From 466b5c023eff610beb47137e3463e6371dd19799 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 15:27:23 +0100 Subject: [PATCH 001/133] Indentation --- src/freedombone-template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 4a244da5..76edd1e9 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -608,10 +608,10 @@ if [[ "$database_type" == "postgres"* ]]; then echo '' fi if [[ "$app_node" == 'yes' ]]; then - echo "install_nodejs ${app_name}" + echo " install_nodejs ${app_name}" fi if [ "$app_nodeapp" ]; then - echo "npm install -g ${app_nodeapp}" + echo " npm install -g ${app_nodeapp}" fi if [[ "$app_php" == 'yes' ]]; then echo ' apt-get -yq install php-gettext php-curl php-gd php-mysql git curl' From 2f379cdb6786d361ab0e2346125bca55a24ea04a Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 15:56:54 +0100 Subject: [PATCH 002/133] Template changed for handling no web UI apps --- src/freedombone-template | 244 +++++++++++++++++++++++---------------- 1 file changed, 143 insertions(+), 101 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 76edd1e9..0b55c26c 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -291,16 +291,20 @@ echo '}' echo '' echo "function install_interactive_${app_name} {" if [ ! $app_onion_only ]; then - echo " if [ ! \"\$ONION_ONLY\" ]; then" - echo " ONION_ONLY='no'" - echo ' fi' - echo '' - echo " if [[ \"\$ONION_ONLY\" != \"no\" ]]; then" - echo " ${app_name_upper}_DOMAIN_NAME='${app_name}.local'" - echo " write_config_param \"${app_name_upper}_DOMAIN_NAME\" \"\$${app_name_upper}_DOMAIN_NAME\"" - echo ' else' - echo " interactive_site_details \"${app_name}\" \"${app_name_upper}_DOMAIN_NAME\" \"${app_name_upper}_CODE\"" - echo ' fi' + if [ $app_webui ]; then + echo " if [ ! \"\$ONION_ONLY\" ]; then" + echo " ONION_ONLY='no'" + echo ' fi' + echo '' + echo " if [[ \"\$ONION_ONLY\" != \"no\" ]]; then" + echo " ${app_name_upper}_DOMAIN_NAME='${app_name}.local'" + echo " write_config_param \"${app_name_upper}_DOMAIN_NAME\" \"\$${app_name_upper}_DOMAIN_NAME\"" + echo ' else' + echo " interactive_site_details \"${app_name}\" \"${app_name_upper}_DOMAIN_NAME\" \"${app_name_upper}_CODE\"" + echo ' fi' + else + echo " echo -n ''" + fi else echo " echo -n ''" fi @@ -310,8 +314,10 @@ echo '' echo "function change_password_${app_name} {" echo " curr_username=\"\$1\"" echo " new_user_password=\"\$2\"" -echo '' -echo " read_config_param '${app_name_upper}_DOMAIN_NAME'" +if [ $app_webui ]; then + echo '' + echo " read_config_param '${app_name_upper}_DOMAIN_NAME'" +fi echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$curr_username\" -a ${app_name} -p \"\$new_user_password\"" echo '}' @@ -381,10 +387,12 @@ echo " CURR_${app_name_upper}_COMMIT=\$(get_completion_param \"${app_name} co echo " if [[ \"\$CURR_${app_name_upper}_COMMIT\" == \"\$${app_name_upper}_COMMIT\" ]]; then" echo ' return' echo ' fi' -echo '' -echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" -echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" -echo ' fi' +if [ $app_webui ]; then + echo '' + echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" + echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" + echo ' fi' +fi echo '' echo ' # update to the next commit' if [ ! "$app_dir" ]; then @@ -407,8 +415,10 @@ if [ ! "$app_dir" ]; then else echo " source_directory=${app_dir}" fi -echo '' -echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" +if [ $app_webui ]; then + echo '' + echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" +fi echo '' echo " dest_directory=${app_name}" echo " backup_directory_to_usb \"\$source_directory\" \$dest_directory" @@ -422,55 +432,63 @@ if [[ "$database_type" == "postgres"* ]]; then echo " backup_database_to_usb ${app_name}" echo '' fi -echo ' restart_site' +if [ $app_webui ]; then + echo ' restart_site' +fi echo '}' echo '' echo "function restore_local_${app_name} {" echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo ' return' echo ' fi' -echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" -echo " if [ \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" -echo " temp_restore_dir=/root/temp${app_name}" +if [ $app_webui ]; then + echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" + echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" + echo " return" + echo " fi" +fi +echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then - echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" + echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else - echo " ${app_name}_dir=${app_dir}" + echo " ${app_name}_dir=${app_dir}" fi echo '' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then - echo " ${app_name}_create_database" + echo " ${app_name}_create_database" echo '' - echo " restore_database ${app_name}" - echo " if [ -d \$temp_restore_dir ]; then" - echo " rm -rf \$temp_restore_dir" - echo ' fi' + echo " restore_database ${app_name}" + echo " if [ -d \$temp_restore_dir ]; then" + echo " rm -rf \$temp_restore_dir" + echo ' fi' echo '' fi if [[ "$database_type" == "postgres"* ]]; then - echo " ${app_name}_create_database" + echo " ${app_name}_create_database" echo '' - echo ' USE_POSTGRESQL=1' - echo " restore_database ${app_name}" - echo " if [ -d \$temp_restore_dir ]; then" - echo " rm -rf \$temp_restore_dir" - echo ' fi' + echo ' USE_POSTGRESQL=1' + echo " restore_database ${app_name}" + echo " if [ -d \$temp_restore_dir ]; then" + echo " rm -rf \$temp_restore_dir" + echo ' fi' echo '' fi -echo " restore_directory_from_usb \$temp_restore_dir ${app_name}" -echo " if [ -d \$temp_restore_dir ]; then" -echo " if [ -d \"\$temp_restore_dir\$${app_name}_dir\" ]; then" -echo " cp -rp \"\$temp_restore_dir\$${app_name}_dir\"/* \"\$${app_name}_dir\"/" -echo ' else' -echo " if [ ! -d \"\$${app_name}_dir\" ]; then" -echo " mkdir \"\$${app_name}_dir\"" -echo ' fi' -echo " cp -rp \"\$temp_restore_dir\"/* \"\$${app_name}_dir\"/" +echo " restore_directory_from_usb \$temp_restore_dir ${app_name}" +echo " if [ -d \$temp_restore_dir ]; then" +echo " if [ -d \"\$temp_restore_dir\$${app_name}_dir\" ]; then" +echo " cp -rp \"\$temp_restore_dir\$${app_name}_dir\"/* \"\$${app_name}_dir\"/" +echo ' else' +echo " if [ ! -d \"\$${app_name}_dir\" ]; then" +echo " mkdir \"\$${app_name}_dir\"" echo ' fi' -echo " chown -R www-data:www-data \"\$${app_name}_dir\"" -echo " rm -rf \$temp_restore_dir" +echo " cp -rp \"\$temp_restore_dir\"/* \"\$${app_name}_dir\"/" echo ' fi' -echo '' +if [[ ! "$app_dir" ]]; then + echo " chown -R www-data:www-data \"\$${app_name}_dir\"" +else + echo " chown -R ${app_name}:${app_name} \"\$${app_name}_dir\"" +fi +echo " rm -rf \$temp_restore_dir" echo ' fi' echo '}' echo '' @@ -485,8 +503,10 @@ if [ ! "$app_dir" ]; then else echo " source_directory=${app_dir}" fi -echo '' -echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" +if [ $app_webui ]; then + echo '' + echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" +fi echo '' echo " dest_directory=${app_name}" echo " backup_directory_to_friend \"\$source_directory\" \$dest_directory" @@ -499,8 +519,10 @@ if [[ "$database_type" == "postgres"* ]]; then echo " backup_database_to_friend ${app_name}" echo '' fi -echo '' -echo ' restart_site' +if [ $app_webui ]; then + echo '' + echo ' restart_site' +fi echo '}' echo '' echo "function restore_remote_${app_name} {" @@ -508,47 +530,51 @@ echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" echo ' return' echo ' fi' echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" -echo " if [ \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" -echo " temp_restore_dir=/root/temp${app_name}" +echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" +echo " return" +echo " fi" +echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then - echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" + echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else - echo " ${app_name}_dir=${app_dir}" + echo " ${app_name}_dir=${app_dir}" fi echo '' if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then - echo " ${app_name}_create_database" + echo " ${app_name}_create_database" echo '' - echo " restore_database_from_friend ${app_name}" - echo " if [ -d \"\$temp_restore_dir\" ]; then" - echo " rm -rf \$temp_restore_dir" - echo ' fi' + echo " restore_database_from_friend ${app_name}" + echo " if [ -d \"\$temp_restore_dir\" ]; then" + echo " rm -rf \$temp_restore_dir" + echo ' fi' echo '' fi if [[ "$database_type" == "postgres"* ]]; then - echo " ${app_name}_create_database" + echo " ${app_name}_create_database" echo '' - echo ' USE_POSTGRESQL=1' - echo " restore_database_from_friend ${app_name}" - echo " if [ -d \"\$temp_restore_dir\" ]; then" - echo " rm -rf \$temp_restore_dir" - echo ' fi' + echo ' USE_POSTGRESQL=1' + echo " restore_database_from_friend ${app_name}" + echo " if [ -d \"\$temp_restore_dir\" ]; then" + echo " rm -rf \$temp_restore_dir" + echo ' fi' echo '' fi -echo " restore_directory_from_friend \$temp_restore_dir ${app_name}" -echo " if [ -d \$temp_restore_dir ]; then" -echo " if [ -d \"\$temp_restore_dir\$${app_name}_dir\" ]; then" -echo " cp -rp \"\$temp_restore_dir\$${app_name}_dir\"/* \"\$${app_name}_dir\"/" -echo ' else' -echo " if [ ! -d \"\$${app_name}_dir\" ]; then" -echo " mkdir \"\$${app_name}_dir\"" -echo ' fi' -echo " cp -rp \$temp_restore_dir/* \"\$${app_name}_dir\"/" +echo " restore_directory_from_friend \$temp_restore_dir ${app_name}" +echo " if [ -d \$temp_restore_dir ]; then" +echo " if [ -d \"\$temp_restore_dir\$${app_name}_dir\" ]; then" +echo " cp -rp \"\$temp_restore_dir\$${app_name}_dir\"/* \"\$${app_name}_dir\"/" +echo ' else' +echo " if [ ! -d \"\$${app_name}_dir\" ]; then" +echo " mkdir \"\$${app_name}_dir\"" echo ' fi' -echo " chown -R www-data:www-data \"\$${app_name}_dir\"" -echo " rm -rf \$temp_restore_dir" +echo " cp -rp \$temp_restore_dir/* \"\$${app_name}_dir\"/" echo ' fi' -echo '' +if [[ ! "$app_dir" ]]; then + echo " chown -R www-data:www-data \"\$${app_name}_dir\"" +else + echo " chown -R ${app_name}:${app_name} \"\$${app_name}_dir\"" +fi +echo " rm -rf \$temp_restore_dir" echo ' fi' echo '}' echo '' @@ -568,13 +594,15 @@ if [ $app_daemon ]; then echo ' fi' echo " userdel -r ${app_name}" fi -echo '' -echo " if [ -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME\" ]; then" -echo " rm -rf \"/var/www/\$${app_name_upper}_DOMAIN_NAME\"" -echo ' fi' -echo " if [ -f \"/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME\" ]; then" -echo " rm \"/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME\"" -echo ' fi' +if [ $app_webui ]; then + echo '' + echo " if [ -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME\" ]; then" + echo " rm -rf \"/var/www/\$${app_name_upper}_DOMAIN_NAME\"" + echo ' fi' + echo " if [ -f \"/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME\" ]; then" + echo " rm \"/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME\"" + echo ' fi' +fi if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then echo " drop_database ${app_name}" fi @@ -592,8 +620,10 @@ if [ "$app_port" ]; then echo '' echo " firewall_remove ${app_port} tcp" fi -echo '' -echo " remove_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" +if [ $app_webui ]; then + echo '' + echo " remove_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" +fi echo '}' echo '' echo "function install_${app_name} {" @@ -632,7 +662,9 @@ if [ $app_webui ]; then fi echo " if [ -d /repos/${app_name} ]; then" -echo " mkdir \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" +if [ $app_webui ]; then + echo " mkdir \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" +fi if [ ! "$app_dir" ]; then echo " cp -r -p /repos/${app_name}/. \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" echo " cd \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" || exit 324687356" @@ -665,16 +697,20 @@ else fi echo " git checkout \$${app_name_upper}_COMMIT -b \$${app_name_upper}_COMMIT" echo " set_completion_param \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\"" -echo '' -echo " chmod g+w \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" -echo " chown -R www-data:www-data \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" +if [ $app_webui ]; then + echo '' + echo " chmod g+w \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" + echo " chown -R www-data:www-data \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" +fi if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" || "$database_type" == "postgres"* ]]; then echo '' echo " ${app_name}_create_database" fi -echo '' -echo " add_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" +if [ $app_webui ]; then + echo '' + echo " add_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" +fi echo '' echo " ${app_name_upper}_ONION_HOSTNAME=\$(add_onion_service ${app_name} 80 \${${app_name_upper}_ONION_PORT})" @@ -819,18 +855,24 @@ if [ $app_daemon ]; then fi echo " systemctl start ${app_name}" fi -echo '' -echo " create_site_certificate \"\$${app_name_upper}_DOMAIN_NAME\" 'yes'" -echo '' -echo " nginx_ensite \"\$${app_name_upper}_DOMAIN_NAME\"" -echo '' +if [ $app_webui ]; then + echo '' + echo " create_site_certificate \"\$${app_name_upper}_DOMAIN_NAME\" 'yes'" + echo '' + echo " nginx_ensite \"\$${app_name_upper}_DOMAIN_NAME\"" +fi if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then + echo '' echo ' systemctl restart mariadb' fi -if [[ "$app_php" == 'yes' ]]; then - echo ' systemctl restart php7.0-fpm' +if [ $app_webui ]; then + if [[ "$app_php" == 'yes' ]]; then + echo '' + echo ' systemctl restart php7.0-fpm' + fi + echo '' + echo ' systemctl restart nginx' fi -echo ' systemctl restart nginx' echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$MY_USERNAME\" -a ${app_name} -p \"\$${app_name_upper}_ADMIN_PASSWORD\"" echo " set_completion_param \"${app_name} domain\" \"\$${app_name_upper}_DOMAIN_NAME\"" From 36329ee5b2fcf05fb6e0d7ec71141d33cf007219 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 15:58:02 +0100 Subject: [PATCH 003/133] Document daemon within template --- man/freedombone-template.1.gz | Bin 1370 -> 1373 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/man/freedombone-template.1.gz b/man/freedombone-template.1.gz index ecf1f597c4ac30029d267a23b4af58172ed5c4ba..8a2f18f56dded8c0f4887fa15aed3c2f89a338b5 100644 GIT binary patch delta 1363 zcmV-Z1+4no3f&4oABzY8+%3vl00Z4vS#R4$5Ps*c80aN0k>sQYf}jX0J9ccKb_B^r zTR4TWB!}eIa8BQ>Umj^FiO<+RbC*wi5vS^-J zI2WoBr+}@qW2J zTR)(1I;F#Ktwe=?!4%;dDR=u|7I)%L-4owTCyhUgZbtLRwciz%@W+Uz3`{RUgYuVCooyw@s8)JJHU9 zkf9{s;f_pr6vW7Z?qI3&oLs-rYUi+PjItim?f?v`2Z=1(BSKFH5iUqqh%IX(O>c-$ zrWahKDU*vIF|NC=bunz8Uv)8mbRwD2)jgpeEnk&_fE-a+*xS$~s1-15{M6@Kd(MnB zVLeG9RE{^buy&(O+Uq#-j{}JPyU=(bCsWG%HTa)smC3v@IQpLtJ?s|Su4k!0I|6`p zfOMpdJDf~WIqBNor9s=C;Cu>l^yTF1!ecX85YyJ^n4NY)IrNS%(u#_I%{uaf%pYmx zj4oj*6qbSfT}4tXf$lzNir0`SvP}4A?tYa~bLcYx-kG7~=~~x(CCV9`Wxljh%_TV0 zQy&>Kj;fuwv&Vw3dKPB)0y#o!7%Xk`VJt?*uBme)(gCd{8bZDb4Da4qA377ct!3gH zk!cic5O2#q1u?bnroJhEHNF2_SND1g3Jy-d)%p-pL&+M5LG6RmxT9tj9$GJ!3MWD| zK{_bjb%GIadm?(k3l&&S^t{_*XmDg#)q|dVrX#eu<3ASX%ioTvxkX2PPwl!}R~gKC znZWXN33b`f&~Mit%lSDEvbTr81By&hy94_AidjANl{=|gU&0fA`0&9??)`djus`*U#@zon74Xx+!NGq^!Qv~YSCX-G{p_TRk`fc79 zP9~D?(4&VBK6VE7fb7};|uEx2vw!z`wAd9QZ)Ay@Mbf{xE*N(RS3Vw-o{Ogv;Ord)d&0-V% Vj`8ck%)Ju|(Z7u8MlbCV004bSqoe=; delta 1360 zcmV-W1+V(u3fc-lABzY8EcnS<00Z4vS#R4$5Ps*c80aN0k>sQYil7K8J9ccKb_B^r zTR4TWB!}eIvF5l%3M*9WhDn!tp)~7JJSezeEqP_Y)PT@T&G<0o2;RbACWbL3oU?I~6L|xmcQ?~x&;=^)% zwthh2bV`TeT8Rq(gek%`Rzj9^Y2eymt)Ve|m%w$Rt4cb$p4Qqp5^1U!O@A+yL!(50 zx&2(}loYmTKPlbcduz2wZbgor(WzEatL=kzQE%U-0;`<^DO^{=NRh^$YHeL^(EeTe zlakz)$~sY&KsT5;ZCZY_p%nBAdT8Dqua8z|%geJ57nA6+kQQuf2^nZC0V%+u1D$mc zTi6sbDIi6@j}cJN9fz}#jxHeMY&fBRQejg052lbcDsdbc$7yG9S>T{65ei6$RMJWE zwS~OPYD&hX%E7Ta3^^$T{&58=$Yfd45#6}Xs%puMp?3zlu!T37qN6n0Srp<*HCpw; zL1K`TE`a`~?bPXMt~rL6-bAY#QcK9)p=qI%w@8jDA`LhVNn@R^C@}VfSMVHyc}cjwuzu>C)!yM zGQ^TQ+>r^7f*3i_9V~U8lj}EH?HqQEQPxA+9e_dgAdzKzMCj=t!sX`*v1Lu9=?xLe z^n!~tWpeQ&#&y@VE{5&%t1gCrP9!tBx+m15R&Zi(pUrxR*JT{XBF>Q^G*=Z+~L+|(^t*F?4tRp|j{E=49 z=n|GfVHwEZRV2j{=XJK|PkR!B)!O}J##$sgbnmRWk9ne~$A>^yT@a~=Up)--&S|+{` znMT0|@wV(!5L2^m>YGx3)BDeLb+5Oe;NS#Ytq&nJl&pam)IKPUJ8D+pq4i>^a3Vw# zq=VvJCl~>@C!zSP?rsj_;&qwIX~yI_3jXO9FZw%cR*iHn9NgOxs$5(B|L$Dj~~6{-meG8_@hF* zBc3KOO-mlN-K2%LkBVE9%(ufJ-=|eezuDa=I`N=f&;sz69f#&FCJcKlEIwOM{62FJ zl}DxhJ~Bs_%m*mOb%qsv1x%OJJhU1yT@DM;vj;SVaeM2)dQA4)0?9iTcgh~bmwp>- z6tzje_r&O^O@`rr(mB$tX}-8azu@WPx8+x_zx)2VrePmTzd-8|_{Qga4L-#S^DjmkZu? z6rnHfD0C5*=<`6^k^fjn>n|0!eYS}2nRJgM9>NMu=Zippsxa~D*Y((;mG%JoZQd77 zCX#Q^qlb^*{CDdU_)|yN)A-1dQGj2B#&1!FSMO}s4#Ya1N?&#}0=JpHhmM29+tbM0u+ui)oc$G>ce%oMt}(JVI6Zy3KB S%-lN>{R;vI86qUk5dZ)wzMb{} From 26d5dbfa60acc4842d86eed7ab64782b7d255b6a Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 16:00:16 +0100 Subject: [PATCH 004/133] Daemon echoes without break --- src/freedombone-template | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 0b55c26c..1105bb5f 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -837,13 +837,13 @@ if [ $app_daemon ]; then echo " echo '[Service]';" echo " echo 'Type=simple';" echo " echo 'User=${app_name}';" - echo " echo 'Group=${app_name}'; } > \"/etc/systemd/system/${app_name}.service\"" + echo " echo 'Group=${app_name}';" if [ ! "$app_dir" ]; then - echo " echo 'WorkingDirectory=TODO' >> \"/etc/systemd/system/${app_name}.service\"" + echo " echo 'WorkingDirectory=TODO';" else - echo " echo 'WorkingDirectory=${app_dir}' >> \"/etc/systemd/system/${app_name}.service\"" + echo " echo 'WorkingDirectory=${app_dir}';" fi - echo " { echo 'ExecStart=TODO';" + echo " echo 'ExecStart=TODO';" echo " echo 'Restart=always';" echo " echo 'Environment=\"USER=${app_name}\"';" echo " echo '';" From d7780f284d4dd104c6fd86b59fa20928c97a8d7f Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:00:20 +0100 Subject: [PATCH 005/133] Handling nodejs within templates --- src/freedombone-template | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 1105bb5f..903f8dfc 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -827,7 +827,11 @@ fi if [ $app_daemon ]; then echo '' - echo " useradd -d \"TODO_PATH_TO_INSTALL\" -s /bin/false ${app_name}" + if [[ ! "$app_dir" ]]; then + echo " useradd -d \"TODO_PATH_TO_INSTALL\" -s /bin/false ${app_name}" + else + echo " useradd -d \"${app_dir}\" -s /bin/false ${app_name}" + fi echo '' echo " { echo '[Unit]';" echo " echo 'Description=${app_name}';" @@ -843,9 +847,20 @@ if [ $app_daemon ]; then else echo " echo 'WorkingDirectory=${app_dir}';" fi - echo " echo 'ExecStart=TODO';" + if [[ ! "$app_nodeapp" ]]; then + if [ ! $app_node ]; then + echo " echo 'ExecStart=TODO';" + else + echo " echo 'ExecStart=/usr/local/bin/npm start';" + echo " echo 'ExecStop=/usr/local/bin/npm stop';" + fi + else + echo " echo 'ExecStart=/usr/local/bin/node $app_nodeapp';" + echo " echo 'Environment=NODE_ENV=production';" + fi + echo " echo 'Environment=USER=${app_name}';" echo " echo 'Restart=always';" - echo " echo 'Environment=\"USER=${app_name}\"';" + echo " echo 'StandardError=syslog';" echo " echo '';" echo " echo '[Install]';" echo " echo 'WantedBy=multi-user.target'; } >> \"/etc/systemd/system/${app_name}.service\"" From 0e7efa7766ad57d4b84c09ce9382af13ee1620b8 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:22:37 +0100 Subject: [PATCH 006/133] Remove node app in template --- src/freedombone-template | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/freedombone-template b/src/freedombone-template index 903f8dfc..95364def 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -579,6 +579,10 @@ echo ' fi' echo '}' echo '' echo "function remove_${app_name} {" +if [ "$app_nodeapp" ]; then + echo " npm uninstall -g ${app_nodeapp}" + echo '' +fi if [[ "$app_node" == 'yes' ]]; then echo " remove_nodejs ${app_name}" echo '' From 3942cd7c4db9ebf77e9bfa14638f36f9bd682f91 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:31:45 +0100 Subject: [PATCH 007/133] Remove node apps after stopping daemon --- src/freedombone-template | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 95364def..8d06a922 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -579,14 +579,6 @@ echo ' fi' echo '}' echo '' echo "function remove_${app_name} {" -if [ "$app_nodeapp" ]; then - echo " npm uninstall -g ${app_nodeapp}" - echo '' -fi -if [[ "$app_node" == 'yes' ]]; then - echo " remove_nodejs ${app_name}" - echo '' -fi echo " nginx_dissite \"\$${app_name_upper}_DOMAIN_NAME\"" echo " remove_certs \"\$${app_name_upper}_DOMAIN_NAME\"" echo '' @@ -598,6 +590,14 @@ if [ $app_daemon ]; then echo ' fi' echo " userdel -r ${app_name}" fi +if [ "$app_nodeapp" ]; then + echo " npm uninstall -g ${app_nodeapp}" + echo '' +fi +if [[ "$app_node" == 'yes' ]]; then + echo " remove_nodejs ${app_name}" + echo '' +fi if [ $app_webui ]; then echo '' echo " if [ -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME\" ]; then" From 85cbecbc4566d9450ea705a8ee8022117b689eda Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:32:24 +0100 Subject: [PATCH 008/133] web dependent --- src/freedombone-template | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 8d06a922..09a1b8f2 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -579,9 +579,11 @@ echo ' fi' echo '}' echo '' echo "function remove_${app_name} {" -echo " nginx_dissite \"\$${app_name_upper}_DOMAIN_NAME\"" -echo " remove_certs \"\$${app_name_upper}_DOMAIN_NAME\"" -echo '' +if [ $app_webui ]; then + echo " nginx_dissite \"\$${app_name_upper}_DOMAIN_NAME\"" + echo " remove_certs \"\$${app_name_upper}_DOMAIN_NAME\"" + echo '' +fi if [ $app_daemon ]; then echo " if [ -f /etc/systemd/system/${app_name}.service ]; then" echo " systemctl stop ${app_name}" From 49a4b445f735665ea250cd52bc0e56256d99e570 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:35:21 +0100 Subject: [PATCH 009/133] Don't look for domain if this is not a web app --- src/freedombone-template | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 09a1b8f2..01080c19 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -438,10 +438,10 @@ fi echo '}' echo '' echo "function restore_local_${app_name} {" -echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" -echo ' return' -echo ' fi' if [ $app_webui ]; then + echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" + echo ' return' + echo ' fi' echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" echo " return" @@ -526,13 +526,15 @@ fi echo '}' echo '' echo "function restore_remote_${app_name} {" -echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" -echo ' return' -echo ' fi' -echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" -echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" -echo " return" -echo " fi" +if [ $app_webui ]; then + echo " if ! grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" + echo ' return' + echo ' fi' + echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" + echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" + echo " return" + echo " fi" +fi echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" From 06336167a347e468b51ab86aff2a4f0a3ac2cceb Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:45:31 +0100 Subject: [PATCH 010/133] Suspend and resume for restore functions within template --- src/freedombone-template | 66 ++++++++++++++++++++++++++++++++++------ 1 file changed, 56 insertions(+), 10 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 01080c19..2d15fb82 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -405,11 +405,13 @@ fi echo '}' echo '' echo "function backup_local_${app_name} {" -echo " ${app_name_upper}_DOMAIN_NAME='${app_name}'" -echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" -echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" -echo ' fi' -echo '' +if [ $app_webui ]; then + echo " ${app_name_upper}_DOMAIN_NAME='${app_name}'" + echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" + echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" + echo ' fi' + echo '' +fi if [ ! "$app_dir" ]; then echo " source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else @@ -419,6 +421,10 @@ if [ $app_webui ]; then echo '' echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" fi +if [ $app_daemon ]; then + echo '' + echo " systemctl stop ${app_name}" +fi echo '' echo " dest_directory=${app_name}" echo " backup_directory_to_usb \"\$source_directory\" \$dest_directory" @@ -435,6 +441,9 @@ fi if [ $app_webui ]; then echo ' restart_site' fi +if [ $app_daemon ]; then + echo " systemctl start ${app_name}" +fi echo '}' echo '' echo "function restore_local_${app_name} {" @@ -447,6 +456,13 @@ if [ $app_webui ]; then echo " return" echo " fi" fi +if [ $app_webui ]; then + echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" +fi +if [ $app_daemon ]; then + echo " systemctl stop ${app_name}" + echo '' +fi echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" @@ -490,14 +506,23 @@ else fi echo " rm -rf \$temp_restore_dir" echo ' fi' +if [ $app_daemon ]; then + echo " systemctl start ${app_name}" + echo '' +fi +if [ $app_webui ]; then + echo ' restart_site' +fi echo '}' echo '' echo "function backup_remote_${app_name} {" -echo " ${app_name_upper}_DOMAIN_NAME='${app_name}'" -echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" -echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" -echo ' fi' -echo '' +if [ $app_webui ]; then + echo " ${app_name_upper}_DOMAIN_NAME='${app_name}'" + echo " if grep -q \"${app_name} domain\" \"\$COMPLETION_FILE\"; then" + echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")" + echo ' fi' + echo '' +fi if [ ! "$app_dir" ]; then echo " source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" else @@ -507,6 +532,9 @@ if [ $app_webui ]; then echo '' echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" fi +if [ $app_daemon ]; then + echo " systemctl stop ${app_name}" +fi echo '' echo " dest_directory=${app_name}" echo " backup_directory_to_friend \"\$source_directory\" \$dest_directory" @@ -519,6 +547,10 @@ if [[ "$database_type" == "postgres"* ]]; then echo " backup_database_to_friend ${app_name}" echo '' fi +if [ $app_daemon ]; then + echo '' + echo " systemctl start ${app_name}" +fi if [ $app_webui ]; then echo '' echo ' restart_site' @@ -535,6 +567,13 @@ if [ $app_webui ]; then echo " return" echo " fi" fi +if [ $app_webui ]; then + echo " suspend_site \"\${${app_name_upper}_DOMAIN_NAME}\"" +fi +if [ $app_daemon ]; then + echo " systemctl stop ${app_name}" + echo '' +fi echo " temp_restore_dir=/root/temp${app_name}" if [ ! "$app_dir" ]; then echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs" @@ -578,6 +617,13 @@ else fi echo " rm -rf \$temp_restore_dir" echo ' fi' +if [ $app_daemon ]; then + echo " systemctl start ${app_name}" + echo '' +fi +if [ $app_webui ]; then + echo ' restart_site' +fi echo '}' echo '' echo "function remove_${app_name} {" From 2b95fb89c3dcb253058efeea1f34bed8a0451dd8 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 17:57:09 +0100 Subject: [PATCH 011/133] quotes --- src/freedombone-template | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 2d15fb82..917790ac 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -396,10 +396,10 @@ fi echo '' echo ' # update to the next commit' if [ ! "$app_dir" ]; then - echo " set_repo_commit \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO" + echo " set_repo_commit \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \"\$${app_name_upper}_REPO\"" echo " chown -R www-data:www-data \"/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs\"" else - echo " set_repo_commit \"${app_dir}\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO" + echo " set_repo_commit \"${app_dir}\" \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \"\$${app_name_upper}_REPO\"" echo " chown -R ${app_name}:${app_name} \"${app_dir}\"" fi echo '}' @@ -663,7 +663,7 @@ fi if [[ "$database_type" == "postgres"* ]]; then echo " drop_database_postgresql ${app_name}" fi -echo " remove_onion_service ${app_name} \${${app_name_upper}_ONION_PORT}" +echo " remove_onion_service ${app_name} \"\${${app_name_upper}_ONION_PORT}\"" echo " if grep -q \"${app_name}\" /etc/crontab; then" echo " sed -i \"/${app_name}/d\" /etc/crontab" echo ' fi' @@ -729,9 +729,9 @@ fi echo ' git pull' echo ' else' if [ ! "$app_dir" ]; then - echo " git_clone \$${app_name_upper}_REPO \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" + echo " git_clone \"\$${app_name_upper}_REPO\" \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" else - echo " git_clone \$${app_name_upper}_REPO \"${app_dir}\"" + echo " git_clone \"\$${app_name_upper}_REPO\" \"${app_dir}\"" fi echo ' fi' echo '' @@ -749,7 +749,7 @@ if [ ! "$app_dir" ]; then else echo " cd \"${app_dir}\" || exit 3463754637" fi -echo " git checkout \$${app_name_upper}_COMMIT -b \$${app_name_upper}_COMMIT" +echo " git checkout \"\$${app_name_upper}_COMMIT\" -b \"\$${app_name_upper}_COMMIT\"" echo " set_completion_param \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\"" if [ $app_webui ]; then echo '' @@ -766,7 +766,7 @@ if [ $app_webui ]; then echo " add_ddns_domain \"\$${app_name_upper}_DOMAIN_NAME\"" fi echo '' -echo " ${app_name_upper}_ONION_HOSTNAME=\$(add_onion_service ${app_name} 80 \${${app_name_upper}_ONION_PORT})" +echo " ${app_name_upper}_ONION_HOSTNAME=\$(add_onion_service ${app_name} 80 \"\${${app_name_upper}_ONION_PORT}\")" if [ $app_webui ]; then echo '' From b8d3f08437851a7b01c10c5fcdbb78cff1466219 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 18:00:50 +0100 Subject: [PATCH 012/133] Indentation --- src/freedombone-template | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 917790ac..d783e3e8 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -715,34 +715,34 @@ if [ $app_webui ]; then echo ' fi' fi -echo " if [ -d /repos/${app_name} ]; then" +echo " if [ -d /repos/${app_name} ]; then" if [ $app_webui ]; then - echo " mkdir \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" + echo " mkdir \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" fi if [ ! "$app_dir" ]; then - echo " cp -r -p /repos/${app_name}/. \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" - echo " cd \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" || exit 324687356" + echo " cp -r -p /repos/${app_name}/. \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" + echo " cd \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" || exit 324687356" else - echo " cp -r -p /repos/${app_name}/. \"${app_dir}\"" - echo " cd \"${app_dir}\" || exit 36487365" + echo " cp -r -p /repos/${app_name}/. \"${app_dir}\"" + echo " cd \"${app_dir}\" || exit 36487365" fi -echo ' git pull' -echo ' else' +echo ' git pull' +echo ' else' if [ ! "$app_dir" ]; then - echo " git_clone \"\$${app_name_upper}_REPO\" \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" + echo " git_clone \"\$${app_name_upper}_REPO\" \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" else - echo " git_clone \"\$${app_name_upper}_REPO\" \"${app_dir}\"" + echo " git_clone \"\$${app_name_upper}_REPO\" \"${app_dir}\"" fi -echo ' fi' +echo ' fi' echo '' if [ ! "$app_dir" ]; then - echo " if [ ! -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" ]; then" + echo " if [ ! -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" ]; then" else - echo " if [ ! -d \"${app_dir}\" ]; then" + echo " if [ ! -d \"${app_dir}\" ]; then" fi -echo " echo \$'Unable to clone ${app_name} repo'" -echo ' exit 87525' -echo ' fi' +echo " echo \$'Unable to clone ${app_name} repo'" +echo ' exit 87525' +echo ' fi' echo '' if [ ! "$app_dir" ]; then echo " cd \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" || exit 36587356" From 57ab82d129a94d6bb9d92cf1f87290d3c52a21c6 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 18:02:09 +0100 Subject: [PATCH 013/133] Domain check only needed if app has web ui --- src/freedombone-template | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index d783e3e8..0039ded5 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -703,12 +703,11 @@ if [[ "$app_php" == 'yes' ]]; then echo '' fi -echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" -echo " echo \$'No domain name was given'" -echo ' exit 3568356' -echo ' fi' - if [ $app_webui ]; then + echo " if [ ! \"\$${app_name_upper}_DOMAIN_NAME\" ]; then" + echo " echo \$'No domain name was given'" + echo ' exit 3568356' + echo ' fi' echo '' echo " if [ -d \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\" ]; then" echo " rm -rf \"/var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs\"" From ab63f891bafd61a8a5598fea2f85677a630c04f8 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 8 Apr 2018 18:06:37 +0100 Subject: [PATCH 014/133] Set domain if this is a web app --- src/freedombone-template | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/freedombone-template b/src/freedombone-template index 0039ded5..2974faee 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -943,7 +943,9 @@ if [ $app_webui ]; then fi echo '' echo " \"\${PROJECT_NAME}-pass\" -u \"\$MY_USERNAME\" -a ${app_name} -p \"\$${app_name_upper}_ADMIN_PASSWORD\"" -echo " set_completion_param \"${app_name} domain\" \"\$${app_name_upper}_DOMAIN_NAME\"" +if [ $app_webui ]; then + echo " set_completion_param \"${app_name} domain\" \"\$${app_name_upper}_DOMAIN_NAME\"" +fi if [ "$app_port" ]; then echo '' echo " firewall_add ${app_name} ${app_port} tcp" From b200d557697d2fec1606d74518c47c50164500af Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 13:32:43 +0100 Subject: [PATCH 015/133] dat server app --- src/freedombone-app-datserver | 323 ++++++++++++++++++++++++++++++++++ src/freedombone-app-peertube | 5 +- 2 files changed, 324 insertions(+), 4 deletions(-) create mode 100755 src/freedombone-app-datserver diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver new file mode 100755 index 00000000..442b0728 --- /dev/null +++ b/src/freedombone-app-datserver @@ -0,0 +1,323 @@ +#!/bin/bash +# +# _____ _ _ +# | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___ +# | __| _| -_| -_| . | . | | . | . | | -_| +# |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___| +# +# Freedom in the Cloud +# +# License +# ======= +# +# Copyright (C) 2018 Bob Mottram +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +VARIANTS='full full-vim' + +IN_DEFAULT_INSTALL=0 +SHOW_ON_ABOUT=0 + +DATSERVER_DOMAIN_NAME= +DATSERVER_CODE= +DATSERVER_DAT_VERSION='13.10.0' +DATSERVER_DIRECTORY=/etc/datserver + +datserver_variables=(MY_USERNAME) + +function logging_on_datserver { + echo -n '' +} + +function logging_off_datserver { + echo -n '' +} + +function remove_user_datserver { + remove_username="$1" + + "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp datserver +} + +function add_user_datserver { + new_username="$1" + new_user_password="$2" + + "${PROJECT_NAME}-pass" -u "$new_username" -a datserver -p "$new_user_password" + echo '0' +} + +function install_interactive_datserver { + echo -n '' + APP_INSTALLED=1 +} + +function change_password_datserver { + curr_username="$1" + new_user_password="$2" + + "${PROJECT_NAME}-pass" -u "$curr_username" -a datserver -p "$new_user_password" +} + +function reconfigure_datserver { + # This is used if you need to switch identity. Dump old keys and generate new ones + echo -n '' +} + +function datserver_add_url { + data=$(mktemp 2>/dev/null) + dialog --title $"Add a file to dat using its URL" \ + --backtitle $"Freedombone Control Panel" \ + --inputbox $"File URL" 8 70 2>"$data" + sel=$? + case $sel in + 0) + file_url=$(<"$data") + if [ "$file_url" ]; then + if [ ${#file_url} -gt 5 ]; then + clear + cd $DATSERVER_DIRECTORY || return + wget "$file_url" + chown -R datserver:datserver $DATSERVER_DIRECTORY/* + fi + fi + ;; + esac + rm -f "$data" +} + +function datserver_add_file { + read_config_param MY_USERNAME + + selected_file=$(dialog --title "Choose a file to store within dat" --fselect "/home/$MY_USERNAME/" 30 60) + if [ ! "$selected_file" ]; then + return + fi + if [ ! -f "$selected_file" ]; then + return + fi + if [[ "$selected_file" == "$DATSERVER_DIRECTORY"* ]]; then + return + fi + + clear + echo '' + echo $"Copying $selected_file" + cp "$selected_file" $DATSERVER_DIRECTORY + chown -R datserver:datserver $DATSERVER_DIRECTORY/* +} + +function datserver_show_address { + cd $DATSERVER_DIRECTORY || return + dat_address=$(dat status | grep "dat:") + clear + echo '' + echo "$dat_address" + echo '' + echo -n "$dat_address" | qrencode -t UTF8 + echo '' + echo ' ' + # shellcheck disable=SC2034 + read -n1 -r -p $"Press any key to continue..." key +} + +function configure_interactive_datserver { + W=(1 $"Add a local file" + 2 $"Add a file from its URL") + + while true + do + # shellcheck disable=SC2068 + selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"dat server" --menu $"Choose an operation, or ESC for main menu:" 14 70 3 "${W[@]}" 3>&2 2>&1 1>&3) + + if [ ! "$selection" ]; then + break + fi + case $selection in + 1) datserver_show_address + ;; + 2) datserver_add_file + ;; + 3) datserver_add_url + ;; + esac + done +} + +function upgrade_datserver { + CURR_DATSERVER_DAT_VERSION=$(get_completion_param "datserver version") + if [[ "$CURR_DATSERVER_DAT_VERSION" == "$DATSERVER_DAT_VERSION" ]]; then + return + fi + + if npm update -g dat@$DATSERVER_DAT_VERSION; then + set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + fi + chown -R datserver:datserver "$DATSERVER_DIRECTORY" +} + +function backup_local_datserver { + source_directory=$DATSERVER_DIRECTORY + + systemctl stop datserver + + dest_directory=datserver + backup_directory_to_usb "$source_directory" $dest_directory + + systemctl start datserver +} + +function restore_local_datserver { + systemctl stop datserver + + temp_restore_dir=/root/tempdatserver + datserver_dir=$DATSERVER_DIRECTORY + + restore_directory_from_usb $temp_restore_dir datserver + if [ -d $temp_restore_dir ]; then + if [ -d "$temp_restore_dir$datserver_dir" ]; then + cp -rp "$temp_restore_dir$datserver_dir"/* "$datserver_dir"/ + else + if [ ! -d "$datserver_dir" ]; then + mkdir "$datserver_dir" + fi + cp -rp "$temp_restore_dir"/* "$datserver_dir"/ + fi + chown -R datserver:datserver "$datserver_dir" + rm -rf $temp_restore_dir + fi + systemctl start datserver + +} + +function backup_remote_datserver { + source_directory=$DATSERVER_DIRECTORY + systemctl stop datserver + + dest_directory=datserver + backup_directory_to_friend "$source_directory" $dest_directory + + systemctl start datserver +} + +function restore_remote_datserver { + systemctl stop datserver + + temp_restore_dir=/root/tempdatserver + datserver_dir=$DATSERVER_DIRECTORY + + restore_directory_from_friend $temp_restore_dir datserver + if [ -d $temp_restore_dir ]; then + if [ -d "$temp_restore_dir$datserver_dir" ]; then + cp -rp "$temp_restore_dir$datserver_dir"/* "$datserver_dir"/ + else + if [ ! -d "$datserver_dir" ]; then + mkdir "$datserver_dir" + fi + cp -rp $temp_restore_dir/* "$datserver_dir"/ + fi + chown -R datserver:datserver "$datserver_dir" + rm -rf $temp_restore_dir + fi + systemctl start datserver + +} + +function remove_datserver { + if [ -f /etc/systemd/system/datserver.service ]; then + systemctl stop datserver + systemctl disable datserver + rm /etc/systemd/system/datserver.service + fi + userdel -r datserver + npm uninstall -g dat + + remove_nodejs datserver + + remove_onion_service datserver "${DATSERVER_ONION_PORT}" + if grep -q "datserver" /etc/crontab; then + sed -i "/datserver/d" /etc/crontab + fi + if [ -d $DATSERVER_DIRECTORY ]; then + rm -rf $DATSERVER_DIRECTORY + fi + remove_app datserver + remove_completion_param install_datserver + sed -i '/datserver/d' "$COMPLETION_FILE" +} + +function install_datserver { + apt-get -yq install wget + + install_nodejs datserver + if ! npm install -g dat@$DATSERVER_DAT_VERSION; then + exit 2468736 + fi + if [ ! -f /root/.npm-global/bin/dat ]; then + echo $'dat was not installed' + exit 156835 + fi + + set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + + useradd -d "$DATSERVER_DIRECTORY" -s /bin/false datserver + if [ ! -d $DATSERVER_DIRECTORY ]; then + echo $'dat directory was not created' + exit 9568356 + fi + + cd $DATSERVER_DIRECTORY || exit 3578635 + echo -e "\\n\\n" | dat create + if [ ! -d $DATSERVER_DIRECTORY/.dat ]; then + echo $'dat was not created' + exit 753563 + fi + dat_address=$(dat status | grep "dat:") + if [ ! "$dat_address" ]; then + echo $'dat address could not be found' + exit 235479763 + fi + if [ ${#dat_address} -lt 10 ]; then + echo $'dat address is too short' + exit 4789264359 + fi + echo "$dat_address created" + + { echo '[Unit]'; + echo 'Description=datserver'; + echo 'After=syslog.target'; + echo 'After=network.target'; + echo ''; + echo '[Service]'; + echo 'Type=simple'; + echo 'User=datserver'; + echo 'Group=datserver'; + echo "WorkingDirectory=$DATSERVER_DIRECTORY"; + echo "ExecStart=/root/.npm-global/bin/dat share $DATSERVER_DIRECTORY"; + echo 'Environment=NODE_ENV=production'; + echo 'Environment=USER=datserver'; + echo 'Restart=always'; + echo 'StandardError=syslog'; + echo ''; + echo '[Install]'; + echo 'WantedBy=multi-user.target'; } >> "/etc/systemd/system/datserver.service" + systemctl enable datserver + chown -R datserver:datserver "$DATSERVER_DIRECTORY" + systemctl start datserver + + APP_INSTALLED=1 +} + +# NOTE: deliberately there is no "exit 0" diff --git a/src/freedombone-app-peertube b/src/freedombone-app-peertube index 96ec463f..f98bb178 100755 --- a/src/freedombone-app-peertube +++ b/src/freedombone-app-peertube @@ -269,10 +269,7 @@ function peertube_import_from_file { nodecmd='torsocks node' fi - data2=$(mktemp 2>/dev/null) - dialog --title "Choose the video file (select with spacebar)" --fselect "/home/$MY_USERNAME/" 30 60 2> "$data2" - selected_file=$(cat "$data2") - rm -f "$data2" + selected_file=$(dialog --title "Choose the video file (select with spacebar)" --fselect "/home/$MY_USERNAME/" 30 60) if [ ! "$selected_file" ]; then return fi From dace6d3f484c3352551b9d19183c8a6a326d82f3 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 13:38:26 +0100 Subject: [PATCH 016/133] create datserver directory --- src/freedombone-app-datserver | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 442b0728..3b760870 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -272,6 +272,10 @@ function install_datserver { set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + if [ -d $DATSERVER_DIRECTORY ]; then + rm -rf $DATSERVER_DIRECTORY + fi + mkdir $DATSERVER_DIRECTORY useradd -d "$DATSERVER_DIRECTORY" -s /bin/false datserver if [ ! -d $DATSERVER_DIRECTORY ]; then echo $'dat directory was not created' From 8ef9be1a6ea118451868ba8375758cfa58c78dfb Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 13:58:30 +0100 Subject: [PATCH 017/133] Add hypercored --- src/freedombone-app-datserver | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 3b760870..5b57a583 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -33,6 +33,7 @@ SHOW_ON_ABOUT=0 DATSERVER_DOMAIN_NAME= DATSERVER_CODE= DATSERVER_DAT_VERSION='13.10.0' +DATSERVER_HYPERCORED_VERSION='1.4.1' DATSERVER_DIRECTORY=/etc/datserver datserver_variables=(MY_USERNAME) @@ -158,14 +159,22 @@ function configure_interactive_datserver { function upgrade_datserver { CURR_DATSERVER_DAT_VERSION=$(get_completion_param "datserver version") - if [[ "$CURR_DATSERVER_DAT_VERSION" == "$DATSERVER_DAT_VERSION" ]]; then - return + if [[ "$CURR_DATSERVER_DAT_VERSION" != "$DATSERVER_DAT_VERSION" ]]; then + + if npm update -g dat@$DATSERVER_DAT_VERSION; then + set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + fi + chown -R datserver:datserver "$DATSERVER_DIRECTORY" fi - if npm update -g dat@$DATSERVER_DAT_VERSION; then - set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + CURR_DATSERVER_HYPERCORED_VERSION=$(get_completion_param "datserver hypercored version") + if [[ "$CURR_DATSERVER_HYPERCORED_VERSION" != "$DATSERVER_HYPERCORED_VERSION" ]]; then + + if npm update -g hypercored@$DATSERVER_HYPERCORED_VERSION; then + set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" + fi + chown -R datserver:datserver "$DATSERVER_DIRECTORY" fi - chown -R datserver:datserver "$DATSERVER_DIRECTORY" } function backup_local_datserver { @@ -243,6 +252,7 @@ function remove_datserver { fi userdel -r datserver npm uninstall -g dat + npm uninstall -g hypercored remove_nodejs datserver @@ -270,7 +280,13 @@ function install_datserver { exit 156835 fi + if ! npm install -g hypercored@$DATSERVER_HYPERCORED_VERSION; then + echo $'hypercored was not installed' + exit 4635439 + fi + set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" if [ -d $DATSERVER_DIRECTORY ]; then rm -rf $DATSERVER_DIRECTORY From 12f591091d97ca6bcadd670dce2c78122d702d16 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 14:30:27 +0100 Subject: [PATCH 018/133] Updating to use hypercored --- src/freedombone-app-datserver | 111 +++++++++++----------------------- 1 file changed, 34 insertions(+), 77 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 5b57a583..396baccc 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -77,21 +77,22 @@ function reconfigure_datserver { echo -n '' } -function datserver_add_url { +function datserver_add_dat { data=$(mktemp 2>/dev/null) - dialog --title $"Add a file to dat using its URL" \ + dialog --title $"Add a dat" \ --backtitle $"Freedombone Control Panel" \ - --inputbox $"File URL" 8 70 2>"$data" + --inputbox $"dat link:" 8 70 2>"$data" sel=$? case $sel in 0) - file_url=$(<"$data") - if [ "$file_url" ]; then - if [ ${#file_url} -gt 5 ]; then - clear - cd $DATSERVER_DIRECTORY || return - wget "$file_url" - chown -R datserver:datserver $DATSERVER_DIRECTORY/* + dat_link=$(<"$data") + if [ "$dat_link" ]; then + if [ ${#dat_link} -gt 5 ]; then + if ! grep -q "$dat_link" $DATSERVER_DIRECTORY/feeds; then + echo "$dat_link" >> $DATSERVER_DIRECTORY/feeds + chown -R datserver:datserver $DATSERVER_DIRECTORY/feeds + systemctl restart datserver + fi fi fi ;; @@ -99,44 +100,9 @@ function datserver_add_url { rm -f "$data" } -function datserver_add_file { - read_config_param MY_USERNAME - - selected_file=$(dialog --title "Choose a file to store within dat" --fselect "/home/$MY_USERNAME/" 30 60) - if [ ! "$selected_file" ]; then - return - fi - if [ ! -f "$selected_file" ]; then - return - fi - if [[ "$selected_file" == "$DATSERVER_DIRECTORY"* ]]; then - return - fi - - clear - echo '' - echo $"Copying $selected_file" - cp "$selected_file" $DATSERVER_DIRECTORY - chown -R datserver:datserver $DATSERVER_DIRECTORY/* -} - -function datserver_show_address { - cd $DATSERVER_DIRECTORY || return - dat_address=$(dat status | grep "dat:") - clear - echo '' - echo "$dat_address" - echo '' - echo -n "$dat_address" | qrencode -t UTF8 - echo '' - echo ' ' - # shellcheck disable=SC2034 - read -n1 -r -p $"Press any key to continue..." key -} - function configure_interactive_datserver { - W=(1 $"Add a local file" - 2 $"Add a file from its URL") + W=(1 $"Add a dat" + 2 $"Browse or edit feeds") while true do @@ -147,11 +113,11 @@ function configure_interactive_datserver { break fi case $selection in - 1) datserver_show_address + 1) datserver_add_dat ;; - 2) datserver_add_file - ;; - 3) datserver_add_url + 2) editor $DATSERVER_DIRECTORY/feeds + chown -R datserver:datserver $DATSERVER_DIRECTORY/feeds + systemctl restart datserver ;; esac done @@ -272,6 +238,16 @@ function install_datserver { apt-get -yq install wget install_nodejs datserver + + if ! npm install -g lil-pids; then + echo $'unable to install lil-pids' + exit 8456721 + fi + if [ ! -f /root/.npm-global/bin/lil-pids ]; then + echo $'lil-pids was not installed' + exit 5628747 + fi + if ! npm install -g dat@$DATSERVER_DAT_VERSION; then exit 2468736 fi @@ -298,43 +274,24 @@ function install_datserver { exit 9568356 fi - cd $DATSERVER_DIRECTORY || exit 3578635 - echo -e "\\n\\n" | dat create - if [ ! -d $DATSERVER_DIRECTORY/.dat ]; then - echo $'dat was not created' - exit 753563 - fi - dat_address=$(dat status | grep "dat:") - if [ ! "$dat_address" ]; then - echo $'dat address could not be found' - exit 235479763 - fi - if [ ${#dat_address} -lt 10 ]; then - echo $'dat address is too short' - exit 4789264359 - fi - echo "$dat_address created" + echo "/root/.npm-global/bin/hypercored --cwd $DATSERVER_DIRECTORY" > $DATSERVER_DIRECTORY/services + chown -R datserver:datserver "$DATSERVER_DIRECTORY" { echo '[Unit]'; - echo 'Description=datserver'; - echo 'After=syslog.target'; - echo 'After=network.target'; + echo 'After=syslog.target network.target remote-fs.target nss-lookup.target'; echo ''; echo '[Service]'; - echo 'Type=simple'; echo 'User=datserver'; echo 'Group=datserver'; - echo "WorkingDirectory=$DATSERVER_DIRECTORY"; - echo "ExecStart=/root/.npm-global/bin/dat share $DATSERVER_DIRECTORY"; - echo 'Environment=NODE_ENV=production'; - echo 'Environment=USER=datserver'; + echo "ExecStart=/root/.npm-global/bin/lil-pids $DATSERVER_DIRECTORY/services $DATSERVER_DIRECTORY/pids"; echo 'Restart=always'; + echo "WorkingDirectory=$DATSERVER_DIRECTORY"; echo 'StandardError=syslog'; echo ''; echo '[Install]'; - echo 'WantedBy=multi-user.target'; } >> "/etc/systemd/system/datserver.service" + echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/datserver.service + systemctl enable datserver - chown -R datserver:datserver "$DATSERVER_DIRECTORY" systemctl start datserver APP_INSTALLED=1 From aca9aed871f1f7d7405aa60cdc50dede73a59c06 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 14:33:50 +0100 Subject: [PATCH 019/133] Set lil-pids version --- src/freedombone-app-datserver | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 396baccc..2b735a1b 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -239,7 +239,7 @@ function install_datserver { install_nodejs datserver - if ! npm install -g lil-pids; then + if ! npm install -g lil-pids@2.6.1; then echo $'unable to install lil-pids' exit 8456721 fi From 842d72b0ad11d159b5217e2f12dad42f10d09209 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 14:34:36 +0100 Subject: [PATCH 020/133] Also remove lil-pids --- src/freedombone-app-datserver | 1 + 1 file changed, 1 insertion(+) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 2b735a1b..8fb55a4d 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -219,6 +219,7 @@ function remove_datserver { userdel -r datserver npm uninstall -g dat npm uninstall -g hypercored + npm uninstall -g lil-pids remove_nodejs datserver From 8b8d3b5b960addc128142cc7fc7ac6567f592554 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 14:40:54 +0100 Subject: [PATCH 021/133] Creation of user account for datserver --- src/freedombone-app-datserver | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 8fb55a4d..8e0002c6 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -269,7 +269,7 @@ function install_datserver { rm -rf $DATSERVER_DIRECTORY fi mkdir $DATSERVER_DIRECTORY - useradd -d "$DATSERVER_DIRECTORY" -s /bin/false datserver + useradd -c "datserver system account" -d "$DATSERVER_DIRECTORY" -m -r -g datserver datserver if [ ! -d $DATSERVER_DIRECTORY ]; then echo $'dat directory was not created' exit 9568356 From c998564b7043984825447326cf4a5b97b546e5e6 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 16:31:35 +0100 Subject: [PATCH 022/133] Local install of datserver --- src/freedombone-app-datserver | 67 +++++++++++------------------------ 1 file changed, 21 insertions(+), 46 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 8e0002c6..ed177492 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -124,22 +124,14 @@ function configure_interactive_datserver { } function upgrade_datserver { - CURR_DATSERVER_DAT_VERSION=$(get_completion_param "datserver version") - if [[ "$CURR_DATSERVER_DAT_VERSION" != "$DATSERVER_DAT_VERSION" ]]; then - - if npm update -g dat@$DATSERVER_DAT_VERSION; then - set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" - fi - chown -R datserver:datserver "$DATSERVER_DIRECTORY" - fi - CURR_DATSERVER_HYPERCORED_VERSION=$(get_completion_param "datserver hypercored version") if [[ "$CURR_DATSERVER_HYPERCORED_VERSION" != "$DATSERVER_HYPERCORED_VERSION" ]]; then - - if npm update -g hypercored@$DATSERVER_HYPERCORED_VERSION; then + cd $DATSERVER_DIRECTORY || exit 254274 + if npm update hypercored@$DATSERVER_HYPERCORED_VERSION; then set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" fi chown -R datserver:datserver "$DATSERVER_DIRECTORY" + systemctl restart datserver fi } @@ -217,19 +209,13 @@ function remove_datserver { rm /etc/systemd/system/datserver.service fi userdel -r datserver - npm uninstall -g dat - npm uninstall -g hypercored - npm uninstall -g lil-pids remove_nodejs datserver - remove_onion_service datserver "${DATSERVER_ONION_PORT}" - if grep -q "datserver" /etc/crontab; then - sed -i "/datserver/d" /etc/crontab - fi if [ -d $DATSERVER_DIRECTORY ]; then rm -rf $DATSERVER_DIRECTORY fi + remove_app datserver remove_completion_param install_datserver sed -i '/datserver/d' "$COMPLETION_FILE" @@ -240,42 +226,31 @@ function install_datserver { install_nodejs datserver - if ! npm install -g lil-pids@2.6.1; then - echo $'unable to install lil-pids' - exit 8456721 - fi - if [ ! -f /root/.npm-global/bin/lil-pids ]; then - echo $'lil-pids was not installed' - exit 5628747 - fi - - if ! npm install -g dat@$DATSERVER_DAT_VERSION; then - exit 2468736 - fi - if [ ! -f /root/.npm-global/bin/dat ]; then - echo $'dat was not installed' - exit 156835 - fi - - if ! npm install -g hypercored@$DATSERVER_HYPERCORED_VERSION; then - echo $'hypercored was not installed' - exit 4635439 - fi - - set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" - set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" - if [ -d $DATSERVER_DIRECTORY ]; then rm -rf $DATSERVER_DIRECTORY fi mkdir $DATSERVER_DIRECTORY - useradd -c "datserver system account" -d "$DATSERVER_DIRECTORY" -m -r -g datserver datserver + cd $DATSERVER_DIRECTORY || exit 3658356 + + if ! npm install hypercored@$DATSERVER_HYPERCORED_VERSION; then + echo $'hypercored was not installed' + exit 4635439 + fi + + { echo '#!/bin/bash'; + echo 'cd /etc/datserver'; + echo './node_modules/.bin/hypercored'; } > /usr/bin/run_datserver + chmod +x /usr/bin/run_datserver + + set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" + set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" + + adduser --system --home="$DATSERVER_DIRECTORY" --group datserver if [ ! -d $DATSERVER_DIRECTORY ]; then echo $'dat directory was not created' exit 9568356 fi - echo "/root/.npm-global/bin/hypercored --cwd $DATSERVER_DIRECTORY" > $DATSERVER_DIRECTORY/services chown -R datserver:datserver "$DATSERVER_DIRECTORY" { echo '[Unit]'; @@ -284,7 +259,7 @@ function install_datserver { echo '[Service]'; echo 'User=datserver'; echo 'Group=datserver'; - echo "ExecStart=/root/.npm-global/bin/lil-pids $DATSERVER_DIRECTORY/services $DATSERVER_DIRECTORY/pids"; + echo "ExecStart=/usr/bin/run_datserver"; echo 'Restart=always'; echo "WorkingDirectory=$DATSERVER_DIRECTORY"; echo 'StandardError=syslog'; From ec6fb3a313200b406448f50f371ce84cc54772c3 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 16:56:20 +0100 Subject: [PATCH 023/133] Remove script --- src/freedombone-app-datserver | 1 + 1 file changed, 1 insertion(+) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index ed177492..31155aff 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -219,6 +219,7 @@ function remove_datserver { remove_app datserver remove_completion_param install_datserver sed -i '/datserver/d' "$COMPLETION_FILE" + rm /usr/bin/run_datserver } function install_datserver { From c749cd49b76307486176a6d5d8793c1833639994 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 16:57:24 +0100 Subject: [PATCH 024/133] tidying --- src/freedombone-app-datserver | 1 - 1 file changed, 1 deletion(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 31155aff..7ca1abea 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -32,7 +32,6 @@ SHOW_ON_ABOUT=0 DATSERVER_DOMAIN_NAME= DATSERVER_CODE= -DATSERVER_DAT_VERSION='13.10.0' DATSERVER_HYPERCORED_VERSION='1.4.1' DATSERVER_DIRECTORY=/etc/datserver From ff088f16d2ab6a729db979c32a179c69283cccba Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 17:03:05 +0100 Subject: [PATCH 025/133] Password calls not needed --- src/freedombone-app-datserver | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 7ca1abea..de815b5e 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -46,31 +46,23 @@ function logging_off_datserver { } function remove_user_datserver { - remove_username="$1" - - "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp datserver + echo -n '' } function add_user_datserver { - new_username="$1" - new_user_password="$2" - - "${PROJECT_NAME}-pass" -u "$new_username" -a datserver -p "$new_user_password" + echo -n '' echo '0' } +function change_password_datserver { + echo -n '' +} + function install_interactive_datserver { echo -n '' APP_INSTALLED=1 } -function change_password_datserver { - curr_username="$1" - new_user_password="$2" - - "${PROJECT_NAME}-pass" -u "$curr_username" -a datserver -p "$new_user_password" -} - function reconfigure_datserver { # This is used if you need to switch identity. Dump old keys and generate new ones echo -n '' From 13c7f604e949f7d4b45ffc96502a9d55e1d119f2 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 17:06:50 +0100 Subject: [PATCH 026/133] New menu style --- src/freedombone-template | 28 ++++++++++------------------ 1 file changed, 10 insertions(+), 18 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 2974faee..732b3c70 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -354,31 +354,23 @@ echo " echo -n ''" echo '}' echo '' echo "function configure_interactive_${app_name} {" +echo ' W=(1 $"Option 1"' +echo ' 2 $"Option 2")' +echo '' echo ' while true' echo ' do' -echo " data=\$(mktemp 2>/dev/null)" -echo " dialog --backtitle \$\"Freedombone Control Panel\" \\" -echo " --title \$\"${app_name}\" \\" -echo " --radiolist \$\"Choose an operation:\" 16 70 3 \\" -echo " 1 \$\"Option 1\" off \\" -echo " 2 \$\"Option 2\" off \\" -echo " 3 \$\"Exit\" on 2> \"\$data\"" -echo ' sel=$?' -echo " case \$sel in" -echo " 1) rm -f \"\$data\"" -echo ' return;;' -echo " 255) rm -f \"\$data\"" -echo ' return;;' -echo ' esac' -echo " case \$(cat \"\$data\") in" +echo ' # shellcheck disable=SC2068' +echo " selection=\$(dialog --backtitle \$\"Freedombone Administrator Control Panel\" --title \$\"${app_name}\" --menu \$\"Choose an operation, or ESC for main menu:\" 14 70 3 \"\${W[@]}\" 3>&2 2>&1 1>&3)" +echo '' +echo " if [ ! \"\$selection\" ]; then" +echo ' break' +echo ' fi' +echo " case \$selection in" echo ' 1) # call some function for option 1' echo ' ;;' echo ' 2) # call some function for option 2' echo ' ;;' -echo " 3) rm -f \"\$data\"" -echo ' break;;' echo ' esac' -echo " rm -f \"\$data\"" echo ' done' echo '}' echo '' From b9746c41c122562b5b443fd7d28388519b79e2c3 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 17:23:14 +0100 Subject: [PATCH 027/133] Edit from dat directory --- src/freedombone-app-datserver | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index de815b5e..6a851d66 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -106,7 +106,8 @@ function configure_interactive_datserver { case $selection in 1) datserver_add_dat ;; - 2) editor $DATSERVER_DIRECTORY/feeds + 2) cd $DATSERVER_DIRECTORY || break + editor feeds chown -R datserver:datserver $DATSERVER_DIRECTORY/feeds systemctl restart datserver ;; From e103ca5333340dcca0ed43bd948d929cb2ee8e83 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 17:28:15 +0100 Subject: [PATCH 028/133] Reduce dialog height --- src/freedombone-app-datserver | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 6a851d66..8eb8c69c 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -98,7 +98,7 @@ function configure_interactive_datserver { while true do # shellcheck disable=SC2068 - selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"dat server" --menu $"Choose an operation, or ESC for main menu:" 14 70 3 "${W[@]}" 3>&2 2>&1 1>&3) + selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"dat server" --menu $"Choose an operation, or ESC for main menu:" 10 70 3 "${W[@]}" 3>&2 2>&1 1>&3) if [ ! "$selection" ]; then break From a928d89c3e49d0c10ccab40590a441325615e1f1 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 18:03:35 +0100 Subject: [PATCH 029/133] Try with lil-pids --- src/freedombone-app-datserver | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 8eb8c69c..61e430b4 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -211,7 +211,6 @@ function remove_datserver { remove_app datserver remove_completion_param install_datserver sed -i '/datserver/d' "$COMPLETION_FILE" - rm /usr/bin/run_datserver } function install_datserver { @@ -230,12 +229,13 @@ function install_datserver { exit 4635439 fi - { echo '#!