+
Akaunting
-Akaunting
+The Freedombone system isn't primarily aimed at companies or institutions, but if you're a one person company or freelancer then having the ability to run your own accounting system and keep the data private and also backed up is useful. Akaunting provides a nice web based system for small business accounts, and is also quite usable within a mobile web browser.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
+
After that you'll need to enter a company name and an email address. You can make the administrator password anything you prefer, and a suggestion can be found within the Passwords section of the Administrator control panel under akaunting.
-
+
From then on the system should be usable. Accounts software can often be quite complex, and so you'll probably want to refer to the official documentation for details. diff --git a/website/EN/app_bdsmail.html b/website/EN/app_bdsmail.html index 8d22c13a..0a1a760d 100644 --- a/website/EN/app_bdsmail.html +++ b/website/EN/app_bdsmail.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - - -
+
BDS Mail
-BDS Mail
+BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existing email server which comes installed as default. It creates an extra folder within the Mutt client which allows you to send and receive email using i2p as the transport layer. This solves the problem of being blocked by dubious systems and also the problem of user friendly email encryption. If you're behind a hostile firewall which you don't control and which blocks all ports, this system is still likely to work. You can use GPG as an additional encryption layer if you prefer, but it's not strictly necessary because you already have the i2p public key system to ensure end-to-end security.
@@ -255,15 +161,18 @@ BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existingIt's unlikely that many people will use this. If it's hard to persuade anyone to use GPG or Enigmail then it will be next to impossible to persuade them to switch to BDS Mail unless they're already obsessive about technical security. However, this provides yet another option for reasonably secure communications if other methods fail or are untrustable.
+Installation
-Installation
+ssh into the system with:
ssh myusername@mydomain.com -p 2222
+
Bludit
-Bludit
+This is a databaseless blogging system which uses markdown files. It's not very complex and so there is not much to go wrong, and it should run well on any server hardware.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
+
CryptPad
-CryptPad
+
+
This is similar to EtherPad but with better security and more document types which can be collaboratively edited in real time. It includes not just text editing but also creating presentations, voting and editing source code. @@ -271,17 +175,20 @@ Enabling someone to edit a document is as simple as sending them the URL via a c
Documents are stored locally within the browser of each user and the server just acts as a coordinator. No documents are stored on the server.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
diff --git a/website/EN/app_dokuwiki.html b/website/EN/app_dokuwiki.html index 380ff49c..fcb1c56c 100644 --- a/website/EN/app_dokuwiki.html +++ b/website/EN/app_dokuwiki.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - -
+
Dokuwiki
-Dokuwiki
+Dokuwiki is a wiki which stores its content in text files. Having no database makes maintaining it simpler, and it's not tied to any particular domain name so you can easily copy the files to a different domain if you need to.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Dokuwiki domain listed there along with an onion address. You can then navigate to your site in a browser.
diff --git a/website/EN/app_edith.html b/website/EN/app_edith.html index fb31fd66..e61039f9 100644 --- a/website/EN/app_edith.html +++ b/website/EN/app_edith.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - -
+
Edith Notes
-Edith Notes
+Edith notes is the simplest and quickest kind of notes system. It has no complicated user interface. Just enter your domain and a title and a note will be created. Everything typed is saved automatically.
@@ -261,6 +167,7 @@ ssh into the system with:ssh myusername@mydomain.com -p 2222
+
It is possible to turn off the login via App Settings/edith if you wish, but this will enable anyone on the internet to view or edit notes on your system, which could have obvious privacy or stability implications. From App settings/edith it's also possible to browse through your notes files.
+
Emacs
-Emacs
+Emacs is a text editor popular with software developers or anyone who needs to take notes at high speed or be able to customise their editing environment to a high degree. When installed on Freedombone it can be used together the Mutt email client to edit new emails or if you need to manually edit configuration files.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Common key combinations
-Common key combinations
+For anyone new to Emacs some common keys are:
@@ -284,64 +194,64 @@ For anyone new to Emacs some common keys are:
+
Etherpad
-Etherpad
+This is a well known system for real time collaborative editing of documents. Just log in, choose a document title and then edit. Different users will appear in different colours, and can also chat in the sidebar. This is installed as a private system in which only users on your Freedombone server will be able to create and edit documents, so it's not open to any random users on the internet.
@@ -255,17 +161,20 @@ This is a well known system for real time collaborative editing of documents. JuIf security is an especially important factor then you might also want to consider installing CryptPad instead. It has more features and doesn't store any documents on the server.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
@@ -282,9 +191,9 @@ After the install has completed go to Security settings and select Cre
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Etherpad domain listed there along with an onion address. You can then navigate to your site in a browser.
diff --git a/website/EN/app_fedwiki.html b/website/EN/app_fedwiki.html index 05a13b65..f145e518 100644 --- a/website/EN/app_fedwiki.html +++ b/website/EN/app_fedwiki.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - -
+
Federated Wiki
-Federated Wiki
+Federated wikis are a relatively new concept. There can be multiple copies of the same page on different servers and it's then easy to pick which version you prefer, or make something new. It's like wiki meets mashup meets federation, and so is different from many previous web paradigms and may take some recalibration of how you think the web should work.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Usage
-Usage
+First you'll need to get the login password, which can be found on the Administrator control panel under Passwords then fedwiki.
