Merge branch 'stretch' of https://github.com/bashrc/freedombone
This commit is contained in:
commit
079fb21212
|
@ -49,8 +49,8 @@ Search for and install Plumble.
|
|||
|
||||
Press the plus button to add a Mumble server.
|
||||
|
||||
Enter a label (which can be any name you choose for the server), the default domain name of the Freedombone or preferably the mumble onion address as shown on the *About* screen of the *Administrator control panel*, your username (which can also be anything) and the mumble password which can be found in the *Passwords* section of the *Administrator control panel*.
|
||||
Enter a label (which can be any name you choose for the server), the default domain name of the Freedombone or preferably the mumble onion address as shown on the *About* screen of the *Administrator control panel*, your username (which can also be anything) and the mumble password which can be found in the *Passwords* section of the *Administrator control panel*. Leave the port number unchanged.
|
||||
|
||||
Open the settings. Select General, then Connect via Tor. This will provide better protection, making it more difficult for adversaries to know who is talking to who.
|
||||
Open the settings. Select *General*, then *Connect via Tor*. This will provide better protection, making it more difficult for adversaries to know who is talking to who. If connecting through Tor is unreliable and causes crashes then unselect *Connect via Tor* on the *General settings* and then just use your ordinary domain name.
|
||||
|
||||
Selecting the server by pressing on it then connects you to the server so that you can chat with other connected users.
|
||||
|
|
|
@ -39,5 +39,5 @@ It may seem like a good idea and it may seem like you're doing a service to the
|
|||
|
||||
|
||||
#+BEGIN_CENTER
|
||||
This site can also be accessed via a Tor browser at http://pazyv7nkllp76hqr.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]]
|
||||
This site can also be accessed via a Tor browser at http://7ec7btgr6m7c5r3h.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]]
|
||||
#+END_CENTER
|
||||
|
|
|
@ -153,5 +153,5 @@ man freedombone-image
|
|||
#+end_src
|
||||
|
||||
#+BEGIN_CENTER
|
||||
This site can also be accessed via a Tor browser at http://pazyv7nkllp76hqr.onion
|
||||
This site can also be accessed via a Tor browser at http://7ec7btgr6m7c5r3h.onion
|
||||
#+END_CENTER
|
||||
|
|
|
@ -42,5 +42,5 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h
|
|||
Ready made disk images which can be copied onto USB or microSD drives are [[./downloads/current][available here]].
|
||||
|
||||
#+BEGIN_CENTER
|
||||
This site can also be accessed via a Tor browser at http://pazyv7nkllp76hqr.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]]
|
||||
This site can also be accessed via a Tor browser at http://7ec7btgr6m7c5r3h.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]]
|
||||
#+END_CENTER
|
||||
|
|
|
@ -35,5 +35,5 @@ Systems only need to be within wifi range of each other for the mesh to be creat
|
|||
Like [[https://libremesh.org][LibreMesh]], this system uses a combination of [[https://en.wikipedia.org/wiki/B.A.T.M.A.N.][batman-adv]] on network layer 2 and [[http://bmx6.net][BMX]] on layer 3. Routing protocols [[http://www.olsr.org][OLSR2]] and [[https://www.irif.fr/~jch/software/babel][Babel]] are also selectable.
|
||||
|
||||
#+BEGIN_CENTER
|
||||
This site can also be accessed via a Tor browser at http://pazyv7nkllp76hqr.onion
|
||||
This site can also be accessed via a Tor browser at http://7ec7btgr6m7c5r3h.onion
|
||||
#+END_CENTER
|
||||
|
|
|
@ -37,7 +37,7 @@ The MultiWriter tool is also available within mesh client images, so that you ca
|
|||
[[file:images/mesh_netbook.jpg]]
|
||||
#+END_CENTER
|
||||
|
||||
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 8GB in size.
|
||||
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 16GB in size.
|
||||
|
||||
#+begin_src bash
|
||||
sudo apt-get install xz-utils wget
|
||||
|
|
|
@ -18,13 +18,11 @@
|
|||
|
||||
* Contact details
|
||||
|
||||
This site can also be accessed via a Tor browser at *http://pazyv7nkllp76hqr.onion*
|
||||
This site can also be accessed via a Tor browser at *http://7ec7btgr6m7c5r3h.onion*
|
||||
|
||||
*Email:* bob@freedombone.net
|
||||
|
||||
*PGP/GPG Key ID:* EA982E38
|
||||
|
||||
*PGP/GPG Fingerprint:* D538 1159 CD7A 2F80 2F06 ABA0 0452 CC7C EA98 2E38
|
||||
*PGP/GPG Fingerprint:* 9ABB82C00ABF39F82680487DCC2536191FA7C33F
|
||||
|
||||
*XMPP:* bob@freedombone.net with OMEMO or OTR
|
||||
|
||||
|
|
|
@ -228,14 +228,21 @@ function backup_local_ghost {
|
|||
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
|
||||
fi
|
||||
|
||||
suspend_site ${GHOST_DOMAIN_NAME}
|
||||
systemctl stop ghost
|
||||
|
||||
ghost_path=/var/www/${GHOST_DOMAIN_NAME}/htdocs/content
|
||||
if [ -d $ghost_path ]; then
|
||||
suspend_site ${GHOST_DOMAIN_NAME}
|
||||
systemctl stop ghost
|
||||
backup_directory_to_usb $ghost_path ghostcontent
|
||||
systemctl start ghost
|
||||
restart_site
|
||||
fi
|
||||
|
||||
ghost_path=/var/www/${GHOST_DOMAIN_NAME}/htdocs/current/content
|
||||
if [ -d $ghost_path ]; then
|
||||
backup_directory_to_usb $ghost_path ghostcurrent
|
||||
fi
|
||||
|
||||
systemctl start ghost
|
||||
restart_site
|
||||
}
|
||||
|
||||
function restore_local_ghost {
|
||||
|
@ -254,12 +261,31 @@ function restore_local_ghost {
|
|||
if [ -d $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/content ]; then
|
||||
cp -r $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/content/* /var/www/$GHOST_DOMAIN_NAME/htdocs/content/
|
||||
else
|
||||
if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs/content ]; then
|
||||
mkdir /var/www/$GHOST_DOMAIN_NAME/htdocs/content
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /var/www/$GHOST_DOMAIN_NAME/htdocs/content/
|
||||
fi
|
||||
chown -R ghost:ghost /var/www/$GHOST_DOMAIN_NAME/htdocs/content
|
||||
rm -rf $temp_restore_dir
|
||||
fi
|
||||
|
||||
temp_restore_dir=/root/tempghostcurrent
|
||||
function_check restore_directory_from_usb
|
||||
restore_directory_from_usb $temp_restore_dir ghostcurrent
|
||||
if [ -d $temp_restore_dir ]; then
|
||||
if [ -d $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/current/content ]; then
|
||||
cp -r $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/current/content/* /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content/
|
||||
else
|
||||
if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content ]; then
|
||||
mkdir -p /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content/
|
||||
fi
|
||||
chown -R ghost:ghost /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content
|
||||
rm -rf $temp_restore_dir
|
||||
fi
|
||||
|
||||
systemctl start ghost
|
||||
restart_site
|
||||
fi
|
||||
|
@ -271,15 +297,27 @@ function backup_remote_ghost {
|
|||
GHOST_DOMAIN_NAME=$(get_completion_param "ghost domain")
|
||||
fi
|
||||
|
||||
suspend_site ${GHOST_DOMAIN_NAME}
|
||||
|
||||
temp_backup_dir=/var/www/${GHOST_DOMAIN_NAME}/htdocs/content
|
||||
if [ -d $temp_backup_dir ]; then
|
||||
suspend_site ${GHOST_DOMAIN_NAME}
|
||||
backup_directory_to_friend $temp_backup_dir ghostcontent
|
||||
restart_site
|
||||
else
|
||||
restart_site
|
||||
echo $"Ghost domain specified but not found in /var/www/${GHOST_DOMAIN_NAME}"
|
||||
exit 2578
|
||||
fi
|
||||
|
||||
temp_backup_dir=/var/www/${GHOST_DOMAIN_NAME}/htdocs/current/content
|
||||
if [ -d $temp_backup_dir ]; then
|
||||
backup_directory_to_friend $temp_backup_dir ghostcurrent
|
||||
else
|
||||
restart_site
|
||||
echo $"Ghost domain specified but not found in $temp_backup_dir"
|
||||
exit 78353
|
||||
fi
|
||||
|
||||
restart_site
|
||||
}
|
||||
|
||||
function restore_remote_ghost {