/bin/bash'; - echo 'cd /etc/datserver'; - echo './node_modules/.bin/hypercored'; } > /usr/bin/run_datserver - chmod +x /usr/bin/run_datserver + if ! npm install lil-pids; then + echo $'lil-pids was not installed' + exit 36483463 + fi + + echo "$DATSERVER_DIRECTORY/node_modules/.bin/hypercored --cwd $DATSERVER_DIRECTORY" > $DATSERVER_DIRECTORY/services - set_completion_param "datserver version" "$DATSERVER_DAT_VERSION" set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" adduser --system --home="$DATSERVER_DIRECTORY" --group datserver @@ -252,7 +252,7 @@ function install_datserver { echo '[Service]'; echo 'User=datserver'; echo 'Group=datserver'; - echo "ExecStart=/usr/bin/run_datserver"; + echo "ExecStart=$DATSERVER_DIRECTORY/node_modules/.bin/lil-pids $DATSERVER_DIRECTORY/services $DATSERVER_DIRECTORY/pids"; echo 'Restart=always'; echo "WorkingDirectory=$DATSERVER_DIRECTORY"; echo 'StandardError=syslog'; From 75a55936fa9bba218c2ddaf3a9e12cd45c7926fe Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 20:13:00 +0100 Subject: [PATCH 030/133] Firewall for dat --- src/freedombone-app-datserver | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 61e430b4..a2b8e99f 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -34,6 +34,7 @@ DATSERVER_DOMAIN_NAME= DATSERVER_CODE= DATSERVER_HYPERCORED_VERSION='1.4.1' DATSERVER_DIRECTORY=/etc/datserver +DATSERVER_PORT=3282 datserver_variables=(MY_USERNAME) @@ -211,6 +212,7 @@ function remove_datserver { remove_app datserver remove_completion_param install_datserver sed -i '/datserver/d' "$COMPLETION_FILE" + firewall_remove $DATSERVER_PORT } function install_datserver { @@ -246,6 +248,8 @@ function install_datserver { chown -R datserver:datserver "$DATSERVER_DIRECTORY" + firewall_add datserver $DATSERVER_PORT + { echo '[Unit]'; echo 'After=syslog.target network.target remote-fs.target nss-lookup.target'; echo ''; From 5866656ae29050b7f48ca19420111e12f6e8adcd Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 23:14:34 +0100 Subject: [PATCH 031/133] Comments --- src/freedombone-app-datserver | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index a2b8e99f..a3ba042e 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -7,6 +7,9 @@ # # Freedom in the Cloud # +# The main issue here is bootstrapping. What is running +# on the bootstrap server publicbits.org port 6881 ? +# # License # ======= # @@ -231,7 +234,7 @@ function install_datserver { exit 4635439 fi - if ! npm install lil-pids; then + if ! npm install lil-pids@2.6.1; then echo $'lil-pids was not installed' exit 36483463 fi @@ -246,6 +249,9 @@ function install_datserver { exit 9568356 fi + # bootstrap servers are here: + # $DATSERVER_DIRECTORY/node_modules/datland-swarm-defaults/index.js + chown -R datserver:datserver "$DATSERVER_DIRECTORY" firewall_add datserver $DATSERVER_PORT From 55886e37e3c4a039a163c0f23bc4c769d7a06f6e Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Mon, 9 Apr 2018 23:39:53 +0100 Subject: [PATCH 032/133] Comments --- src/freedombone-app-datserver | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index a3ba042e..94696146 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -10,6 +10,10 @@ # The main issue here is bootstrapping. What is running # on the bootstrap server publicbits.org port 6881 ? # +# Also it appears that users trying to clone have to +# register an account on datbase.org or another datbase +# server +# # License # ======= # From 0dcf17b3750d8fb0876da75098308af9ff9ac470 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 10 Apr 2018 10:10:56 +0100 Subject: [PATCH 033/133] Possibility for alternative dat bootstrap servers --- src/freedombone-app-datserver | 71 +++++++++++++++++++++++++++++++++-- 1 file changed, 68 insertions(+), 3 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 94696146..8ba11c97 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -43,7 +43,71 @@ DATSERVER_HYPERCORED_VERSION='1.4.1' DATSERVER_DIRECTORY=/etc/datserver DATSERVER_PORT=3282 -datserver_variables=(MY_USERNAME) +# bootstrap servers are specified here +DATSERVER_BOOTSTRAP_FILE=$DATSERVER_DIRECTORY/node_modules/datland-swarm-defaults/index.js + +DATSERVER_DISCOVERY1= +DATSERVER_DISCOVERY2= +DATSERVER_BOOTSTRAP1= +DATSERVER_BOOTSTRAP2= +DATSERVER_BOOTSTRAP3= +DATSERVER_BOOTSTRAP4= + +datserver_variables=(MY_USERNAME + DATSERVER_DISCOVERY1 + DATSERVER_DISCOVERY2 + DATSERVER_BOOTSTRAP1 + DATSERVER_BOOTSTRAP2 + DATSERVER_BOOTSTRAP3 + DATSERVER_BOOTSTRAP4) + +function datserver_add_discovery_domain { + server_domain="$1" + + if [ ! "$server_domain" ]; then + return + fi + + if [ ${#server_domain} -lt 4 ]; then + return + fi + + if grep -q "$server_domain" $DATSERVER_BOOTSTRAP_FILE; then + return + fi + + sed -i "/var DEFAULT_DISCOVERY/a '$server_domain'," $DATSERVER_BOOTSTRAP_FILE + sed -i "s|'$server_domain',| '$server_domain',|g" $DATSERVER_BOOTSTRAP_FILE +} + +function datserver_add_bootstrap { + boostrap_server="$1" + + if [ ! "$boostrap_server" ]; then + return + fi + + if [ ${#boostrap_server} -lt 4 ]; then + return + fi + + if grep -q "$boostrap_server" $DATSERVER_BOOTSTRAP_FILE; then + return + fi + + sed -i "/var DEFAULT_BOOTSTRAP/a '$boostrap_server'," $DATSERVER_BOOTSTRAP_FILE + sed -i "s|'$boostrap_server',| '$boostrap_server',|g" $DATSERVER_BOOTSTRAP_FILE +} + +function datserver_generate_bootstraps { + datserver_add_discovery_domain "$DATSERVER_DISCOVERY1" + datserver_add_discovery_domain "$DATSERVER_DISCOVERY2" + + datserver_add_bootstrap "$DATSERVER_BOOTSTRAP1" + datserver_add_bootstrap "$DATSERVER_BOOTSTRAP2" + datserver_add_bootstrap "$DATSERVER_BOOTSTRAP3" + datserver_add_bootstrap "$DATSERVER_BOOTSTRAP4" +} function logging_on_datserver { echo -n '' @@ -127,9 +191,11 @@ function upgrade_datserver { CURR_DATSERVER_HYPERCORED_VERSION=$(get_completion_param "datserver hypercored version") if [[ "$CURR_DATSERVER_HYPERCORED_VERSION" != "$DATSERVER_HYPERCORED_VERSION" ]]; then cd $DATSERVER_DIRECTORY || exit 254274 + systemctl stop datserver if npm update hypercored@$DATSERVER_HYPERCORED_VERSION; then set_completion_param "datserver hypercored version" "$DATSERVER_HYPERCORED_VERSION" fi + datserver_generate_bootstraps chown -R datserver:datserver "$DATSERVER_DIRECTORY" systemctl restart datserver fi @@ -253,8 +319,7 @@ function install_datserver { exit 9568356 fi - # bootstrap servers are here: - # $DATSERVER_DIRECTORY/node_modules/datland-swarm-defaults/index.js + datserver_generate_bootstraps chown -R datserver:datserver "$DATSERVER_DIRECTORY" From 33ae6d44449939b9a269a61afecd24b8cfd662f9 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 10 Apr 2018 10:24:59 +0100 Subject: [PATCH 034/133] Since the bootstrap file is small, just generate it directly --- src/freedombone-app-datserver | 79 +++++++++++++---------------------- 1 file changed, 28 insertions(+), 51 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 8ba11c97..643b06ff 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -46,12 +46,12 @@ DATSERVER_PORT=3282 # bootstrap servers are specified here DATSERVER_BOOTSTRAP_FILE=$DATSERVER_DIRECTORY/node_modules/datland-swarm-defaults/index.js -DATSERVER_DISCOVERY1= -DATSERVER_DISCOVERY2= -DATSERVER_BOOTSTRAP1= -DATSERVER_BOOTSTRAP2= -DATSERVER_BOOTSTRAP3= -DATSERVER_BOOTSTRAP4= +DATSERVER_DISCOVERY1='discovery1.publicbits.org' +DATSERVER_DISCOVERY2='discovery2.publicbits.org' +DATSERVER_BOOTSTRAP1='bootstrap1.publicbits.org:6881' +DATSERVER_BOOTSTRAP2='bootstrap2.publicbits.org:6881' +DATSERVER_BOOTSTRAP3='bootstrap3.publicbits.org:6881' +DATSERVER_BOOTSTRAP4='bootstrap4.publicbits.org:6881' datserver_variables=(MY_USERNAME DATSERVER_DISCOVERY1 @@ -61,52 +61,29 @@ datserver_variables=(MY_USERNAME DATSERVER_BOOTSTRAP3 DATSERVER_BOOTSTRAP4) -function datserver_add_discovery_domain { - server_domain="$1" - - if [ ! "$server_domain" ]; then - return - fi - - if [ ${#server_domain} -lt 4 ]; then - return - fi - - if grep -q "$server_domain" $DATSERVER_BOOTSTRAP_FILE; then - return - fi - - sed -i "/var DEFAULT_DISCOVERY/a '$server_domain'," $DATSERVER_BOOTSTRAP_FILE - sed -i "s|'$server_domain',| '$server_domain',|g" $DATSERVER_BOOTSTRAP_FILE -} - -function datserver_add_bootstrap { - boostrap_server="$1" - - if [ ! "$boostrap_server" ]; then - return - fi - - if [ ${#boostrap_server} -lt 4 ]; then - return - fi - - if grep -q "$boostrap_server" $DATSERVER_BOOTSTRAP_FILE; then - return - fi - - sed -i "/var DEFAULT_BOOTSTRAP/a '$boostrap_server'," $DATSERVER_BOOTSTRAP_FILE - sed -i "s|'$boostrap_server',| '$boostrap_server',|g" $DATSERVER_BOOTSTRAP_FILE -} - function datserver_generate_bootstraps { - datserver_add_discovery_domain "$DATSERVER_DISCOVERY1" - datserver_add_discovery_domain "$DATSERVER_DISCOVERY2" - - datserver_add_bootstrap "$DATSERVER_BOOTSTRAP1" - datserver_add_bootstrap "$DATSERVER_BOOTSTRAP2" - datserver_add_bootstrap "$DATSERVER_BOOTSTRAP3" - datserver_add_bootstrap "$DATSERVER_BOOTSTRAP4" + { echo "var extend = require('xtend')"; + echo ''; + echo "var DAT_DOMAIN = 'dat.local'"; + echo 'var DEFAULT_DISCOVERY = ['; + echo " '$DATSERVER_DISCOVERY1',"; + echo " '$DATSERVER_DISCOVERY2'"; + echo ']'; + echo 'var DEFAULT_BOOTSTRAP = ['; + echo " '$DATSERVER_BOOTSTRAP1',"; + echo " '$DATSERVER_BOOTSTRAP2',"; + echo " '$DATSERVER_BOOTSTRAP3',"; + echo " '$DATSERVER_BOOTSTRAP4'"; + echo ']'; + echo ''; + echo 'var DEFAULT_OPTS = {'; + echo ' dns: {server: DEFAULT_DISCOVERY, domain: DAT_DOMAIN},'; + echo ' dht: {bootstrap: DEFAULT_BOOTSTRAP}'; + echo '}'; + echo ''; + echo 'module.exports = function (opts) {'; + echo ' return extend(DEFAULT_OPTS, opts) // opts takes priority'; + echo '}'; } > $DATSERVER_BOOTSTRAP_FILE } function logging_on_datserver { From d1f1328a12c45e859289c2e09f00e3e9d95d0ff4 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 10 Apr 2018 10:37:50 +0100 Subject: [PATCH 035/133] Configure dat bootstrap servers --- src/freedombone-app-datserver | 56 +++++++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 643b06ff..2dc928e4 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -84,6 +84,55 @@ function datserver_generate_bootstraps { echo 'module.exports = function (opts) {'; echo ' return extend(DEFAULT_OPTS, opts) // opts takes priority'; echo '}'; } > $DATSERVER_BOOTSTRAP_FILE + + chown datserver:datserver $DATSERVER_BOOTSTRAP_FILE +} + +function datserver_configure_bootstraps { + read_config_param DATSERVER_DISCOVERY1 + read_config_param DATSERVER_DISCOVERY2 + + read_config_param DATSERVER_BOOTSTRAP1 + read_config_param DATSERVER_BOOTSTRAP2 + read_config_param DATSERVER_BOOTSTRAP3 + read_config_param DATSERVER_BOOTSTRAP4 + + data=$(mktemp 2>/dev/null) + dialog --backtitle $"Freedombone Control Panel" \ + --title $"dat bootstrap servers" \ + --form $"Specify discovery and bootstrap servers:\\n" 14 68 6 \ + $"Discovery 1:" 1 1 "$DATSERVER_DISCOVERY1" 1 35 26 25 \ + $"Discovery 2:" 2 1 "$DATSERVER_DISCOVERY2" 2 35 26 25 \ + $"Bootstrap 1:" 3 1 "$DATSERVER_BOOTSTRAP1" 3 35 26 25 \ + $"Bootstrap 2:" 4 1 $"$DATSERVER_BOOTSTRAP2" 4 35 4 25 \ + $"Bootstrap 3:" 5 1 $"$DATSERVER_BOOTSTRAP3" 5 35 4 25 \ + $"Bootstrap 4:" 6 1 $"$DATSERVER_BOOTSTRAP4" 6 35 4 25 \ + 2> "$data" + sel=$? + case $sel in + 1) rm -f "$data" + return;; + 255) rm -f "$data" + return;; + esac + DATSERVER_DISCOVERY1=$(sed -n 1p < "$data") + DATSERVER_DISCOVERY2=$(sed -n 2p < "$data") + DATSERVER_BOOTSTRAP1=$(sed -n 3p < "$data") + DATSERVER_BOOTSTRAP2=$(sed -n 4p < "$data") + DATSERVER_BOOTSTRAP3=$(sed -n 4p < "$data") + DATSERVER_BOOTSTRAP4=$(sed -n 4p < "$data") + rm "$data" + + write_config_param DATSERVER_DISCOVERY1 + write_config_param DATSERVER_DISCOVERY2 + + write_config_param DATSERVER_BOOTSTRAP1 + write_config_param DATSERVER_BOOTSTRAP2 + write_config_param DATSERVER_BOOTSTRAP3 + write_config_param DATSERVER_BOOTSTRAP4 + + datserver_generate_bootstraps + systemctl restart datserver } function logging_on_datserver { @@ -142,12 +191,13 @@ function datserver_add_dat { function configure_interactive_datserver { W=(1 $"Add a dat" - 2 $"Browse or edit feeds") + 2 $"Browse or edit feeds" + 3 $"Bootstrap servers") while true do # shellcheck disable=SC2068 - selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"dat server" --menu $"Choose an operation, or ESC for main menu:" 10 70 3 "${W[@]}" 3>&2 2>&1 1>&3) + selection=$(dialog --backtitle $"Freedombone Administrator Control Panel" --title $"dat server" --menu $"Choose an operation, or ESC for main menu:" 11 70 4 "${W[@]}" 3>&2 2>&1 1>&3) if [ ! "$selection" ]; then break @@ -160,6 +210,8 @@ function configure_interactive_datserver { chown -R datserver:datserver $DATSERVER_DIRECTORY/feeds systemctl restart datserver ;; + 3) datserver_configure_bootstraps + ;; esac done } From 0d3a3c5b88b3e2c75c741aae76c7e752b2b38936 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 10 Apr 2018 11:01:49 +0100 Subject: [PATCH 036/133] Dialog dimensions --- src/freedombone-app-datserver | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 2dc928e4..670eaca1 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -101,12 +101,12 @@ function datserver_configure_bootstraps { dialog --backtitle $"Freedombone Control Panel" \ --title $"dat bootstrap servers" \ --form $"Specify discovery and bootstrap servers:\\n" 14 68 6 \ - $"Discovery 1:" 1 1 "$DATSERVER_DISCOVERY1" 1 35 26 25 \ - $"Discovery 2:" 2 1 "$DATSERVER_DISCOVERY2" 2 35 26 25 \ - $"Bootstrap 1:" 3 1 "$DATSERVER_BOOTSTRAP1" 3 35 26 25 \ - $"Bootstrap 2:" 4 1 $"$DATSERVER_BOOTSTRAP2" 4 35 4 25 \ - $"Bootstrap 3:" 5 1 $"$DATSERVER_BOOTSTRAP3" 5 35 4 25 \ - $"Bootstrap 4:" 6 1 $"$DATSERVER_BOOTSTRAP4" 6 35 4 25 \ + $"Discovery 1:" 1 1 "$DATSERVER_DISCOVERY1" 1 20 26 99 \ + $"Discovery 2:" 2 1 "$DATSERVER_DISCOVERY2" 2 20 26 99 \ + $"Bootstrap 1:" 3 1 "$DATSERVER_BOOTSTRAP1" 3 20 26 99 \ + $"Bootstrap 2:" 4 1 $"$DATSERVER_BOOTSTRAP2" 4 20 26 99 \ + $"Bootstrap 3:" 5 1 $"$DATSERVER_BOOTSTRAP3" 5 20 26 99 \ + $"Bootstrap 4:" 6 1 $"$DATSERVER_BOOTSTRAP4" 6 20 26 99 \ 2> "$data" sel=$? case $sel in From dd9cef862e566508e13ad71d0835971c88e32982 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 10 Apr 2018 11:03:17 +0100 Subject: [PATCH 037/133] Dialog dimensions --- src/freedombone-app-datserver | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/freedombone-app-datserver b/src/freedombone-app-datserver index 670eaca1..11d4cb9b 100755 --- a/src/freedombone-app-datserver +++ b/src/freedombone-app-datserver @@ -101,12 +101,12 @@ function datserver_configure_bootstraps { dialog --backtitle $"Freedombone Control Panel" \ --title $"dat bootstrap servers" \ --form $"Specify discovery and bootstrap servers:\\n" 14 68 6 \ - $"Discovery 1:" 1 1 "$DATSERVER_DISCOVERY1" 1 20 26 99 \ - $"Discovery 2:" 2 1 "$DATSERVER_DISCOVERY2" 2 20 26 99 \ - $"Bootstrap 1:" 3 1 "$DATSERVER_BOOTSTRAP1" 3 20 26 99 \ - $"Bootstrap 2:" 4 1 $"$DATSERVER_BOOTSTRAP2" 4 20 26 99 \ - $"Bootstrap 3:" 5 1 $"$DATSERVER_BOOTSTRAP3" 5 20 26 99 \ - $"Bootstrap 4:" 6 1 $"$DATSERVER_BOOTSTRAP4" 6 20 26 99 \ + $"Discovery 1:" 1 1 "$DATSERVER_DISCOVERY1" 1 15 50 99 \ + $"Discovery 2:" 2 1 "$DATSERVER_DISCOVERY2" 2 15 50 99 \ + $"Bootstrap 1:" 3 1 "$DATSERVER_BOOTSTRAP1" 3 15 50 99 \ + $"Bootstrap 2:" 4 1 $"$DATSERVER_BOOTSTRAP2" 4 15 50 99 \ + $"Bootstrap 3:" 5 1 $"$DATSERVER_BOOTSTRAP3" 5 15 50 99 \ + $"Bootstrap 4:" 6 1 $"$DATSERVER_BOOTSTRAP4" 6 15 50 99 \ 2> "$data" sel=$? case $sel in From 3b66645653a481fb3d21441cc0fd74988a31741b Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 13:56:24 +0100 Subject: [PATCH 038/133] Adding user within template --- src/freedombone-template | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/freedombone-template b/src/freedombone-template index 732b3c70..bf09f156 100755 --- a/src/freedombone-template +++ b/src/freedombone-template @@ -873,9 +873,9 @@ fi if [ $app_daemon ]; then echo '' if [[ ! "$app_dir" ]]; then - echo " useradd -d \"TODO_PATH_TO_INSTALL\" -s /bin/false ${app_name}" + echo " adduser --system --home=\"TODO_PATH_TO_INSTALL\" --group ${app_name}" else - echo " useradd -d \"${app_dir}\" -s /bin/false ${app_name}" + echo " adduser --system --home=\"${app_dir}\" --group ${app_name}" fi echo '' echo " { echo '[Unit]';" From d65ba2b9cd3728f4a14071b93b9fd1128538fbad Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 19:46:58 +0100 Subject: [PATCH 039/133] Test new logo --- img/logo.png | Bin 13154 -> 2683 bytes img/logo_prev.png | Bin 0 -> 13154 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 img/logo_prev.png diff --git a/img/logo.png b/img/logo.png index add0f352b819dd72ad3ef2ef9c5340f5778dd77c..3611698ca83e636068354304ea9ac4f5b78dd835 100644 GIT binary patch literal 2683 zcmV->3WW8EP)SIPq8qW|+ z{P`6C_vt@Q*z3Nby*{SBNUkqsW&T14p)UytAzWJ?m}Pu6O1(bF_DXC;dyzDka+VAp2qA7JpGg_JCilqTJClsgvL}RiZ$6*@Lemds;9ON1 z+PeVa68?N8!+-uQgm{d@LVkkd?#i6>av_@5O@)Q zDS!yT?>XZeMuq_3D*&(6owNmk_a%VW0el1C8vUnvdl?3~OniTuyrjJdfb8GwlC|+y zm+V~MO6|!oc+FBfuUl@9G;1%=UZg145kd$d40b)`gytrM5C%I2JwgZ}40a51WWda* zf>!lReG>*d20g-{M+jlCBZLq_1{&;`(J>>l;Xm}FcKRvxOc?AK^hk?Aj?nIe!Hy8; z8Bqmz{QnVRPU8O@C zawvrOV*~P3T|P3E=aKS_%I#PTbgKaNbL1IY&NQD1A>J_1&r_V0x9XZ%!K72S*PmLn zSCK!P_S3fX?3&$8<*71`RpD3&@mmxBaW2>efwu=>OTAsw{H(vmz^a8}*ouSFSNR@H;k zM*3eDY_dvlmjv>)Pj^Es$qyaZ<3b zKBK0iqZS96IvL$dd#Qj2oLxik6M%I9FTyZduPTJ^PhZ+S45N|uxsiSh`bArMcFpcb zVHiz(e`+GnwH78%&yql2RCm(JWlU|bs+HN9bhe_U&IXoJ)c7q{RVK5YnpkXDKIB@F zJnE&VX4pF&$+M9m6NC`yNta1xr}H@gU)$FS(rX$1v)SUxKw3Y0LWr%Dy(S%Z-%&}s zZ)y{VQ;TwB+C2=TiD^I8`o+CO&sy1`i3@h`N}e!`ba{4@ajXM*u4d>bv+g8sJ!n6W zCq{_@Yy;TuvN*1kaWYWG0Cu{TM;o~J)!Y4=ZTSFp)qW{Z`iXG1+#fkuT)ED9y|B?% z7)CyTUA3?B|H;4|Cwi_^U(eDxowK_m@`P#}3muW?O8|et*>AyO=)umFPW`ibd)*PS zl0oKeN94I~OFvS^+ZN;*JLX2L&saS8*|7V}F+ICx_dlfeU6WgPlEIFU9;^ru!v0YY z2D|Q^gM%o83nA>M40hHT(?8jnYWNNPhy9fF&`!KSg%HAiN|xSEmuRd05(M5uT>PQ> ziInk;8cuuSh&+TD0~r9mKTY4OdII1{7)DmdjgOI?c!;xG2K4Qr`rDx8 zA%wV37)CpJ<3<=pRmP3nXY+Cyv&R`;&hlVqONN%^u{MJZ0&mySy>_;;V5j6+R(yZD z7lzT6h5osQoG0j%lxNq{y??HaU$yj;vs`I?9AjqJ9lu$YpzAV0;DrFT)t>SUU=pYT zO9Ws`?Oh1GA%JbQCmq1duKmF-dHJJ*0gn(u80=aM2>O%l7uBviSui8~qRodqr>;ai z$;;%_L!bqK|1~Vne{u23NL{Wx{hYKYkIoY*5TYc!MO2N7)DtSW1l%6>{9jYfQ#$Ert89a_3WCE`8I$L48D51jS9Yo^0=m- zn<;s$WxcKi76v*aYF{<&N}$u^q20>`x;p@hE>hX_{i*(b)ThjD3m0pa6;&qB%0`|5 z`15=||3w9u?;9M@lY#ulMVSkL+ev+&h6mFRGBT;Oj`HgLwI$EO%q|E#F7ujE`@#vH z7xm+4c7Dqsvs>4zEogNN-3xX>;O$8nZzZ#OZJDn&MU`u7$b3i2_*Pk&o02Cdz!WVB zUT)LQ2J+kl>8cM}Syl}K@2-^b4mH}F%;~PW^xx%xXYH!Ym5w`E1Rx1?D@mo|3$5wqtJ{hJRyI&v53G+TX1{DT5`Vsw+i57Nl;(jJY zdlP1Mgb)T@!bt&xT|3Uf43Q8H;)KDDor#^BdLc{ahxEsO=x4-W$HAOIhLG~OT0icD z`e9~A7~}|HeT&a1yXHv#jT~a_0ct-%PE%?fzl<`J`L35NUZBvC=#%D!87#~U* zZyM<5Gn}tLQFc%>{o&eFo`W2DY}#a&VfQlfj4azS%MUYyLVgtJ55Yj z6TKgXVN_Ng8@A82drF>6yDNFFE$E|V+Ie$9zdg*UA7`o`n~4hm9ED*tG5IHm?ZRqkGlx(-^R#u*-S!8!x_NpUKReK%uq#alE+_l{gmdNf+@XUC8 zp3mnmHvmbI(>Z`|lgv;1TkS2?-q%^jvc0KeJypkgTK2q5+NmMW<0kZ6;k+Ixc^*-o zOnDwVX0OWfENeTodprHh@qU^cQ?dr)RREs?SZyl!q>lBV#bbR^_gI$Ox!=aQmyqXQ zlxJA>TGn=G_d(k$Gp2~FpPYmcqOD@1eLR+H?ex(Wl!yLIyVG86>PN7EHX($NWrsJF p6G8}Kup@*JLKy4_A%qae`4uT=rqncWY777X002ovPDHLkV1hIJ4P*cS literal 13154 zcmV-oGo8$dP)EX>4Tx07!|QmUmQB*%pV-y*Is3k`RiN&}(Q?0!R(L zNRcioF$oY#z>okUHbhi#L{X8Z2r?+(fTKf^u_B6v0a3B*1Q|rsac~qHmPur-8Q;8l z@6DUvANPK1pS{oBXYYO1x&V;;g9XA&SP6g(p;#2*=f#MPi)Ua50Sxc}18e}`aI>>Q z7WhU2nF4&+jBJ?`_!qsp4j}paD$_rV!2tiCl(|_VF#u4QjOX(B*<2YH$v8b%oF%tU z$(Xh@P0lb%&LUZYGFFpw@+@0?_L*f5IrB1vJQ>S#&f;b8cV}o=_hCs$|GJ-ARc>v%@$zSl&FIdda6Uz_9 z&dgda5+tXH875p)hK-XGi{a1DP3Mcn%rFi&jU(bQ*qIqw9N}^RX3zXt6nSkKvLZX! zI5{{lZ7prSDAa#l{F{>Zc9vd*f9@GXANa%eSALld0I;TIwb}ZIZD|z%UF!i*yZwjF zU@riQvc7c=eQ_STd|pz-;w)z?tK8gNO97v2DKF^n`kxMeLtlK)Qoh~qM8wF>;&Ay4=AVc79|!(*9u^V&B)*6*lto0#rc5AAmbF{R6Nm+wLWV&2 zpPKj&!~Ue%xt59A_z}>SSOTRX8bE#?04OREAPIY9E70$K3&uwS`OS;bnV6mX&w~Da zSGY|6$QC4jj$=neGPn{^&g`1}S^_j607XCp>OdRl0~5dmw!jg%01w~;0zoK<1aV+7 z;DQv80Yo4d6o9p$7?gsoU?->sb)XS6gEnv&bb({wG&lz?fy-b7+yPQB4xWH1@CwX8 z5QK%u5EW8~bRa{>9I}O2kQ?L!1w#=~9FzzpLqbRb6+r8tQm7oNhU%ea=v(M0bQ-z< z4MVq}QD_qS6?z9FFbSr?TCfpp1+!pJI0%k}7s1K!GB_VDg15kxa07f0?u1Xnm*5dt z3O|9T5r7a8I--j(5f;KmLXmhR2@xTykP@TC$XgT!MMW`COq2`C z9~Fh-qL!gnp*EwcQ3p_+s6NzH)F^5S^$|@*Yog83&gcMiEIJvTi!Mf2pqtPg=(Fe% z^f>wz27{qvj4_TFe@q-E6|(}f8M7PHjyZ)H#*AU6u~@7+)*S1K4aIV>Vr((C3VRTH z5_<(Zj(vk8;&gDfIA2^mPKYbSRp451CvaDA6Sx_?65bH+j1R^0@XPUK_(psWeh5E~ zpCKp{j0vuUNJ1)MEuoUoMmS5jOL##f67`5q#Bid3xQ19sJVZQC93{RbQAlPaHYtH5 zA#EY;C!HeQBE2A!$wp)kay(f~-a>9BpCR8TzfqtnSSkc4@Dx@n)F^Z+Tv2$Yh*vaJ z^i*7|n6Fr&ctmkX@u?DC$w-N<#8FzMRHJlM>4ws@GF90|IaE1Ad9!kh@&)Bb6fDJv z;zQw4iYWUiXDDM-gsM+vQ@PZ2)JE!A>NpKUGo}U5QfZ~MZ)k(GDHV!}ol3Myo=T0% zaTO^Yp&QWy=;`z_`eFKY`a4xERZmsE>L%4T)hnv6)#j*qsPWZG)Y{cX)ZVEx)P2;` z)VHa3so&E;X_#q*YvgL|(KxH|bPjEf%N*{Uk~xRx+}4CO%`_u4S7`3j9MGKB($@0R z%F?RRI-~Veo38DlovOV<`-JwS4pqlZN1(Gq=cLYKh6=-zkLZ@rEqJ6vJJH{f4iNjE!Q9 zHW+moJu+4^4lvF)ZZ*DZLN;+XS!U8;a?KQD$}&we-EDf=3^ubjOEIf48#0H@9n1yh zyUm9!&=yV>LW>5A8%z?@lbOS8WsX|XErTr!ExRnASs7TxTWz!IxB6&pZ=G)4Xnn_q zViRanXwzf!tF4(W*S5y?+FbHn-?^*jcF%ooXKu&0+hcdro@yUrzrnuO{)2;~gUF%H zVbamSG10Ns@dk^=3S(_%op(Yzc{#0iI_C7&*}+-teAxLH7p6;^ON+~+dB*ej^BU)k zx$3!cTZVb0Xx4mvscU^amdxQG}4}A}wN0Y~dr>SSE=RwbBUe;bBuMV%*Y-jdL z_9<_~+t0hid(emC6XjFwbKh6bH`%w{0a^jvfaZXyK*zw9 zfqg-wpantIK@Wn>fV8I z2F~=-fTgudr?_nHF76Ya2X6;&lJCkd=T9WLCY2{WN_I`&o;;c2o>GzWRKONg3!bO? zr`DyuP76)jpY|y|CcQlamywupR7eq~3Hvg&GxIWsv&^%Kv!u(Mm+f3OB?=NXWkcDE zvb)7J+0WE~#6+@QGMeL-QhTd=lZ zbfxFY`c=@XrK@^Z>#r_aJ-)_o&4IOqwP|aAD6}ptFMPQ!W?fH_R?(WGvGsoITZV0)e z^+=6ZO?$0o?WWq-yLr2>?D5#sR;N{0TK8_RVDHU(zxvJwqlSuon0-0>9yUfd_J7U# zy17ZCskG_Ce&K%UfrtZr&5q5@Et)N5t#GTPb@E`s!OP!xf79K@Y^!glx0fCQha`s{ zf1CL2^}|7jdylY=w0&pzU2O-oqofn+T;4g=mC_~cj_V#i8hEs~$EBy^d&}?lAJaWn zb6n+k*$Kjlq7$D^=AWECm38Xr>EzR6y-RxUoQXYituMT9@NCf8^XGieo$2@NKY8Bu z{ILtp7mi+JUF^E#aH(^^exTzA`yV<69R@px9EZ9uJ6-M>o;Q5riu;w*SG}*EyB2Wm z(#ZUg;pqt>?FMZqM9Va~FNLGD$lbNT*KP&%S`^@Co zcfWZ2GB6c8HU3=m{L`|I+Sd?