@@ -291,15 +200,24 @@ There are a few things to know about using the federated wiki.-
-
- You can edit by clicking on the wiki button at the bottom of the screen -
- To edit a paragraph double click on it -
- To remove a paragraph just delete all of its text -
- Paragraphs can be dragged up and down to change their order, or moved between pages -
- To add a new paragraph use the + button -
- You can use left and right cursor keys to move through pages -
- To claim/fork a page from another server click on the flag icon -
- When done editing click on the wiki button again -
- Different versions of the same page on different servers are represented by boxes at the bottom right of the screen. You can double click on them to see the different versions, and use the flag icon to fork if you prefer that version +
- You can edit by clicking on the wiki button at the bottom of the screen + +
- To edit a paragraph double click on it + +
- To remove a paragraph just delete all of its text + +
- Paragraphs can be dragged up and down to change their order, or moved between pages + +
- To add a new paragraph use the + button + +
- You can use left and right cursor keys to move through pages + +
- To claim/fork a page from another server click on the flag icon + +
- When done editing click on the wiki button again + +
- Different versions of the same page on different servers are represented by boxes at the bottom right of the screen. You can double click on them to see the different versions, and use the flag icon to fork if you prefer that version +
+
Friendica
-Friendica
+Friendica is a federated social networking system. It can federate with other popular systems such as GNU Social and Diaspora. Currently Friendica only works on the clearnet and doesn't have an onion address.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
@@ -279,9 +188,9 @@ After the install has completed go to Security settings and select Cre
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Friendica domain listed there. You can then navigate to your site in a browser.
@@ -290,13 +199,11 @@ If you have just obtained a Lets Encrypt certificate as above then go to Abou On first visiting your Friendica site you'll see the login screen. The first thing you need to do is to select register to create a new Friendica administrator user. The first user on the system then becomes its administrator. -
+
Friendica has numerous addons which you might want to explore. Select the small icon next to the search box and you will get to the administrator settings. Select plugins and you can then configure which ones you want. From the site settings you can also force all links to use SSL/TLS for added security. diff --git a/website/EN/app_gnusocial.html b/website/EN/app_gnusocial.html index 132c1442..7b5ebb13 100644 --- a/website/EN/app_gnusocial.html +++ b/website/EN/app_gnusocial.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - - -
+
GNU Social
-GNU Social
+GNU Social is typically referred to as a microblogging system, although with a maximum post length much longer than Twitter it's really a sort of federated community blog with a stream-based appearance which also supports markdown formatting.
@@ -265,23 +171,23 @@ Some general advice about life in the fediverse can b -
+
Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your GNU Social domain listed there along with an onion address. You can then navigate to your site in a browser.
@@ -319,63 +225,61 @@ Once you have logged in to GNU Social you may then want to select Admin a GNU Social has a clutter-free mobile user interface which can be accessed via a Tor compatible browser (make sure to add a NoScript exception). Unlike similar proprietary sites there are no bribed posts. -
+
Switching user interfaces
-Switching user interfaces
+A few web based user interfaces are available for GNU SOcial. They are selectable by going to the Administrator control panel and choosing App settings then gnusocial.
-
+
-
-
- Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived -
- Pleroma: A modern and lightweight user interface -
- Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations. +
- Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived + +
- Pleroma: A modern and lightweight user interface + +
- Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations. +
Using with Emacs
-Using with Emacs
+
+
If you are an Emacs user it's also possible to set up GNU Social mode as follows:
mkdir ~/elisp git clone https://github.com/bashrc/gnu-social-mode ~/elisp/gnu-social-mode -echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs -echo "(require 'gnu-social-mode)" >> ~/.emacs -echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs -echo " gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs -echo " gnu-social-username \"yourusername\"" >> ~/.emacs -echo " gnu-social-password \"gnusocialpassword\")" >> ~/.emacs +echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs +echo "(require 'gnu-social-mode)" >> ~/.emacs +echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs +echo " gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs +echo " gnu-social-username \"yourusername\"" >> ~/.emacs +echo " gnu-social-password \"gnusocialpassword\")" >> ~/.emacs
M-x gnu-social
Blocking controls
-Blocking controls
+
+
The biggest hazard with GNU Social is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the Administrator control panel and selecting Domain or User Blocking, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage. diff --git a/website/EN/app_gogs.html b/website/EN/app_gogs.html index 26c05ff5..8de916d8 100644 --- a/website/EN/app_gogs.html +++ b/website/EN/app_gogs.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - -
+
Gogs
-Gogs
+Github is ok, but it's proprietary and funded by venture capital. If you been around on the internet for long enough then you know how this story eventually works itself out - i.e. badly for the users. It's really only a question of time. If you're a software developer or do things which involve the Git version control system then it's a good idea to become accustomed to hosting your own repositories, before the inevitable Github shitstorm occurs.
@@ -254,15 +161,18 @@ Github is ok, but it's proprietary and funded by venture capital. If you been arA Git hosting system called Gogs can optionally be installed. This is very similar to Github in appearance and use. It's lightweight and so well suited for use on low power ARM servers.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Gogs domain listed there along with an onion address. You can then navigate to your site in a browser.