|
||||
|
@ -298,12 +336,31 @@ function restore_remote_ghost {
|
|||
if [ -d $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/content ]; then
|
||||
cp -r $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/content/* /var/www/$GHOST_DOMAIN_NAME/htdocs/content/
|
||||
else
|
||||
if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs/content ]; then
|
||||
mkdir /var/www/$GHOST_DOMAIN_NAME/htdocs/content
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /var/www/$GHOST_DOMAIN_NAME/htdocs/content/
|
||||
fi
|
||||
chown -R ghost: /var/www/$GHOST_DOMAIN_NAME/htdocs
|
||||
rm -rf $temp_restore_dir
|
||||
fi
|
||||
|
||||
temp_restore_dir=/root/tempghostcurrent
|
||||
function_check restore_directory_from_friend
|
||||
restore_directory_from_friend $temp_restore_dir ghostcurrent
|
||||
if [ -d $temp_restore_dir ]; then
|
||||
if [ -d $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/current/content ]; then
|
||||
cp -r $temp_restore_dir/var/www/$GHOST_DOMAIN_NAME/htdocs/current/content/* /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content/
|
||||
else
|
||||
if [ ! -d /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content ]; then
|
||||
mkdir -p /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /var/www/$GHOST_DOMAIN_NAME/htdocs/current/content/
|
||||
fi
|
||||
chown -R ghost: /var/www/$GHOST_DOMAIN_NAME/htdocs
|
||||
rm -rf $temp_restore_dir
|
||||
fi
|
||||
|
||||
systemctl start ghost
|
||||
restart_site
|
||||
}
|
||||
|
|
|
@ -39,7 +39,7 @@ KOEL_CODE=
|
|||
KOEL_ONION_PORT=8118
|
||||
KOEL_PORT=9002
|
||||
KOEL_REPO="https://github.com/phanan/koel"
|
||||
KOEL_COMMIT='70464a'
|
||||
KOEL_COMMIT='8e9b021aa09f2b1460977bdd52fff14ea2bc1607'
|
||||
KOEL_ADMIN_PASSWORD=
|
||||
|
||||
koel_variables=(ONION_ONLY
|
||||
|
|
|
@ -163,11 +163,22 @@ function restore_local_lychee {
|
|||
LYCHEE_DOMAIN_NAME=$(get_completion_param "lychee domain")
|
||||
fi
|
||||
if [ $LYCHEE_DOMAIN_NAME ]; then
|
||||
suspend_site ${LYCHEE_DOMAIN_NAME}
|
||||
|
||||
function_check lychee_create_database
|
||||
lychee_create_database
|
||||
|
||||
function_check restore_database
|
||||
restore_database lychee ${LYCHEE_DOMAIN_NAME}
|
||||
|
||||
if [ -f /var/www/$LYCHEE_DOMAIN_NAME/htdocs/data/config.php ]; then
|
||||
MARIADB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
|
||||
sed -i "s|dbPassword.*|dbPassword = '$MARIADB_PASSWORD';|g" /var/www/$LYCHEE_DOMAIN_NAME/htdocs/data/config.php
|
||||
MARIADB_PASSWORD=
|
||||
fi
|
||||
|
||||
restart_site
|
||||
chown -R lychee: /var/www/$LYCHEE_DOMAIN_NAME/htdocs/
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -195,12 +206,21 @@ function restore_remote_lychee {
|
|||
LYCHEE_DOMAIN_NAME=$(get_completion_param "lychee domain")
|
||||
fi
|
||||
|
||||
suspend_site ${LYCHEE_DOMAIN_NAME}
|
||||
|
||||
function_check restore_database_from_friend
|
||||
|
||||
function_check lychee_create_database
|
||||
lychee_create_database
|
||||
|
||||
restore_database_from_friend lychee ${LYCHEE_DOMAIN_NAME}
|
||||
|
||||
if [ -f /var/www/$LYCHEE_DOMAIN_NAME/htdocs/data/config.php ]; then
|
||||
MARIADB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
|
||||
sed -i "s|dbPassword.*|dbPassword = '$MARIADB_PASSWORD';|g" /var/www/$LYCHEE_DOMAIN_NAME/htdocs/data/config.php
|
||||
MARIADB_PASSWORD=
|
||||
fi
|
||||
|
||||
restart_site
|
||||
chown -R lychee: /var/www/$LYCHEE_DOMAIN_NAME/htdocs/
|
||||
}
|
||||
|
|
|
@ -43,6 +43,7 @@ MUMBLE_DATABASE="mumble-server.sqlite"
|
|||
MUMBLE_CONFIG_FILE="mumble-server.ini"
|
||||
|
||||
mumble_variables=(MY_USERNAME
|
||||
DEFAULT_DOMAIN_NAME
|
||||
MUMBLE_PORT
|
||||
ONION_ONLY
|
||||
ADMIN_USERNAME)
|
||||
|
@ -84,6 +85,21 @@ function upgrade_mumble {
|
|||
if [ -d /etc/letsencrypt ]; then
|
||||
usermod -a -G ssl-cert mumble-server
|
||||
fi
|
||||
|
||||
if [ ! -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
if ! grep -q "mumble.pem" /etc/mumble-server.ini; then
|
||||
sed -i 's|sslCert=.*|sslCert=/var/lib/mumble-server/mumble.pem|g' /etc/mumble-server.ini
|
||||
sed -i 's|sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
|
||||
systemctl restart mumble
|
||||
fi
|
||||
else
|
||||
if ! grep -q "${DEFAULT_DOMAIN_NAME}/fullchain.pem" /etc/mumble-server.ini; then
|
||||
usermod -a -G ssl-cert mumble-server
|
||||
sed -i "s|sslCert=.*|sslCert=/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/mumble-server.ini
|
||||
sed -i "s|sslKey=.*|sslKey=/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/mumble-server.ini
|
||||
systemctl restart mumble
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
function backup_local_mumble {
|
||||
|
@ -242,7 +258,7 @@ function install_mumble {
|
|||
if [ ! -d /var/www/${DEFAULT_DOMAIN_NAME}/htdocs ]; then
|
||||
mkdir /var/www/${DEFAULT_DOMAIN_NAME}/htdocs
|
||||
fi
|
||||
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ ! -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
|
||||
rm /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt
|
||||
fi
|
||||
|
@ -265,7 +281,7 @@ function install_mumble {
|
|||
|
||||
|
||||
# Make an ssl cert for the server
|
||||
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ ! -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
if [ ! -f /etc/ssl/certs/mumble.dhparam ]; then
|
||||
${PROJECT_NAME}-addcert -h mumble --dhkey $DH_KEYLENGTH
|
||||
function_check check_certificates
|
||||
|
@ -307,12 +323,12 @@ function install_mumble {
|
|||
echo 'allowping=False' >> /etc/mumble-server.ini
|
||||
fi
|
||||
sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini
|
||||
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ ! -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.pem|g' /etc/mumble-server.ini
|
||||
sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
|
||||
else
|
||||
sed -i "s|#sslCert=.*|sslCert=/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/mumble-server.ini
|
||||
sed -i "s|#sslKey=.*|sslKey=/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/mumble-server.ini
|
||||
sed -i "s|#sslCert=.*|sslCert=/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/mumble-server.ini
|
||||
sed -i "s|#sslKey=.*|sslKey=/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/mumble-server.ini
|
||||
fi
|
||||
sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini
|
||||
sed -i 's|users=100|users=10|g' /etc/mumble-server.ini
|
||||
|
|
|
@ -58,6 +58,8 @@ PLEROMA_TITLE='Pleroma Server'
|
|||
|
||||
# Number of months after which posts expire
|
||||
PLEROMA_EXPIRE_MONTHS=3
|
||||
pleroma_expire_posts_script=/usr/bin/pleroma-expire-posts
|
||||
blocking_script_file=/usr/bin/pleroma-blocking
|
||||
|
||||
pleroma_variables=(ONION_ONLY
|
||||
PLEROMA_DOMAIN_NAME
|
||||
|
@ -70,6 +72,81 @@ pleroma_variables=(ONION_ONLY
|
|||
MY_EMAIL_ADDRESS
|
||||
MY_USERNAME)
|
||||
|
||||
function create_pleroma_blocklist {
|
||||
echo '#!/bin/bash' > $blocking_script_file
|
||||
echo "if [ ! -f /root/${PROJECT_NAME}-firewall-domains.cfg ]; then" >> $blocking_script_file
|
||||
echo ' exit 0' >> $blocking_script_file
|
||||
echo 'fi' >> $blocking_script_file
|
||||
echo 'cd /etc/postgresql' >> $blocking_script_file
|
||||
echo 'while read blocked; do' >> $blocking_script_file
|
||||
echo ' if [[ "$blocked" == *"."* || "$blocked" == *"@"* ]]; then' >> $blocking_script_file
|
||||
echo ' if [ ${#blocked} -gt 4 ]; then' >> $blocking_script_file
|
||||
echo " sudo -u postgres psql -d pleroma -c \"DELETE FROM objects WHERE data->>'content' ilike '%\${blocked}%' or data->>'actor' ilike '%\${blocked}%' or data->>'to' ilike '%\${blocked}%' or data->>'id' ilike '%\${blocked}%' or data->>'external_url' ilike '%\${blocked}%'\"" >> $blocking_script_file
|
||||
echo " sudo -u postgres psql -d pleroma -c \"DELETE FROM users WHERE nickname ilike '%\${blocked}%'\"" >> $blocking_script_file