{wJo{Z|>UW?q-PQGavbE$eOnyO?(qGr8}v z?<+r;e(3oa^zrVej8C6_1NVgU`*8t=>i_@%AY({UO#lFTCIA3{ga82g0001h=l}q9 zFaQARU;qF*m;eA5aGbhPJOBUy24YJ`L;(K){{a7>y{D4^000SaNLh0L03N~s03N~t zZqRi;00007bV*G`2i^)A3llCNnA;fu03ZNKL_t(|+U{>?)fS zreed&Q9_FNMIgkuK)VnE7$VRkD_g?sYIfe!-6wyX-#7Q0v-ffC?b|(%y{D>cx_kPb zd(OG%e2?GvGS*t`mS&7G`msH> zm&O?GNdOOf+g**Mu;o1fAF&~gINGG#+Z3HT>lX=gCCeM zGXQ{RskKBht~7&l-Rf4iy44y&08>a|E`~2yYd6UZTJED=iviFSBlCW>BNQPXc^X93gnX}QEJf!(?)>uZSG0e>yINtaTXP)k!Wc73UL zb=j=9$Ji|ob{o}8RJXeAq5~_QKSI!zcTmL0U-8f1vI$UnHUJKg0US5R%mJ8%vjyx0 zW&msLGUp*pTuwJ-EylrWldkbRu-XX>b(?gnpO4o^Y@B6K1qMvo1hNIH4NMB8LAL!?x*07lc6&Yi;K}6Qt+Llna*oL6e zLkzv3vRP~GG6Tfg0G7!JmS{rg?`9|{qs>`sFZl;m0^%kFUo;Z(Dn)SlmrluJJ-`BA?S7Ni)ilh+9 zd-a{TiZ%f(Py>k6d%H(pJ`}Ldv@9@8?ChW#6+h zNA_uQ*4E_A+W?sLzHgDKfqS^a_dRcIJ6ZjD-z{+7b18Ff`s3tWP2T=VI-4AWJfn`9 zLsN}Ev;Q$;Ua|P|CCU%1jE%|xDbA}S% zFhr$SYJ1}U)BZ>4wWTC;c&Rkn05;@z$^)vYH3>Cts~FipU_EQ?qIXZ5BP19l{kAFj zb}*Sh!P5Z#5WrWIbiO4GhiG0(@|U@5?WhOfMgU(yx@+?ZxO`VLT8dAL)ll~VrSuB{ z=b^`EYdbmjM18kN=t{O@a9`V|ZrDFQN7 zk;6X-;C(zmJ+8o2WvMGEBz#B-QHsEqQ z89tj073gPGbahinr6yr+^VlBukw>I|70&28qy#*|WMf78yw`?;dSp%`@A-wU^(@yR zWdEK6aHnFV!c?Jb9z#DL7oXW$VE@OtcVwJFjtdF!*Gj_Ax&St1KZFEVYQdsT+fp}p zn^R&6j51iA*k{b33!rC=IZMfFlXSkrLuZ*ryD8sk2k`3vK2GAapW6W` zrlW~Thyhb&X@v({XkrQviV~dn1APA`N}3@=drnE}rvdy5`&#GWJ^5YW-6^=1XfR4Hx^TCS7uYjWOz!7WhgCT)t)If#+ zUI%BGe>P7G;ZS>U4j^R$*6Oq-S8x*}rlglnGYIbIml#UVAU4Fdxh@iD*X0_`12`qW zO)xsjH7)*LKA+lSYjR2%KzDlVeb8u{WLQoxyq>A}{yhc584qeL)88!jhsk+05gX5g zo|(K)GlFLrn#W$JNf|mlI5gzduHc@2pHYSLDYR}?pQlWtG6`LaTET~F{uoPf0KOmD zF%>7^qOtE3%$}Q9B5F*Elk?f+{tFmhbdX3cfJr6ym~H zrJA+2Y@Vm2^=MR~Ir)9(jj`fqlY76ul4NcDD)iElXloy7OC2R)ikoJyKp$Q9qg{8k z)Y~kv-`WW-qD>`1b|)cC`I42okGKP$8e^Re&tA`Sjcs|K3u_>r`)#hKFsb#bP(q*T zI3}qD?Pd)@N>FZ05g+~z0DlDFR!Y{l0eCZ|tUC$G+`-@M_NMJC8+%+UI!Ddu+bD&1 zNC8Ef_&`7(53!$nt+n&&`;jsXi+9zC#5Gic`w%7bEsrq5-H{l+tCpk^B(<}&H?`r6 z`w^T0zDzsLHCSce5>>txDbD$psr?;gMJi9tKw08>(2#Dc9)|>F?!=t-QZt7SAD%yd z{`@0Ty5F5}2G9t=Hz-Ly&ClP$!@kDvBLKe);4pv}*C^IRS|7kY06xa&0^bE!{|#Vz z=K#Ed45jZu7UIRyNcc`{6}iw04W=Cc>r!oxQuF}R$v@R0w9^N06u?(8rYD{-MIC8u zjOklzFO`k|;5wNKAfrCdqzDJPhDi|gSTOFQ$TRE|gwlectdLlpoq~+Uxp!V`yz5=> znieyd=fi#i&R+2f0FP5zJPhD(!g+>V@b62K$4I-5s@z6eYiKk5LO0+rUEug5 z24M~P`I#v_zcpgpn{dHy;GP{0P7bsnp-Op321?apkiJ*)m_c&@Vc z#!7+PZU&A?Uh4^CxmdRUT2lb9u&^*`O!^Xl+W}k$=ejrt;01`&N3{9fA;f6|4iU4y z3C@kO%zfV{UNZbUM}pHM(S3A^xcp(x`Fg$=19YF`5w8=Gc4s->D!hBd-sg?%Yp`2Qr@OGx;iPr}iq1pW=e zBn?V5mna!;1)%ZoI$ve*>C+@CJ>FxH(tc0Yo5}G;P|4aP$W5?$`5ti=)3eC8Grf$M zzIXy@EnuWR54o`=t87c8Pyk;F)aHHLE*%7{wf8gGVJPJ*K~ht!Jp)t|O-Ifh41yXro(uFJaLm98mFvP|S%%02*v^)-24F$%U3 zXPFeYMlm|}0elv5or2KTru2A;1nS?aNa5EgRrdc@INx`Z_}_rIgy;Y+uH$I{e+ifR z;Lkblrpo9k?raheWXUN18wppD_G@r~T+1ZzlErn2*mskW&O(q|#+Ww85;5X=Q=+vc zXiswFgzhO~wORXXL`E>=`-o80Dw)Z-92lYt;O)Fe5#sm9)J)EDjAta(yDE$n0=L`( z;Jt8}epdlJ1>g%6?4uR-IWD}hQ%(+L;Ip-=ar&I=%eaI0GMK{beqstoCjgQB5v8SD z0UU#i7@ehN@T+7BeZiF{roU0Elg}9~m z_$uO>*;e<-3k(Z|ov!8UMc8E-ebqWQ6ClCVxmM{eI*DthJtlsa1u2?+0U2R3wG2*E z%I{EGejb2-#0mX43H&O6_i!_6sq6sZ2}z@|%>UgA;M)T3{SGlUszhD7a0vjsHpGBg zusu!U^cRGNzDOzUi=5vVWR8@AqZFyes`r~HR@LscgrEfS8Bp5p5u!Uwcy0+U;Ahns zbH?*NnUU~JJNOvaw&6PLW&p1+_$?MGCF+t@DER*U&#Qu zLFw&Txa_IVqam(C{1qfF?;*S+#dyTl@EE08$>$OUJ~$z`GoJd~;70fvRG-RuWUYOY zjHZD&7tqa|LnJ=zc|Oq|fsV2Wu-86D?09I5=@TwGz>WN4)Li^_A0eR@8R)8FMzYCu z9-#qT3g)cV3}Iv`71;FQI+StwaR9$i;yDeH(ub!IjYt{8a$oBold4z`cKo4`x6D{3w7vlYOm_ zAsq>v#~TaG`5047F9Y}=WDFZ{u8H?324slS4?~y&jlv%Z#BL)c3BQ#LQH-t+ASKxw z4Z52`9K`6R2(;BT0J3a4#+ZXNTyK^Gu#?{3s~wjY$ePvCl#n)hzDAsBArWw=P;e-7YZ!};j%RFhh?VsxGX z@b>}y7gXcLQKa2Y2}^7tXDjOW1c1*YuugD^2+qP1kFMaR3h?NHFp+|CBBkkFCNZlT zzo`}D^2Bn!T>$XA6-{#v&UPZTh@*gtc(N9=goWOY{5D9YoCL&#SEy; z8Dx7^CAGIx6VJM?hdA|bGjNSOIl%EPzG~~Yh5?m}wmhIpU zUQ@R4(0lne>poAC*=WOYV+whWF7Bet06PUAZSKYSG$=h>jeKv4X|xZMP@Yr7$-}eIr{GG}_7K}N?k+H& z8+ngq_IF#tZw?}^sV#9YTgK&-YJgR=gC#5V0p*hUg|yBD&roB(*b^F*exKszT8DF+ z+ewbQD3To2`z1;`O#uINibIh|UMY}MW$W^w`rbAES`29nU!UN5-w)?`BL`;a{a=jR z0|gy*va}kxG>_qt7U{JWw@7hAKAy98i!g=vE11YA*GsL9Mc$aVc|8dfme3wonu0L= ztYEo!!r}RMk%^3W?tU$BE-&G8YLKC?A>B~^7J5~!ODRrSzl8Fnlh8hk_C2Y9y0rJZCrBgUrJ2p?TdhV^Gt9L_8m(E+$x$5pn=ikEmq(x@oo z!33q7b9D8!ghYh!H+7v|63ect@4J%m42SA>A1LkAv=`_2&nCze_9Aq&m@)r$)pWAVE9hAvHiUK5>xms$(>clT zNOw^&=*`1nvM;0x{J*9&o+Bj2Z64OoRMf9T5-(;zCflU*F%HyK*j|IT1DCqvh_&`X zbziB@)fc~ejzwUV%j^jm>9CuWJ~#DzlB7_nGwr3>4mF^kfOAWIAHs0>IRHnkwP#hl zOPg~WD($8LXYAirt68m4+Os%{I1P56OkpmEu-^ukdi;5aqpdgKQfg;GnadR376Ck$ z0@LFZ>XH~_M=@TbHH0*xUB(8Wg@`ml7Q!s{l2JL7`RVI-b^2?#yf=d^ENlv`k2trD zW(Ee%04p%XE2cD_JK$VhXNhS>752SutzAr#8hrI#atOh>7?x=tC!uMQIkW-%R{-y$ z#M_kuGm^4e5vc;1?;>gyhdL zh#e+Y$j}DfJR}FzNHI#AF!!V;Zmca{|DK%j{3w9$;j`U@^B6k8wf;{T*DZ5z%AD5W zBI6GM`0ccFE_M(F0S>D^G~B*dgfY1Y)7wj0QbQFP(LpN5rlAoi^=FBm9Kr-fBAIdH zHsFlA(@F_2;K5s^_Vh+%dvo~hBw>xyB*YIX#)lk&sv~#@H1_^ITwX^Zug$P(nbba5 zVUXK8nbJCdHGxqG6E)%N36`Jx*4j0uqcCEWRN6*TyC-jc3KBaZOo4w#9Pfpkxe2ow z!lkdcCSX0D1@J8A7U|$XGTx?Ib6t1`-n`S=3Syhwt0}E#wO@e?);tPV%i$_Gr;1PV z|MMx@!6sZ%#zivir#ZF*0RDEydd+x(;M9p?%@pSZf`=JT%(do9fC`AH?5$wV{kPLUQEd9c;I!C$6n$ndQ{nUa8CyTN#FSX8n{@I zp9py-D!0FQuXMe>CHPFzOLVb4@m*?=4Yt=GNDG2{50aConWUt5*d8brvc5)*wWn%b zoGP&w+uqvf`I&@gl2=#yD4+Xt1MYt_HJdqg1`YT5_hNf}2dNr(Goe)=u4^IVdM;c_ z_q<@wNbko<1wSD$SPK)ZT|CY`#vKpQg|zdzYXj4KhOod*{o)D2( zQMgneN%xLO6x)2JJ&(ak)U)&{MOZ?aT+<^e3n-BBH09M)?@uBu8oQ&JoLb9nNdcwh zMe@qu`GntQ_4O>D)3=hS{~zQ>8vio)%B+q~S4>XUqffzLR;_{f=*AWl4>f$L9*NiK3jSJ7_f#=VxFECYI!479(xwRTl9loB$E z$WBEK|7{dYNcTdj;gTY`NP8oIH}k&t0QkEBYPMA08WR4p3IZF_ZeYZ_h4XGCyfh)* zqzz$6$gByM@GlLMet=_+wEw(RmQZec7P0M1J3JXNG4aL(9F-md2y^! z;yZ$D|LAi(ye$>fHLI|Eozi+;JXWMQjA902kTg8Il2-Xn8XZR&2kj35JR}UBghM3o z*K;ifD3RrrjAev4PGA+uDIB)u$lrIAp*&LS5Rs70D#rBLyu&3-fCO=%VhPqzJkecJ zdpF8u!4)EWD}dkOemfR$_WqQNLH5Ch7})s?jk1-9U2WhQx@TE=Z=f`lw7G5bWSdY> zTA9|F1ToLJzB8?f?KP&*P#bPY;{76i|K^fh{stP@Rsehyacsk=;KS5q906Ce_M3qQ zVX3hIN>Ky2tfN;2-u_lK-n-e?LYAb-BI#nJZLRF{po}UNsJv;=rA+FfAL1Sgvb`o*TWr;%W=N&|eWR^oIjGx4; z&Dsnh?xKD5+=j~NE5uBm^#-*xO^9D!LSrb?Mtn)U%0>W#64z4ExSBByvBM-c-IVW^ z)$>@Sy(#Z(&F-dPw5(|SvP>cCx+z5e`>lyR)QmFjF3>o21TK+WnGB52r6k|Ys*n|! z@iJ0|&zl2n8*PoQaqT)sBr_p_dn{FI03cf@GOu`Co=(^-X& zAHj69z4kqPyW`m-LdGse^b;sn#9rGBbQQQLZ7*^CucNKyWpLSQC%r~D({|A3eES^p zx8&HoZm02B+=5$q)#MV+NTlX1HlZKNIvYuuUZ;hbk9qysz%iT|XAILcvhP+Kf>n&+ z6AIp0D8XD_#p|D?`fGfNKTXm}(+(ts1>zzkAq;My-ftClp|){XKpz`$N&g0L0Y5fJ z&0GTTA!|CHt?TBaseNw##F1=^9!}qP`p9KJYK##$KTjRq)VJ5f#->n{14cng|;J zzLo=TJS>4xUKvfOA}`M%rC1Exjg+>QdC(5Rc`ZE^0Iz%O1 z7y2Y<18N0Jo((~=e~LX}FzEv%k<6lYOT{@Ibt~`@ROBtM>yoMU;S$eHsvWV`eq9Bv zb;tmZk^!denGeFb5lbdt$Xqm&3lN_4v$+P&4*0)QelEuMCADsHU%MNKVMYY}*mjB{ zP|>8KgUdu_Pct=nLlNGA!Zjs?e+9(?q6~@uBJuCS%)na+EyWxJ@WVOM?Zb$JmPQ#^ z-Vfy5`fYG-rw0f@2yxD9AFhxY2$8;pwv#zjU;p|c1z8LwmyoJw&=q3i;pLMIY??zH zv^e0HHW4Q$+hA^`Rzf-rZG_!GY_Pp!f=uBFkWRQYpAQ9Fx=s-t-9Pi2GS$I7WPS&+sMni+`)aF`wXi zyq;s#B}hj(dq!X)>+Snd0q-C2`WgVZncjO@UQ&;6T*E1N7dgyOX%zGKt_OoZIa&06z)mee`9N_bPe=oK5G;y!S_Vej4<|5?ex6ZvUU- z{uCxWlb|i+O4Gu;nY6E)bI*%#9&L>Y5r9J!lE$dBoai*jIetV4mMUJ;qV4B~Xd z(`btd&S}6E1(NZ9HLwpc44;Ja_A&|vYEgq)7ej0oqt>ah`I{B~JvZh&PpdHwl!n+$ z+6&(Mp&!4JBzUN2{R|vde;&>b^CVopAq^wU2QY}2!+Cmr%3AvrnO9TSS&+}jcSN|G z^Iqfnj`SKL|K(-?00?SHL_t&pmR8-$FQwv6MsTq+N$nt<(Y58D$FeDv%cNK?K|luu z$FW`o(VpbIiu7I8vkAGUuL0-;cYq6Kc>=(L0dxFWN{#1Ldf~AaQbpJf;N1JZmUGD$ zb*f^8v-*c?NP>G`j!M6QI5}Ju804KI!N3(mIjJP=Ckb&}LY&~u5*O}LTR1{(dPIga?u<#StUz&DcV{}P;= z>dOKAG=Lu`^Y|K>#j{F-&N6xmd^HFVB1YbIW#&Bc_Uu}oM9pM{&9s`ob-Qw#QHMmL zWoIZoeUcLL2*A4lyd|K&TLAn&IK$SkETKv8GMc4|o>d^{05yoAlJJLKKiVs0mdwug zHkv2Fc!mc|0*9_foQbkXdllj|%MHF?B7?bx2ly7adJ7-4*4|Fl{~&)iQVj76aK%;L zpCftyBH}s&Qd4*25zdB3kb>QTJq^>Kn0@6TI6Pn6h=(b)63m$Pr!?X+@siE>9^$AUm)Sg)6d00=Vi7>==H&=0S)^40V#blB++n2z_uDk+qE#{%5-VR|1 zlJ`rrV)k(>wV13kyH&)fCV_SHC8i{m_fh`+NffImys8LK6^1JbN*hpRe;@#pZh%2? z2?RxBD8_J}1UiH`y%H`(#;f20gl=bFpCO_782}GjYY!2}T~c)L zEWh7SOj;nlHgVJk6*JI9VS2;`N8;h4@a1h4zr$M@-zN(HFD1Qt^BLvAHGBpa`HZCs*##&AyD?@~Y%kQjY!bot#=MC*Akl9x zvf#cpb2X&2TTwg(c{op1%hmV>R*3D-KKAw3OTt1^egG*Ew((WMvEwZVz zTAOP0tpL8Ca7h{=cu;H(k}oHP+39OGc@Q6^R5i5Lex2)bfrNdH*GWp`to9$^e7(N` z=hFEkoE@gC?j3n!xIh@9Mc;aHsf<)<$u-Gqqzprc#9Ii?&?{2kI-oC_lscP2ygdB5O~SjJMD&ZK z5D9@SRGf!sg(Jk}H}yR`WCHSCNAP%`VO24!|Xp; zpwI6lGiX;d#uf?5y&TJF4Vj1w6`4Vkhp?42#{@}i6UvT4=~@nUoBb_YYoB62ew5+& z!D0VHID_xU;aom-ZP}5+d&S_`N~q7qUb^YZ@5G7ywR`VArxv9n=8C{La5hP4yMl*v9 z{v*tw1K??E?Y|^Ube@`lB|Nz8-YN*M$T~!Ihbw{$q}B0(orygtj|qU&98$q2A=@%1r;o0iV&(Y z;~TgC2}<6z#93gisyH9oaRSa}l@(LbrGWK&{#mM@S*;<+rj)!flC^OiG2UGyV)@nk zX@R&N%W6Gl$T+_OSHRY6vF5z0SgA zPkb9;qr8BquFlm_1s6Nsba3c8N<@r2};dU8Ed^N1K}hOQo;K-)Or~Y z9%|I8ciqbDL)mp^kzP&{O0e0HGgY@epdok?c!LteZE)_B8)+L%ylD^@p{dlH zCG9XxWAo~$Uf;t+9Vp*8KdKK_-9qv>!WZeP`2fHgCy+hq(PL)vJ= z;pVU6zr};0&+9LF8}W>__I`R;tncNGmgTl75v52mY}bdYZlO$JTu3z~5?_Mo2F92^ z&uJg7c-4>$qjo#3+xGpWAP_$wrUB>jxyH@)yCn2mKILATh_3jVi|_p;e9Cvh0p8LU zrr|?hw=0(+1bV@xF$D1%9Ec071VAQv!qt1WZh0DlY`B&rNfU#Wr2R#lNUouBxitL^ zx7RnD&KVP`J=9yPZdGasX|@O7@j)?%%aY}(vm8y@A){{lh#`bZC^bw{w<$4WQ&pEX>4Tx07!|QmUmQB*%pV-y*Is3k`RiN&}(Q?0!R(L zNRcioF$oY#z>okUHbhi#L{X8Z2r?+(fTKf^u_B6v0a3B*1Q|rsac~qHmPur-8Q;8l z@6DUvANPK1pS{oBXYYO1x&V;;g9XA&SP6g(p;#2*=f#MPi)Ua50Sxc}18e}`aI>>Q z7WhU2nF4&+jBJ?`_!qsp4j}paD$_rV!2tiCl(|_VF#u4QjOX(B*<2YH$v8b%oF%tU z$(Xh@P0lb%&LUZYGFFpw@+@0?_L*f5IrB1vJQ>S#&f;b8cV}o=_hCs$|GJ-ARc>v%@$zSl&FIdda6Uz_9 z&dgda5+tXH875p)hK-XGi{a1DP3Mcn%rFi&jU(bQ*qIqw9N}^RX3zXt6nSkKvLZX! zI5{{lZ7prSDAa#l{F{>Zc9vd*f9@GXANa%eSALld0I;TIwb}ZIZD|z%UF!i*yZwjF zU@riQvc7c=eQ_STd|pz-;w)z?tK8gNO97v2DKF^n`kxMeLtlK)Qoh~qM8wF>;&Ay4=AVc79|!(*9u^V&B)*6*lto0#rc5AAmbF{R6Nm+wLWV&2 zpPKj&!~Ue%xt59A_z}>SSOTRX8bE#?04OREAPIY9E70$K3&uwS`OS;bnV6mX&w~Da zSGY|6$QC4jj$=neGPn{^&g`1}S^_j607XCp>OdRl0~5dmw!jg%01w~;0zoK<1aV+7 z;DQv80Yo4d6o9p$7?gsoU?->sb)XS6gEnv&bb({wG&lz?fy-b7+yPQB4xWH1@CwX8 z5QK%u5EW8~bRa{>9I}O2kQ?L!1w#=~9FzzpLqbRb6+r8tQm7oNhU%ea=v(M0bQ-z< z4MVq}QD_qS6?z9FFbSr?TCfpp1+!pJI0%k}7s1K!GB_VDg15kxa07f0?u1Xnm*5dt z3O|9T5r7a8I--j(5f;KmLXmhR2@xTykP@TC$XgT!MMW`COq2`C z9~Fh-qL!gnp*EwcQ3p_+s6NzH)F^5S^$|@*Yog83&gcMiEIJvTi!Mf2pqtPg=(Fe% z^f>wz27{qvj4_TFe@q-E6|(}f8M7PHjyZ)H#*AU6u~@7+)*S1K4aIV>Vr((C3VRTH z5_<(Zj(vk8;&gDfIA2^mPKYbSRp451CvaDA6Sx_?65bH+j1R^0@XPUK_(psWeh5E~ zpCKp{j0vuUNJ1)MEuoUoMmS5jOL##f67`5q#Bid3xQ19sJVZQC93{RbQAlPaHYtH5 zA#EY;C!HeQBE2A!$wp)kay(f~-a>9BpCR8TzfqtnSSkc4@Dx@n)F^Z+Tv2$Yh*vaJ z^i*7|n6Fr&ctmkX@u?DC$w-N<#8FzMRHJlM>4ws@GF90|IaE1Ad9!kh@&)Bb6fDJv z;zQw4iYWUiXDDM-gsM+vQ@PZ2)JE!A>NpKUGo}U5QfZ~MZ)k(GDHV!}ol3Myo=T0% zaTO^Yp&QWy=;`z_`eFKY`a4xERZmsE>L%4T)hnv6)#j*qsPWZG)Y{cX)ZVEx)P2;` z)VHa3so&E;X_#q*YvgL|(KxH|bPjEf%N*{Uk~xRx+}4CO%`_u4S7`3j9MGKB($@0R z%F?RRI-~Veo38DlovOV<`-JwS4pqlZN1(Gq=cLYKh6=-zkLZ@rEqJ6vJJH{f4iNjE!Q9 zHW+moJu+4^4lvF)ZZ*DZLN;+XS!U8;a?KQD$}&we-EDf=3^ubjOEIf48#0H@9n1yh zyUm9!&=yV>LW>5A8%z?@lbOS8WsX|XErTr!ExRnASs7TxTWz!IxB6&pZ=G)4Xnn_q zViRanXwzf!tF4(W*S5y?+FbHn-?^*jcF%ooXKu&0+hcdro@yUrzrnuO{)2;~gUF%H zVbamSG10Ns@dk^=3S(_%op(Yzc{#0iI_C7&*}+-teAxLH7p6;^ON+~+dB*ej^BU)k zx$3!cTZVb0Xx4mvscU^amdxQG}4}A}wN0Y~dr>SSE=RwbBUe;bBuMV%*Y-jdL z_9<_~+t0hid(emC6XjFwbKh6bH`%w{0a^jvfaZXyK*zw9 zfqg-wpantIK@Wn>fV8I z2F~=-fTgudr?_nHF76Ya2X6;&lJCkd=T9WLCY2{WN_I`&o;;c2o>GzWRKONg3!bO? zr`DyuP76)jpY|y|CcQlamywupR7eq~3Hvg&GxIWsv&^%Kv!u(Mm+f3OB?=NXWkcDE zvb)7J+0WE~#6+@QGMeL-QhTd=lZ zbfxFY`c=@XrK@^Z>#r_aJ-)_o&4IOqwP|aAD6}ptFMPQ!W?fH_R?(WGvGsoITZV0)e z^+=6ZO?$0o?WWq-yLr2>?D5#sR;N{0TK8_RVDHU(zxvJwqlSuon0-0>9yUfd_J7U# zy17ZCskG_Ce&K%UfrtZr&5q5@Et)N5t#GTPb@E`s!OP!xf79K@Y^!glx0fCQha`s{ zf1CL2^}|7jdylY=w0&pzU2O-oqofn+T;4g=mC_~cj_V#i8hEs~$EBy^d&}?lAJaWn zb6n+k*$Kjlq7$D^=AWECm38Xr>EzR6y-RxUoQXYituMT9@NCf8^XGieo$2@NKY8Bu z{ILtp7mi+JUF^E#aH(^^exTzA`yV<69R@px9EZ9uJ6-M>o;Q5riu;w*SG}*EyB2Wm z(#ZUg;pqt>?FMZqM9Va~FNLGD$lbNT*KP&%S`^@Co zcfWZ2GB6c8HU3=m{L`|I+Sd?{wJo{Z|>UW?q-PQGavbE$eOnyO?(qGr8}v z?<+r;e(3oa^zrVej8C6_1NVgU`*8t=>i_@%AY({UO#lFTCIA3{ga82g0001h=l}q9 zFaQARU;qF*m;eA5aGbhPJOBUy24YJ`L;(K){{a7>y{D4^000SaNLh0L03N~s03N~t zZqRi;00007bV*G`2i^)A3llCNnA;fu03ZNKL_t(|+U{>?)fS zreed&Q9_FNMIgkuK)VnE7$VRkD_g?sYIfe!-6wyX-#7Q0v-ffC?b|(%y{D>cx_kPb zd(OG%e2?GvGS*t`mS&7G`msH> zm&O?GNdOOf+g**Mu;o1fAF&~gINGG#+Z3HT>lX=gCCeM zGXQ{RskKBht~7&l-Rf4iy44y&08>a|E`~2yYd6UZTJED=iviFSBlCW>BNQPXc^X93gnX}QEJf!(?)>uZSG0e>yINtaTXP)k!Wc73UL zb=j=9$Ji|ob{o}8RJXeAq5~_QKSI!zcTmL0U-8f1vI$UnHUJKg0US5R%mJ8%vjyx0 zW&msLGUp*pTuwJ-EylrWldkbRu-XX>b(?gnpO4o^Y@B6K1qMvo1hNIH4NMB8LAL!?x*07lc6&Yi;K}6Qt+Llna*oL6e zLkzv3vRP~GG6Tfg0G7!JmS{rg?`9|{qs>`sFZl;m0^%kFUo;Z(Dn)SlmrluJJ-`BA?S7Ni)ilh+9 zd-a{TiZ%f(Py>k6d%H(pJ`}Ldv@9@8?ChW#6+h zNA_uQ*4E_A+W?sLzHgDKfqS^a_dRcIJ6ZjD-z{+7b18Ff`s3tWP2T=VI-4AWJfn`9 zLsN}Ev;Q$;Ua|P|CCU%1jE%|xDbA}S% zFhr$SYJ1}U)BZ>4wWTC;c&Rkn05;@z$^)vYH3>Cts~FipU_EQ?qIXZ5BP19l{kAFj zb}*Sh!P5Z#5WrWIbiO4GhiG0(@|U@5?WhOfMgU(yx@+?ZxO`VLT8dAL)ll~VrSuB{ z=b^`EYdbmjM18kN=t{O@a9`V|ZrDFQN7 zk;6X-;C(zmJ+8o2WvMGEBz#B-QHsEqQ z89tj073gPGbahinr6yr+^VlBukw>I|70&28qy#*|WMf78yw`?;dSp%`@A-wU^(@yR zWdEK6aHnFV!c?Jb9z#DL7oXW$VE@OtcVwJFjtdF!*Gj_Ax&St1KZFEVYQdsT+fp}p zn^R&6j51iA*k{b33!rC=IZMfFlXSkrLuZ*ryD8sk2k`3vK2GAapW6W` zrlW~Thyhb&X@v({XkrQviV~dn1APA`N}3@=drnE}rvdy5`&#GWJ^5YW-6^=1XfR4Hx^TCS7uYjWOz!7WhgCT)t)If#+ zUI%BGe>P7G;ZS>U4j^R$*6Oq-S8x*}rlglnGYIbIml#UVAU4Fdxh@iD*X0_`12`qW zO)xsjH7)*LKA+lSYjR2%KzDlVeb8u{WLQoxyq>A}{yhc584qeL)88!jhsk+05gX5g zo|(K)GlFLrn#W$JNf|mlI5gzduHc@2pHYSLDYR}?pQlWtG6`LaTET~F{uoPf0KOmD zF%>7^qOtE3%$}Q9B5F*Elk?f+{tFmhbdX3cfJr6ym~H zrJA+2Y@Vm2^=MR~Ir)9(jj`fqlY76ul4NcDD)iElXloy7OC2R)ikoJyKp$Q9qg{8k z)Y~kv-`WW-qD>`1b|)cC`I42okGKP$8e^Re&tA`Sjcs|K3u_>r`)#hKFsb#bP(q*T zI3}qD?Pd)@N>FZ05g+~z0DlDFR!Y{l0eCZ|tUC$G+`-@M_NMJC8+%+UI!Ddu+bD&1 zNC8Ef_&`7(53!$nt+n&&`;jsXi+9zC#5Gic`w%7bEsrq5-H{l+tCpk^B(<}&H?`r6 z`w^T0zDzsLHCSce5>>txDbD$psr?;gMJi9tKw08>(2#Dc9)|>F?!=t-QZt7SAD%yd z{`@0Ty5F5}2G9t=Hz-Ly&ClP$!@kDvBLKe);4pv}*C^IRS|7kY06xa&0^bE!{|#Vz z=K#Ed45jZu7UIRyNcc`{6}iw04W=Cc>r!oxQuF}R$v@R0w9^N06u?(8rYD{-MIC8u zjOklzFO`k|;5wNKAfrCdqzDJPhDi|gSTOFQ$TRE|gwlectdLlpoq~+Uxp!V`yz5=> znieyd=fi#i&R+2f0FP5zJPhD(!g+>V@b62K$4I-5s@z6eYiKk5LO0+rUEug5 z24M~P`I#v_zcpgpn{dHy;GP{0P7bsnp-Op321?apkiJ*)m_c&@Vc z#!7+PZU&A?Uh4^CxmdRUT2lb9u&^*`O!^Xl+W}k$=ejrt;01`&N3{9fA;f6|4iU4y z3C@kO%zfV{UNZbUM}pHM(S3A^xcp(x`Fg$=19YF`5w8=Gc4s->D!hBd-sg?%Yp`2Qr@OGx;iPr}iq1pW=e zBn?V5mna!;1)%ZoI$ve*>C+@CJ>FxH(tc0Yo5}G;P|4aP$W5?$`5ti=)3eC8Grf$M zzIXy@EnuWR54o`=t87c8Pyk;F)aHHLE*%7{wf8gGVJPJ*K~ht!Jp)t|O-Ifh41yXro(uFJaLm98mFvP|S%%02*v^)-24F$%U3 zXPFeYMlm|}0elv5or2KTru2A;1nS?aNa5EgRrdc@INx`Z_}_rIgy;Y+uH$I{e+ifR z;Lkblrpo9k?raheWXUN18wppD_G@r~T+1ZzlErn2*mskW&O(q|#+Ww85;5X=Q=+vc zXiswFgzhO~wORXXL`E>=`-o80Dw)Z-92lYt;O)Fe5#sm9)J)EDjAta(yDE$n0=L`( z;Jt8}epdlJ1>g%6?4uR-IWD}hQ%(+L;Ip-=ar&I=%eaI0GMK{beqstoCjgQB5v8SD z0UU#i7@ehN@T+7BeZiF{roU0Elg}9~m z_$uO>*;e<-3k(Z|ov!8UMc8E-ebqWQ6ClCVxmM{eI*DthJtlsa1u2?+0U2R3wG2*E z%I{EGejb2-#0mX43H&O6_i!_6sq6sZ2}z@|%>UgA;M)T3{SGlUszhD7a0vjsHpGBg zusu!U^cRGNzDOzUi=5vVWR8@AqZFyes`r~HR@LscgrEfS8Bp5p5u!Uwcy0+U;Ahns zbH?*NnUU~JJNOvaw&6PLW&p1+_$?MGCF+t@DER*U&#Qu zLFw&Txa_IVqam(C{1qfF?;*S+#dyTl@EE08$>$OUJ~$z`GoJd~;70fvRG-RuWUYOY zjHZD&7tqa|LnJ=zc|Oq|fsV2Wu-86D?09I5=@TwGz>WN4)Li^_A0eR@8R)8FMzYCu z9-#qT3g)cV3}Iv`71;FQI+StwaR9$i;yDeH(ub!IjYt{8a$oBold4z`cKo4`x6D{3w7vlYOm_ zAsq>v#~TaG`5047F9Y}=WDFZ{u8H?324slS4?~y&jlv%Z#BL)c3BQ#LQH-t+ASKxw z4Z52`9K`6R2(;BT0J3a4#+ZXNTyK^Gu#?{3s~wjY$ePvCl#n)hzDAsBArWw=P;e-7YZ!};j%RFhh?VsxGX z@b>}y7gXcLQKa2Y2}^7tXDjOW1c1*YuugD^2+qP1kFMaR3h?NHFp+|CBBkkFCNZlT zzo`}D^2Bn!T>$XA6-{#v&UPZTh@*gtc(N9=goWOY{5D9YoCL&#SEy; z8Dx7^CAGIx6VJM?hdA|bGjNSOIl%EPzG~~Yh5?m}wmhIpU zUQ@R4(0lne>poAC*=WOYV+whWF7Bet06PUAZSKYSG$=h>jeKv4X|xZMP@Yr7$-}eIr{GG}_7K}N?k+H& z8+ngq_IF#tZw?}^sV#9YTgK&-YJgR=gC#5V0p*hUg|yBD&roB(*b^F*exKszT8DF+ z+ewbQD3To2`z1;`O#uINibIh|UMY}MW$W^w`rbAES`29nU!UN5-w)?`BL`;a{a=jR z0|gy*va}kxG>_qt7U{JWw@7hAKAy98i!g=vE11YA*GsL9Mc$aVc|8dfme3wonu0L= ztYEo!!r}RMk%^3W?tU$BE-&G8YLKC?A>B~^7J5~!ODRrSzl8Fnlh8hk_C2Y9y0rJZCrBgUrJ2p?TdhV^Gt9L_8m(E+$x$5pn=ikEmq(x@oo z!33q7b9D8!ghYh!H+7v|63ect@4J%m42SA>A1LkAv=`_2&nCze_9Aq&m@)r$)pWAVE9hAvHiUK5>xms$(>clT zNOw^&=*`1nvM;0x{J*9&o+Bj2Z64OoRMf9T5-(;zCflU*F%HyK*j|IT1DCqvh_&`X zbziB@)fc~ejzwUV%j^jm>9CuWJ~#DzlB7_nGwr3>4mF^kfOAWIAHs0>IRHnkwP#hl zOPg~WD($8LXYAirt68m4+Os%{I1P56OkpmEu-^ukdi;5aqpdgKQfg;GnadR376Ck$ z0@LFZ>XH~_M=@TbHH0*xUB(8Wg@`ml7Q!s{l2JL7`RVI-b^2?#yf=d^ENlv`k2trD zW(Ee%04p%XE2cD_JK$VhXNhS>752SutzAr#8hrI#atOh>7?x=tC!uMQIkW-%R{-y$ z#M_kuGm^4e5vc;1?;>gyhdL zh#e+Y$j}DfJR}FzNHI#AF!!V;Zmca{|DK%j{3w9$;j`U@^B6k8wf;{T*DZ5z%AD5W zBI6GM`0ccFE_M(F0S>D^G~B*dgfY1Y)7wj0QbQFP(LpN5rlAoi^=FBm9Kr-fBAIdH zHsFlA(@F_2;K5s^_Vh+%dvo~hBw>xyB*YIX#)lk&sv~#@H1_^ITwX^Zug$P(nbba5 zVUXK8nbJCdHGxqG6E)%N36`Jx*4j0uqcCEWRN6*TyC-jc3KBaZOo4w#9Pfpkxe2ow z!lkdcCSX0D1@J8A7U|$XGTx?Ib6t1`-n`S=3Syhwt0}E#wO@e?);tPV%i$_Gr;1PV z|MMx@!6sZ%#zivir#ZF*0RDEydd+x(;M9p?%@pSZf`=JT%(do9fC`AH?5$wV{kPLUQEd9c;I!C$6n$ndQ{nUa8CyTN#FSX8n{@I zp9py-D!0FQuXMe>CHPFzOLVb4@m*?=4Yt=GNDG2{50aConWUt5*d8brvc5)*wWn%b zoGP&w+uqvf`I&@gl2=#yD4+Xt1MYt_HJdqg1`YT5_hNf}2dNr(Goe)=u4^IVdM;c_ z_q<@wNbko<1wSD$SPK)ZT|CY`#vKpQg|zdzYXj4KhOod*{o)D2( zQMgneN%xLO6x)2JJ&(ak)U)&{MOZ?aT+<^e3n-BBH09M)?@uBu8oQ&JoLb9nNdcwh zMe@qu`GntQ_4O>D)3=hS{~zQ>8vio)%B+q~S4>XUqffzLR;_{f=*AWl4>f$L9*NiK3jSJ7_f#=VxFECYI!479(xwRTl9loB$E z$WBEK|7{dYNcTdj;gTY`NP8oIH}k&t0QkEBYPMA08WR4p3IZF_ZeYZ_h4XGCyfh)* zqzz$6$gByM@GlLMet=_+wEw(RmQZec7P0M1J3JXNG4aL(9F-md2y^! z;yZ$D|LAi(ye$>fHLI|Eozi+;JXWMQjA902kTg8Il2-Xn8XZR&2kj35JR}UBghM3o z*K;ifD3RrrjAev4PGA+uDIB)u$lrIAp*&LS5Rs70D#rBLyu&3-fCO=%VhPqzJkecJ zdpF8u!4)EWD}dkOemfR$_WqQNLH5Ch7})s?jk1-9U2WhQx@TE=Z=f`lw7G5bWSdY> zTA9|F1ToLJzB8?f?KP&*P#bPY;{76i|K^fh{stP@Rsehyacsk=;KS5q906Ce_M3qQ zVX3hIN>Ky2tfN;2-u_lK-n-e?LYAb-BI#nJZLRF{po}UNsJv;=rA+FfAL1Sgvb`o*TWr;%W=N&|eWR^oIjGx4; z&Dsnh?xKD5+=j~NE5uBm^#-*xO^9D!LSrb?Mtn)U%0>W#64z4ExSBByvBM-c-IVW^ z)$>@Sy(#Z(&F-dPw5(|SvP>cCx+z5e`>lyR)QmFjF3>o21TK+WnGB52r6k|Ys*n|! z@iJ0|&zl2n8*PoQaqT)sBr_p_dn{FI03cf@GOu`Co=(^-X& zAHj69z4kqPyW`m-LdGse^b;sn#9rGBbQQQLZ7*^CucNKyWpLSQC%r~D({|A3eES^p zx8&HoZm02B+=5$q)#MV+NTlX1HlZKNIvYuuUZ;hbk9qysz%iT|XAILcvhP+Kf>n&+ z6AIp0D8XD_#p|D?`fGfNKTXm}(+(ts1>zzkAq;My-ftClp|){XKpz`$N&g0L0Y5fJ z&0GTTA!|CHt?TBaseNw##F1=^9!}qP`p9KJYK##$KTjRq)VJ5f#->n{14cng|;J zzLo=TJS>4xUKvfOA}`M%rC1Exjg+>QdC(5Rc`ZE^0Iz%O1 z7y2Y<18N0Jo((~=e~LX}FzEv%k<6lYOT{@Ibt~`@ROBtM>yoMU;S$eHsvWV`eq9Bv zb;tmZk^!denGeFb5lbdt$Xqm&3lN_4v$+P&4*0)QelEuMCADsHU%MNKVMYY}*mjB{ zP|>8KgUdu_Pct=nLlNGA!Zjs?e+9(?q6~@uBJuCS%)na+EyWxJ@WVOM?Zb$JmPQ#^ z-Vfy5`fYG-rw0f@2yxD9AFhxY2$8;pwv#zjU;p|c1z8LwmyoJw&=q3i;pLMIY??zH zv^e0HHW4Q$+hA^`Rzf-rZG_!GY_Pp!f=uBFkWRQYpAQ9Fx=s-t-9Pi2GS$I7WPS&+sMni+`)aF`wXi zyq;s#B}hj(dq!X)>+Snd0q-C2`WgVZncjO@UQ&;6T*E1N7dgyOX%zGKt_OoZIa&06z)mee`9N_bPe=oK5G;y!S_Vej4<|5?ex6ZvUU- z{uCxWlb|i+O4Gu;nY6E)bI*%#9&L>Y5r9J!lE$dBoai*jIetV4mMUJ;qV4B~Xd z(`btd&S}6E1(NZ9HLwpc44;Ja_A&|vYEgq)7ej0oqt>ah`I{B~JvZh&PpdHwl!n+$ z+6&(Mp&!4JBzUN2{R|vde;&>b^CVopAq^wU2QY}2!+Cmr%3AvrnO9TSS&+}jcSN|G z^Iqfnj`SKL|K(-?00?SHL_t&pmR8-$FQwv6MsTq+N$nt<(Y58D$FeDv%cNK?K|luu z$FW`o(VpbIiu7I8vkAGUuL0-;cYq6Kc>=(L0dxFWN{#1Ldf~AaQbpJf;N1JZmUGD$ zb*f^8v-*c?NP>G`j!M6QI5}Ju804KI!N3(mIjJP=Ckb&}LY&~u5*O}LTR1{(dPIga?u<#StUz&DcV{}P;= z>dOKAG=Lu`^Y|K>#j{F-&N6xmd^HFVB1YbIW#&Bc_Uu}oM9pM{&9s`ob-Qw#QHMmL zWoIZoeUcLL2*A4lyd|K&TLAn&IK$SkETKv8GMc4|o>d^{05yoAlJJLKKiVs0mdwug zHkv2Fc!mc|0*9_foQbkXdllj|%MHF?B7?bx2ly7adJ7-4*4|Fl{~&)iQVj76aK%;L zpCftyBH}s&Qd4*25zdB3kb>QTJq^>Kn0@6TI6Pn6h=(b)63m$Pr!?X+@siE>9^$AUm)Sg)6d00=Vi7>==H&=0S)^40V#blB++n2z_uDk+qE#{%5-VR|1 zlJ`rrV)k(>wV13kyH&)fCV_SHC8i{m_fh`+NffImys8LK6^1JbN*hpRe;@#pZh%2? z2?RxBD8_J}1UiH`y%H`(#;f20gl=bFpCO_782}GjYY!2}T~c)L zEWh7SOj;nlHgVJk6*JI9VS2;`N8;h4@a1h4zr$M@-zN(HFD1Qt^BLvAHGBpa`HZCs*##&AyD?@~Y%kQjY!bot#=MC*Akl9x zvf#cpb2X&2TTwg(c{op1%hmV>R*3D-KKAw3OTt1^egG*Ew((WMvEwZVz zTAOP0tpL8Ca7h{=cu;H(k}oHP+39OGc@Q6^R5i5Lex2)bfrNdH*GWp`to9$^e7(N` z=hFEkoE@gC?j3n!xIh@9Mc;aHsf<)<$u-Gqqzprc#9Ii?&?{2kI-oC_lscP2ygdB5O~SjJMD&ZK z5D9@SRGf!sg(Jk}H}yR`WCHSCNAP%`VO24!|Xp; zpwI6lGiX;d#uf?5y&TJF4Vj1w6`4Vkhp?42#{@}i6UvT4=~@nUoBb_YYoB62ew5+& z!D0VHID_xU;aom-ZP}5+d&S_`N~q7qUb^YZ@5G7ywR`VArxv9n=8C{La5hP4yMl*v9 z{v*tw1K??E?Y|^Ube@`lB|Nz8-YN*M$T~!Ihbw{$q}B0(orygtj|qU&98$q2A=@%1r;o0iV&(Y z;~TgC2}<6z#93gisyH9oaRSa}l@(LbrGWK&{#mM@S*;<+rj)!flC^OiG2UGyV)@nk zX@R&N%W6Gl$T+_OSHRY6vF5z0SgA zPkb9;qr8BquFlm_1s6Nsba3c8N<@r2};dU8Ed^N1K}hOQo;K-)Or~Y z9%|I8ciqbDL)mp^kzP&{O0e0HGgY@epdok?c!LteZE)_B8)+L%ylD^@p{dlH zCG9XxWAo~$Uf;t+9Vp*8KdKK_-9qv>!WZeP`2fHgCy+hq(PL)vJ= z;pVU6zr};0&+9LF8}W>__I`R;tncNGmgTl75v52mY}bdYZlO$JTu3z~5?_Mo2F92^ z&uJg7c-4>$qjo#3+xGpWAP_$wrUB>jxyH@)yCn2mKILATh_3jVi|_p;e9Cvh0p8LU zrr|?hw=0(+1bV@xF$D1%9Ec071VAQv!qt1WZh0DlY`B&rNfU#Wr2R#lNUouBxitL^ zx7RnD&KVP`J=9yPZdGasX|@O7@j)?%%aY}(vm8y@A){{lh#`bZC^bw{w<$4WQ&p Date: Wed, 11 Apr 2018 19:49:41 +0100 Subject: [PATCH 040/133] Remove image --- doc/EN/index.org | 1 - website/EN/index.html | 197 +++++++++------------------- website/EN/socialinstance.html | 227 +++++++++++---------------------- 3 files changed, 134 insertions(+), 291 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index ae54ada9..a7fbf95b 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -8,7 +8,6 @@ #+BEGIN_CENTER [[file:images/logo.png]] -[[file:images/bbb3.png]] #+END_CENTER #+begin_quote diff --git a/website/EN/index.html b/website/EN/index.html index 2a9ca125..d7ed68ec 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,12 +144,14 @@ for the JavaScript code in this tag.
-
-