@@ -293,6 +203,7 @@ In a browser navigate to your Gogs site and click the Register button. Thsudo username@domainname -p 2222
+
HTMLy
-HTMLy
+HTMLy is a databaseless blogging system.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your HTMLy blog domain listed there along with an onion address. You can then navigate to your site in a browser.
diff --git a/website/EN/app_hubzilla.html b/website/EN/app_hubzilla.html index 373d35a4..af416cb8 100644 --- a/website/EN/app_hubzilla.html +++ b/website/EN/app_hubzilla.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
Hubzilla
-Hubzilla
+Hubzilla is a web publishing and social network system which includes wiki, web pages, photo albums and file storage. It also has privacy controls which allow you to define who can see which content. It's possible to write posts and have them visible only to a group of friends (known as "privacy groups"), with the encryption being handled automatically. Currently Hubzilla only works on the clearnet and doesn't have an onion address.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
@@ -279,9 +188,9 @@ After the install has completed go to Security settings and select Cre
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Hubzilla domain listed there. You can then navigate to your site in a browser.
@@ -290,16 +199,14 @@ If you have just obtained a Lets Encrypt certificate as above then go to Abou On first visiting your Hubzilla site you'll see the login screen. The first thing you need to do is register a new user. The first user on the system then becomes its administrator. -
+
+
Icecast
-Icecast
+Icecast enables you to run something like an internet radio station. So if you have multiple audio files and want to be able to stream those in sequence from a web site then this can be useful.
@@ -255,15 +161,18 @@ Icecast enables you to run something like an internet radio station. So if you hThis system is available only via an onion address, which should mitigate the potential for copyright disputes over streamed content. By default it's only set up to stream to a small number of users so that it doesn't put too much stress on CPU or memory requirements, although you can increase the maximum limit if you have a more powerful system and enough bandwidth.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Adding files to be streamed
-Adding files to be streamed
+There are two ways to get files onto the system: either via ssh or via a USB drive. File types can be ogg, ogv, mp3 or mp4 format.
@@ -290,9 +199,9 @@ It may take a while for the files to import, especially on a low power single boFrom a USB drive
-From a USB drive
+Create a directory on the USB drive named icestream and copy your files into there. Plug the drive into your server.
@@ -303,14 +212,15 @@ Go to the Administrator control panel, select App settings, then <Via ssh
-Via ssh
+Make a directory named icestream and copy your files into it. Then copy the directory to your server.
scp -r -P 2222 icestream myusername@mydomain:/home/myusername
ssh myusername@mydomain -p 2222
Access controls
-Access controls
+By default anyone who happens to find your Icecast onion address can listen to your stream. If you only want it to be available to a few friends or family then you can add an extra login password.
diff --git a/website/EN/app_irc.html b/website/EN/app_irc.html index 7a17e7e1..106427a1 100644 --- a/website/EN/app_irc.html +++ b/website/EN/app_irc.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
IRC
-IRC
+IRC is useful for multi-user chat. The classic use case is for software development where many engineers might need to coordinate their activities, but it's also useful for meetings, parties and general socialising.
+Irssi
-Irssi
+The easiest way to use irssi is to connect to your system, like this:
ssh myusername@mydomain -p 2222
HexChat
-HexChat
+HexChat (formerly XChat) is compatible with proxying via Tor and so provides the best security when connecting to your IRC server. It will allow you to connect to your IRC server's onion address.
@@ -281,6 +191,7 @@ First install HexChat and set up its configuration file. This can be done on youfreedombone-client --setup hexchat
ssh username@mydomainname -p 2222
+
+
Emacs
-Emacs
+If you are an Emacs user then you can also connect to your IRC server via Emacs.
@@ -364,6 +276,7 @@ Ensure that tor is installed onto your local system:sudo apt-get install tor
(setq socks-noproxy '("localhost")) (require 'socks) (require 'tls) @@ -386,14 +300,15 @@ Add the following to your Emacs configuration file:
Changing or removing the IRC password
-Changing or removing the IRC password
+By default the IRC server is set up to require a password for users to log in. The password is the same for all users. If you want to change or remove the password:
ssh myusername@mydomain -p 2222
+
KanBoard
-KanBoard
+Kanbans are one way of managing projects. They're traditionally used in businesses but can also be useful for personal TODO lists or within open source or DIY projects. If you have a list of things which need to be done and want to keep track of progress then this provides a way to do that.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
@@ -278,9 +187,9 @@ After the install has completed go to Security settings and select Cre
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your KanBoard domain listed there along with an onion address. You can then navigate to your site in a browser.
diff --git a/website/EN/app_keyserver.html b/website/EN/app_keyserver.html index 1421b6f0..f173acd9 100644 --- a/website/EN/app_keyserver.html +++ b/website/EN/app_keyserver.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
OpenPGP Key Server
-OpenPGP Key Server
+The web of trust is a nice idea, but how trustable is it? If you take a look at how many OpenPGP key servers are out there then there are a two or three main ones and not much else. Can you trust those servers? Who is maintaining them and how often? Is any censorship going on? How hard would it be for adversaries to get implants onto them? In terms of technology this infrastructure is quite old and it could have been neglected for a long time. Once vigilant maintainers might have turned lazy and gotten lax with server security, or been recruited over to the dark side.