|
||||
echo ' if [[ "$blocked" != *"@"* ]]; then' >> $blocking_script_file
|
||||
echo " sudo -u postgres psql -d pleroma -c \"DELETE FROM websub_server_subscriptions WHERE callback like '%\${blocked}%'\"" >> $blocking_script_file
|
||||
echo ' fi' >> $blocking_script_file
|
||||
echo ' fi' >> $blocking_script_file
|
||||
echo ' fi' >> $blocking_script_file
|
||||
echo "done </root/${PROJECT_NAME}-firewall-domains.cfg" >> $blocking_script_file
|
||||
chmod +x $blocking_script_file
|
||||
|
||||
if ! grep -q "$blocking_script_file" /etc/crontab; then
|
||||
echo "*/2 * * * * root $blocking_script_file > /dev/null" >> /etc/crontab
|
||||
fi
|
||||
}
|
||||
|
||||
function expire_pleroma_posts {
|
||||
domain_name=$1
|
||||
expire_months=$3
|
||||
|
||||
if [ ! $expire_months ]; then
|
||||
expire_months=3
|
||||
fi
|
||||
|
||||
expire_days=$((expire_months * 30))
|
||||
|
||||
# files are what take up most of the backup time, so don't keep them for very long
|
||||
expire_days_files=7
|
||||
|
||||
# To prevent the database size from growing endlessly this script expires posts
|
||||
# after a number of months
|
||||
if [ ! -d /etc/pleroma ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
echo '#!/bin/bash' > $pleroma_expire_posts_script
|
||||
echo "plmonths=\"$PLEROMA_EXPIRE_MONTHS\"" >> $pleroma_expire_posts_script
|
||||
echo 'if [ ${#plmonths} -eq 0 ]; then' >> $pleroma_expire_posts_script
|
||||
echo ' exit 1' >> $pleroma_expire_posts_script
|
||||
echo 'fi' >> $pleroma_expire_posts_script
|
||||
echo 'if [[ "$plmonths" == "0" ]]; then' >> $pleroma_expire_posts_script
|
||||
echo ' exit 2' >> $pleroma_expire_posts_script
|
||||
echo 'fi' >> $pleroma_expire_posts_script
|
||||
echo 'oldate=$(date +%Y-%m-%d --date="$plmonths months ago")' >> $pleroma_expire_posts_script
|
||||
echo 'cd /etc/postgresql' >> $pleroma_expire_posts_script
|
||||
echo "sudo -u postgres psql -d pleroma -c \"DELETE FROM notifications WHERE inserted_at <= '\$oldate 01:01:01'\"" >> $pleroma_expire_posts_script
|
||||
echo "sudo -u postgres psql -d pleroma -c \"DELETE FROM objects WHERE inserted_at <= '\$oldate 01:01:01'\"" >> $pleroma_expire_posts_script
|
||||
chmod +x $pleroma_expire_posts_script
|
||||
|
||||
pleroma_expire_script=/etc/cron.daily/pleroma-expire
|
||||
echo '#!/bin/bash' > $pleroma_expire_script
|
||||
echo "find /etc/pleroma/uploads/* -mtime +${expire_days_files} -exec rm -rf {} +" >> $pleroma_expire_script
|
||||
echo "$pleroma_expire_posts_script 2> /dev/null" >> $pleroma_expire_script
|
||||
chmod +x $pleroma_expire_script
|
||||
|
||||
# remove any old cron job
|
||||
if grep -q "pleroma-expire" /etc/crontab; then
|
||||
sed -i "/pleroma-expire/d" /etc/crontab
|
||||
rm /usr/bin/pleroma-expire
|
||||
fi
|
||||
|
||||
# remove old expire script
|
||||
if [ -f /etc/cron.weekly/clear-pleroma-database ]; then
|
||||
rm /etc/cron.weekly/clear-pleroma-database
|
||||
fi
|
||||
}
|
||||
|
||||
function pleroma_recompile {
|
||||
# necessary after parameter changes
|
||||
chown -R pleroma:pleroma $PLEROMA_DIR
|
||||
|
@ -80,6 +157,7 @@ function pleroma_recompile {
|
|||
if [ -f /etc/systemd/system/pleroma.service ]; then
|
||||
systemctl restart pleroma
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
function logging_on_pleroma {
|
||||
|
@ -353,6 +431,7 @@ function pleroma_set_title {
|
|||
|
||||
function pleroma_set_expire_months {
|
||||
PLEROMA_DOMAIN_NAME=$(get_completion_param "pleroma domain")
|
||||
read_config_param "PLEROMA_DOMAIN_NAME"
|
||||
read_config_param "PLEROMA_EXPIRE_MONTHS"
|
||||
|
||||
data=$(tempfile 2>/dev/null)
|
||||
|
@ -378,7 +457,8 @@ function pleroma_set_expire_months {
|
|||
PLEROMA_EXPIRE_MONTHS=$new_expiry_months
|
||||
write_config_param "PLEROMA_EXPIRE_MONTHS" "$PLEROMA_EXPIRE_MONTHS"
|
||||
|
||||
# TODO
|
||||
expire_pleroma_posts $PLEROMA_DOMAIN_NAME $PLEROMA_EXPIRE_MONTHS
|
||||
create_pleroma_blocklist
|
||||
|
||||
dialog --title $"Set Pleroma post expiry period" \
|
||||
--msgbox $"Expiry period set to $PLEROMA_EXPIRE_MONTHS months" 6 60
|
||||
|
@ -499,6 +579,7 @@ function pleroma_add_emoji {
|
|||
}
|
||||
|
||||
function configure_interactive_pleroma {
|
||||
read_config_param PLEROMA_DOMAIN_NAME
|
||||
read_config_param PLEROMA_EXPIRE_MONTHS
|
||||
while true
|
||||
do
|
||||
|
@ -531,6 +612,16 @@ function configure_interactive_pleroma {
|
|||
}
|
||||
|
||||
function upgrade_pleroma {
|
||||
read_config_param PLEROMA_DOMAIN_NAME
|
||||
read_config_param PLEROMA_EXPIRE_MONTHS
|
||||
|
||||
if [ ! -f $pleroma_expire_posts_script ]; then
|
||||
expire_pleroma_posts $PLEROMA_DOMAIN_NAME $PLEROMA_EXPIRE_MONTHS
|
||||
fi
|
||||
if [ ! -f $blocking_script_file ]; then
|
||||
create_pleroma_blocklist
|
||||
fi
|
||||
|
||||
CURR_PLEROMA_COMMIT=$(get_completion_param "pleroma commit")
|
||||
if [[ "$CURR_PLEROMA_COMMIT" == "$PLEROMA_COMMIT" ]]; then
|
||||
return
|
||||
|
@ -542,6 +633,9 @@ function upgrade_pleroma {
|
|||
|
||||
sudo -u pleroma mix deps.get
|
||||
pleroma_recompile
|
||||
|
||||
expire_pleroma_posts $PLEROMA_DOMAIN_NAME $PLEROMA_EXPIRE_MONTHS
|
||||
create_pleroma_blocklist
|
||||
}
|
||||
|
||||
function backup_local_pleroma {
|
||||
|
@ -688,6 +782,7 @@ function remove_pleroma {
|
|||
remove_completion_param install_pleroma
|
||||
sed -i '/pleroma domain/d' $COMPLETION_FILE
|
||||
sed -i '/pleroma commit/d' $COMPLETION_FILE
|
||||
sed -i "/$blocking_script_file/d" /etc/crontab
|
||||
|
||||
function_check remove_ddns_domain
|
||||
remove_ddns_domain $PLEROMA_DOMAIN_NAME
|
||||
|
@ -900,6 +995,8 @@ function install_pleroma {
|
|||
fi
|
||||
fi
|
||||
|
||||
create_pleroma_blocklist
|
||||
|
||||
# daemon
|
||||
echo '[Unit]' > /etc/systemd/system/pleroma.service
|
||||
echo 'Description=Pleroma social network' >> /etc/systemd/system/pleroma.service
|
||||
|
|
|
@ -65,6 +65,10 @@ function add_user_riot {
|
|||
echo '0'
|
||||
}
|
||||
|
||||
function riot_remove_bad_links {
|
||||
sed -i '/riot.im/d' /var/www/$RIOT_DOMAIN_NAME/htdocs/home.html
|
||||
}
|
||||
|
||||
function install_interactive_riot {
|
||||
if [[ $ONION_ONLY != "no" ]]; then
|
||||
RIOT_DOMAIN_NAME='riot.local'
|
||||
|
@ -177,6 +181,7 @@ function upgrade_riot {
|
|||
|
||||
riot_download
|
||||
sed -i "s|riot version.*|riot version:$RIOT_VERSION|g" ${COMPLETION_FILE}
|
||||
riot_remove_bad_links
|
||||
|
||||
systemctl restart nginx
|
||||
}
|
||||
|
@ -246,23 +251,25 @@ function install_riot {
|
|||
riot_download
|
||||
|
||||
cd /var/www/$RIOT_DOMAIN_NAME/htdocs
|
||||
cp config.sample.json config.json
|
||||
|
||||
if [[ $ONION_ONLY == 'no' ]]; then
|
||||
sed -i "s|\"default_hs_url\":.*|\"default_hs_url\": \"https://${MATRIX_DOMAIN_NAME}\",|g" config.json
|
||||
sed -i "s|\"default_is_url\":.*|\"default_is_url\": \"https://${MATRIX_DOMAIN_NAME}\",|g" config.json
|
||||
sed -i "s|\"integrations_ui_url\":.*|\"integrations_ui_url\": \"\",|g" config.json
|
||||
sed -i "s|\"integrations_rest_url\":.*|\"integrations_rest_url\": \"\",|g" config.json
|
||||
sed -i "s|\"bug_report_endpoint_url\":.*|\"bug_report_endpoint_url\": \"https://${MATRIX_DOMAIN_NAME}/bugs\",|g" config.json
|
||||
sed -i "/\"servers\":/a \"${MATRIX_DOMAIN_NAME}\"," config.json
|
||||
riot_config_file="config.${RIOT_DOMAIN_NAME}.json"
|
||||
cp config.sample.json $riot_config_file
|
||||
sed -i "s|\"default_hs_url\":.*|\"default_hs_url\": \"https://${MATRIX_DOMAIN_NAME}\",|g" $riot_config_file
|
||||
sed -i "s|\"default_is_url\":.*|\"default_is_url\": \"https://${MATRIX_DOMAIN_NAME}\",|g" $riot_config_file
|
||||
sed -i "s|\"bug_report_endpoint_url\":.*|\"bug_report_endpoint_url\": \"https://${MATRIX_DOMAIN_NAME}/bugs\",|g" $riot_config_file
|
||||
sed -i "/\"servers\":/a \"${MATRIX_DOMAIN_NAME}\"," $riot_config_file
