Merge branch 'stretch' of https://github.com/bashrc/freedombone
This commit is contained in:
commit
28a79f78a7
|
@ -23,7 +23,7 @@ The Freedombone Mesh is a wireless solution for autonomous or internet connected
|
||||||
* [[./mesh_usage.html][How to use it]]
|
* [[./mesh_usage.html][How to use it]]
|
||||||
|
|
||||||
#+BEGIN_CENTER
|
#+BEGIN_CENTER
|
||||||
[[file:images/mesh_architecture1.jpg]]
|
[[file:images/mesh_logo.jpg]]
|
||||||
#+END_CENTER
|
#+END_CENTER
|
||||||
|
|
||||||
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small businesses who don't want the overhead of server maintenance, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies.
|
Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small businesses who don't want the overhead of server maintenance, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies.
|
||||||
|
|
|
@ -82,7 +82,7 @@ wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf
|
||||||
wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz.sig
|
wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz.sig
|
||||||
gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
|
gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
|
||||||
sha256sum freedombone-mesh_beaglebone-armhf.img.xz
|
sha256sum freedombone-mesh_beaglebone-armhf.img.xz
|
||||||
45f131995e2f77188e7ddaf2b42ca3d8d48d821d37c7a31a21e2e6dcceaf510d
|
60017999340a6559d1de76f3d78d9771c11de5eeefb3d3b812747ce306251e67
|
||||||
unxz freedombone-mesh_beaglebone-armhf.img.xz
|
unxz freedombone-mesh_beaglebone-armhf.img.xz
|
||||||
sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync
|
sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync
|
||||||
#+end_src
|
#+end_src
|
||||||
|
@ -102,7 +102,7 @@ wget https://freedombone.net/downloads/current/freedombone.tar.gz
|
||||||
wget https://freedombone.net/downloads/current/freedombone.tar.gz.sig
|
wget https://freedombone.net/downloads/current/freedombone.tar.gz.sig
|
||||||
gpg --verify freedombone.tar.gz.sig
|
gpg --verify freedombone.tar.gz.sig
|
||||||
sha256sum freedombone.tar.gz
|
sha256sum freedombone.tar.gz
|
||||||
024aedd3a264e963d791daaada347aba1295bc5caebba34ad9b19dc117a8cac9
|
3d2a7f2bd7a3475832756b7bb63b96ba5fc4a4f4d7bffe86e685be9a3b41b958
|
||||||
tar -xzvf freedombone.tar.gz
|
tar -xzvf freedombone.tar.gz
|
||||||
cd freedombone
|
cd freedombone
|
||||||
git checkout stretch
|
git checkout stretch
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 9.9 KiB |
|
@ -682,11 +682,17 @@ function install_nextcloud_main {
|
||||||
fi
|
fi
|
||||||
chown -R www-data:www-data config
|
chown -R www-data:www-data config
|
||||||
chown -R www-data:www-data data
|
chown -R www-data:www-data data
|
||||||
./occ check
|
sudo -u www-data ./occ check
|
||||||
./occ status
|
sudo -u www-data ./occ status
|
||||||
./occ app:list
|
sudo -u www-data ./occ app:list
|
||||||
./occ app:enable encryption
|
sudo -u www-data ./occ app:enable encryption