-logo.png -bbb3.png +

+
+ +
+

logo.png

+

@@ -262,12 +172,18 @@ A list of other supported ARM boards can be found here

@@ -275,13 +191,20 @@ After installation it's possible that you might want some advice on how to run y

@@ -293,7 +216,7 @@ If you find bugs, or want to add a new app to this system see the available here.

-
+

This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion. This documentation is under the GNU Free Documentation License version 1.3

diff --git a/website/EN/socialinstance.html b/website/EN/socialinstance.html index a87a1011..daf25f15 100644 --- a/website/EN/socialinstance.html +++ b/website/EN/socialinstance.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,7 +144,8 @@ for the JavaScript code in this tag.
-
+

+

logo.png @@ -244,41 +153,52 @@ for the JavaScript code in this tag.

+
+

Social Instance

+

+ +

A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:

    -
  • An old laptop, capable of booting from USB
    • -
  • A USB drive, preferably Sandisk and 16GB or larger
    • -
  • An ethernet patch cable
    • -
  • A domain name of your own
    • -
  • A dynamic DNS account
    • +
  • An old laptop, capable of booting from USB +
    • +
  • A USB drive, preferably Sandisk and 16GB or larger +
    • +
  • An ethernet patch cable +
    • +
  • A domain name of your own +
    • +
  • A dynamic DNS account +

The installation process is the same as usual, with the only difference being that on initial setup it will go straight to the domain setup details for your instance. In summary:

-
-

Copy the image to the USB drive

-
+
+

Copy the image to the USB drive

+

Substitute sdX with the device name for your USB drive.

+ 
sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/current/freedombone-pleroma-amd64.img.xz
 wget https://freedombone.net/downloads/current/freedombone-pleroma-amd64.img.xz.sig
 gpg --verify freedombone-pleroma-amd64.img.xz.sig
 unxz freedombone-pleroma-amd64.img.xz
-sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync
+sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync
@@ -288,14 +208,14 @@ Also note that if the laptop has a removable SSD drive it's possible to copy the
-
-

Connect the laptop to your internet router

-
+
+

Connect the laptop to your internet router

+

Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.

-
+

laptop_router.jpg @@ -305,14 +225,14 @@ Plug the USB drive into the laptop and connect it to your internet router with t

-
-

Boot the laptop from the USB drive

-
+
+

Boot the laptop from the USB drive

+

You may need to alter the BIOS settings to get this to work reliably.

-
+

bios_boot_usb.jpg @@ -322,14 +242,14 @@ You may need to alter the BIOS settings to get this to work reliably.

-
-

Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop

-
+
+

Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop

+

Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.

-
+

port_forwarding.png @@ -339,10 +259,11 @@ Log into your internet router using a non-Tor browser (usually it's on an addres

-
-

From another machine ssh into the laptop

-
+
+

From another machine ssh into the laptop

+
+ 
ssh fbone@freedombone.local -p 2222
@@ -353,23 +274,23 @@ Or alternatively you can log in directly on the laptop. The initial username is
-
-

Follow the setup procedure

-
+
+

Follow the setup procedure

+

Enter your user details, domain name and dynamic DNS settings.

-
-

When installation is complete

-
+
+

When installation is complete

+

Navigate to your domain and register a new user.

-
+

pleroma_register.jpg @@ -381,7 +302,7 @@ Navigate to your domain and register a new user. More details about setting up and using Pleroma can be found here.

-
+

tusky.jpg From 7b604c044c2dde18923177f187b865dfa1ec3325 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 19:53:02 +0100 Subject: [PATCH 041/133] Retire the quote --- doc/EN/index.org | 7 ------- website/EN/index.html | 13 +------------ 2 files changed, 1 insertion(+), 19 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index a7fbf95b..a774a021 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -9,13 +9,6 @@ #+BEGIN_CENTER [[file:images/logo.png]] #+END_CENTER - -#+begin_quote -"/With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we don’t control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment./" - --- Lucas Nussbaum -#+end_quote - So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home. A list of other supported ARM boards [[./boards.html][can be found here]], or you can install onto an old laptop or netbook. Some installation instructions for different use cases are: diff --git a/website/EN/index.html b/website/EN/index.html index d7ed68ec..f57301bb 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -152,17 +152,6 @@ for the JavaScript code in this tag.

- -
-

-"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we don’t control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment." -

- -

-– Lucas Nussbaum -

-
-

So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.

From 8c02024963d691b509d120ebb3f85dcace201ff9 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 20:32:21 +0100 Subject: [PATCH 042/133] Changing index page for increased brevity Try to keep things as concise as possible --- doc/EN/index.org | 22 +--- doc/EN/installmethods.org | 35 +++++ website/EN/index.html | 43 +------ website/EN/installmethods.html | 227 +++++++++++++++++++++++++++++++++ 4 files changed, 273 insertions(+), 54 deletions(-) create mode 100644 doc/EN/installmethods.org create mode 100644 website/EN/installmethods.html diff --git a/doc/EN/index.org b/doc/EN/index.org index a774a021..9b0eba5c 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -11,29 +11,15 @@ #+END_CENTER So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home. -A list of other supported ARM boards [[./boards.html][can be found here]], or you can install onto an old laptop or netbook. Some installation instructions for different use cases are: +You can run Freedombone on an old laptop or a single board computer. See the [[./installmethods.html][list of installation methods]]. You can also use it to [[./mesh.html][set up a mesh network]] in your local area. - * [[./homeserver.html][Typical installation]] - * Installing [[./beaglebone.html][on a Beaglebone Black]] - * Installing on an [[./debianinstall.html][existing Debian system]] - * Installing [[./armbian.html][on Armbian]], for unsupported ARM boards such as Raspberry Pi - * Creating a dedicated [[./socialinstance.html][fediverse instance]] for a single user or to host a community - * Deploying a [[./mesh.html][mesh network]] which can operate with or without the internet - -After installation it's possible that you might want some advice on how to run your system and set up apps to work nicely with it. - - * [[./domains.html][How to get a domain name]] - * [[./security.html][Improving security]] - * [[./users.html][Adding or removing users]] - * [[./apps.html][Apps available on the system]] - * [[./faq.html][Frequently Asked Questions]] - * [[./mobile.html][Advice on setting up a mobile phone]] - * [[./support.html][I like this project. How can I help to support it?]] +Check out the [[./apps.html][list of available apps]] and [[./faq.html][Frequently Asked Questions]] section. +Disk images which can be cloned straight to USB or microSD drives are [[./downloads/current][available here]]. If you find bugs, or want to add a new app to this system see the [[./devguide.html][Developers Guide]] and [[./codeofconduct.html][Code of Conduct]]. There is a Matrix chat room available at *#fbone:matrix.freedombone.net*. -Ready made disk images which can be copied onto USB or microSD drives are [[./downloads/current][available here]]. +If you like this project and want to support continued development then [[./support.html][here's what to do]]. #+BEGIN_CENTER This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]] diff --git a/doc/EN/installmethods.org b/doc/EN/installmethods.org new file mode 100644 index 00000000..96317cfa --- /dev/null +++ b/doc/EN/installmethods.org @@ -0,0 +1,35 @@ +#+TITLE: +#+AUTHOR: Bob Mottram +#+EMAIL: bob@freedombone.net +#+KEYWORDS: freedombone, installation +#+DESCRIPTION: Installation methods +#+OPTIONS: ^:nil toc:nil +#+HTML_HEAD: + +#+BEGIN_CENTER +[[file:images/logo.png]] +#+END_CENTER + +#+BEGIN_EXPORT html +
+

Installation Methods

+
+#+END_EXPORT + +Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. [[https://freedns.afraid.org][FreeDNS]] is the one recommended, but others are available. + +If you want systems to be available within an ordinary web browser, such as Firefox, then you will need to [[./domains.html][obtain a domain name]]. + +A list of other supported ARM boards [[./boards.html][can be found here]], or you can install onto an old laptop or netbook. Some installation instructions for different use cases are: + + * [[./homeserver.html][Typical installation]] + * Installing [[./beaglebone.html][on a Beaglebone Black]] + * Installing on an [[./debianinstall.html][existing Debian system]] + * Installing [[./armbian.html][on Armbian]], for unsupported ARM boards such as Raspberry Pi + * Creating a dedicated [[./socialinstance.html][fediverse instance]] for a single user or to host a community + * Deploying a [[./mesh.html][mesh network]] which can operate with or without the internet + * [[./users.html][Adding or removing users]] + * [[./security.html][Improving security]] + * [[./mobile.html][Advice on setting up a mobile phone]] + * [[./apps.html][Apps available on the system]] + * [[./faq.html][Frequently Asked Questions]] diff --git a/website/EN/index.html b/website/EN/index.html index f57301bb..6ef8a268 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -157,52 +157,23 @@ So you want to run your own internet services? Email, chat, VoIP, web sites, fil

-A list of other supported ARM boards can be found here, or you can install onto an old laptop or netbook. Some installation instructions for different use cases are: +You can run Freedombone on an old laptop or a single board computer. See the list of installation methods. You can also use it to set up a mesh network in your local area.

- -

-After installation it's possible that you might want some advice on how to run your system and set up apps to work nicely with it. +Check out the list of available apps and Frequently Asked Questions section.

- - +

+Disk images which can be cloned straight to USB or microSD drives are available here. +

If you find bugs, or want to add a new app to this system see the Developers Guide and Code of Conduct. There is a Matrix chat room available at #fbone:matrix.freedombone.net.

-Ready made disk images which can be copied onto USB or microSD drives are available here. +If you like this project and want to support continued development then here's what to do.

diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html new file mode 100644 index 00000000..575a61af --- /dev/null +++ b/website/EN/installmethods.html @@ -0,0 +1,227 @@ + + + + + + + + + + + + + + + + +
+ +
+
+

+
+ +
+

logo.png +

+
+
+ +
+

+<center> +<h1>Installation Methods</h1> +</center> +

+ +
+ +

+Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. FreeDNS is the one recommended, but others are available. +

+ +

+If you want systems to be available within an ordinary web browser, such as Firefox, then you will need to obtain a domain name. +

+ +

+A list of other supported ARM boards can be found here, or you can install onto an old laptop or netbook. Some installation instructions for different use cases are: +

+ + +
+
+ + + +
+Back to top | E-mail me +
+
+ + From 01e07b3d04376d3726160a463976b85e70797350 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 20:34:28 +0100 Subject: [PATCH 043/133] Wording --- doc/EN/index.org | 2 +- website/EN/index.html | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index 9b0eba5c..b8a3336a 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -9,7 +9,7 @@ #+BEGIN_CENTER [[file:images/logo.png]] #+END_CENTER -So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home. +So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things in a manner where you keep control of your data and it resides in your own home. You can run Freedombone on an old laptop or a single board computer. See the [[./installmethods.html][list of installation methods]]. You can also use it to [[./mesh.html][set up a mesh network]] in your local area. diff --git a/website/EN/index.html b/website/EN/index.html index 6ef8a268..f11fec47 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -153,7 +153,7 @@ for the JavaScript code in this tag.

-So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home. +So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things in a manner where you keep control of your data and it resides in your own home.

From d4ed63f4dd117aff250fd59cc18f9e5855887f07 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 20:37:18 +0100 Subject: [PATCH 044/133] No header --- doc/EN/installmethods.org | 6 ------ website/EN/installmethods.html | 11 +---------- 2 files changed, 1 insertion(+), 16 deletions(-) diff --git a/doc/EN/installmethods.org b/doc/EN/installmethods.org index 96317cfa..522a086e 100644 --- a/doc/EN/installmethods.org +++ b/doc/EN/installmethods.org @@ -10,12 +10,6 @@ [[file:images/logo.png]] #+END_CENTER -#+BEGIN_EXPORT html -

-

Installation Methods

-
-#+END_EXPORT - Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. [[https://freedns.afraid.org][FreeDNS]] is the one recommended, but others are available. If you want systems to be available within an ordinary web browser, such as Firefox, then you will need to [[./domains.html][obtain a domain name]]. diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html index 575a61af..75a9791f 100644 --- a/website/EN/installmethods.html +++ b/website/EN/installmethods.html @@ -4,7 +4,7 @@ - + @@ -153,15 +153,6 @@ for the JavaScript code in this tag.
-
-

-<center> -<h1>Installation Methods</h1> -</center> -

- -
-

Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. FreeDNS is the one recommended, but others are available.

From 754951684e8f6ab97b3e3ae749c768500ebb5ccd Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 20:50:32 +0100 Subject: [PATCH 045/133] Wording --- doc/EN/index.org | 2 +- website/EN/index.html | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index b8a3336a..c3636a1d 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -9,7 +9,7 @@ #+BEGIN_CENTER [[file:images/logo.png]] #+END_CENTER -So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things in a manner where you keep control of your data and it resides in your own home. +So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things. You can run Freedombone on an old laptop or a single board computer. See the [[./installmethods.html][list of installation methods]]. You can also use it to [[./mesh.html][set up a mesh network]] in your local area. diff --git a/website/EN/index.html b/website/EN/index.html index f11fec47..e13c080b 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -153,7 +153,7 @@ for the JavaScript code in this tag.

-So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things in a manner where you keep control of your data and it resides in your own home. +So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups, VPN. Freedombone is a home server system which enables you to self-host all of these things.

From d57f5d3431d111490259a964ca642a31024cc076 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 11 Apr 2018 22:06:24 +0100 Subject: [PATCH 046/133] Link to blog --- doc/EN/index.org | 2 +- website/EN/index.html | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index c3636a1d..739877ad 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -13,7 +13,7 @@ So you want to run your own internet services? Email, chat, VoIP, web sites, fil You can run Freedombone on an old laptop or a single board computer. See the [[./installmethods.html][list of installation methods]]. You can also use it to [[./mesh.html][set up a mesh network]] in your local area. -Check out the [[./apps.html][list of available apps]] and [[./faq.html][Frequently Asked Questions]] section. +Check out the [[./apps.html][list of available apps]] and [[./faq.html][Frequently Asked Questions]] section. Recent developments are also described on [[https://blog.freedombone.net/tag/freedombone][the blog]]. Disk images which can be cloned straight to USB or microSD drives are [[./downloads/current][available here]]. diff --git a/website/EN/index.html b/website/EN/index.html index e13c080b..78788613 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -161,7 +161,7 @@ You can run Freedombone on an old laptop or a single board computer. See the

-Check out the list of available apps and Frequently Asked Questions section. +Check out the list of available apps and Frequently Asked Questions section. Recent developments are also described on the blog.

From dc9ceed9fb77b251859597b4fced26bcf0f98f37 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 12 Apr 2018 10:24:31 +0100 Subject: [PATCH 047/133] Replace text with icons --- doc/EN/index.org | 2 +- img/gfdl.png | Bin 0 -> 5638 bytes img/onion.png | Bin 0 -> 3226 bytes website/EN/index.html | 4 ++-- 4 files changed, 3 insertions(+), 3 deletions(-) create mode 100644 img/gfdl.png create mode 100644 img/onion.png diff --git a/doc/EN/index.org b/doc/EN/index.org index 739877ad..127fbd1b 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -22,5 +22,5 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h If you like this project and want to support continued development then [[./support.html][here's what to do]]. #+BEGIN_CENTER -This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]] +[[file:images/onion.png]] [[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]] #+END_CENTER diff --git a/img/gfdl.png b/img/gfdl.png new file mode 100644 index 0000000000000000000000000000000000000000..6afde8413c7fcff4047479d81492d79071fc9c82 GIT binary patch literal 5638 zcmV+h7WwIkP)001`#1^@s6i>yJ`00006VoOIv0RI60 z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_000McNliru;sgu{6(B1F^a20?6_ZIs zK~#9!?VWjeQ&sxMKUvx|X_KaVOIx}_p=Bvs5fD(sg{dNgSVbK{Q3sa+QS|4`xS|e% z>nIK?4z8d$ECS*JD##|Alolv-FLa|@(xge7CT)Iyqzz4zrfF#lXur>MpS0&D_ndpq z_rB*n-}9bx1y~>krUG8{;g1Rrz`Oa7075|4>bw!y1JnVvz&W5C&|OHTg67Znf&2Q} zpbuSu9w-B{nvYCiFK`lQbd`YVz>vPW>_ay~3mgWv0$%}Voe}UGU>ZQ`tSN+s2J}_m zWsa<@GaNaZMQLeehu`(}RS@8>v>X9Se0<~x1OmLh&wFGiGYiPb$i<8qovsdzMvvKS zcC|Q7z&_wL;A_D8LvizGPD{d{ZWzbR8I$^2@G`}Tllj~?{}qm<=h&U|lzA{BX#gWf z#xpcAhS-=e;$p*4C_FozkI`u2WM%OatG_13h203|bSn#jyQPiE|x1jJ$y zjg3uY=bWXaq>|FID$W*_Q&L)qN~Hxrqt(&a*o4_^Mj#NJ?=A%bZc3TJefQjGm-p^H z$N1-SA8`1{DFFI~`18bLvq?Xm%cjk{sjk+v{(3cV18}hA>M6h$fH{Ae#)`KV^|j_@ zhK2?c@k3{G?p!qh;bDP1`_H+g&bkJnP{6^%nQYv&izC0CChb@@I(>bY^6~ceq9|`8 zLZQI!oY`z<%@^BQ{M5VD)YKyNkg#RbGDeS#XU!MeS@QBnl$>`73V@iFE;zR(H7~!U zuQe}2>_3oUCEtL!aJFxI6Muhi>-qT)zsjl8g|-6#fq?$uK?Dc+5)feV{{#X7UY=6K zZelzn?nph{ZGJO$Y@$Q*)zurw&MrbCap&48qxovX&(zf$c>KwC*t_#T{N>K;xpwLp zuDN~z`30o_k-&%+0_Hb6io*Op0$!FVDyp#lU0$K)boLqi{m%;<^X|EkzdyZ_h6a<3 z#j4Thh=>Tr%S(pTLxPWw93LMA5_dO?Wi=Yn>nzq%Ra46s>vpj6{f(&9wbazqqE^?U zQfpDEw046Mp-@2TEmvFr|M}-5l$KSs{z^n^DxU?yghBz8CEJil-1=JeGQzH3jxuff zV(b4Rk&x6`Q~1BdcM=mFYH8r2a@KFy$<}RqIhLM-zRu9?