|
||||
else
|
||||
sed -i "s|\"default_hs_url\":.*|\"default_hs_url\": \"http://${MATRIX_ONION_DOMAIN_NAME}\",|g" config.json
|
||||
sed -i "s|\"default_is_url\":.*|\"default_is_url\": \"http://${MATRIX_ONION_DOMAIN_NAME}\",|g" config.json
|
||||
sed -i "s|\"integrations_ui_url\":.*|\"integrations_ui_url\": \"\",|g" config.json
|
||||
sed -i "s|\"integrations_rest_url\":.*|\"integrations_rest_url\": \"\",|g" config.json
|
||||
sed -i "s|\"bug_report_endpoint_url\":.*|\"bug_report_endpoint_url\": \"http://${MATRIX_ONION_DOMAIN_NAME}/bugs\",|g" config.json
|
||||
sed -i "/\"servers\":/a \"${MATRIX_ONION_DOMAIN_NAME}\"," config.json
|
||||
riot_config_file="config.${MATRIX_ONION_DOMAIN_NAME}.json"
|
||||
cp config.sample.json $riot_config_file
|
||||
sed -i "s|\"default_hs_url\":.*|\"default_hs_url\": \"http://${MATRIX_ONION_DOMAIN_NAME}\",|g" $riot_config_file
|
||||
sed -i "s|\"default_is_url\":.*|\"default_is_url\": \"http://${MATRIX_ONION_DOMAIN_NAME}\",|g" $riot_config_file
|
||||
sed -i "s|\"bug_report_endpoint_url\":.*|\"bug_report_endpoint_url\": \"http://${MATRIX_ONION_DOMAIN_NAME}/bugs\",|g" $riot_config_file
|
||||
sed -i "/\"servers\":/a \"${MATRIX_ONION_DOMAIN_NAME}\"," $riot_config_file
|
||||
fi
|
||||
sed -i "s|\"integrations_ui_url\":.*|\"integrations_ui_url\": \"\",|g" $riot_config_file
|
||||
sed -i "s|\"integrations_rest_url\":.*|\"integrations_rest_url\": \"\",|g" $riot_config_file
|
||||
sed -i 's|https://piwik.riot.im/||g' $riot_config_file
|
||||
|
||||
RIOT_ONION_HOSTNAME=$(add_onion_service riot 80 ${RIOT_ONION_PORT})
|
||||
|
||||
|
@ -340,6 +347,7 @@ function install_riot {
|
|||
function_check add_ddns_domain
|
||||
add_ddns_domain $RIOT_DOMAIN_NAME
|
||||
|
||||
riot_remove_bad_links
|
||||
chown -R www-data:www-data /var/www/$RIOT_DOMAIN_NAME/htdocs
|
||||
|
||||
systemctl restart nginx
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# License
|
||||
# =======
|
||||
#
|
||||
# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
|
||||
# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Affero General Public License as published by
|
||||
|
@ -318,14 +318,6 @@ function restore_local_syncthing {
|
|||
mkdir -p $SYNCTHING_SHARED_DATA
|
||||
fi
|
||||
cp -r ${temp_restore_dir}shared/* $SYNCTHING_SHARED_DATA/
|
||||
|
||||
if [ ! "$?" = "0" ]; then
|
||||
set_user_permissions
|
||||
backup_unmount_drive
|
||||
systemctl start syncthing
|
||||
systemctl start cron
|
||||
exit 37904
|
||||
fi
|
||||
rm -rf ${temp_restore_dir}shared
|
||||
fi
|
||||
|
||||
|
@ -341,7 +333,15 @@ function restore_local_syncthing {
|
|||
if [ -d ${temp_restore_dir}/home/$USERNAME/Sync ]; then
|
||||
cp -r ${temp_restore_dir}/home/$USERNAME/Sync /home/$USERNAME/
|
||||
else
|
||||
cp -r ${temp_restore_dir}/* /home/$USERNAME/Sync/
|
||||
if [ ! -d /home/$USERNAME/Sync ]; then
|
||||
mkdir /home/$USERNAME/Sync
|
||||
fi
|
||||
if [ -d /root/Sync ]; then
|
||||
cp -r /root/Sync/* /home/$USERNAME/Sync/
|
||||
rm -rf /root/Sync
|
||||
else
|
||||
cp -r ${temp_restore_dir}/* /home/$USERNAME/Sync/
|
||||
fi
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
rm -rf ${temp_restore_dir}
|
||||
|
@ -425,7 +425,7 @@ function restore_remote_syncthing {
|
|||
if [ ! -d $SYNCTHING_CONFIG_PATH ]; then
|
||||
mkdir -p $SYNCTHING_CONFIG_PATH
|
||||
fi
|
||||
cp -r ${temp_restore_dir}config/* $SYNCTHING_CONFIG_PATH/
|
||||
cp -r ${temp_restore_dir}/* $SYNCTHING_CONFIG_PATH/
|
||||
if [ ! "$?" = "0" ]; then
|
||||
systemctl start syncthing
|
||||
systemctl start cron
|
||||
|
@ -439,17 +439,11 @@ function restore_remote_syncthing {
|
|||
temp_restore_dir=/root/tempsyncthingshared
|
||||
function_check restore_directory_from_friend
|
||||
restore_directory_from_friend $temp_restore_dir syncthingshared
|
||||
#cp -r $temp_restore_dir/* /
|
||||
if [ ! -d $SYNCTHING_SHARED_DATA ]; then
|
||||
mkdir -p $SYNCTHING_SHARED_DATA
|
||||
fi
|
||||
cp -r ${temp_restore_dir}shared/* $SYNCTHING_SHARED_DATA/
|
||||
if [ ! "$?" = "0" ]; then
|
||||
systemctl start syncthing
|
||||
systemctl start cron
|
||||
exit 37904
|
||||
fi
|
||||
rm -rf $temp_restore_dir
|
||||
cp -r ${temp_restore_dir}/* $SYNCTHING_SHARED_DATA/
|
||||
rm -rf ${temp_restore_dir}
|
||||
fi
|
||||
|
||||
if [ -d $SERVER_DIRECTORY/backup/syncthing ]; then
|
||||
|
@ -466,7 +460,15 @@ function restore_remote_syncthing {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/Sync ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/Sync /home/$USERNAME/
|
||||
else
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/Sync/
|
||||
if [ ! -d /home/$USERNAME/Sync ]; then
|
||||
mkdir /home/$USERNAME/Sync
|
||||
fi
|
||||
if [ -d /root/Sync ]; then
|
||||
cp -r /root/Sync/* /home/$USERNAME/Sync/
|
||||
rm -rf /root/Sync
|
||||
else
|
||||
cp -r ${temp_restore_dir}/* /home/$USERNAME/Sync/
|
||||
fi
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
rm -rf $temp_restore_dir
|
||||
|
|
|
@ -407,6 +407,25 @@ function upgrade_xmpp {
|
|||
update_prosody_modules
|
||||
xmpp_onion_addresses /etc/prosody/prosody.cfg.lua
|
||||
|
||||
if grep -q "/etc/ssl/certs/xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
|
||||
cp /etc/ssl/certs/xmpp.dhparam /etc/prosody/xmpp.dhparam
|
||||
chown prosody:prosody /etc/prosody/xmpp.dhparam
|
||||
sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/prosody.cfg.lua
|
||||
sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
|
||||
if grep -q "/etc/ssl/private/xmpp.key" /etc/prosody/prosody.cfg.lua; then
|
||||
if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem ]; then
|
||||
sed -i "s|/etc/ssl/private/xmpp.key|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
fi
|
||||
|
||||
if grep -q "/etc/ssl/certs/xmpp.crt" /etc/prosody/prosody.cfg.lua; then
|
||||
if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
sed -i "s|/etc/ssl/certs/xmpp.crt|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
fi
|
||||
|
||||
curr_prosody_filename=$(cat $COMPLETION_FILE | grep "prosody_filename" | awk -F ':' '{print $2}')
|
||||
if [[ "$curr_prosody_filename" != "$prosody_filename" ]]; then
|
||||
if [ -d ${INSTALL_DIR}/${prosody_filename} ]; then
|
||||
|
@ -1051,9 +1070,28 @@ function install_xmpp {
|
|||
chmod -R 700 /etc/prosody/conf.d
|
||||
usermod -a -G www-data prosody
|
||||
|
||||
# Avoid STIG failures
|
||||
if [ -f /usr/lib/ssl/private/xmpp.key ]; then
|
||||
chown root:root /usr/lib/ssl/private/xmpp.key
|
||||
fi
|
||||
if [ -f /usr/lib/ssl/certs/xmpp.crt ]; then
|
||||
chown root:root /usr/lib/ssl/certs/xmpp.crt
|
||||
fi
|
||||
if [ -f /usr/lib/ssl/certs/xmpp.dhparam ]; then
|
||||
chown root:root /usr/lib/ssl/certs/xmpp.dhparam
|
||||
fi
|
||||
|
||||
if [ -d /etc/letsencrypt ]; then
|
||||
usermod -a -G ssl-cert prosody
|
||||
fi
|
||||
|
||||
if [ -f /etc/ssl/certs/xmpp.dhparam ]; then
|
||||
cp /etc/ssl/certs/xmpp.dhparam /etc/prosody/xmpp.dhparam
|
||||
chown prosody:prosody /etc/prosody/xmpp.dhparam
|
||||
sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/prosody.cfg.lua
|
||||
sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
|
||||
apt-mark -q hold prosody
|
||||
systemctl restart prosody
|
||||
|
||||
|
|
|
@ -1326,9 +1326,14 @@ function reset_tripwire {
|
|||
return
|
||||
fi
|
||||
if [ ! -f /etc/tripwire/${HOSTNAME}-local.key ]; then
|
||||
echo $'Error: missing local key'
|
||||
any_key
|
||||
return
|
||||
if [ -f /etc/tripwire/${PROJECT_NAME}-local.key ]; then
|
||||
mv /etc/tripwire/${PROJECT_NAME}-local.key /etc/tripwire/${HOSTNAME}-local.key
|
||||
mv /etc/tripwire/${PROJECT_NAME}-site.key /etc/tripwire/${HOSTNAME}-site.key
|
||||
else
|
||||
echo $'Error: missing local key'
|
||||
any_key
|
||||
return
|
||||
fi
|
||||
fi
|
||||
clear
|
||||
echo $'Turing off logging...'
