diff options
| -rw-r--r-- | todo.org | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -29,6 +29,14 @@ Full mechanism writeup, the working script, and the integration plan: [[file:doc *** 2026-06-30 Tue @ 11:40 -0400 Engine core landed (dotfiles a7d7559) Replaced =net portal='s old captive-helper hand-off with a =portal-login= repair tier: drop DoT to plain DNS, probe the portal URL (302 / meta-refresh), open a throwaway browser profile, spawn a detached watcher that restores DoT once online (or on timeout). =net portal --restore= is the manual fallback. 7 tests. So =net doctor= / the bar's =net portal= hookups already run the real flow now. Remaining: (1) name the DoT-blocking cause in =net diagnose=; (2) a dedicated "Log in to this network" button in the panel's Diagnose/Repair tab (today it rides the generic =net portal=); (3) live validation against a real captive portal (unit-tested only — didn't run it live to avoid disrupting a meeting). +*** 2026-06-30 Tue @ 14:59:53 -0400 Live test on velox surfaced two fixed bugs + a deeper follow-up +Force portal (panel Repair tab) = =net-popup net portal= = the same portal-login tier. Tested live on @Hyatt_WiFi (already authorized, so no real intercept). Two bugs fixed in dotfiles (TDD, full suite green): +- Chrome first-run wizard fired on every launch — =_open_portal= made a fresh tempfile profile but passed no first-run flags. Added =--no-first-run --no-default-browser-check= + a unit test. +- Flashing sudo prompt for the DoT drop + pointless resolved restart on velox, where the DoT drop-in the code looks for (=/etc/systemd/resolved.conf.d/dns-over-tls.conf=) doesn't exist. Guarded =_disable_dot=/=_restore_dot= to be true no-ops (no sudo, no restart) when there's no DoT drop-in to move; tests assert no systemctl call fires. + +*** TODO [#C] Passwordless DoT toggle for DoT-on machines + reconcile velox DoT path :network:bug: +On a machine where DoT *is* managed via the drop-in, the portal flow still needs sudo to move it + restart resolved. The detached restore-watcher (=portal_restore_watch=) runs with no tty, so it can't prompt — if sudo creds aren't cached when it fires, =_restore_dot= silently fails and leaves DNS unencrypted (DoT off) until a manual =net portal --restore=. Fix: a small root-owned helper (=/usr/local/bin/net-dot-toggle on|off=, archsetup-installed, NOT stowed/user-writable) + a narrow sudoers NOPASSWD drop-in scoped to that helper (blanket NOPASSWD on mv/systemctl is too broad). Then =repair.py= calls =sudo net-dot-toggle …=. Separately: reconcile where velox's DoT actually lives — it currently shows -DNSOverTLS with no drop-in, so the "drop DoT" premise is a no-op here; decide whether velox should run DoT at all (=NET_DOT_CONF= overrides the path). velox itself is now unaffected (the no-op guard), so this is the durable cross-machine fix, not a velox blocker. + ** TODO [#B] Consistent red=off across waybar toggle modules :waybar: Extend the red=off convention (just added to the touchpad/mouse indicator) to the other toggles — sound volume, microphone mute, and caffeine — so a disabled / muted / off state reads red across the board. Skip the "cross"/slash; the color alone carries it. Origin: roam inbox capture. @@ -803,7 +811,8 @@ What we're verifying: the four-tab panel works end to end. Left-click =custom/ne - Repair tab → click Reset (or Bounce, or DNS override test). - Expected: a confirmation dialog with the exact wording (Reset names the network + new-MAC warning; Bounce "links drop briefly"; DNS test "reverts automatically"). Proceed opens a floating terminal that runs the repair (sudo prompt there) and shows the step output incl. cleanup-verified for the DNS test. - Speed test tab → "Run speed test" (uses ~30s + data — do it on real wifi, not the metered hotspot). -- Expected: ↓/↑ Mbps + ping + server shown inline. CONFIRM THE NUMBERS are sane vs a reference (fast.com) — this verifies the byte-rate→Mbps unit. If off by ~8x, the =BYTES_PER_SEC= constant in =net/src/net/speedtest.py= flips. +- Expected: ↓/↑ Mbps + ping + server shown inline. +- Byte-rate→Mbps unit: VERIFIED 2026-06-30 (velox). Raw =speedtest-go --json= dl_speed read ~3.66M, unambiguously bytes/s (29 down / 80 up Mbps); =net speedtest= reported 33.62 / 77.99 through the wired path. =BYTES_PER_SEC = True= + =* 8 / 1e6= are correct, no flip needed. Remaining here is only that the panel renders the inline result. ** DOING [#B] Prepare for GitHub open-source release :PROPERTIES: |