|
||||||
./occ config:system:set appstoreenabled --value=false
|
sudo -u www-data ./occ encryption:enable
|
||||||
|
if [ ! "$?" = "0" ]; then
|
||||||
|
echo $'Encryption not enabled'
|
||||||
|
exit 73527
|
||||||
|
fi
|
||||||
|
sudo -u www-data ./occ encryption:status
|
||||||
|
sudo -u www-data ./occ config:system:set appstoreenabled --value=false
|
||||||
chmod g+w /var/www/${NEXTCLOUD_DOMAIN_NAME}/htdocs/config/config.php
|
chmod g+w /var/www/${NEXTCLOUD_DOMAIN_NAME}/htdocs/config/config.php
|
||||||
chown -R www-data:www-data /var/www/${NEXTCLOUD_DOMAIN_NAME}/htdocs
|
chown -R www-data:www-data /var/www/${NEXTCLOUD_DOMAIN_NAME}/htdocs
|
||||||
chmod 0644 .htaccess
|
chmod 0644 .htaccess
|
||||||
|
|
|
@ -542,6 +542,7 @@ function install_stunnel {
|
||||||
echo "accept = $VPN_TLS_PORT" >> $prefix/etc/stunnel/stunnel.conf
|
echo "accept = $VPN_TLS_PORT" >> $prefix/etc/stunnel/stunnel.conf
|
||||||
echo 'connect = localhost:1194' >> $prefix/etc/stunnel/stunnel.conf
|
echo 'connect = localhost:1194' >> $prefix/etc/stunnel/stunnel.conf
|
||||||
echo 'cert = /etc/stunnel/stunnel.pem' >> $prefix/etc/stunnel/stunnel.conf
|
echo 'cert = /etc/stunnel/stunnel.pem' >> $prefix/etc/stunnel/stunnel.conf
|
||||||
|
echo 'protocol = socks' >> $prefix/etc/stunnel/stunnel.conf
|
||||||
|
|
||||||
sed -i 's|ENABLED=.*|ENABLED=1|g' $prefix/etc/default/stunnel4
|
sed -i 's|ENABLED=.*|ENABLED=1|g' $prefix/etc/default/stunnel4
|
||||||
|
|
||||||
|
@ -550,6 +551,7 @@ function install_stunnel {
|
||||||
echo "accept = $STUNNEL_PORT" >> $prefix/etc/stunnel/stunnel-client.conf
|
echo "accept = $STUNNEL_PORT" >> $prefix/etc/stunnel/stunnel-client.conf
|
||||||
echo "connect = $DEFAULT_DOMAIN_NAME:$VPN_TLS_PORT" >> $prefix/etc/stunnel/stunnel-client.conf
|
echo "connect = $DEFAULT_DOMAIN_NAME:$VPN_TLS_PORT" >> $prefix/etc/stunnel/stunnel-client.conf
|
||||||
echo 'cert = stunnel.pem' >> $prefix/etc/stunnel/stunnel-client.conf
|
echo 'cert = stunnel.pem' >> $prefix/etc/stunnel/stunnel-client.conf
|
||||||
|
echo 'protocol = socks' >> $prefix/etc/stunnel/stunnel-client.conf
|
||||||
|
|
||||||
echo '[Unit]' > $prefix/etc/systemd/system/stunnel.service
|
echo '[Unit]' > $prefix/etc/systemd/system/stunnel.service
|
||||||
echo 'Description=SSL tunnel for network daemons' >> $prefix/etc/systemd/system/stunnel.service
|
echo 'Description=SSL tunnel for network daemons' >> $prefix/etc/systemd/system/stunnel.service
|
||||||
|
|
|
@ -2102,6 +2102,40 @@ function wifi_enable {
|
||||||
${PROJECT_NAME}-wifi --disable $disable_wifi
|
${PROJECT_NAME}-wifi --disable $disable_wifi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function add_clacks {
|
||||||
|
clacks=
|
||||||
|
|
||||||
|
data=$(tempfile 2>/dev/null)
|
||||||
|
trap "rm -f $data" 0 1 2 5 15
|
||||||
|
dialog --title $"Add Clacks Overhead" \
|
||||||
|
--backtitle $"Freedombone Control Panel" \
|
||||||
|
--inputbox $"" 7 60 2>$data
|
||||||
|
sel=$?