B+5nF?!S>rl(9GIXQvh!{U%hB{ViR zk(*acdPXj%v(BJWX{c6NESXBJ#bmN*$Zld0o?cRm|EKW8+uIAJQjXHwv-#5trP2#u z9|f^7p(vGdbozRZre$&9;7K-q{R>Cavf3;5cyX(L@>&R(Us!rU1gx&suwvx~HgDa- z$;<+meiJ`1f*Y8rcJHPhJ?ace@D+q-G6pHp|3^kfsnwsqODK|GUo}N+` zJ~E5Ni)QoK6YsF{gH3qKJaBXG*xEN38mtyWE|(D$=tF?Nk`YM*Ngk8HRg;qN^;I~% z#;*rYFy*=h*0MN)$<#<~t)7%=<5$#o40rPF+i@)uYww z$;mBd|A7;%Sh)dDnFkNte=|=$eg|IdkW1<9#n>?kWak!9RaN7-LBt{k#Yd8u5Zz@1 zkUVBETQ@CZ^~c|^e&bFXjm~6hB<)x>X~(kL9p(Bu5TXHUYHBf?%~Vxu&}dwr0+vYJ zFc^#o1VYT_Cfk8ftG{mp)&e{{erZolg}yBnK1V-j=jn#RN{ha(n? ztm*ZJ1`ZrJ!P<2{^7WS8Ha8R!>_<-Km+j_t*W4v+*tE+gZSbH-#$Pc6rBaSUE~CL{ zLZ#ADthvZ=@^YB{{8ww?wy-r(;!J>=Gr}UixFsJqP#8dCGV&w*#G=;*Gj3b}ej9$Ca1>ZUQI^J7x zzB^7kmd*Fu4_YkYkxVKpYkJfj2n_UL^vFSkg!r*#>mJUPs}Kmq^c!#+#iu@Nw+rsF z1x(M#C1u7FHcz!uDd(eAe`o5H(GGv(A#rEY#3Uw7Ok&x~^ZENT@3H#hZ5A0}K!2zC zjT$k~j)0RVCb4|!L+$=%`Ri+VZpnY~^YgZ|IKzg<+THV@_y`8JDaVx)hP9GCPVn+8 zpYYSqM{K^6om0f0rY~mKkM9r??ALC2CX63yN5J?2{kufIjxc;!9K(mjoiAhdSx#r4 zB`2qd-27t7%BrcXR8vu@rlPXOuJ>vSFE1H^0hXyde}5&x!M?;shY}kb#=rsn@lncI zy8JU%ez1wg#wJ8!DG@{F<1Y2<{w}zpLd}d>PuY;qQ|7^jbuW=Tdaz5^P$)ck=gmc! z&G6AD+lY<|>97Jii-`Wg)=^q_T(@8eIuW!37f)YQ}hAeBcDo^THyp8aU3uX0Mj zYCr|}6c(1*O~bT@$DVxK&YxTI{CzHyuQjflI);xv*+zI+kaNeiRafq^Jm7C3p1+^B zg8_=DOARRy2zcfnb2)RioV8zWw>h_U+dh8Sagb}T8RPOjh=js!CtG#32AQV^9uoIX z{Z1qjcBmdSG?+-w$l<4*NBH);UpaK-lvN89yUPiTxBp^z>bcl)ywN3hmtGBjGK!JmM=*oR{gpA|4Oq;%#z(5}Y1AGV$_9ejIhkyVj zARa%sL3^ZUhDTvZ#lGEPQ}Tw)^FTJdAW+?C-S;I4~Z-Yh5v9A0mJZA#yROR zL>&^)>IdfMmoWZ{_G47_bp|$my~|E(yZNRoyL=n;52#lQ01_Xp7F>ygL;k$J~qYS3Ubs4z8XFd4PrB(_iF=7reJ)B5S= z;fuR85D(8_r1A*F?yfyxj$FES3E0s{c8a0C-b{y>SyavYE%SSo6MVCZ9 zEO>Yp0|)fS++=F2#o1aru@sS5W<9!%d|(}nxJ1Cb0_PU+)Tu(dG)Gft7aQdjDu5of zel3V@p7d{x&deC}B;4G@yuR!a0BTjIs3||(>t%3-fJJ}-Xo=Z!I=pwJ=Ur-OnFH;t z4AB)R4H}KET~bx6>O2&rX-9}^MMXOkY!H8O|wK-bIXEFc1(anh*N;H=e!a@Uh zbU`Wr6@}kp(4XtgJ{a1F(T*G=KUXSGsq~__q@s<#bMd;HNfVQpH#Y^JX7%1^GEr7m z%`2~dMnPd&uRI*u+BydWRB)+b(SqCfV%-jMa*HX=UPt7xM|#x{G@Bcp5-MvTQCJc(?&o|pIClv|>Jn+zRj19&fFN32={GdReOOAjNi5oAy@BpcI zJcFh(9Zh9A3jd+K=Lb3=pdXgKL5PS5aXJ_5=U`4XH@DcOGJLUa2YdHtSQo#vg~@25 zR#(T+A+ZjZ0Conk&0$duMpKX1t)m#f(W3@&DI#UsIIf$T%=g<5P?Gfpa^FD+ggx&k z3j{*UPP*V2tE3Rs&*_Ddh7VxV=G``FX&E^#6=LuH4F3DkHywU&)}ODsU;+jQSv-n{ zUa)`}$Mf1$wt#VC6S-8eeCdPi{N*c*-l{Ov|g8D+73dZ&lAwOrZ;}vPzM&U z2(?<bv;2VyN2u7#c!A&U>dbDD7`g#fq zZKbQBLt-xKJa9*di4NuA`7;41FZjk`xKvL|F~asNU}OiP@`&LBkVz$Wl0#do=m`D8 zgGd@afU72t;F*8SC26?*1okyokHXDO%;ka~wjZ>UT;|_@^Ce&I|9j#t`iBS6)Yw2- z&i^jD1$4O!mPp)4y>*IR`j`LvsndmWs5SP6Zqkid+eU*72vBnCEmL|Vue4*?U0N68 z2r{XJ7oM93fco5FwACjr4FX0*_UrIs3m-|fi(&g^cbZ+8`tKcC*=O1QqwQStlaJro zV{5DLzV}7mez*Iq)h#n7Ti39ZX0LY|8FS%qfq){B&>F(-bc7ib>d?1(cFBh>FU#u+ z9MzB6d~s$R%w{uxd-M&Pz|1Qr4C8@$(|bnh(bbWcUxGs3ebb(wt@+-%a?ZDIKM zKwsWlvA9Q~o58YAUsIDAxm?yQ*W0=4sI{#W0ZH_WOTB1=kSLnxNur|qxqLmPQqI5M zSZEgo{psi5@%)RcdxRJbMte!cZ~-z)U47>#<#Te2xpnr_)|Gr1_T?+DsixjXmN1`I(I@W~DP!-x47>Scp-{lI>#ratx}TlJ+4k)|3JS~k{EO{& z`S0DA&ixNABQ_?Ku+Tte-!|2ya_{=(DEszj*rh-H{3@P)epQFR_wtmo@Nc*B*uvXg zc3Ubc)V%-UX1nx#zaD48RS&v!4KI1uEnq`~iPSruB|G~pLXkU>!yd*>qU;^NMIh*y zfL#qN9XB?SBftKa|Gc+>W}*+p^12{J;nX4~pdK$s*~?h)!VFn2@MS(VNhh37PAAmySee^tAE48 z!ySdf6Hl3kwfwcZI_jJERo3h4?Uy`C+>py<$h~AFCnt0%|CJwX;^R-hwLGZNH{u;Q zqIXAbPJF;_A)s|g?I9s`))Z1_b&nX^KRk&3;X&P67ctSH*1hw33-0b>hfzDdf$x4e zz!OisYkAm$lL?AS>Gd+SU7Rj#^%)74m1&n^Xnh|p44J12m^1Gs8XKFCdB+ew=x(6* zXPX2{Sk>}h}~p}#GVMn9uBW- zGH9&Zdl(IB40Yug^ko=yrI;G*V?u>O0aqj^qSM#gY+~9%z^Iml%E}sk-uYW!%Uxz@ z9iDZzsGO!IGeV)j8kIe6Y$D5-KEyA()A(lFes=tHh=Rg0%;qNQYm2F`ErzmRyRAGj zse}Ty0`IWND2 zMT_5N`;UiOlC(fj3ju!wuI_8L-xu87#oUxKftfQVbM4eIo!T8jt=3Xep{7=6ztmJJ zl@Ju@+u@pLeVu{tzWlO8 zj2p`6QG*ygGM>bQXac)=$!OWRYBG-Ja_Dd-hmV|Q@4j?L1lBi`?=!dSeaN4iZ54;h^u$uZA(7XSbN07*qoM6N<$g6zf=Z~y=R literal 0 HcmV?d00001 diff --git a/img/onion.png b/img/onion.png new file mode 100644 index 0000000000000000000000000000000000000000..dd239f5fbbe9ca2a16d411b9dcbd0e4be22712a4 GIT binary patch literal 3226 zcmV;L3}y3)P)9iT+kf0_#>28;x zV)9Yjgf>wpneK6&Py9@05=CP)b~-NIE?L9~7#CDrI>=J82*@T|y?5siiVB+rsOj$e zSG{-Z9lmw$J->7AdBERs>`qewNJ>?o+LNMn<)3vVrK;~Gr6|K4pBvp*{?TAs1K^3I zRCO7^o>Zq-eUnm^XjjkwDEPZ~Lvn%BbAVw=O4UvR71jtn5kSK5q*V12;D9y4IO@ui z;z!$mscP`-2tC^Y`d8pFAOHnB27dx303TQ*^m$2X8rE?8{dqDWX7hbR3izc1a32sQ zg&Yd}41;0^;D1^p^m%(y6_Lk2Y$`%MQbJ7R2as>$7u#tW@XNd+ThW`wK) zqr<=2Rdm~d+V%#`o)i@WWAHtupP3mU@9eqHtfIJ(841XQn9X8E^p-aDbk<`!z?fF1 zHd!O|B!F2F#{EHdR9>15lS2g>#=kb3FVtZ1o;1?~B?j#Q6U(c>d>|4i2cjCy)gl-$ zBV5;ikm36q$^&MWjln^IgBLA${?1P#2fbKl*Ac?0VhPr8{m$<62T!p|gZw1KY!=OO zd3*A@%+ASsXYHC_Daogf>=@|2y{x)4K(8zl8P*8>cYyosArA?%S+F#C*16YoRZ15& zcEv4RCBdMl|4{Ge#(b$<*|;tw&=OnI| zfy93#qz7=o-`{WaM;~qky%s5$w9%gq63yPUCbp~$z3Q!f5LEXZM8~p~sKK;f!%EI6Ln2?VGcQs9WVdJ|i zIB{Y(-MV!FDM1KIOUnR3X<0eQa^8CPKiK=-4nX4X)t&i~uk+J^RyRec?>LSXArE`G zw*uQ9AN!a%clI;JjgJJQQ9f4P$-kA4udg>|4>Ovg(5p`$GO{jEo@v6<%?l|dLB9PM z*=syEZl{|oYs+2%EWnWm^`txSEfBjRet|goOV%)K*g&L|4CvpN zqT)NC*RgTKO1`q~$6Yhmr!y%rYo06^^Csi^O;Lfxz@Hxk(gGBzsygzc4>z%P-4f7i zn?0>?=5!iiVT1AQ>Q|qt1f0K+0jh=&@aX6ut`%HtTJjrq#)VG98Wx8T%0%FjD;8If zX+WpT7r$W6vr|EDR&J@Ch>eY>px`#oK0Bq!{Dt!w6yGiaVEdN0`AhmiM6-HDN`prN zM)2~el?cQmz^5IBJnHG`5t?!72>l0!G+SN|j-NQq3v(Cp`qGz~JavNej46bms;Zh* zZ!RV=aSI56*{d@HMg*WLElXD^CEYAR%npkKm zRhAVAya&{}@}w7V==G&>Or9Fkw2CkchJ{UG`n0F`{qI+U-t@Gae(@?kzMbp$qYykj zX*@HnivX2~5konXbpjz;FHxm5m@?$~hAg(Tt>vDhswzts&u#o3&15V-1`DNG$Q7hnbu>$1 zQ&L?(ol$%5dQa+v`VU1BD!`(=}lq}>UyJU)>Z|7|9U(ux;^z-G%QE$tGI z4jY6t491R$;Nx8fL3Kk2!ABo|hEJCOKvH9`a;b;j?mn1Jo&dA%1sMe}cHAg1>Vu`a zs+!U}H2!UZ3VAR9a>9uX9wh=u?<7f@G z3K<^ItxJ<-{$$@FR<2kC`rRf1o}FdGIy07kf6>b0kB@Ajq08cz@X^NyK?tT#i{|UE zQ=KC2@>C}!AzhqJkS?u3cJ=nQG-|AwSedYa?%n;H7`k*ZgV%n&mfgGFZ#7!0s%pR} zXWSDbLD6_JY82_|S23AP=!Wa_w?xv-(zD^RZ)=clCO6FqdF{$&=FFK2jrXFev3A`b z*!#)*;hgJ%`NvvXc$^_#DO-ZB8n%PKf^>MYl;XM$lceApn?uipxosH&=UE@xZE z`KmhS)~ap|GPk_!hZA35pg-r&UvU~OEh(dS?;eB>?B7b>(s*~n4ra}q$kUUf$hi7F zLNnv(X$GpX+47xfvuU5UxmF4aD{Kvy*IR=;b1SdVndU-5`|IddW<#dknau-WqQ^k~^aFSwPDe>XpR_w7^fb16wpxd6DK2!*p}FX8U)R{whx zwT-}m?{dBdIO;0n>|44lv0f+jT7LP;TrOU`3Ie=3d1AM>ln|S(fR)P^HSzGJ%hv%D z#U*!0NlVAa$5P*kP+YeF%d1PMvfl;x&=us?l9DnmT)0v%R9$>ox-1cJ$H%ub-=>@g zwUIYeg~Hp#sA^L)+1Yu3Mo!Kxl9SI8)H4uGG2y1&d%0DiaykDjhSUK*a|QW@l(J~n z>{mfGp=v5?R=>u!Eg#U?+l$q!8+!IXJbwFjaeW4AG%6}90fqDDGsw)$!Nb#xrf8U5 zK-TEhd~xMtfQ>*=TSaf!)vMpLJpOF}qGQIBoctZ$zJU}Mm-5Y*-!%DhWn~r8Xd1EJ z7B8TJvhoUk{@gVF^4C-J>pG;NcxWYH6!u@-2~Z5gx2H1C0XDt$_GUiacLdN`v0@>U zC(YsWgWFm7${V0s9Hon$fdfLw%Ca@_re7By@@?5npB_!jgs~humdxnBKXvG2GXSBG zeDf%m@=^eP(eTQqJ;#S%3Bkb`vlj5x$uoq64q)!w859+l5*pfvch_&KhmtU4NGJ;y zt#bB)5CV%=CoWySMtIl|wrtyliW|W`{gBNxQdKlE3eIu(%5H$wz~>$6nM=u3;K<|S z=0tDbx{mp=&kz;$99uX4mZ&Fx&a`RK^zYvXKmV?n&F);gaux5+7HqlsgogI!YwNLMq z^MCTX4D{|L9nv_jEr9mE?;Z~P5g58+`6ANNE|B=vQr>%iC%t<2WX8{8IC0`zQc^GQ z&8ajzJa&SO+gV!W*66n^EKYG9aInWyz z1dIhn0DUw~^|#w~FI81ET{m=9(JB<7=G5sm84j - + @@ -178,7 +178,7 @@ If you like this project and want to support continued development then

-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion. This documentation is under the GNU Free Documentation License version 1.3 +onion.png gfdl.png

From b2d95253986d8dc0d086775f901b3b10042380a8 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 12 Apr 2018 10:36:39 +0100 Subject: [PATCH 048/133] icon attributes --- doc/EN/index.org | 4 +++- website/EN/index.html | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index 127fbd1b..c007e553 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -22,5 +22,7 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h If you like this project and want to support continued development then [[./support.html][here's what to do]]. #+BEGIN_CENTER -[[file:images/onion.png]] [[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]] +#+attr_html: :height 30px +#+attr_latex: :height 30px +[[http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion][file:images/tor.png]] [[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]] #+END_CENTER diff --git a/website/EN/index.html b/website/EN/index.html index 0aef0e93..2fef4e4d 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -178,7 +178,7 @@ If you like this project and want to support continued development then

-onion.png gfdl.png +tor.png gfdl.png

From f44ce286fb9f6c6a74c5dcab4ea810b5559c0dd8 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 12 Apr 2018 10:39:10 +0100 Subject: [PATCH 049/133] More attributes --- doc/EN/index.org | 9 ++++++--- website/EN/index.html | 13 ++++++++++--- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index c007e553..86466a86 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -22,7 +22,10 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h If you like this project and want to support continued development then [[./support.html][here's what to do]]. #+BEGIN_CENTER -#+attr_html: :height 30px -#+attr_latex: :height 30px -[[http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion][file:images/tor.png]] [[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]] +#+attr_html: :width 80px :height 30px +#+attr_latex: :width 80px :height 30px +[[http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion][file:images/tor.png]] +#+attr_html: :width 80px :height 30px +#+attr_latex: :width 80px :height 30px +[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]] #+END_CENTER diff --git a/website/EN/index.html b/website/EN/index.html index 2fef4e4d..7143c8df 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -177,10 +177,17 @@ If you like this project and want to support continued development then
-

-tor.png gfdl.png + +

+

tor.png

+ +
+

gfdl.png +

+
+
From 948d17efc9b9d8556a94f5349365441a12507b0a Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Thu, 12 Apr 2018 10:41:19 +0100 Subject: [PATCH 050/133] More attributes --- doc/EN/index.org | 12 ++++++------ website/EN/index.html | 14 +++++--------- 2 files changed, 11 insertions(+), 15 deletions(-) diff --git a/doc/EN/index.org b/doc/EN/index.org index 86466a86..f67ea937 100644 --- a/doc/EN/index.org +++ b/doc/EN/index.org @@ -22,10 +22,10 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h If you like this project and want to support continued development then [[./support.html][here's what to do]]. #+BEGIN_CENTER -#+attr_html: :width 80px :height 30px -#+attr_latex: :width 80px :height 30px -[[http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion][file:images/tor.png]] -#+attr_html: :width 80px :height 30px -#+attr_latex: :width 80px :height 30px -[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]] +#+attr_html: :width 80px +#+attr_html: :height 30px +file:images/tor.png]] +#+attr_html: :width 80px +#+attr_html: :height 30px +file:images/gfdl.png]] #+END_CENTER diff --git a/website/EN/index.html b/website/EN/index.html index 7143c8df..3e836fe9 100644 --- a/website/EN/index.html +++ b/website/EN/index.html @@ -4,7 +4,7 @@ - + @@ -177,18 +177,14 @@ If you like this project and want to support continued development then
- -
-

tor.png +

+tor.png]]

-
- -
-

gfdl.png +

+gfdl.png]]

-
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,7 +144,8 @@ for the JavaScript code in this tag.
-
+

+

logo.png @@ -244,41 +153,56 @@ for the JavaScript code in this tag.

-

Mesh Network: How to use it

+
+

+<center><h1>Mesh Network: How to use it</h1></center> +

+ +

When you first boot from the USB drive the system will create some encryption keys, assign a unique network address to the system and then reboot itself. When that's done you should see a prompt asking for a username. This username just makes it easy for others to initially find you on the mesh and will appear in the list of users.

-
-

mesh_initial_login.jpg +

mesh_initial_login.jpg

-
+

After a minute or two if you are within wifi range and there is at least one other user on the network then you should see additional icons appear on the desktop, such as Other Users and Chat.

-
-

Boot trouble

-
+
+

Boot trouble

+

If the system doesn't boot and reports an error which includes /dev/mapper/loop0p1 then reboot with Ctrl-Alt-Del and when you see the grub menu press e and manually change /dev/mapper/loop0p1 to /dev/sdb1, then press Ctrl-x. If that doesn't work then reboot and try /dev/sdc1 instead.

@@ -288,9 +212,9 @@ After the system has booted successfully the problem should resolve itself on su

-
-

Set the Date

-
+
+

Set the Date

+

On the ordinary internet the date and time of your system would be set automatically via NTP. But this is not the internet and so you will need to manually ensure that your date and time settings are correct. You might need to periodically do this if your clock drifts. It's not essential that the time on your system be highly accurate, but if it drifts too far or goes back to epoch then things could become a little confusing in regard to the order of blog posts.

@@ -300,9 +224,9 @@ On the ordinary internet the date and time of your system would be set automatic

-
-

Check network status

-
+
+

Check network status

+

Unlike with ordinary wifi, on the mesh you don't get a signal strength icon and so it's not simple to see if you have a good connection.

@@ -312,29 +236,24 @@ Select the wifi icon on the desktop and enter the password 'freedombone'.

-
-
-

mesh_signal.jpg +

mesh_signal.jpg

-

When you are finished close the window and then select the Network Restart desktop icon, which will restart the B.A.T.M.A.N. network. You can also use the restart icon if you are within range of the mesh network but the Chat and Other Users icons do not automatically appear after a few minutes.

-
-

Connecting to the internet

-
-
+
+

Connecting to the internet

+
-

mesh_architecture2.jpg +

mesh_architecture2.jpg

-

If you need to be able to access the internet from the mesh then connect one of the peers to an internet router using an ethernet cable (shown as yellow above), then reboot it. Other peers in the mesh, including any attached mobile devices, will then be able to access the internet using the ethernet attached peer as a gateway. Freifunk works in a similar way. @@ -349,6 +268,7 @@ If for legal reasons you need to connect to the internet via a VPN then openvpn

+ 
sudo openvpn myclient.ovpn
@@ -358,16 +278,14 @@ Where myclient.ovpn comes from your VPN provider and with the password "<

-
-

Connecting two meshes over the internet via a VPN tunnel

-
-
+
+

Connecting two meshes over the internet via a VPN tunnel

+
-

mesh_architecture_vpn.jpg +

mesh_architecture_vpn.jpg

-

Maybe the internet exists, but you don't care about getting any content from it and just want to use it as a way to connect mesh networks from different geographical locations together. @@ -377,13 +295,11 @@ Maybe the internet exists, but you don't care about getting any content from it In your home directory on a system connected via ethernet to an internet router you'll find a file called vpn.tar.gz. If you want another mesh to be able to connect to yours then send them this file and get them to uncompress it into their home directory also on an internet gateway machine. If they have an external IP address or domain name for your router then they will be able to VPN connect using the Connect Meshes icon. They should also forward port 653 from their internet router to the mesh gateway machine.

-
-

mesh_connect.png +

mesh_connect.png

-

You should create a new vpn.tar.gz file for every other mesh which wants to be able to connect to yours. If you are prompted for a password it is 'freedombone'. @@ -395,16 +311,14 @@ From a deep packet inspection point of view the traffic going over the internet

-
-

Mobile devices (phones, etc)

-
-
+
+

Mobile devices (phones, etc)

+
-

mesh_architecture3.jpg +

mesh_architecture3.jpg

-

To allow mobile devices to connect to the mesh you will need a second wifi adapter connected to your laptop/netbook/SBC. Plug in a second wifi adapter then reboot the system. The second adaptor will then create a wifi hotspot (the connection shown in green above) which mobile devices can connect to. The hotspot name also contains its local IP address (eg. "mesh-192.168.1.83"). @@ -414,33 +328,29 @@ To allow mobile devices to connect to the mesh you will need a second wifi adapt On a typical Android device go to Settings then Security and ensure that Unknown sources is enabled. Also within Wifi from the Settings screen select the mesh hotspot. The password is "freedombone". Open a non-Tor browser and navigate to the IP address showing in the hotspot name. You can then download and install mesh apps.

-
-

mesh_mobileapps.jpg +

mesh_mobileapps.jpg

-

On some android devices you may need to move the downloaded APK file from the Downloads directory to your home directory before you can install it.

-
-

Chat System

-
+
+

Chat System

+

Ensure that you're within wifi range of at least one other mesh peer (could be a router or client) and then you should see that the Chat and Other Users icons appear. Select the users icon and you should see a list of users on the mesh.

-
-

mesh_peerslist.png +

mesh_peerslist.png

-

Selecting a user followed by the Ok button will copy their Tox ID to the clipboard. @@ -450,49 +360,41 @@ Selecting a user followed by the Ok button will copy their Tox ID to the clipboa Now select the Chat icon and once you are connected you should see the status light turn green. If after a few minutes you don't get the green status light then try closing and re-opening the Tox chat application. Select the plus button to add a friend and then paste in a Tox ID.

-
-

mesh_paste_tox_id.jpg +

mesh_paste_tox_id.jpg

-

The other user can then accept or decline your friend request.

-
-

mesh_friend_request.jpg +

mesh_friend_request.jpg

-

You can also select an avatar by selecting the grey head and shoulders image.

-
-

mesh_choose_avatar.jpg +

mesh_choose_avatar.jpg

-

And by selecting the user from the list on the left hand side the chat can begin.

-
-

mesh_text_chat.jpg +

mesh_text_chat.jpg

-

One important point is that by default the microphone is turned off. When doing voice chat you can select the microphone volume with the drop down slider in the top right corner of the screen. @@ -504,32 +406,28 @@ At present video doesn't work reliably, but text and voice chat do work well.

-
-

Collaborative document editing

-
+
+

Collaborative document editing

+

The mesh system includes the ability to collaboratively edit various sorts of documents using CryptPad. CryptPad is an almost peer-to-peer system in that it is designed for a client/server environment but that the server aspect of it is very minimal and limited to orchestrating the connected clients. With CryptPad installed on each mesh peer it effectively enables peer-to-peer collaborative editing. Documents are ephemeral and forgotten unless they're exported or copy-pasted to permanent storage.

-
-

mesh_cryptpad1.jpg +

mesh_cryptpad1.jpg

-

To create a document click on the CryptPad icon. Depending upon the specifications of your system it may take a few seconds to load, so don't be too disturned if the browser contents look blank for a while. Select Rich Text Pad and give yourself a username.

-
-

mesh_cryptpad2.jpg +

mesh_cryptpad2.jpg

-

If you have the chat system running you can then copy and paste the URL for your pad into the chat, and the other user can then open the link and edit the document with you. You can repeat that for however many other users you wish to be able to edit. @@ -537,9 +435,9 @@ If you have the chat system running you can then copy and paste the URL for your

-
-

Social Network

-
+
+

Social Network

+

Patchwork is available as a social networking system for the mesh. Like all social network systems it has a stream of posts and you can follow or unfollow other users. You can also send private messages to other users with end-to-end encryption.

@@ -548,25 +446,21 @@ Patchwork is available as a social networking system for the mesh. Like all soci Double click on the "Social" icon to open the app, then add your nickname and optionally a description. If you want to choose an avatar image some can be found within the directory /usr/share/freedombone/avatars. On older systems or systems without a hardware random number generator, Patchwork sometimes takes a long time (a few minutes) to open for the first time after clicking the icon. This is most likely due to the initial generation of encryption keys, so be patient.

-
-

patchwork_setup.jpg +

patchwork_setup.jpg

-

Other Patchwork users on the mesh will appear automatically under the local list and you can select and follow them if you wish. It's also possible to select the dark theme from settings on the drop down menu if you prefer.

-
-

patchwork_public.jpg +

patchwork_public.jpg

-

The Secure Scuttlebutt protocol which Patchwork is based upon is intended to be robust to intermittent network connectivity, so you can write posts when out of range and they will sync once you are back in the network. @@ -574,72 +468,63 @@ The Secure Scuttlebutt protocol which Patchwork is based upon is intended to be

-
-

Sharing Files

-
+
+

Sharing Files

+

You can make files publicly available on the network simply by dragging and dropping them into the Public folder on the desktop. To view the files belonging to another user select the desktop icon called Visit a site and enter the username or Tox ID of the other user.

-
-

mesh_share_files.jpg +

mesh_share_files.jpg

-
-
-

Blogging

-
+
+

Blogging

+

To create a blog post select the Blog icon on the desktop and then select New blog entry and Ok. Edit the title of the entry and add your text. You can also include photos if you wish - just copy them to the CreateBlog/content/images directory and then link to them as shown.

-
-

mesh_blog.png +

mesh_blog.png

-

To finish your blog entry just select Save and then close the editor. On older hardware it may take a while to publish the results, and this depends upon the amount of computation needed by IPFS to create file hashes. If you make no changes to the default text then the new blog entry will not be saved.

-
-

mesh_new_blog2.jpg +

mesh_new_blog2.jpg

-
-
+
-

mesh_view_blog.jpg +

mesh_view_blog.jpg

-

You can also visit other blogs, edit or delete your previous entry and change your blog theme.

-
-

mesh_select_blog_theme.png +

mesh_select_blog_theme.png

-
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Akaunting

-
+
+

Akaunting

+

The Freedombone system isn't primarily aimed at companies or institutions, but if you're a one person company or freelancer then having the ability to run your own accounting system and keep the data private and also backed up is useful. Akaunting provides a nice web based system for small business accounts, and is also quite usable within a mobile web browser.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -280,25 +189,21 @@ From the Administrator control panel select Passwords and look up Now in a browser navigate to your subdomain. You will need to enter some details for the database. The password should be the mariadb one.

-
-

akaunting_setup.jpg +

akaunting_setup.jpg

-

After that you'll need to enter a company name and an email address. You can make the administrator password anything you prefer, and a suggestion can be found within the Passwords section of the Administrator control panel under akaunting.

-
-

akaunting_setup_company.jpg +

akaunting_setup_company.jpg

-

From then on the system should be usable. Accounts software can often be quite complex, and so you'll probably want to refer to the official documentation for details. diff --git a/website/EN/app_bdsmail.html b/website/EN/app_bdsmail.html index 8d22c13a..0a1a760d 100644 --- a/website/EN/app_bdsmail.html +++ b/website/EN/app_bdsmail.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

BDS Mail

-
+
+

BDS Mail

+

BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existing email server which comes installed as default. It creates an extra folder within the Mutt client which allows you to send and receive email using i2p as the transport layer. This solves the problem of being blocked by dubious systems and also the problem of user friendly email encryption. If you're behind a hostile firewall which you don't control and which blocks all ports, this system is still likely to work. You can use GPG as an additional encryption layer if you prefer, but it's not strictly necessary because you already have the i2p public key system to ensure end-to-end security.

@@ -255,15 +161,18 @@ BDS Mail (aka "Brain Dead Simple Mail") is an optional addition to the existing

It's unlikely that many people will use this. If it's hard to persuade anyone to use GPG or Enigmail then it will be next to impossible to persuade them to switch to BDS Mail unless they're already obsessive about technical security. However, this provides yet another option for reasonably secure communications if other methods fail or are untrustable.

+
+
-
-

Installation

-
+
+

Installation

+

ssh into the system with:

+ 
ssh myusername@mydomain.com -p 2222
diff --git a/website/EN/app_bludit.html b/website/EN/app_bludit.html index a5bc9a0b..b8196b8f 100644 --- a/website/EN/app_bludit.html +++ b/website/EN/app_bludit.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Bludit

-
+
+

Bludit

+

This is a databaseless blogging system which uses markdown files. It's not very complex and so there is not much to go wrong, and it should run well on any server hardware.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
diff --git a/website/EN/app_cryptpad.html b/website/EN/app_cryptpad.html index f0564961..dec9b0f9 100644 --- a/website/EN/app_cryptpad.html +++ b/website/EN/app_cryptpad.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,25 +144,21 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
-
-

CryptPad

-
- -
+
+

CryptPad

+
-

cryptpad.jpg +

cryptpad.jpg

-

This is similar to EtherPad but with better security and more document types which can be collaboratively edited in real time. It includes not just text editing but also creating presentations, voting and editing source code. @@ -271,17 +175,20 @@ Enabling someone to edit a document is as simple as sending them the URL via a c

Documents are stored locally within the browser of each user and the server just acts as a coordinator. No documents are stored on the server.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

diff --git a/website/EN/app_dokuwiki.html b/website/EN/app_dokuwiki.html index 380ff49c..fcb1c56c 100644 --- a/website/EN/app_dokuwiki.html +++ b/website/EN/app_dokuwiki.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -235,31 +144,31 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

Dokuwiki

-
+
+

Dokuwiki

+

Dokuwiki is a wiki which stores its content in text files. Having no database makes maintaining it simpler, and it's not tied to any particular domain name so you can easily copy the files to a different domain if you need to.

+
+
- -
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -278,9 +187,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Dokuwiki domain listed there along with an onion address. You can then navigate to your site in a browser.

diff --git a/website/EN/app_edith.html b/website/EN/app_edith.html index fb31fd66..e61039f9 100644 --- a/website/EN/app_edith.html +++ b/website/EN/app_edith.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Edith Notes

-
+
+

Edith Notes

+

Edith notes is the simplest and quickest kind of notes system. It has no complicated user interface. Just enter your domain and a title and a note will be created. Everything typed is saved automatically.

@@ -261,6 +167,7 @@ ssh into the system with:

+ 
ssh myusername@mydomain.com -p 2222
@@ -269,18 +176,18 @@ ssh into the system with: Select Administrator controls then App Settings then edith. Enter a subdomain name, such as notes.mydomain.com, and optionally a freedns code. When the installation is complete you can then look up the password for the site within the Passwords section of the Administrator control panel, then navigate to the subdomain. Log in, then enter something like notes.mydomain.com/testnote and start typing.

-
-

edith_notes.jpg +

edith_notes.jpg

-

It is possible to turn off the login via App Settings/edith if you wish, but this will enable anyone on the internet to view or edit notes on your system, which could have obvious privacy or stability implications. From App settings/edith it's also possible to browse through your notes files.