@@ -256,24 +162,25 @@ The web of trust is a nice idea, but how trustable is it? If you take a l For these kinds of reasons you might prefer to run your own web of trust infrastructure. In simple terms it's a database of GPG public keys which provides a way for users to find out how to communicate with others securely via email. You can meet in person and exchange public keys via sneakernet on USB drives, but most users of GPG don't do that. Instead they just download the public key for a given email address from one of the key servers. -
+
Installation
-Installation
+ssh into the system with:
ssh myusername@mydomain.com -p 2222
-ssh myusername@mydomain.com -p 2222 +
@@ -286,16 +193,17 @@ After the install has completed go to Security settings and select Cre
How to use it
-How to use it
+Interaction with the web user interface is pretty minimal and obvious, but most likely you will also want to be able to use your keyserver from the commandline. To do that use the –keyserver option. For example to search for a key on your server:
gpg --keyserver [your keyserver domain] --search-keys [email address]
-gpg --keyserver [your keyserver domain] --search-keys [email address] +
gpg --keyserver [your keyserver domain] --send-keys [email address or key ID]
-gpg --keyserver [your keyserver domain] --send-keys [email address or key ID] +
@@ -313,14 +222,15 @@ Or to get a key:
gpg --keyserver [your keyserver domain] --recv-keys [email address or key ID]
-gpg --keyserver [your keyserver domain] --recv-keys [email address or key ID] +
Sync with other keyservers
-Sync with other keyservers
+Key servers avoid censorship or errors by gossiping between each other and cross referencing the data. You can define which other servers your key server will gossip with by going to the Administrator control panel, selecting App Settings then keyserver then Sync with other keyserver.
@@ -330,9 +240,9 @@ It's a good idea not to try to sync with the popular OpenPGP key servers, becausPossible problems
-Possible problems
+OpenPGP key servers are not very well defended from flooding attacks. This means that an adversary could just upload a billion keys to destabilize the server and fill it with nonsense to make it unusable. Since key servers are fully open to the public there isn't anything to prevent that from happening.
diff --git a/website/EN/app_koel.html b/website/EN/app_koel.html index c4f729c0..5aad5e96 100644 --- a/website/EN/app_koel.html +++ b/website/EN/app_koel.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
Koel
-Koel
+This enables you to store your music on the Freedombone server and then access it from any internet connected device. If you just want to make music accessible within your home network then DLNA is usually sufficient, but if you want to be able to play your music from anywhere then Koel is a better option.
-
+
Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
@@ -288,42 +195,39 @@ Go back to the Administrator control panel, select Passwords then Once logged in go to settings and set the media path to /music.
-
+
Importing music
-Importing music
+This app doesn't have any way to upload music and instead just expects that there will be a directory on the server containing music files. There are a couple of ways to get new music files onto the system: either by using ssh or by putting them onto a USB drive.
-
+
Via ssh
-Via ssh
+On your local system:
scp -P 2222 -r ~/Music username@domainname:/home/username
-scp -P 2222 -r ~/Music username@domainname:/home/username +
@@ -335,8 +239,9 @@ Now log in to your Freedombone system:
ssh username@domainname -p 2222
-ssh username@domainname -p 2222 +
@@ -345,9 +250,9 @@ And select Administrator settings followed by App settings then
Via USB drive
-Via USB drive
+Create a LUKS formatted USB drive. It's possible to do this by plugging a new USB drive into the Freedombone system then going to the Administrator control panel, selecting App settings then koel then Format a USB drive. You will need to specify a password, which in this case doesn't need to be anything highly secure.
@@ -362,9 +267,9 @@ Once you have music on a LUKS formatted USB drive then plug it into the FreedombSynchronizing
-Synchronizing
+To detect the imported files you might need to re-synchronize. Within Koel go to settings and then select Scan. Any imported files should then be available to play.
diff --git a/website/EN/app_lychee.html b/website/EN/app_lychee.html index 1b15672c..a3da189d 100644 --- a/website/EN/app_lychee.html +++ b/website/EN/app_lychee.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
Lychee
-Lychee
+Lychee is a simple and lightweight photo album for the web. Whether you're an amateur or professional photographer, or want to publish random holiday pics or cat pictures. Lychee just does what it says it does without any fuss. There is also a photo album feature within Hubzilla if you need more sophisticated social photo sharing with individualised permissions.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Lychee domain listed there along with an onion address. You can then navigate to your site in a browser.
@@ -288,13 +198,11 @@ If you have just obtained a Lets Encrypt certificate as above then go to Abou Within a browser navigate to your lychee domain name or onion address. It should look like this: -
+
Within the Administrator control panel select App Settings and then lychee. This will show the initial login settings which you need to set up the database. To copy the password hold down the shift key, select the password then right click and copy. diff --git a/website/EN/app_mailpile.html b/website/EN/app_mailpile.html index df956335..d2de925e 100644 --- a/website/EN/app_mailpile.html +++ b/website/EN/app_mailpile.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - - -
+
Mailpile
-Mailpile
+Mailpile provides a nice looking webmail interface suitable for use on desktop or mobile clients. It has good support for email encryption and makes that quite an simple process. At present it's usable but still has a few bugs and limitations. If you need a fully functional email client with comprehensive encryption support then either use Mutt or Thunderbird/Icedove.
@@ -259,15 +165,18 @@ An advantage of this type of webmail is that it keeps your GPG keys off of anOne down side is that this appears to be a single user system, so if you have multiple users on your Freedombone server only the administrator will actually be able to use mailpile.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Mailpile domain listed there along with an onion address. You can then navigate to your site in a browser.