|
||||||
|
case $sel in
|
||||||
|
0)
|
||||||
|
clacks=$(<$data)
|
||||||
|
if [ ${#clacks} -gt 1 ]; then
|
||||||
|
|
||||||
|
WEB_FILES=/etc/nginx/sites-available/*
|
||||||
|
for f in $WEB_FILES
|
||||||
|
do
|
||||||
|
if grep -q "X-Clacks-Overhead" $f; then
|
||||||
|
sed -i "s|X-Clacks-Overhead .*|X-Clacks-Overhead \"GNU $clacks\";|g" $f
|
||||||
|
else
|
||||||
|
sed -i "/X-Content-Type-Options/a add_header X-Clacks-Overhead \"GNU $clacks\";" $f
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
systemctl restart nginx
|
||||||
|
|
||||||
|
dialog --title $"Add Clacks Overhead" \
|
||||||
|
--msgbox $"\nAdded for $clacks" 10 60
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
rm $data
|
||||||
|
}
|
||||||
|
|
||||||
function menu_wifi {
|
function menu_wifi {
|
||||||
if [[ "$(wifi_exists)" == "0" ]]; then
|
if [[ "$(wifi_exists)" == "0" ]]; then
|
||||||
dialog --title $"Wifi" \
|
dialog --title $"Wifi" \
|
||||||
|
@ -2191,7 +2225,7 @@ function menu_top_level {
|
||||||
trap "rm -f $data" 0 1 2 5 15
|
trap "rm -f $data" 0 1 2 5 15
|
||||||
dialog --backtitle $"Freedombone Control Panel" \
|
dialog --backtitle $"Freedombone Control Panel" \
|
||||||
--title $"Control Panel" \
|
--title $"Control Panel" \
|
||||||
--radiolist $"Choose an operation:" 29 70 21 \
|
--radiolist $"Choose an operation:" 30 70 22 \
|
||||||
1 $"About this system" off \
|
1 $"About this system" off \
|
||||||
2 $"Passwords" off \
|
2 $"Passwords" off \
|
||||||
3 $"Backup and Restore" off \
|
3 $"Backup and Restore" off \
|
||||||
|
@ -2209,10 +2243,11 @@ function menu_top_level {
|
||||||
15 $"Change the name of this system" off \
|
15 $"Change the name of this system" off \
|
||||||
16 $"Set a static local IP address" off \
|
16 $"Set a static local IP address" off \
|
||||||
17 $"Wifi menu" off \
|
17 $"Wifi menu" off \
|
||||||
18 $"Check for updates" off \
|
18 $"Add Clacks" off \
|
||||||
19 $"Power off the system" off \
|
19 $"Check for updates" off \
|
||||||
20 $"Restart the system" off \
|
20 $"Power off the system" off \
|
||||||
21 $"Exit" on 2> $data
|
21 $"Restart the system" off \
|
||||||
|
22 $"Exit" on 2> $data
|
||||||
sel=$?
|
sel=$?
|
||||||
case $sel in
|
case $sel in
|
||||||
1) exit 1;;
|
1) exit 1;;
|
||||||
|
@ -2242,10 +2277,11 @@ function menu_top_level {
|
||||||
15) change_system_name;;
|
15) change_system_name;;
|
||||||
16) set_static_IP;;
|
16) set_static_IP;;
|
||||||
17) menu_wifi;;
|
17) menu_wifi;;
|
||||||
18) check_for_updates;;
|
18) add_clacks;;
|
||||||
19) shut_down_system;;
|
19) check_for_updates;;
|
||||||
20) restart_system;;
|
20) shut_down_system;;
|
||||||
21) break;;
|
21) restart_system;;
|
||||||
|
22) break;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
|
@ -533,7 +533,7 @@ if [[ $VARIANT == 'mesh' ]]; then
|
||||||
IMAGE_NAME=$'mesh'
|
IMAGE_NAME=$'mesh'
|
||||||
# typically not much disk space is needed for a mesh node
|
# typically not much disk space is needed for a mesh node
|
||||||
if [ ! $IMAGE_SIZE_SPECIFIED ]; then
|
if [ ! $IMAGE_SIZE_SPECIFIED ]; then
|
||||||
IMAGE_SIZE=3G
|
IMAGE_SIZE=5G
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
@ -682,6 +682,9 @@ initialise_mesh() {
|
||||||
|
|
||||||
chroot "$rootdir" apt-get -yq install apt-transport-https
|
chroot "$rootdir" apt-get -yq install apt-transport-https
|
||||||
|
|
||||||
|
# install tor as a possible way of routing traffic between internet gateways
|
||||||
|
chroot "$rootdir" apt-get -yq install tor
|
||||||
|
|
||||||
configure_firewall
|