|
||||
|
@ -1921,7 +1926,7 @@ function domain_blocking_add {
|
|||
trap "rm -f $data" 0 1 2 5 15
|
||||
dialog --title $"Block a domain or user" \
|
||||
--backtitle $"Freedombone Control Panel" \
|
||||
--inputbox $"Enter the domain name or GNU Social/postActiv nick@domain that you wish to block" 8 60 "" 2>$data
|
||||
--inputbox $"Enter the domain name or GNU Social/postActiv/Pleroma nick@domain that you wish to block" 8 60 "" 2>$data
|
||||
sel=$?
|
||||
case $sel in
|
||||
0)
|
||||
|
@ -1933,7 +1938,7 @@ function domain_blocking_add {
|
|||
dialog --title $"Block a domain" \
|
||||
--msgbox $"The domain $blocked_domain has been blocked" 6 40
|
||||
else
|
||||
dialog --title $"Block a GNU Social/postActiv nickname" \
|
||||
dialog --title $"Block a GNU Social/postActiv/Pleroma nickname" \
|
||||
--msgbox $"$blocked_domain has been blocked" 6 40
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -547,7 +547,7 @@ if [[ $VARIANT == 'meshclient' || $VARIANT == 'meshusb' ]]; then
|
|||
fi
|
||||
|
||||
if [ ! $IMAGE_SIZE_SPECIFIED ]; then
|
||||
IMAGE_SIZE=7.9G
|
||||
IMAGE_SIZE=15.0G
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# License
|
||||
# =======
|
||||
#
|
||||
# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
|
||||
# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Affero General Public License as published by
|
||||
|
@ -464,6 +464,9 @@ function restore_gpg {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.gnupg ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.gnupg /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.gnupg ]; then
|
||||
mkdir /home/$USERNAME/.gnupg
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.gnupg/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -543,6 +546,9 @@ function restore_spamassassin {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME ]; then
|
||||
cp -rf $temp_restore_dir/home/$USERNAME/.spamassassin /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.spamassassin ]; then
|
||||
mkdir /home/$USERNAME/.spamassassin
|
||||
fi
|
||||
cp -rf $temp_restore_dir/* /home/$USERNAME/.spamassassin/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -611,6 +617,9 @@ function restore_user_ssh_keys {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.ssh ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.ssh /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.ssh ]; then
|
||||
mkdir /home/$USERNAME/.ssh
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.ssh/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -644,6 +653,9 @@ function restore_user_config {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.config ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.config /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.config ]; then
|
||||
mkdir /home/$USERNAME/.config
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.config/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -677,6 +689,9 @@ function restore_user_monkeysphere {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.monkeysphere ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.monkeysphere /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.monkeysphere ]; then
|
||||
mkdir /home/$USERNAME/.monkeysphere
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.monkeysphere
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -718,6 +733,9 @@ function restore_user_fin {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.fin ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.fin /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.fin ]; then
|
||||
mkdir /home/$USERNAME/.fin
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.fin/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -751,6 +769,9 @@ function restore_user_local {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.local ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.local /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.local ]; then
|
||||
mkdir /home/$USERNAME/.local
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.local/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -837,6 +858,9 @@ function restore_personal_settings {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/personal ]; then
|
||||
mv $temp_restore_dir/home/$USERNAME/personal /home/$USERNAME
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/personal ]; then
|
||||
mkdir /home/$USERNAME/personal
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/personal/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# License
|
||||
# =======
|
||||
#
|
||||
# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
|
||||
# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Affero General Public License as published by
|
||||
|
@ -419,6 +419,9 @@ function restore_gpg {
|
|||
if [ -d ${temp_restore_dir}/home/$USERNAME/.gnupg ]; then
|
||||
cp -r ${temp_restore_dir}/home/$USERNAME/.gnupg /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.gnupg ]; then
|
||||
mkdir /home/$USERNAME/.gnupg
|
||||
fi
|
||||
cp -r ${temp_restore_dir}/* /home/$USERNAME/.gnupg/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -488,6 +491,9 @@ function restore_spamassassin {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME ]; then
|
||||
cp -rf $temp_restore_dir/home/$USERNAME/.spamassassin /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.spamassassin ]; then
|
||||
mkdir /home/$USERNAME/.spamassassin
|
||||
fi
|
||||
cp -rf $temp_restore_dir/* /home/$USERNAME/.spamassassin/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -542,6 +548,9 @@ function restore_ssh_keys {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.ssh ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.ssh /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.ssh ]; then
|
||||
mkdir /home/$USERNAME/.ssh
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.ssh/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -573,6 +582,9 @@ function restore_user_config {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.config /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.config ]; then
|
||||
mkdir /home/$USERNAME/.config
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.config/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -604,6 +616,9 @@ function restore_user_monkeysphere {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.monkeysphere ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.monkeysphere /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.monkeysphere ]; then
|
||||
mkdir /home/$USERNAME/.monkeysphere
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.monkeysphere/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -643,6 +658,9 @@ function restore_user_fin {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.fin ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.fin /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.fin ]; then
|
||||
mkdir /home/$USERNAME/.fin
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.fin/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -674,6 +692,9 @@ function restore_user_local {
|
|||
if [ -d $temp_restore_dir/home/$USERNAME/.local ]; then
|
||||
cp -r $temp_restore_dir/home/$USERNAME/.local /home/$USERNAME/
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/.local ]; then
|
||||
mkdir /home/$USERNAME/.local
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/.local/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
@ -754,6 +775,9 @@ function restore_personal_settings {
|
|||
fi
|
||||
mv $temp_restore_dir/home/$USERNAME/personal /home/$USERNAME
|
||||
else
|
||||
if [ ! -d /home/$USERNAME/personal ]; then
|
||||
mkdir /home/$USERNAME/personal
|
||||
fi
|
||||
cp -r $temp_restore_dir/* /home/$USERNAME/personal/
|
||||
fi
|
||||
if [ ! "$?" = "0" ]; then
|
||||
|
|
|
@ -547,6 +547,9 @@ function firewall_block_domain {
|
|||
if [ -f /usr/bin/postactiv-firewall ]; then
|
||||
/usr/bin/postactiv-firewall
|
||||
fi
|
||||
if [ -f /usr/bin/pleroma-blocking ]; then
|
||||
/usr/bin/pleroma-blocking
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
|
@ -107,12 +107,12 @@ function mesh_protocol_init {
|
|||
fi
|
||||
}
|
||||
|
||||
function get_ipv4_wlan {
|
||||
echo $(ip -o -f inet addr show dev "$IFACE" | awk '{print $4}' | awk 'END {print}' | awk -F '/' '{print $1}')
|
||||
function get_ipv6_wlan {
|
||||
echo $(ifconfig ${IFACE} | grep inet6 | awk -F ' ' '{print $2}')
|
||||
}
|
||||
|
||||
function mesh_hotspot_ip_address {
|
||||
echo $(ip -o -f inet addr show dev "${BRIDGE}" | awk '{print $4}' | awk 'END {print}' | awk -F '/' '{print $1}')
|
||||
echo $(ifconfig ${BRIDGE} | grep inet6 | awk -F ' ' '{print $2}')
|
||||
}
|
||||
|
||||
function global_rate_limit {
|
||||
|
@ -368,7 +368,7 @@ function enable_mesh_scuttlebot {
|
|||
if [ -f /etc/scuttlebot/.ssb/config ]; then
|
||||
ethernet_connected=$(cat /sys/class/net/eth0/carrier)
|
||||
if [[ "$ethernet_connected" != "0" ]]; then
|
||||
sed -i "s|\"host\": .*|\"host\": \"$(get_ipv4_wlan)\",|g" /etc/scuttlebot/.ssb/config
|
||||
sed -i "s|\"host\": .*|\"host\": \"$(get_ipv6_wlan)\",|g" /etc/scuttlebot/.ssb/config
|
||||
systemctl restart scuttlebot
|
||||
else
|
||||
if [ ! -f /etc/nginx/sites-available/git_ssb ]; then
|
||||
|
|
|
@ -59,8 +59,8 @@ function configure_ssh {
|
|||
if ! grep -q 'HostbasedAuthentication' /etc/ssh/sshd_config; then
|
||||