@@ -329,25 +238,21 @@ Uncheck Detect Settings and click Next. Under Sending Mail select local or if you need to proxy outgoing email through your ISP's server select SMTP/TLS and enter the details, then click Next. -
+
Under Receiving files select IMAP, the domain as localhost, port 143 and your username, then click Next. Astute readers may well be concerned that IMAP over port 143 is not encrypted, but since this is only via localhost communication between the Mail Transport Agent and Mailpile doesn't travel over the internet and port 143 is not opened on the firewall so it's not possible to accidentally connect an external mail client insecurely.
-
+
Under Security and Privacy either select your existing encryption key or if you only get the option to create a new one then do so, then click Add or Save. diff --git a/website/EN/app_matrix.html b/website/EN/app_matrix.html index b1a35c4e..d57fa176 100644 --- a/website/EN/app_matrix.html +++ b/website/EN/app_matrix.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - - -
+
Matrix
-Matrix
+
+
Matrix is a federated communications system, typically for multi-user chat, with end-to-end content security features. You can consider it to be like a modernized version of IRC chat where the crypto and access controls have been built in by default. At present Matrix is really only a creature of the clearnet and so there isn't any way to protect the metadata. Despite the talk of security the lack of metadata defenses make this really only suitable for public communications, similar to microblogging or public IRC channels. @@ -263,15 +167,18 @@ Matrix is a federated communications system, typically for multi-user chat, with
Another consideration is that since matrix operates on the usual HTTPS port number (443) this may make it difficult for ISPs or governments to censor this type of communications via port blocking without significant blowback.
+Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+Go to the Administrator control panel and select Passwords then matrix. This will give you the password to initially log in to the system and you can change it later from a client app if needed.
@@ -303,14 +210,15 @@ Other client apps are available but are currently mostly only at the alpha stageDNS setup
-DNS setup
+It's recommended that you add an SRV record for Matrix to your DNS setup. How you do this will depend upon your dynamic DNS provider and their web interface. On FreeDNS on the subdomains settings in addition to the subdomain which you are using for the matrix server create an extra entry as follows:
Type: SRV Subdomain: _matrix._tcp Domain: [youdomain] @@ -324,9 +232,9 @@ You may also want to make another entry with the same settings but replacing
Mobile app
-Mobile app
+If you're using the Riot mobile app to access your Matrix homeserver then you can significantly improve battery performance by going to the settings and changing Sync request timeout to 30 seconds and Delay between two sync requests to 600 seconds. Also turning off msgs in group chats will help, since it will avoid getting a notification whenever a group chat event happens, which then wakes up the screen.
diff --git a/website/EN/app_mediagoblin.html b/website/EN/app_mediagoblin.html index ab90dc05..824a798b 100644 --- a/website/EN/app_mediagoblin.html +++ b/website/EN/app_mediagoblin.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - -
+
Mediagoblin
-Mediagoblin
+With Mediagoblin you can host video and audio content in a similar manner to the proprietary systems such as YouTube and SoundCloud. This system supports free media formats such as webm, ogv and ogg. Another similar system which might be better fitted for small servers is PeerTube, since it uses webtorrent to distribute video files. Webtorrent will only work with WebRTC enabled browsers though.
@@ -256,22 +162,25 @@ With Mediagoblin you can host video and audio content in a similar manner to the When hosting media files you should take into consideration that since anyone on the internet can view your content then this could significantly increase your bandwidth usage and overall strain on the server. Also unless you are just hosting images then hardware such as the Beaglebone Black won't be powerful enough for a good user experience when either uploading or playing back videos. It's recommended that you use one of the more powerful quad (or more) core single board computers or an old laptop if you want to run Mediagoblin on it. -
Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Mediagoblin domain listed there along with an onion address. You can then navigate to your site in a browser.
@@ -309,14 +218,15 @@ You should repeat that for however many accounts you want on the system and thenFile formats
-File formats
+It's a good idea to upload videos in webm format. In that case Mediagoblin will skip the transcoding step (which can take hours for videos of non-trivial length) and the whole process will be quicker. Transcoding just converts whatever file format you submit into a standard resolution and file type. On your local system you can convert a video to webm with:
ffmpeg -i myvideo.mp4 myvideo.webm
youtube-dl -f webm [my_video_url]
+
Mumble
-Mumble
+Mumble is a well known VoIP system originally used for gaming, but which works just as well for any general conference calls or meetings.
+Text chat
-Text chat
+In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy.
Using with Ubuntu
-Using with Ubuntu
+First ensure that tor is installed. Within a terminal:
sudo apt-get install tor
+
Select Apply and Ok, then on the menu Server and Connect. @@ -299,9 +206,9 @@ Click on "add new" to add a new server and enter the default domain name
Using with Android
-Using with Android
+Install F-Droid
diff --git a/website/EN/app_nextcloud.html b/website/EN/app_nextcloud.html index e148fcf0..6b9faaa1 100644 --- a/website/EN/app_nextcloud.html +++ b/website/EN/app_nextcloud.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
NextCloud
-NextCloud
+
+
NextCloud is a system for file synchronisation and also has many other plugins for calendar, videoconferencing, collaborative document editing and federated file sharing. It's a lot more elaborate than Syncthing, but there may be situations where centralized control of your files on your server is better than a purely peer-to-peer approach (eg. if you need to remove a user's access to files). @@ -263,25 +167,28 @@ NextCloud is a system for file synchronisation and also has many other plugins f
The videoconferencing plugin requires a browser with WebRTC support and so is unlikely to work in a Tor browser, but may still be a better option than using proprietary systems.
