | Enable or disable the Firezone telemetry collection.

For more details see https://docs.firezone.dev/reference/telemetry/. | boolean | true | ### Other -| Env Key | Description | Format | Default | -| ------ | --------------- | ------ | ------- | -| LOGO | The path to a logo image file to replace default Firezone logo. | {:embed, FzHttp.Config.Logo} | `` | +| Env Key | Description | Format | Default | +| ------- | --------------------------------------------------------------- | ---------------------------- | ------- | +| LOGO | The path to a logo image file to replace default Firezone logo. | {:embed, Domain.Config.Logo} | `` |