echo 'HostbasedAuthentication no' >> /etc/ssh/sshd_config
|
||||
fi
|
||||
sed 's|#HostbasedAuthentication.*|HostbasedAuthentication no|g' /etc/ssh/sshd_config
|
||||
sed 's|HostbasedAuthentication.*|HostbasedAuthentication no|g' /etc/ssh/sshd_config
|
||||
sed -i 's|#HostbasedAuthentication.*|HostbasedAuthentication no|g' /etc/ssh/sshd_config
|
||||
sed -i 's|HostbasedAuthentication.*|HostbasedAuthentication no|g' /etc/ssh/sshd_config
|
||||
sed -i 's|#PrintLastLog.*|PrintLastLog yes|g' /etc/ssh/sshd_config
|
||||
sed -i 's|PrintLastLog.*|PrintLastLog yes|g' /etc/ssh/sshd_config
|
||||
sed -i 's|#IgnoreRhosts.*|IgnoreRhosts yes|g' /etc/ssh/sshd_config
|
||||
|
|
|
@ -756,81 +756,85 @@ function configure_firewall_for_web_access {
|
|||
function update_default_domain {
|
||||
echo $'Updating default domain'
|
||||
if [[ $ONION_ONLY == 'no' ]]; then
|
||||
if [ -d /etc/prosody ]; then
|
||||
if [ -f /etc/mumble-server.ini ]; then
|
||||
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if ! grep -q "mumble.pem" /etc/mumble-server.ini; then
|
||||
sed -i 's|sslCert=.*|sslCert=/var/lib/mumble-server/mumble.pem|g' /etc/mumble-server.ini
|
||||
sed -i 's|sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
|
||||
systemctl restart mumble
|
||||
fi
|
||||
else
|
||||
if ! grep -q "${DEFAULT_DOMAIN_NAME}.pem" /etc/mumble-server.ini; then
|
||||
usermod -a -G ssl-cert mumble-server
|
||||
sed -i "s|sslCert=.*|sslCert=/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/mumble-server.ini
|
||||
sed -i "s|sslKey=.*|sslKey=/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/mumble-server.ini
|
||||
systemctl restart mumble
|
||||
fi
|
||||
if [ -f /etc/mumble-server.ini ]; then
|
||||
if [ ! -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
if ! grep -q "mumble.pem" /etc/mumble-server.ini; then
|
||||
sed -i 's|sslCert=.*|sslCert=/var/lib/mumble-server/mumble.pem|g' /etc/mumble-server.ini
|
||||
sed -i 's|sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
|
||||
systemctl restart mumble
|
||||
fi
|
||||
else
|
||||
if ! grep -q "${DEFAULT_DOMAIN_NAME}/fullchain.pem" /etc/mumble-server.ini; then
|
||||
usermod -a -G ssl-cert mumble-server
|
||||
sed -i "s|sslCert=.*|sslCert=/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/mumble-server.ini
|
||||
sed -i "s|sslKey=.*|sslKey=/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/mumble-server.ini
|
||||
systemctl restart mumble
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -d /etc/prosody ]; then
|
||||
if [ ! -d /etc/prosody/certs ]; then
|
||||
mkdir /etc/prosody/certs
|
||||
fi
|
||||
cp /etc/ssl/private/xmpp* /etc/prosody/certs
|
||||
cp /etc/ssl/certs/xmpp* /etc/prosody/certs
|
||||
if [ /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
usermod -a -G ssl-cert prosody
|
||||
if grep -q "/etc/prosody/certs/xmpp.key" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
if grep -q "/etc/prosody/certs/xmpp.crt" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
|
||||
if grep -q "/etc/prosody/certs/xmpp.key" /etc/prosody/prosody.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
if grep -q "/etc/prosody/certs/xmpp.crt" /etc/prosody/prosody.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
fi
|
||||
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key" /etc/prosody/prosody.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key" /etc/prosody/prosody.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/prosody/prosody.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
if grep -q "/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/prosody/prosody.cfg.lua; then
|
||||
sed -i "s|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
fi
|
||||
|
||||
chown -R prosody:default /etc/prosody
|
||||
chmod -R 700 /etc/prosody/certs/*
|
||||
chmod 600 /etc/prosody/prosody.cfg.lua
|
||||
cp -r $INSTALL_DIR/prosody-modules/* /var/lib/prosody/prosody-modules/
|
||||
if [ -d $INSTALL_DIR/prosody-modules ]; then
|
||||
cp -r $INSTALL_DIR/prosody-modules/* /var/lib/prosody/prosody-modules/
|
||||
cp -r $INSTALL_DIR/prosody-modules/* /usr/lib/prosody/modules/
|
||||
fi
|
||||
chown -R prosody:prosody /var/lib/prosody/prosody-modules
|
||||
chown -R prosody:prosody /usr/lib/prosody/modules
|
||||
systemctl reload prosody
|
||||
fi
|
||||
|
||||
if [ -d /home/znc/.znc ]; then
|
||||
echo $'znc found'
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
pkill znc
|
||||
cat /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key > /home/znc/.znc/znc.pem
|
||||
chown znc:znc /home/znc/.znc/znc.pem
|
||||
chmod 700 /home/znc/.znc/znc.pem
|
||||
|
||||
sed -i "s|CertFile =.*|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|CertFile =.*|CertFile = /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|DHFile =.*|DHFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|KeyFile =.*|KeyFile = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|KeyFile =.*|KeyFile = /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem" /etc/ngircd/ngircd.conf
|
||||
echo $'irc certificates updated'
|
||||
|
||||
systemctl restart ngircd
|
||||
|
@ -839,16 +843,17 @@ function update_default_domain {
|
|||
fi
|
||||
|
||||
if [ ${#DEFAULT_DOMAIN_NAME} -gt 0 ]; then
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
|
||||
if [ -d /etc/dovecot ]; then
|
||||
if ! grep -q "ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/dovecot/conf.d/10-ssl.conf; then
|
||||
sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
if ! grep -q "ssl_cert = </etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem" /etc/dovecot/conf.d/10-ssl.conf; then
|
||||
sed -i "s|#ssl_cert =.*|ssl_cert = </etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
sed -i "s|ssl_cert =.*|ssl_cert = </etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
systemctl restart dovecot
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -d /etc/exim4 ]; then
|
||||
# Unfortunately there doesn't appear to be any other way than copying certs here
|
||||
cp /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/{fullchain,privkey}.pem /etc/exim4/
|
||||
chown root:Debian-exim /etc/exim4/*.pem
|
||||
chmod 640 /etc/exim4/*.pem
|
||||
|
|
|
@ -3,10 +3,10 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2016-12-10 Sat 15:19 -->
|
||||
<!-- 2018-01-21 Sun 11:01 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title></title>
|
||||
<title>‎</title>
|
||||
<meta name="generator" content="Org mode" />
|
||||
<meta name="author" content="Bob Mottram" />
|
||||
<meta name="description" content="How to use Mumble"
|
||||
|
@ -71,6 +71,7 @@
|
|||
pre.src-fortran:before { content: 'Fortran'; }
|
||||
pre.src-gnuplot:before { content: 'gnuplot'; }
|
||||
pre.src-haskell:before { content: 'Haskell'; }
|
||||
pre.src-hledger:before { content: 'hledger'; }
|
||||
pre.src-java:before { content: 'Java'; }
|
||||
pre.src-js:before { content: 'Javascript'; }
|
||||
pre.src-latex:before { content: 'LaTeX'; }
|
||||
|
@ -188,7 +189,7 @@
|
|||
@licstart The following is the entire license notice for the
|
||||
JavaScript code in this tag.
|
||||
|
||||
Copyright (C) 2012-2013 Free Software Foundation, Inc.
|
||||
Copyright (C) 2012-2017 Free Software Foundation, Inc.
|
||||
|
||||
The JavaScript code in this tag is free software: you can
|
||||
redistribute it and/or modify it under the terms of the GNU
|
||||
|
@ -251,18 +252,18 @@ for the JavaScript code in this tag.
|
|||
Mumble is a well known VoIP system originally used for gaming, but which works just as well for any general conference calls or meetings.
|
||||
</p>
|
||||
|
||||
<div id="outline-container-orgb69e7cf" class="outline-2">
|
||||
<h2 id="orgb69e7cf">Text chat</h2>
|
||||
<div class="outline-text-2" id="text-orgb69e7cf">
|
||||
<div id="outline-container-org208d455" class="outline-2">
|
||||
<h2 id="org208d455">Text chat</h2>
|
||||
<div class="outline-text-2" id="text-org208d455">
|
||||
<p>
|
||||
In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orgd3559d7" class="outline-2">
|
||||
<h2 id="orgd3559d7">Using with Ubuntu</h2>
|
||||
<div class="outline-text-2" id="text-orgd3559d7">
|
||||
<div id="outline-container-orge57116e" class="outline-2">
|
||||
<h2 id="orge57116e">Using with Ubuntu</h2>
|
||||
<div class="outline-text-2" id="text-orge57116e">
|
||||
<p>
|
||||
First ensure that tor is installed. Within a terminal:
|
||||
</p>
|
||||
|
@ -298,9 +299,9 @@ Click on "add new" to add a new server and enter the <b>default domain name</b>
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org0e1c0da" class="outline-2">
|
||||
<h2 id="org0e1c0da">Using with Android</h2>
|
||||
<div class="outline-text-2" id="text-org0e1c0da">
|
||||
<div id="outline-container-orgb9f0d9d" class="outline-2">
|
||||
<h2 id="orgb9f0d9d">Using with Android</h2>
|
||||
<div class="outline-text-2" id="text-orgb9f0d9d">
|
||||
<p>
|
||||
Install <a href="https://f-droid.org/">F-Droid</a>
|
||||
</p>
|
||||
|
@ -318,11 +319,11 @@ Press the plus button to add a Mumble server.
|
|||
</p>
|
||||
|
||||
<p>
|
||||
Enter a label (which can be any name you choose for the server), the default domain name of the Freedombone or preferably the mumble onion address as shown on the <b>About</b> screen of the <b>Administrator control panel</b>, your username (which can also be anything) and the mumble password which can be found in the <b>Passwords</b> section of the <b>Administrator control panel</b>.
