Moves config to private volume

[conorsch]

The Qubes RPC file hardcodes the filepath to the YAML config file, which contains site-specific information such as the Onion URL for the Journalist Interface. As part of template consolidation [0], we're moving the config file out of the system/root partition and into the private (i.e. /home/) volume, so that the sd-proxy AppVM has the config information it needs while sharing a TemplateVM with other components.

[0] freedomofpress/securedrop-workstation#471

Closes #147.

Testing

A new package has been built based on this change and uploaded to apt-test via freedomofpress/securedrop-apt-test#65. You can check out the Workstation branch for freedomofpress/securedrop-workstation#619 to evaluate how the new package operates in tandem with the modified salt logic to ensure that the proxy config exists only in the private volume for sd-proxy.

[emkll]

If I understand correctly, this path will only exist after running the template consolidation logic [1]. if we do not configure both the existing path and the new path here, the proxy will only work in either the non-consolidated or the consolidated template approach. In other words, this proxy change will break existing installs, until the dom0 logic is run again.

https://github.com/freedomofpress/securedrop-workstation/pull/619/files#diff-6665f59c22d94742e30d7bbf295194ceR7

[conorsch]

In other words, this proxy change will break existing installs, until the dom0 logic is run again.

A critical assumption of the template consolidation plan in freedomofpress/securedrop-workstation#619 is that the SecureDrop Workstation components are updated only via the SDW GUI updater. As long as we accept that limitation, then the new updater logic will ensure that the config file is handled appropriately.

[emkll]

Rebased on latest main to get CI passing.

[conorsch]

This PR is now "ready for review". I'm still leaving it in draft state, however, in order to block merge. As @emkll pointed out above, merging by itself without also merging the other template-consolidation PRs would cause the nightly builds to ship breaking changes.

[emkll]

Changes here look good to me.

After building a local package on this branch and comparing to the one on apt-test, observed some differences since this PR was rebased on top of #76 and at the time the package was merged to the apt-test server in https://github.com/freedomofpress/securedrop-dev-packages-lfs/pull/65/files .

We will need to either:

1. Update the package on apt-test with these dependencies updated, in order to test pip / requests changes in dev/staging environments
2. Build a new package for prod due to the updates to pip and requests, without testing these changes

Option 1 seems best to me, happy to build/upload the package if you agree @conorsch

[conorsch]

Option 1 seems best to me

Good call! I'll rebuild and re-upload for your review. I won't change versions, since the "template-consolidation" channel already uses a bumped version for priority.

[conorsch]

Rebuilt and submitted new package: freedomofpress/securedrop-apt-test#68

[conorsch]

Removed the version changes, since we'll follow up with changelog additions prior to release. Diff was

diff of removed files

diff --git a/changelog.md b/changelog.md
index bfded30..a4447bf 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 0.3.1
+
+  * Moves config file into private volume (#77).
+
 ## 0.3.0
 
   * Use incoming timeout value from JSON (#69).
diff --git a/securedrop_proxy/VERSION b/securedrop_proxy/VERSION
index 0d91a54..9e11b32 100644
--- a/securedrop_proxy/VERSION
+++ b/securedrop_proxy/VERSION
@@ -1 +1 @@
-0.3.0
+0.3.1

Ready for final review.

[emkll]

Changes look good to me here, and ci is passing. We will have to independently open a PR to bump versions and changelog in preparation for release, however nighlies should cover the dev/staging envs in the interim