configure_firewall
|
||||||
install_avahi
|
install_avahi
|
||||||
install_batman
|
install_batman
|
||||||
|
|
|
@ -990,6 +990,11 @@ if [ -f $MESH_INSTALL_SETUP ]; then
|
||||||
rm -rf /etc/openvpn/easy-rsa/keys/*
|
rm -rf /etc/openvpn/easy-rsa/keys/*
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Remove hidden service
|
||||||
|
if [ -d /var/lib/tor/hidden_service_mesh ]; then
|
||||||
|
rm -rf /var/lib/tor/hidden_service_mesh
|
||||||
|
fi
|
||||||
|
|
||||||
# Remove any existing vpn client keys
|
# Remove any existing vpn client keys
|
||||||
if [ -f /home/$MY_USERNAME/vpn.tar.gz ]; then
|
if [ -f /home/$MY_USERNAME/vpn.tar.gz ]; then
|
||||||
rm /home/$MY_USERNAME/vpn.tar.gz
|
rm /home/$MY_USERNAME/vpn.tar.gz
|
||||||
|
@ -1012,6 +1017,10 @@ if [ -f $MESH_INSTALL_SETUP ]; then
|
||||||
chown ${MY_USERNAME}:${MY_USERNAME} /home/$MY_USERNAME/.config
|
chown ${MY_USERNAME}:${MY_USERNAME} /home/$MY_USERNAME/.config
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
systemctl stop tor
|
||||||
|
systemctl disable tor
|
||||||
|
echo $'TOR disabled' >> $INSTALL_LOG
|
||||||
|
|
||||||
#tomb slam all
|
#tomb slam all
|
||||||
tmp_ram_disk 100
|
tmp_ram_disk 100
|
||||||
enable_predictable_device_names
|
enable_predictable_device_names
|
||||||
|
|
|
@ -416,6 +416,22 @@ function start {
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# if we have an ethernet connection to an internet router then create
|
||||||
|
# an onion address for this peer
|
||||||
|
if [[ "$ethernet_connected" != "0" ]]; then
|
||||||
|
systemctl enable tor
|
||||||
|
systemctl start tor
|
||||||
|
HIDDEN_SERVICE_PATH=/var/lib/tor/hidden_service_
|
||||||
|
if [ ! -f ${HIDDEN_SERVICE_PATH}mesh/hostname ]; then
|
||||||
|
echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}mesh/" >> /etc/tor/torrc
|
||||||
|
echo "HiddenServicePort 653 127.0.0.1:653" >> /etc/tor/torrc
|
||||||
|
systemctl restart tor
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
systemctl stop tor
|
||||||
|
systemctl disable tor
|
||||||
|
fi
|
||||||
|
|
||||||
verify
|
verify
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -157,20 +157,16 @@ function mesh_setup_vpn {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function connect_to_vpn {
|
function connect_to_mesh {
|
||||||
dialog --title $"VPN Connect to another mesh network" \
|
connect_title=$"Connect to another mesh network"
|
||||||
--backtitle $"Freedombone Mesh" \
|
HIDDEN_SERVICE_PATH=/var/lib/tor/hidden_service_mesh/hostname
|
||||||
--defaultno \
|
if [ -f ${HIDDEN_SERVICE_PATH} ]; then
|
||||||
--yesno $"\nHave you received the vpn.tar.gz file from the other mesh administrator, uncompressed it into the /home/fbone directory and also forwarded port $VPN_MESH_TLS_PORT from your internet router to this system?" 10 70
|
connect_title=$"Connect from $(cat $HIDDEN_SERVICE_PATH) to another mesh network"
|
||||||
sel=$?
|
fi
|
||||||
case $sel in
|
|
||||||
1) return;;
|
|
||||||
255) return;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
data=$(tempfile 2>/dev/null)
|
data=$(tempfile 2>/dev/null)
|
||||||
trap "rm -f $data" 0 1 2 5 15
|
trap "rm -f $data" 0 1 2 5 15
|
||||||
dialog --title $"VPN Connect to another mesh network" \
|
dialog --title "$connect_title" \
|
||||||
--backtitle $"Freedombone Mesh" \
|
--backtitle $"Freedombone Mesh" \
|
||||||
--inputbox $'Enter the IP address or domain name of the other mesh.' 10 60 2>$data
|
--inputbox $'Enter the IP address or domain name of the other mesh.' 10 60 2>$data
|
||||||
sel=$?
|
sel=$?