|
||||
Enter a label (which can be any name you choose for the server), the default domain name of the Freedombone or preferably the mumble onion address as shown on the <b>About</b> screen of the <b>Administrator control panel</b>, your username (which can also be anything) and the mumble password which can be found in the <b>Passwords</b> section of the <b>Administrator control panel</b>. Leave the port number unchanged.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
Open the settings. Select General, then Connect via Tor. This will provide better protection, making it more difficult for adversaries to know who is talking to who.
|
||||
Open the settings. Select <b>General</b>, then <b>Connect via Tor</b>. This will provide better protection, making it more difficult for adversaries to know who is talking to who. If connecting through Tor is unreliable and causes crashes then unselect <b>Connect via Tor</b> on the <b>General settings</b> and then just use your ordinary domain name.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
|
|
|
@ -3,10 +3,10 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2017-06-27 Tue 13:17 -->
|
||||
<!-- 2018-01-21 Sun 11:13 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title></title>
|
||||
<title>‎</title>
|
||||
<meta name="generator" content="Org mode" />
|
||||
<meta name="author" content="Bob Mottram" />
|
||||
<meta name="description" content="Homesteading the Fediverse"
|
||||
|
@ -252,54 +252,54 @@ for the JavaScript code in this tag.
|
|||
Some things you might want to know about the Fediverse:
|
||||
</p>
|
||||
|
||||
<div id="outline-container-orgdcdb846" class="outline-2">
|
||||
<h2 id="orgdcdb846">Keep the number of users on each server small</h2>
|
||||
<div class="outline-text-2" id="text-orgdcdb846">
|
||||
<div id="outline-container-org7ef0ae3" class="outline-2">
|
||||
<h2 id="org7ef0ae3">Keep the number of users on each server small</h2>
|
||||
<div class="outline-text-2" id="text-org7ef0ae3">
|
||||
<p>
|
||||
The importance of this can't be overstated. Servers with lots of users always eventually have problems where the interests of the users are not the same as the interests of the server administrator. If you are the server administrator, or if there are only a small squad-size group of people on the server, then it's a lot easier to resolve differences and everyone's interests are likely to be similar.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org51ce16d" class="outline-2">
|
||||
<h2 id="org51ce16d">Drama will happen</h2>
|
||||
<div class="outline-text-2" id="text-org51ce16d">
|
||||
<div id="outline-container-orgb78d10c" class="outline-2">
|
||||
<h2 id="orgb78d10c">Drama will happen</h2>
|
||||
<div class="outline-text-2" id="text-orgb78d10c">
|
||||
<p>
|
||||
It's inevitable in any social network, but fortunately your options for dealing with it are better than they are in the giant proprietary monoliths. In the proprietary world Google or Facebook don't give a damn about the fate of individual users. On a server with a small number of users if you're getting griefed then the administrator is likely to care and be able to do something about it.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org449c739" class="outline-2">
|
||||
<h2 id="org449c739">Don't be afraid to block</h2>
|
||||
<div class="outline-text-2" id="text-org449c739">
|
||||
<div id="outline-container-orgac5dc10" class="outline-2">
|
||||
<h2 id="orgac5dc10">Don't be afraid to block</h2>
|
||||
<div class="outline-text-2" id="text-orgac5dc10">
|
||||
<p>
|
||||
Especially if other servers are publishing content which may not be legal in your jurisdiction then don't be afraid to use domain or user blocking from the <b>Administrator control panel</b>. The same applies if users on other servers are trying to harass you. Blocking creates politics and drama but <span class="underline">this is a feature not a bug</span>. It allows you to craft your own distinct community and user experience while also existing in the wider federation. It's hard to do this on sites like Twitter or Facebook. Try to keep blocking to a minimum though and avoid doing it for insubstantial reasons. If you have other users on your server then publish the blocked domains list somewhere they can see. That avoids disappointment and enables you to have a discussion about the validity of blocking decisions.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org3692a0e" class="outline-2">
|
||||
<h2 id="org3692a0e">Network structure maps on to social structure</h2>
|
||||
<div class="outline-text-2" id="text-org3692a0e">
|
||||
<div id="outline-container-orgec4f5cf" class="outline-2">
|
||||
<h2 id="orgec4f5cf">Network structure maps on to social structure</h2>
|
||||
<div class="outline-text-2" id="text-orgec4f5cf">
|
||||
<p>
|
||||
Over time follows and blocking rules come to match the underlying social geography of affinity groups. Blocking will happen and users will move around or start new servers. Drama related to blocking will dissipate.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org05184eb" class="outline-2">
|
||||
<h2 id="org05184eb">Keep your follows under the Dunbar number</h2>
|
||||
<div class="outline-text-2" id="text-org05184eb">
|
||||
<div id="outline-container-org07b0224" class="outline-2">
|
||||
<h2 id="org07b0224">Keep your follows under the Dunbar number</h2>
|
||||
<div class="outline-text-2" id="text-org07b0224">
|
||||
<p>
|
||||
Keep the number of other users you're following and who are also active to under a couple of hundred. Any more than that and you'll just be overwhelmed by irrelevant stuff and whatever community you may have been part of will dissolve in a sea of entropy. There are no algorithmic timelines, and even if they're introduced then they create their own problems as an opaque form of censorship. <span class="underline">Real community happens at tribal scale</span>. It's something which people often don't like to admit because they get fixated upon bigger and bigger numbers, but it definitely seems to be true.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orgfbf8e98" class="outline-2">
|
||||
<h2 id="orgfbf8e98">Avoid big public servers</h2>
|
||||
<div class="outline-text-2" id="text-orgfbf8e98">
|
||||
<div id="outline-container-org07a661a" class="outline-2">
|
||||
<h2 id="org07a661a">Avoid big public servers</h2>
|
||||
<div class="outline-text-2" id="text-org07a661a">
|
||||
<p>
|
||||
It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
|
||||
</p>
|
||||
|
@ -308,7 +308,7 @@ It may seem like a good idea and it may seem like you're doing a service to the
|
|||
|
||||
<div class="org-center">
|
||||
<p>
|
||||
This site can also be accessed via a Tor browser at <a href="http://pazyv7nkllp76hqr.onion">http://pazyv7nkllp76hqr.onion</a>. This documentation is under the <a href="https://www.gnu.org/licenses/fdl-1.3.txt">GNU Free Documentation License version 1.3</a>
|
||||
This site can also be accessed via a Tor browser at <a href="http://7ec7btgr6m7c5r3h.onion">http://7ec7btgr6m7c5r3h.onion</a>. This documentation is under the <a href="https://www.gnu.org/licenses/fdl-1.3.txt">GNU Free Documentation License version 1.3</a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2017-12-28 Thu 21:15 -->
|
||||
<!-- 2018-01-21 Sun 11:15 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>‎</title>
|
||||
|
@ -478,7 +478,7 @@ Of course, this is just one way in which you can install the Freedombone system.
|
|||
|
||||
<div class="org-center">
|
||||
<p>
|
||||
This site can also be accessed via a Tor browser at <a href="http://pazyv7nkllp76hqr.onion">http://pazyv7nkllp76hqr.onion</a>
|
||||
This site can also be accessed via a Tor browser at <a href="http://7ec7btgr6m7c5r3h.onion">http://7ec7btgr6m7c5r3h.onion</a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2017-12-20 Wed 13:53 -->
|
||||
<!-- 2018-01-21 Sun 11:15 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>‎</title>
|
||||
|
@ -299,7 +299,7 @@ Ready made disk images which can be copied onto USB or microSD drives are <a hre
|
|||
|
||||
<div class="org-center">
|
||||
<p>
|
||||
This site can also be accessed via a Tor browser at <a href="http://pazyv7nkllp76hqr.onion">http://pazyv7nkllp76hqr.onion</a>. This documentation is under the <a href="https://www.gnu.org/licenses/fdl-1.3.txt">GNU Free Documentation License version 1.3</a>
|
||||
This site can also be accessed via a Tor browser at <a href="http://7ec7btgr6m7c5r3h.onion">http://7ec7btgr6m7c5r3h.onion</a>. This documentation is under the <a href="https://www.gnu.org/licenses/fdl-1.3.txt">GNU Free Documentation License version 1.3</a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2018-01-17 Wed 23:49 -->
|
||||
<!-- 2018-01-21 Sun 11:15 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>‎</title>
|
||||
|
@ -284,7 +284,7 @@ Like <a href="https://libremesh.org">LibreMesh</a>, this system uses a combinati
|
|||
|
||||
<div class="org-center">
|
||||
<p>
|
||||
This site can also be accessed via a Tor browser at <a href="http://pazyv7nkllp76hqr.onion">http://pazyv7nkllp76hqr.onion</a>
|
||||
This site can also be accessed via a Tor browser at <a href="http://7ec7btgr6m7c5r3h.onion">http://7ec7btgr6m7c5r3h.onion</a>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2017-12-29 Fri 23:16 -->
|
||||
<!-- 2018-01-18 Thu 18:15 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title>‎</title>
|
||||
|
@ -246,13 +246,13 @@ for the JavaScript code in this tag.
|
|||
|
||||
<center><h1>Mesh Network: Images</h1></center>
|
||||
|
||||
<div id="outline-container-org92a36a4" class="outline-2">
|
||||
<h2 id="org92a36a4">Pre-built Disk Images</h2>
|
||||
<div class="outline-text-2" id="text-org92a36a4">
|
||||
<div id="outline-container-orgff89f51" class="outline-2">
|
||||
<h2 id="orgff89f51">Pre-built Disk Images</h2>
|
||||
<div class="outline-text-2" id="text-orgff89f51">
|
||||
</div>
|
||||
<div id="outline-container-orgf74ea4c" class="outline-3">
|
||||
<h3 id="orgf74ea4c">Writing many images quickly</h3>
|
||||
<div class="outline-text-3" id="text-orgf74ea4c">
|
||||
<div id="outline-container-orgd2bd6dc" class="outline-3">
|
||||
<h3 id="orgd2bd6dc">Writing many images quickly</h3>
|
||||
<div class="outline-text-3" id="text-orgd2bd6dc">
|
||||
<p>
|
||||
There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the <b>dd</b> command is used for writing to the target drive, but to write to multiple drives you can use a tool such as <a href="https://wiki.gnome.org/Apps/MultiWriter">GNOME MultiWriter</a>.