+Operational considerations
-Operational considerations
+If your ISP or the government in your area is part of your threat model then NextCloud may not be the best choice for hosting files and Syncthing could be preferable. In the past the NextCloud company is known to have remotely scanned servers without permission and reported server admins who don't immediately update to the latest version of the software to their ISPs or to questionable government agencies. Depending upon where you are located such activities by the developer, which are not really in the spirit of independent self-hosting, could have very undesirable results.
Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
-ssh myusername@mydomain -p 2222 +
@@ -294,9 +201,9 @@ Select Add/Remove Apps then nextcloud. You will then be asked for
Initial setup
-Initial setup
+Go to the Administrator control panel and select Passwords then nextcloud. This will give you the password to initially log in to the system and you can change it later from a client app if needed.
diff --git a/website/EN/app_peertube.html b/website/EN/app_peertube.html index 454b0fae..767ed128 100644 --- a/website/EN/app_peertube.html +++ b/website/EN/app_peertube.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - -
+
+
This is a video hosting system similar to Mediagoblin but using webtorrent to help distribute the files to or between clients. This should be more practical for situations where a video becomes popular because the load is then spread across the network, with performance increasing with the number of nodes. However, the torrenting aspect of it only works with WebRTC enabled browsers and so this means it's unlikely to fully work with a Tor browser. Without WebRTC then from a user point of view it's effectively the same thing as Mediagoblin.
-Installation
-Installation
+Log into your system with:
ssh myusername@mydomain -p 2222
Initial setup
-Initial setup
+Navigate to your site and select Signup to create a new account. By default the maximum number of accounts on your system is limited to a small number so that millions of random internet users can't then begin uploading dubious content. After that it's pretty straightforward.
@@ -291,9 +197,9 @@ If you wish it's possible to turn off further signups via the Administrator cImporting videos from YouTube/Vimeo/Dailymotion
-Importing videos from YouTube/Vimeo/Dailymotion
+It's possible to import videos from the main proprietary video hosting sites. Only do this if they're videos which you made, or if the license is Creative Commons. Hosting arbitrary videos under nonfree licenses is likely to get you into trouble, and we know how that works out from the P2P wars of the 2000s (i.e. badly).
@@ -304,9 +210,9 @@ Go to the Administrator control panel, select App settings thenImporting videos from your desktop
-Importing videos from your desktop
+The most convenient way to add new videos to PeerTube is if you have the syncthing app installed. Set up syncthing with a folder called ~/Sync in your home directory. Create a subdirectory called ~/Sync/peertube_upload. Within that directory make a text file called login.txt. This will contain your PeerTube login details.
diff --git a/website/EN/app_pihole.html b/website/EN/app_pihole.html index 65a57a41..6c40c55f 100644 --- a/website/EN/app_pihole.html +++ b/website/EN/app_pihole.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -
+
PI-Hole: The Black Hole for Web Adverts
-PI-Hole: The Black Hole for Web Adverts
+Idiots who have an inflated sense of self-entitlement will tell you that it's your moral duty to view their mind-numbingly tedious corporate ads on their web site or YouTube channel, or else their kids will starve and the sky will fall because their revenue stream will dry up. But that's bullshit. There is nothing intrinsic or morally mandatory about adverts propping up the livelihoods of netizens, and indeed a web not primarily based on advertising money might have been a much better and more interesting place by now, with a lot less spying.
@@ -263,10 +169,12 @@ You can block ads for any devices connected to your local network by installingAlso don't expect perfection. Though many ads may be blocked by this system some will still get through. It's a constant cat and mouse game between advertisers and blockers.
+Set a static IP address
-Set a static IP address
+Ensure that your system has a static local IP address (typically 192.168..) using the option on the control panel. You will also need to know the IP address of your internet router, which is usually 192.168.1.1 or 192.168.1.254.
@@ -277,17 +185,18 @@ When that's done select About this system from the control panel and seeOn each client system within your local network
-On each client system within your local network
+Make sure that you add the static IP address for the server to /etc/hosts.
STATIC_IP=[your server static IP]
-sudo echo "$STATIC_IP [your domain name]" >> /etc/hosts
-STATIC_IP=[your server static IP] +sudo echo "$STATIC_IP [your domain name]" >> /etc/hosts +
@@ -295,12 +204,13 @@ On Arch/Parabola:
sudo pacman -S openresolv
-sudo sed -i "s|#name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
-sudo sed -i "s|name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
+
+sudo pacman -S openresolv
+sudo sed -i "s|#name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
+sudo sed -i "s|name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
sudo chattr -i /etc/resolv.conf
sudo resolvconf -u
-
@@ -308,21 +218,22 @@ Or on a Debian based system:
sudo apt-get install resolvconf
-echo 'domain localdomain' > /tmp/resolvconf
-echo 'search localdomain' >> /tmp/resolvconf
-echo "nameserver $STATIC_IP" >> /tmp/resolvconf
+
+sudo apt-get install resolvconf
+echo 'domain localdomain' > /tmp/resolvconf
+echo 'search localdomain' >> /tmp/resolvconf
+echo "nameserver $STATIC_IP" >> /tmp/resolvconf
sudo mv /tmp/resolvconf /etc/resolvconf/resolv.conf.d/head
sudo chattr -i /etc/resolv.conf
sudo resolvconf -u
-
On your internet router
-On your internet router
+If you can access the settings on your local internet router then this is the simplest way to provide ad blocking for all devices which connect to it. Unfortunately some router models don't let you edit the DNS settings and if that's the case you might want to consider getting a different router.