|
||||||
|
@ -180,15 +176,20 @@ function connect_to_vpn {
|
||||||
if [ ${#ip_or_domain} -gt 1 ]; then
|
if [ ${#ip_or_domain} -gt 1 ]; then
|
||||||
if [[ "$ip_or_domain" == *'.'* ]]; then
|
if [[ "$ip_or_domain" == *'.'* ]]; then
|
||||||
|
|
||||||
|
connect_failed=
|
||||||
if [ ! -f ~/client.ovpn ]; then
|
if [ ! -f ~/client.ovpn ]; then
|
||||||
rm $data
|
connect_failed=1
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
if [ ! -f ~/stunnel.pem ]; then
|
if [ ! -f ~/stunnel.pem ]; then
|
||||||
rm $data
|
connect_failed=1
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
if [ ! -f ~/stunnel.p12 ]; then
|
if [ ! -f ~/stunnel.p12 ]; then
|
||||||
|
connect_failed=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ $connect_failed ]; then
|
||||||
|
dialog --title $"Connect to another mesh network" \
|
||||||
|
--msgbox $"\nObtain the vpn.tar.gz file from the other mesh administrator, uncompress it into the /home/fbone directory and also forwarded port $VPN_MESH_TLS_PORT from your internet router to this system." 10 50
|
||||||
rm $data
|
rm $data
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
@ -221,7 +222,7 @@ case $sel in
|
||||||
esac
|
esac
|
||||||
case $(cat $data) in
|
case $(cat $data) in
|
||||||
1) rm $data
|
1) rm $data
|
||||||
connect_to_vpn;;
|
connect_to_mesh;;
|
||||||
2) rm $data
|
2) rm $data
|
||||||
mesh_setup_vpn;;
|
mesh_setup_vpn;;
|
||||||
esac
|
esac
|
||||||
|
|
|
@ -63,9 +63,6 @@ function get_npm_arch {
|
||||||
function mesh_install_nodejs {
|
function mesh_install_nodejs {
|
||||||
mesh_install_nodejs_prefix=
|
mesh_install_nodejs_prefix=
|
||||||
if [ $rootdir ]; then
|
if [ $rootdir ]; then
|
||||||
if [[ $VARIANT == "mesh" ]]; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
mesh_install_nodejs_prefix="chroot $rootdir"
|
mesh_install_nodejs_prefix="chroot $rootdir"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
@ -124,6 +124,7 @@ function add_onion_service {
|
||||||
fi
|
fi
|
||||||
if ! grep -q "hidden_service_${onion_service_name}" /etc/tor/torrc; then
|
if ! grep -q "hidden_service_${onion_service_name}" /etc/tor/torrc; then
|
||||||
echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}${onion_service_name}/" >> /etc/tor/torrc
|
echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}${onion_service_name}/" >> /etc/tor/torrc
|
||||||
|
#echo 'HiddenServiceVersion 3' >> /etc/tor/torrc
|
||||||
echo "HiddenServicePort ${onion_service_port_from} 127.0.0.1:${onion_service_port_to}" >> /etc/tor/torrc
|
echo "HiddenServicePort ${onion_service_port_from} 127.0.0.1:${onion_service_port_to}" >> /etc/tor/torrc
|
||||||
if [ ${#onion_stealth_name} -gt 0 ]; then
|
if [ ${#onion_stealth_name} -gt 0 ]; then
|
||||||
echo "HiddenServiceAuthorizeClient stealth ${onion_stealth_name}" >> /etc/tor/torrc
|
echo "HiddenServiceAuthorizeClient stealth ${onion_stealth_name}" >> /etc/tor/torrc
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||||
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
|
||||||
<head>
|
<head>
|
||||||
<!-- 2017-10-27 Fri 13:10 -->
|
<!-- 2017-11-01 Wed 18:58 -->
|
||||||
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
||||||
<title>‎</title>
|
<title>‎</title>
|
||||||
|
@ -261,7 +261,7 @@ The Freedombone Mesh is a wireless solution for autonomous or internet connected
|
||||||
<div class="org-center">
|
<div class="org-center">
|
||||||
|
|
||||||
<div class="figure">
|
<div class="figure">
|
||||||
<p><img src="images/mesh_architecture1.jpg" alt="mesh_architecture1.jpg" />
|
<p><img src="images/mesh_logo.jpg" alt="mesh_logo.jpg" />
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in New Issue