|
||||
</p>
|
||||
|
@ -280,9 +280,9 @@ The MultiWriter tool is also available within mesh client images, so that you ca
|
|||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<div id="outline-container-orgdd8f201" class="outline-3">
|
||||
<h3 id="orgdd8f201">Client images</h3>
|
||||
<div class="outline-text-3" id="text-orgdd8f201">
|
||||
<div id="outline-container-orgaa45ffa" class="outline-3">
|
||||
<h3 id="orgaa45ffa">Client images</h3>
|
||||
<div class="outline-text-3" id="text-orgaa45ffa">
|
||||
<div class="org-center">
|
||||
|
||||
<div class="figure">
|
||||
|
@ -292,7 +292,7 @@ The MultiWriter tool is also available within mesh client images, so that you ca
|
|||
</div>
|
||||
|
||||
<p>
|
||||
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 8GB in size.
|
||||
"Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 16GB in size.
|
||||
</p>
|
||||
|
||||
<div class="org-src-container">
|
||||
|
@ -331,16 +331,16 @@ sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-n
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org231f975" class="outline-3">
|
||||
<h3 id="org231f975">Router images</h3>
|
||||
<div class="outline-text-3" id="text-org231f975">
|
||||
<div id="outline-container-org6ca93ec" class="outline-3">
|
||||
<h3 id="org6ca93ec">Router images</h3>
|
||||
<div class="outline-text-3" id="text-org6ca93ec">
|
||||
<p>
|
||||
Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
|
||||
</p>
|
||||
</div>
|
||||
<div id="outline-container-orgbe92b46" class="outline-4">
|
||||
<h4 id="orgbe92b46">Beaglebone Black</h4>
|
||||
<div class="outline-text-4" id="text-orgbe92b46">
|
||||
<div id="outline-container-org69b5cfa" class="outline-4">
|
||||
<h4 id="org69b5cfa">Beaglebone Black</h4>
|
||||
<div class="outline-text-4" id="text-org69b5cfa">
|
||||
<div class="org-center">
|
||||
|
||||
<div class="figure">
|
||||
|
@ -377,9 +377,9 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orgd948176" class="outline-2">
|
||||
<h2 id="orgd948176">Building Disk Images</h2>
|
||||
<div class="outline-text-2" id="text-orgd948176">
|
||||
<div id="outline-container-org6b309a0" class="outline-2">
|
||||
<h2 id="org6b309a0">Building Disk Images</h2>
|
||||
<div class="outline-text-2" id="text-org6b309a0">
|
||||
<p>
|
||||
It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
|
||||
</p>
|
||||
|
|
|
@ -3,10 +3,10 @@
|
|||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||
<head>
|
||||
<!-- 2017-06-27 Tue 13:16 -->
|
||||
<!-- 2018-01-21 Sun 11:14 -->
|
||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||
<title></title>
|
||||
<title>‎</title>
|
||||
<meta name="generator" content="Org mode" />
|
||||
<meta name="author" content="Bob Mottram" />
|
||||
<meta name="description" content="Turn the Beaglebone Black into a personal communications server"
|
||||
|
@ -248,11 +248,11 @@ for the JavaScript code in this tag.
|
|||
<h1>Support</h1>
|
||||
</center>
|
||||
|
||||
<div id="outline-container-orgb1a7204" class="outline-2">
|
||||
<h2 id="orgb1a7204">Contact details</h2>
|
||||
<div class="outline-text-2" id="text-orgb1a7204">
|
||||
<div id="outline-container-org3dddbf5" class="outline-2">
|
||||
<h2 id="org3dddbf5">Contact details</h2>
|
||||
<div class="outline-text-2" id="text-org3dddbf5">
|
||||
<p>
|
||||
This site can also be accessed via a Tor browser at <b><a href="http://pazyv7nkllp76hqr.onion">http://pazyv7nkllp76hqr.onion</a></b>
|
||||
This site can also be accessed via a Tor browser at <b><a href="http://7ec7btgr6m7c5r3h.onion">http://7ec7btgr6m7c5r3h.onion</a></b>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
|
@ -260,11 +260,7 @@ This site can also be accessed via a Tor browser at <b><a href="http://pazyv7nkl
|
|||
</p>
|
||||
|
||||
<p>
|
||||
<b>PGP/GPG Key ID:</b> EA982E38
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<b>PGP/GPG Fingerprint:</b> D538 1159 CD7A 2F80 2F06 ABA0 0452 CC7C EA98 2E38
|
||||
<b>PGP/GPG Fingerprint:</b> 9ABB82C00ABF39F82680487DCC2536191FA7C33F
|
||||
</p>
|
||||
|
||||
<p>
|
||||
|
@ -277,22 +273,22 @@ This site can also be accessed via a Tor browser at <b><a href="http://pazyv7nkl
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orga7a8570" class="outline-2">
|
||||
<h2 id="orga7a8570">Things which would be nice to have</h2>
|
||||
<div class="outline-text-2" id="text-orga7a8570">
|
||||
<div id="outline-container-org654de23" class="outline-2">
|
||||
<h2 id="org654de23">Things which would be nice to have</h2>
|
||||
<div class="outline-text-2" id="text-org654de23">
|
||||
</div>
|
||||
<div id="outline-container-orgce3bc4d" class="outline-3">
|
||||
<h3 id="orgce3bc4d">Ideas</h3>
|
||||
<div class="outline-text-3" id="text-orgce3bc4d">
|
||||
<div id="outline-container-org9171145" class="outline-3">
|
||||
<h3 id="org9171145">Ideas</h3>
|
||||
<div class="outline-text-3" id="text-org9171145">
|
||||
<p>
|
||||
Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org1104d91" class="outline-3">
|
||||
<h3 id="org1104d91">Money</h3>
|
||||
<div class="outline-text-3" id="text-org1104d91">
|
||||
<div id="outline-container-org71c7a97" class="outline-3">
|
||||
<h3 id="org71c7a97">Money</h3>
|
||||
<div class="outline-text-3" id="text-org71c7a97">
|
||||
<p>
|
||||
At the present time this project is not seeking any funding. There is no crowdfunding campaign and no slick marketing video. Those aren't ruled out as future possibilities, but for now they're just not needed.
|
||||
</p>
|
||||
|
@ -303,27 +299,27 @@ If you find this project useful then you may wish to consider donating to <a hre
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orge4c8d46" class="outline-3">
|
||||
<h3 id="orge4c8d46">Testing and reporting bugs</h3>
|
||||
<div class="outline-text-3" id="text-orge4c8d46">
|
||||
<div id="outline-container-org012655b" class="outline-3">
|
||||
<h3 id="org012655b">Testing and reporting bugs</h3>
|
||||
<div class="outline-text-3" id="text-org012655b">
|
||||
<p>
|
||||
Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org3ea4978" class="outline-3">
|
||||
<h3 id="org3ea4978">Web design and artwork</h3>
|
||||
<div class="outline-text-3" id="text-org3ea4978">
|
||||
<div id="outline-container-org2ec5168" class="outline-3">
|
||||
<h3 id="org2ec5168">Web design and artwork</h3>
|
||||
<div class="outline-text-3" id="text-org2ec5168">
|
||||
<p>
|
||||
A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the <a href="https://www.mediagoblin.org/">Mediagoblin</a> project, and attractive graphics can help to get people initially interested.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orgac92852" class="outline-3">
|
||||
<h3 id="orgac92852">More education and promotion</h3>
|
||||
<div class="outline-text-3" id="text-orgac92852">
|
||||
<div id="outline-container-org76b8351" class="outline-3">
|
||||
<h3 id="org76b8351">More education and promotion</h3>
|
||||
<div class="outline-text-3" id="text-org76b8351">
|
||||
<div class="org-center">
|
||||
|
||||
<div class="figure">
|
||||
|
@ -341,18 +337,18 @@ Raising awareness beyond the near zero current level, overcoming fear and parano
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-orgf1745de" class="outline-3">
|
||||
<h3 id="orgf1745de">Translations</h3>
|
||||
<div class="outline-text-3" id="text-orgf1745de">
|
||||
<div id="outline-container-org5332549" class="outline-3">
|
||||
<h3 id="org5332549">Translations</h3>
|
||||
<div class="outline-text-3" id="text-org5332549">
|
||||
<p>
|
||||
To add translations modify the json files within the <b>locale</b> subdirectory. Then make a pull request on the <a href="https://github.com/bashrc/freedombone">Github site</a>.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="outline-container-org6cc7753" class="outline-3">
|
||||
<h3 id="org6cc7753">Packaging</h3>
|
||||
<div class="outline-text-3" id="text-org6cc7753">
|
||||
<div id="outline-container-orgd4e3504" class="outline-3">
|
||||
<h3 id="orgd4e3504">Packaging</h3>
|
||||
<div class="outline-text-3" id="text-orgd4e3504">
|
||||
<p>
|
||||
Helping to package GNU Social and Hubzilla for Debian would be beneficial.
|
||||
</p>
|
||||
|
|
Loading…
Reference in New Issue