@@ -332,9 +243,9 @@ Edit the DNS settings and add the IPv4 address which you got from the control paLibreCMC
-LibreCMC
+On a router running LibreCMC from the Network menu select DHCP and DNS. Enter the static IP address of your Freedombone system within DNS Forwardings, then at the bottom of the page click on Save & Apply. Any devices which connect to your router will now have ad blocking.
@@ -342,18 +253,23 @@ On a router running LibreCMC from the Network menu select DHCP and DNSConfiguring block lists
-Configuring block lists
+You can configure the block lists which the system uses by going to the administrator control panel, selecting App Settings then choosing pihole. You can also add any extra domain names to the whitelist if they're being wrongly blocked or to the blacklist if they're not blocked by the current lists.
-+<center> +Return to the <a href="index.html">home page</a> +</center> +
+ +
+
-
@@ -266,17 +256,15 @@ Pleroma is an OStatus and ActivityPub compatible social networking server, compa Some general advice about life in the fediverse can be found here.
----
+
-Installation
-++-Installation
+Log into your system with:
@@ -296,9 +284,9 @@ Select Add/Remove Apps then pleroma. You will then be asked for a-Initial setup
-++-Initial setup
+The first thing you'll need to do is register a new account. You can set your profile details and profile image by selecting the small settings icon to the right of your name.
@@ -309,49 +297,44 @@ Once you have done that then you can disable further registrations from the A-Mastodon user interface
-++-Mastodon user interface
+-If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once you have registered an account navigate to /yourpleromadomainname/web and log in.
--
+
-Mobile apps
-++-Mobile apps
+-It's also possible to use Mastodon apps together with Pleroma, such as Tusky, since it supports the Mastodon API. You may need to install IcecatMobile and set it as your default browser (under Settings/Apps/Menu) in order for the initial oauth registration process to work.
--
+
-Blocking controls
--+ ++Blocking controls
+--
The biggest hazard with Pleroma is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the Administrator control panel and selecting Domain or User Blocking, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage. diff --git a/website/EN/app_postactiv.html b/website/EN/app_postactiv.html index 25a462bf..4286e336 100644 --- a/website/EN/app_postactiv.html +++ b/website/EN/app_postactiv.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - -- - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag. -+- ---
- +PostActiv
-+PostActiv
+-PostActiv is a fork of GNU Social which includes some extra fixes and optimisations to improve performance. It federates just like GNU Social does and so whether you choose GNU Social or PostActiv is really just down to personal prefernce.
@@ -256,24 +162,25 @@ PostActiv is a fork of GNU Social which inclu Some general advice about life in the fediverse can be found here. -+-
+
-Installation
-++-Installation
+Log into your system with:
-+ +ssh myusername@mydomain -p 2222 -ssh myusername@mydomain -p 2222 +@@ -290,9 +197,9 @@ After the install has completed go to Security settings and select Cre
-Initial setup
-++-Initial setup
+If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Postactiv domain listed there along with an onion address. You can then navigate to your site in a browser.
@@ -307,54 +214,54 @@ Navigate to your PostActiv domain name and log in.-Switching user interfaces
-++-Switching user interfaces
+A few web based user interfaces are available for PostActiv. They are selectable by going to the Administrator control panel and choosing App settings then postactiv.
---
+
-
- Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived
-- Pleroma: A modern and lightweight user interface
-- Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations.
+- Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived +
+- Pleroma: A modern and lightweight user interface +
+- Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations. +
-Using with Emacs
--+-+Using with Emacs
+--
If you are an Emacs user it's also possible to set up GNU Social mode, which is compatible with PostActiv. You can do that as follows:
-+echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs +echo "(require 'gnu-social-mode)" >> ~/.emacs +echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs +echo " gnu-social-server \"yourpostactivdomain\"" >> ~/.emacs +echo " gnu-social-username \"yourusername\"" >> ~/.emacs +echo " gnu-social-password \"postactivpassword\")" >> ~/.emacs +mkdir ~/elisp + +mkdir ~/elisp git clone https://github.com/bashrc/gnu-social-mode ~/elisp/gnu-social-mode -echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs -echo "(require 'gnu-social-mode)" >> ~/.emacs -echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs -echo " gnu-social-server \"yourpostactivdomain\"" >> ~/.emacs -echo " gnu-social-username \"yourusername\"" >> ~/.emacs -echo " gnu-social-password \"postactivpassword\")" >> ~/.emacs -@@ -362,8 +269,9 @@ And as a quick reference the main keys are:
-+ +M-x gnu-social -M-x gnu-social +@@ -374,54 +282,54 @@ The basics:
- + - + - i -Show icons +i +Show icons - CTRL-c CTRL-s -Post status update +CTRL-c CTRL-s +Post status update - r -Repeat +r +Repeat - F -Favourite +F +Favourite - CTRL-c CTRL-h -Highlight +CTRL-c CTRL-h +Highlight - R -Reply to user +R +Reply to user - CTRL-c CTRL-r -Show replies +CTRL-c CTRL-r +Show replies - CTRL-c CTRL-f -Friends timeline +CTRL-c CTRL-f +Friends timeline - @@ -434,19 +342,19 @@ Navigation:CTRL-c CTRL-v -View user profile +CTRL-c CTRL-v +View user profile - + - + - j -Next +j +Next - @@ -459,70 +367,68 @@ Showing timelines:k -Previous +k +Previous - + - + - g -Current timeline +g +Current timeline - CTRL-c CTRL-a -Public timeline +CTRL-c CTRL-a +Public timeline - CTRL-c CTRL-g -Group timeline +CTRL-c CTRL-g +Group timeline - CTRL-c CTRL-t -Tag timeline +CTRL-c CTRL-t +Tag timeline - CTRL-c CTRL-k -Stop +CTRL-c CTRL-k +Stop - CTRL-c CTRL-u -User timeline +CTRL-c CTRL-u +User timeline - CTRL-c CTRL-c -Conversation timeline +CTRL-c CTRL-c +Conversation timeline - CTRL-c CTRL-o -Remote user timeline +CTRL-c CTRL-o +Remote user timeline - CTRL-c CTRL-d -Post direct Message +CTRL-c CTRL-d +Post direct Message -Blocking controls
--++Blocking controls
+--
The biggest hazard with PostActiv is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the Administrator control panel and selecting Domain or User Blocking, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage. diff --git a/website/EN/app_privatebin.html b/website/EN/app_privatebin.html index 67ec1dfc..436f4ae8 100644 --- a/website/EN/app_privatebin.html +++ b/website/EN/app_privatebin.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.-+- ---
- +PrivateBin
-+-PrivateBin
++This is an encrypted pastebin, such that the server has zero knowledge of the content. It's intended for small amounts of text less than 32K in length. It's not intended for transfering large files, or for storing pastes for more than a day.
@@ -255,15 +161,18 @@ This is an encrypted pastebin, such that the server has zero knowledge of the coBecause this is completely open to any user on the internet you should be wary of the potential for DDoS, and only install this app if you really need to avoid using other pastebins or if other pastebin sites are censored or untrustable. There are traffic limits set within this app to attempt to minimize the potential for flooding attacks, but that might still not be sufficient in the worst cases.
+-Installation
-++Installation
+Log into your system with:
+diff --git a/website/EN/app_profanity.html b/website/EN/app_profanity.html index 30faa505..4842c790 100644 --- a/website/EN/app_profanity.html +++ b/website/EN/app_profanity.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -ssh myusername@mydomain -p 2222- - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag. -+- ---
- +Profanity
-++Profanity
++To install this app you will first need to install the XMPP server.
@@ -257,8 +163,9 @@ The Profanity shell based user interface and-+ +ssh username@domain -p 2222 -ssh username@domain -p 2222 +@@ -270,8 +177,9 @@ Generate an OTR
-+ +/otr gen -/otr gen +@@ -279,8 +187,9 @@ Then to start a conversation using OTR:
-+ +/otr start otherusername@otheruserdomain -/otr start otherusername@otheruserdomain +@@ -288,8 +197,9 @@ or if you're already in an insecure chat with someone just use:
-+ +/otr start -/otr start +@@ -297,8 +207,9 @@ Set a security question and answer:
-+ +/otr question "What is the name of your best friends rabbit?" fiffi -/otr question "What is the name of your best friends rabbit?" fiffi +@@ -306,8 +217,9 @@ On the other side the user can enter:
-+ +/otr answer fiffi -/otr answer fiffi +@@ -315,8 +227,9 @@ For the most paranoid you can also obtain your fingerprint:
-+ +/otr myfp -/otr myfp +@@ -324,8 +237,9 @@ and quote that. If they quote theirs back you can check it with:
-+ +/otr theirfp -/otr theirfp +@@ -336,6 +250,8 @@ If the fingerprints match then you can be pretty confident that unless you have When accessed via the user control panel the client is automatically routed through Tor and so if you are also using OTR then this provides protection for both message content and metadata.
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,40 +144,39 @@ for the JavaScript code in this tag.-+---
- - -Riot Web
-+-++Riot Web
+--
+
Riot Web is a browser based user interface for the Matrix federated communications system. It allows you to do encrypted one-to-one or group chat, and has some fancy WebRTC features for voice and video conversations. The WebRTC stuff won't work in a Tor browser though. This type of system is fine for general public communications and collaboration on open source projects or gaming groups. For things which require real privacy though stick to XMPP with OMEMO.
+-Installation
-++-Installation
+Log into your system with:
-+ +ssh myusername@mydomain -p 2222 -ssh myusername@mydomain -p 2222 +@@ -282,9 +189,9 @@ Select Add/Remove Apps then riot and also make sure that matrix
-Initial setup
-++Initial setup
+Go to the Administrator control panel and select Passwords then matrix. This will give you the password to initially log in using the Riot Web user interface. Log in, and that's it. Happy chatting.
diff --git a/website/EN/app_rss.html b/website/EN/app_rss.html index 78872b04..fe169a99 100644 --- a/website/EN/app_rss.html +++ b/website/EN/app_rss.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - -- - - + + + + - + @@ -235,38 +144,37 @@ for the JavaScript code in this tag. -+- ---
- +RSS Reader
-+RSS Reader
+-The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier.
-+-
+
-Finding the onion address
-++-Finding the onion address
+See the control panel for the RSS reader onion address.
+@@ -285,9 +193,9 @@ To set up the system open http://rss_rssh username@domainname -p 2222-On mobile
-++On mobile
+