+
+
@@ -235,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Emacs

-
+
+

Emacs

+

Emacs is a text editor popular with software developers or anyone who needs to take notes at high speed or be able to customise their editing environment to a high degree. When installed on Freedombone it can be used together the Mutt email client to edit new emails or if you need to manually edit configuration files.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -273,9 +183,9 @@ Select Add/Remove Apps. If Vim is selected then you might want to unselec
-
-

Common key combinations

-
+
+

Common key combinations

+

For anyone new to Emacs some common keys are:

@@ -284,64 +194,64 @@ For anyone new to Emacs some common keys are: - + - + -CTRL-x CTRL-s -Save +CTRL-x CTRL-s +Save -CTRL-x CTRL-c -Exit +CTRL-x CTRL-c +Exit -CTRL-l -Go to a line number +CTRL-l +Go to a line number -CTRL-x CTRL-f -Open a file +CTRL-x CTRL-f +Open a file -SHIFT-ALT-< -Go to the top of the file +SHIFT-ALT-< +Go to the top of the file -SHIFT-ALT-> -Go to the end of the file +SHIFT-ALT-> +Go to the end of the file -SHIFT cursors -Select text +SHIFT cursors +Select text -CTRL-x CTRL-h -Highlight all text +CTRL-x CTRL-h +Highlight all text -ALT-w -Copy selected text +ALT-w +Copy selected text -CTRL-y -Paste selected text +CTRL-y +Paste selected text -ESC-ESC-ESC -Undo current selection +ESC-ESC-ESC +Undo current selection diff --git a/website/EN/app_etherpad.html b/website/EN/app_etherpad.html index 57088115..688572a6 100644 --- a/website/EN/app_etherpad.html +++ b/website/EN/app_etherpad.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Etherpad

-
+
+

Etherpad

+

This is a well known system for real time collaborative editing of documents. Just log in, choose a document title and then edit. Different users will appear in different colours, and can also chat in the sidebar. This is installed as a private system in which only users on your Freedombone server will be able to create and edit documents, so it's not open to any random users on the internet.

@@ -255,17 +161,20 @@ This is a well known system for real time collaborative editing of documents. Ju

If security is an especially important factor then you might also want to consider installing CryptPad instead. It has more features and doesn't store any documents on the server.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -282,9 +191,9 @@ After the install has completed go to Security settings and select Cre

-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Etherpad domain listed there along with an onion address. You can then navigate to your site in a browser.

diff --git a/website/EN/app_fedwiki.html b/website/EN/app_fedwiki.html index 05a13b65..f145e518 100644 --- a/website/EN/app_fedwiki.html +++ b/website/EN/app_fedwiki.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Federated Wiki

-
+
+

Federated Wiki

+

Federated wikis are a relatively new concept. There can be multiple copies of the same page on different servers and it's then easy to pick which version you prefer, or make something new. It's like wiki meets mashup meets federation, and so is different from many previous web paradigms and may take some recalibration of how you think the web should work.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -275,9 +184,9 @@ Select Add/Remove Apps then fedwiki. You will then be asked for a
-
-

Usage

-
+
+

Usage

+

First you'll need to get the login password, which can be found on the Administrator control panel under Passwords then fedwiki.

@@ -291,15 +200,24 @@ There are a few things to know about using the federated wiki.

    -
  • You can edit by clicking on the wiki button at the bottom of the screen
    • -
  • To edit a paragraph double click on it
    • -
  • To remove a paragraph just delete all of its text
    • -
  • Paragraphs can be dragged up and down to change their order, or moved between pages
    • -
  • To add a new paragraph use the + button
    • -
  • You can use left and right cursor keys to move through pages
    • -
  • To claim/fork a page from another server click on the flag icon
    • -
  • When done editing click on the wiki button again
    • -
  • Different versions of the same page on different servers are represented by boxes at the bottom right of the screen. You can double click on them to see the different versions, and use the flag icon to fork if you prefer that version
    • +
  • You can edit by clicking on the wiki button at the bottom of the screen +
    • +
  • To edit a paragraph double click on it +
    • +
  • To remove a paragraph just delete all of its text +
    • +
  • Paragraphs can be dragged up and down to change their order, or moved between pages +
    • +
  • To add a new paragraph use the + button +
    • +
  • You can use left and right cursor keys to move through pages +
    • +
  • To claim/fork a page from another server click on the flag icon +
    • +
  • When done editing click on the wiki button again +
    • +
  • Different versions of the same page on different servers are represented by boxes at the bottom right of the screen. You can double click on them to see the different versions, and use the flag icon to fork if you prefer that version +
diff --git a/website/EN/app_friendica.html b/website/EN/app_friendica.html index 8b06ebcd..302d58a2 100644 --- a/website/EN/app_friendica.html +++ b/website/EN/app_friendica.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,32 +144,33 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Friendica

-
+
+

Friendica

+

Friendica is a federated social networking system. It can federate with other popular systems such as GNU Social and Diaspora. Currently Friendica only works on the clearnet and doesn't have an onion address.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -279,9 +188,9 @@ After the install has completed go to Security settings and select Cre

-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Friendica domain listed there. You can then navigate to your site in a browser.

@@ -290,13 +199,11 @@ If you have just obtained a Lets Encrypt certificate as above then go to Abou On first visiting your Friendica site you'll see the login screen. The first thing you need to do is to select register to create a new Friendica administrator user. The first user on the system then becomes its administrator.

-
-

friendicaadmin.jpg +

friendicaadmin.jpg

-

Friendica has numerous addons which you might want to explore. Select the small icon next to the search box and you will get to the administrator settings. Select plugins and you can then configure which ones you want. From the site settings you can also force all links to use SSL/TLS for added security. diff --git a/website/EN/app_gnusocial.html b/website/EN/app_gnusocial.html index 132c1442..7b5ebb13 100644 --- a/website/EN/app_gnusocial.html +++ b/website/EN/app_gnusocial.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

GNU Social

-
+
+

GNU Social

+

GNU Social is typically referred to as a microblogging system, although with a maximum post length much longer than Twitter it's really a sort of federated community blog with a stream-based appearance which also supports markdown formatting.

@@ -265,23 +171,23 @@ Some general advice about life in the fediverse can b

-
-
-

gnusocial_pleroma.jpg +

gnusocial_pleroma.jpg

+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -300,9 +206,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your GNU Social domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -319,63 +225,61 @@ Once you have logged in to GNU Social you may then want to select Admin a GNU Social has a clutter-free mobile user interface which can be accessed via a Tor compatible browser (make sure to add a NoScript exception). Unlike similar proprietary sites there are no bribed posts.

-
-

gnusocial_mobile.jpg +

gnusocial_mobile.jpg

-
-
-

Switching user interfaces

-
+
+

Switching user interfaces

+

A few web based user interfaces are available for GNU SOcial. They are selectable by going to the Administrator control panel and choosing App settings then gnusocial.

-
-

gnusocial_settings.jpg +

gnusocial_settings.jpg

-
    -
  • Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived
    • -
  • Pleroma: A modern and lightweight user interface
    • -
  • Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations.
    • +
  • Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived +
    • +
  • Pleroma: A modern and lightweight user interface +
    • +
  • Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations. +
-
-

Using with Emacs

-
-
+
+

Using with Emacs

+
-

gnu-social-mode.jpg +

gnu-social-mode.jpg

-

If you are an Emacs user it's also possible to set up GNU Social mode as follows:

+ 
mkdir ~/elisp
 git clone https://github.com/bashrc/gnu-social-mode ~/elisp/gnu-social-mode
-echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
-echo "(require 'gnu-social-mode)" >> ~/.emacs
-echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
-echo "      gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs
-echo "    gnu-social-username \"yourusername\"" >> ~/.emacs
-echo "    gnu-social-password \"gnusocialpassword\")" >> ~/.emacs
+echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
+echo "(require 'gnu-social-mode)" >> ~/.emacs
+echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
+echo "      gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs
+echo "    gnu-social-username \"yourusername\"" >> ~/.emacs
+echo "    gnu-social-password \"gnusocialpassword\")" >> ~/.emacs
@@ -384,6 +288,7 @@ And as a quick reference the main keys are:

+ 
M-x gnu-social
@@ -396,54 +301,54 @@ The basics: - + - + -i -Show icons +i +Show icons -CTRL-c CTRL-s -Post status update +CTRL-c CTRL-s +Post status update -r -Repeat +r +Repeat -F -Favourite +F +Favourite -CTRL-c CTRL-h -Highlight +CTRL-c CTRL-h +Highlight -R -Reply to user +R +Reply to user -CTRL-c CTRL-r -Show replies +CTRL-c CTRL-r +Show replies -CTRL-c CTRL-f -Friends timeline +CTRL-c CTRL-f +Friends timeline -CTRL-c CTRL-v -View user profile +CTRL-c CTRL-v +View user profile @@ -456,19 +361,19 @@ Navigation: - + - + -j -Next +j +Next -k -Previous +k +Previous @@ -481,70 +386,68 @@ Showing timelines: - + - + -g -Current timeline +g +Current timeline -CTRL-c CTRL-a -Public timeline +CTRL-c CTRL-a +Public timeline -CTRL-c CTRL-g -Group timeline +CTRL-c CTRL-g +Group timeline -CTRL-c CTRL-t -Tag timeline +CTRL-c CTRL-t +Tag timeline -CTRL-c CTRL-k -Stop +CTRL-c CTRL-k +Stop -CTRL-c CTRL-u -User timeline +CTRL-c CTRL-u +User timeline -CTRL-c CTRL-c -Conversation timeline +CTRL-c CTRL-c +Conversation timeline -CTRL-c CTRL-o -Remote user timeline +CTRL-c CTRL-o +Remote user timeline -CTRL-c CTRL-d -Post direct Message +CTRL-c CTRL-d +Post direct Message
-
-

Blocking controls

-
-
+
+

Blocking controls

+
-

control_panel_blocking.jpg +

control_panel_blocking.jpg

-

The biggest hazard with GNU Social is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the Administrator control panel and selecting Domain or User Blocking, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage. diff --git a/website/EN/app_gogs.html b/website/EN/app_gogs.html index 26c05ff5..8de916d8 100644 --- a/website/EN/app_gogs.html +++ b/website/EN/app_gogs.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -235,18 +144,16 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

Gogs

-
+ -
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -281,9 +191,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Gogs domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -293,6 +203,7 @@ In a browser navigate to your Gogs site and click the Register button. Th

+ 
sudo username@domainname -p 2222
diff --git a/website/EN/app_htmly.html b/website/EN/app_htmly.html index 6b0b9c69..9b045dc9 100644 --- a/website/EN/app_htmly.html +++ b/website/EN/app_htmly.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -235,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

HTMLy

-
+
+

HTMLy

+

HTMLy is a databaseless blogging system.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -277,9 +187,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your HTMLy blog domain listed there along with an onion address. You can then navigate to your site in a browser.

diff --git a/website/EN/app_hubzilla.html b/website/EN/app_hubzilla.html index 373d35a4..af416cb8 100644 --- a/website/EN/app_hubzilla.html +++ b/website/EN/app_hubzilla.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,32 +144,33 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Hubzilla

-
+
+

Hubzilla

+

Hubzilla is a web publishing and social network system which includes wiki, web pages, photo albums and file storage. It also has privacy controls which allow you to define who can see which content. It's possible to write posts and have them visible only to a group of friends (known as "privacy groups"), with the encryption being handled automatically. Currently Hubzilla only works on the clearnet and doesn't have an onion address.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -279,9 +188,9 @@ After the install has completed go to Security settings and select Cre

-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Hubzilla domain listed there. You can then navigate to your site in a browser.

@@ -290,16 +199,14 @@ If you have just obtained a Lets Encrypt certificate as above then go to Abou On first visiting your Hubzilla site you'll see the login screen. The first thing you need to do is register a new user. The first user on the system then becomes its administrator.

-
-

hubzilla_mobile.jpg +

hubzilla_mobile.jpg

-
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Icecast

-
+
+

Icecast

+

Icecast enables you to run something like an internet radio station. So if you have multiple audio files and want to be able to stream those in sequence from a web site then this can be useful.

@@ -255,15 +161,18 @@ Icecast enables you to run something like an internet radio station. So if you h

This system is available only via an onion address, which should mitigate the potential for copyright disputes over streamed content. By default it's only set up to stream to a small number of users so that it doesn't put too much stress on CPU or memory requirements, although you can increase the maximum limit if you have a more powerful system and enough bandwidth.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -278,9 +187,9 @@ If you then go to the About screen you'll see the onion address for Iceca
-
-

Adding files to be streamed

-
+
+

Adding files to be streamed

+

There are two ways to get files onto the system: either via ssh or via a USB drive. File types can be ogg, ogv, mp3 or mp4 format.

@@ -290,9 +199,9 @@ It may take a while for the files to import, especially on a low power single bo

-
-

From a USB drive

-
+
+

From a USB drive

+

Create a directory on the USB drive named icestream and copy your files into there. Plug the drive into your server.

@@ -303,14 +212,15 @@ Go to the Administrator control panel, select App settings, then <
-
-

Via ssh

-
+
+

Via ssh

+

Make a directory named icestream and copy your files into it. Then copy the directory to your server.

+ 
scp -r -P 2222 icestream myusername@mydomain:/home/myusername
@@ -320,6 +230,7 @@ Log into your server with:

+ 
ssh myusername@mydomain -p 2222
@@ -331,9 +242,9 @@ Select Administrator controls, enter your password, then go to App set
-
-

Access controls

-
+
+

Access controls

+

By default anyone who happens to find your Icecast onion address can listen to your stream. If you only want it to be available to a few friends or family then you can add an extra login password.

diff --git a/website/EN/app_irc.html b/website/EN/app_irc.html index 7a17e7e1..106427a1 100644 --- a/website/EN/app_irc.html +++ b/website/EN/app_irc.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -235,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

IRC

-
+
+

IRC

+

IRC is useful for multi-user chat. The classic use case is for software development where many engineers might need to coordinate their activities, but it's also useful for meetings, parties and general socialising.

+
+
-
-

Irssi

-
+
+

Irssi

+

The easiest way to use irssi is to connect to your system, like this:

+ 
ssh myusername@mydomain -p 2222
@@ -269,9 +179,9 @@ Then select IRC from the menu. However, other than via this method using
-
-

HexChat

-
+
+

HexChat

+

HexChat (formerly XChat) is compatible with proxying via Tor and so provides the best security when connecting to your IRC server. It will allow you to connect to your IRC server's onion address.

@@ -281,6 +191,7 @@ First install HexChat and set up its configuration file. This can be done on you

+ 
freedombone-client --setup hexchat
@@ -290,6 +201,7 @@ Now look up the onion address for your IRC server

+ 
ssh username@mydomainname -p 2222
@@ -324,7 +236,7 @@ If you are using the ordinary domain name (clearnet/ICANN) then make sure that <
-

hexchat_setup_clearnet.jpg +

hexchat_setup_clearnet.jpg

@@ -334,7 +246,7 @@ If you are using the onion address then use SSL should be unchecked and t
-

hexchat_setup.jpg +

hexchat_setup.jpg

@@ -352,9 +264,9 @@ Click close and then connect.
-
-

Emacs

-
+
+

Emacs

+

If you are an Emacs user then you can also connect to your IRC server via Emacs.

@@ -364,6 +276,7 @@ Ensure that tor is installed onto your local system:

+ 
sudo apt-get install tor
@@ -373,6 +286,7 @@ Add the following to your Emacs configuration file:

+ 
(setq socks-noproxy '("localhost"))
 (require 'socks)
 (require 'tls)
@@ -386,14 +300,15 @@ Add the following to your Emacs configuration file:
-
-

Changing or removing the IRC password

-
+
+

Changing or removing the IRC password

+

By default the IRC server is set up to require a password for users to log in. The password is the same for all users. If you want to change or remove the password:

+ 
ssh myusername@mydomain -p 2222
diff --git a/website/EN/app_kanboard.html b/website/EN/app_kanboard.html index 4a3b1f55..e3cded05 100644 --- a/website/EN/app_kanboard.html +++ b/website/EN/app_kanboard.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,32 +144,33 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

KanBoard

-
+
+

KanBoard

+

Kanbans are one way of managing projects. They're traditionally used in businesses but can also be useful for personal TODO lists or within open source or DIY projects. If you have a list of things which need to be done and want to keep track of progress then this provides a way to do that.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -278,9 +187,9 @@ After the install has completed go to Security settings and select Cre

-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your KanBoard domain listed there along with an onion address. You can then navigate to your site in a browser.

diff --git a/website/EN/app_keyserver.html b/website/EN/app_keyserver.html index 1421b6f0..f173acd9 100644 --- a/website/EN/app_keyserver.html +++ b/website/EN/app_keyserver.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

OpenPGP Key Server

-
+
+

OpenPGP Key Server

+

The web of trust is a nice idea, but how trustable is it? If you take a look at how many OpenPGP key servers are out there then there are a two or three main ones and not much else. Can you trust those servers? Who is maintaining them and how often? Is any censorship going on? How hard would it be for adversaries to get implants onto them? In terms of technology this infrastructure is quite old and it could have been neglected for a long time. Once vigilant maintainers might have turned lazy and gotten lax with server security, or been recruited over to the dark side.

@@ -256,24 +162,25 @@ The web of trust is a nice idea, but how trustable is it? If you take a l For these kinds of reasons you might prefer to run your own web of trust infrastructure. In simple terms it's a database of GPG public keys which provides a way for users to find out how to communicate with others securely via email. You can meet in person and exchange public keys via sneakernet on USB drives, but most users of GPG don't do that. Instead they just download the public key for a given email address from one of the key servers.

-
-

keyserver.jpg +

keyserver.jpg

+
-
-

Installation

-
+
+

Installation

+

ssh into the system with:

-
ssh myusername@mydomain.com -p 2222
-
+ +
ssh myusername@mydomain.com -p 2222
+

@@ -286,16 +193,17 @@ After the install has completed go to Security settings and select Cre

-
-

How to use it

-
+
+

How to use it

+

Interaction with the web user interface is pretty minimal and obvious, but most likely you will also want to be able to use your keyserver from the commandline. To do that use the –keyserver option. For example to search for a key on your server:

-
gpg --keyserver [your keyserver domain] --search-keys [email address]
-
+ +
gpg --keyserver [your keyserver domain] --search-keys [email address]
+
@@ -304,8 +212,9 @@ Or to send a key to it:

-
gpg --keyserver [your keyserver domain] --send-keys [email address or key ID]
-
+ +
gpg --keyserver [your keyserver domain] --send-keys [email address or key ID]
+

@@ -313,14 +222,15 @@ Or to get a key:

-
gpg --keyserver [your keyserver domain] --recv-keys [email address or key ID]
-
+ +
gpg --keyserver [your keyserver domain] --recv-keys [email address or key ID]
+
-
-

Sync with other keyservers

-
+
+

Sync with other keyservers

+

Key servers avoid censorship or errors by gossiping between each other and cross referencing the data. You can define which other servers your key server will gossip with by going to the Administrator control panel, selecting App Settings then keyserver then Sync with other keyserver.

@@ -330,9 +240,9 @@ It's a good idea not to try to sync with the popular OpenPGP key servers, becaus

-
-

Possible problems

-
+
+

Possible problems

+

OpenPGP key servers are not very well defended from flooding attacks. This means that an adversary could just upload a billion keys to destabilize the server and fill it with nonsense to make it unusable. Since key servers are fully open to the public there isn't anything to prevent that from happening.

diff --git a/website/EN/app_koel.html b/website/EN/app_koel.html index c4f729c0..5aad5e96 100644 --- a/website/EN/app_koel.html +++ b/website/EN/app_koel.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,40 +144,39 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Koel

-
+
+

Koel

+

This enables you to store your music on the Freedombone server and then access it from any internet connected device. If you just want to make music accessible within your home network then DLNA is usually sufficient, but if you want to be able to play your music from anywhere then Koel is a better option.

-
-

koel.jpg +

koel.jpg

+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -288,42 +195,39 @@ Go back to the Administrator control panel, select Passwords then Once logged in go to settings and set the media path to /music.

-
-

koelsettings.jpg +

koelsettings.jpg

-
-
-

Importing music

-
+
+

Importing music

+

This app doesn't have any way to upload music and instead just expects that there will be a directory on the server containing music files. There are a couple of ways to get new music files onto the system: either by using ssh or by putting them onto a USB drive.

-
-

control_panel_koel.jpg +

control_panel_koel.jpg

-
-
-

Via ssh

-
+
+

Via ssh

+

On your local system:

-
scp -P 2222 -r ~/Music username@domainname:/home/username
-
+ +
scp -P 2222 -r ~/Music username@domainname:/home/username
+

@@ -335,8 +239,9 @@ Now log in to your Freedombone system:

-
ssh username@domainname -p 2222
-
+ +
ssh username@domainname -p 2222
+

@@ -345,9 +250,9 @@ And select Administrator settings followed by App settings then

-
-

Via USB drive

-
+
+

Via USB drive

+

Create a LUKS formatted USB drive. It's possible to do this by plugging a new USB drive into the Freedombone system then going to the Administrator control panel, selecting App settings then koel then Format a USB drive. You will need to specify a password, which in this case doesn't need to be anything highly secure.

@@ -362,9 +267,9 @@ Once you have music on a LUKS formatted USB drive then plug it into the Freedomb
-
-

Synchronizing

-
+
+

Synchronizing

+

To detect the imported files you might need to re-synchronize. Within Koel go to settings and then select Scan. Any imported files should then be available to play.

diff --git a/website/EN/app_lychee.html b/website/EN/app_lychee.html index 1b15672c..a3da189d 100644 --- a/website/EN/app_lychee.html +++ b/website/EN/app_lychee.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -235,30 +144,31 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Lychee

-
+
+

Lychee

+

Lychee is a simple and lightweight photo album for the web. Whether you're an amateur or professional photographer, or want to publish random holiday pics or cat pictures. Lychee just does what it says it does without any fuss. There is also a photo album feature within Hubzilla if you need more sophisticated social photo sharing with individualised permissions.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -277,9 +187,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Lychee domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -288,13 +198,11 @@ If you have just obtained a Lets Encrypt certificate as above then go to Abou Within a browser navigate to your lychee domain name or onion address. It should look like this:

-
-

lychee_setup.jpg +

lychee_setup.jpg

-

Within the Administrator control panel select App Settings and then lychee. This will show the initial login settings which you need to set up the database. To copy the password hold down the shift key, select the password then right click and copy. diff --git a/website/EN/app_mailpile.html b/website/EN/app_mailpile.html index df956335..d2de925e 100644 --- a/website/EN/app_mailpile.html +++ b/website/EN/app_mailpile.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

Mailpile

-
+
+

Mailpile

+

Mailpile provides a nice looking webmail interface suitable for use on desktop or mobile clients. It has good support for email encryption and makes that quite an simple process. At present it's usable but still has a few bugs and limitations. If you need a fully functional email client with comprehensive encryption support then either use Mutt or Thunderbird/Icedove.

@@ -259,15 +165,18 @@ An advantage of this type of webmail is that it keeps your GPG keys off of an

One down side is that this appears to be a single user system, so if you have multiple users on your Freedombone server only the administrator will actually be able to use mailpile.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -286,9 +195,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Mailpile domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -329,25 +238,21 @@ Uncheck Detect Settings and click Next. Under Sending Mail select local or if you need to proxy outgoing email through your ISP's server select SMTP/TLS and enter the details, then click Next.

-
-

mailpile_setup.jpg +

mailpile_setup.jpg

-

Under Receiving files select IMAP, the domain as localhost, port 143 and your username, then click Next. Astute readers may well be concerned that IMAP over port 143 is not encrypted, but since this is only via localhost communication between the Mail Transport Agent and Mailpile doesn't travel over the internet and port 143 is not opened on the firewall so it's not possible to accidentally connect an external mail client insecurely.

-
-

mailpile_setup_keys.jpg +

mailpile_setup_keys.jpg

-

Under Security and Privacy either select your existing encryption key or if you only get the option to create a new one then do so, then click Add or Save. diff --git a/website/EN/app_matrix.html b/website/EN/app_matrix.html index b1a35c4e..d57fa176 100644 --- a/website/EN/app_matrix.html +++ b/website/EN/app_matrix.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,25 +144,21 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
-
-

Matrix

-
- -
+
+

Matrix

+
-

matrix_riotweb.jpg +

matrix_riotweb.jpg

-

Matrix is a federated communications system, typically for multi-user chat, with end-to-end content security features. You can consider it to be like a modernized version of IRC chat where the crypto and access controls have been built in by default. At present Matrix is really only a creature of the clearnet and so there isn't any way to protect the metadata. Despite the talk of security the lack of metadata defenses make this really only suitable for public communications, similar to microblogging or public IRC channels. @@ -263,15 +167,18 @@ Matrix is a federated communications system, typically for multi-user chat, with

Another consideration is that since matrix operates on the usual HTTPS port number (443) this may make it difficult for ISPs or governments to censor this type of communications via port blocking without significant blowback.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -286,9 +193,9 @@ Select Add/Remove Apps then matrix. You will then be asked for a d
-
-

Initial setup

-
+
+

Initial setup

+

Go to the Administrator control panel and select Passwords then matrix. This will give you the password to initially log in to the system and you can change it later from a client app if needed.

@@ -303,14 +210,15 @@ Other client apps are available but are currently mostly only at the alpha stage
-
-

DNS setup

-
+
+

DNS setup

+

It's recommended that you add an SRV record for Matrix to your DNS setup. How you do this will depend upon your dynamic DNS provider and their web interface. On FreeDNS on the subdomains settings in addition to the subdomain which you are using for the matrix server create an extra entry as follows:

+ 
Type: SRV
 Subdomain: _matrix._tcp
 Domain: [youdomain]
@@ -324,9 +232,9 @@ You may also want to make another entry with the same settings but replacing
-
-

Mobile app

-
+
+

Mobile app

+

If you're using the Riot mobile app to access your Matrix homeserver then you can significantly improve battery performance by going to the settings and changing Sync request timeout to 30 seconds and Delay between two sync requests to 600 seconds. Also turning off msgs in group chats will help, since it will avoid getting a notification whenever a group chat event happens, which then wakes up the screen.

diff --git a/website/EN/app_mediagoblin.html b/website/EN/app_mediagoblin.html index ab90dc05..824a798b 100644 --- a/website/EN/app_mediagoblin.html +++ b/website/EN/app_mediagoblin.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Mediagoblin

-
+
+

Mediagoblin

+

With Mediagoblin you can host video and audio content in a similar manner to the proprietary systems such as YouTube and SoundCloud. This system supports free media formats such as webm, ogv and ogg. Another similar system which might be better fitted for small servers is PeerTube, since it uses webtorrent to distribute video files. Webtorrent will only work with WebRTC enabled browsers though.

@@ -256,22 +162,25 @@ With Mediagoblin you can host video and audio content in a similar manner to the When hosting media files you should take into consideration that since anyone on the internet can view your content then this could significantly increase your bandwidth usage and overall strain on the server. Also unless you are just hosting images then hardware such as the Beaglebone Black won't be powerful enough for a good user experience when either uploading or playing back videos. It's recommended that you use one of the more powerful quad (or more) core single board computers or an old laptop if you want to run Mediagoblin on it.

-
+

mediagoblin.jpg

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -291,9 +200,9 @@ After the install has completed go to Security settings and select Cre
-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Mediagoblin domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -309,14 +218,15 @@ You should repeat that for however many accounts you want on the system and then
-
-

File formats

-
+
+

File formats

+

It's a good idea to upload videos in webm format. In that case Mediagoblin will skip the transcoding step (which can take hours for videos of non-trivial length) and the whole process will be quicker. Transcoding just converts whatever file format you submit into a standard resolution and file type. On your local system you can convert a video to webm with:

+ 
ffmpeg -i myvideo.mp4 myvideo.webm
@@ -326,6 +236,7 @@ Or if you are moving a video from YouTube to your own site:

+ 
youtube-dl -f webm [my_video_url]
diff --git a/website/EN/app_mumble.html b/website/EN/app_mumble.html index 2c3723af..ca8a2579 100644 --- a/website/EN/app_mumble.html +++ b/website/EN/app_mumble.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,39 +144,40 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Mumble

-
+
+

Mumble

+

Mumble is a well known VoIP system originally used for gaming, but which works just as well for any general conference calls or meetings.

+
+
-
-

Text chat

-
+
+

Text chat

+

In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy.

-
-

Using with Ubuntu

-
+
+

Using with Ubuntu

+

First ensure that tor is installed. Within a terminal:

+ 
sudo apt-get install tor
@@ -281,13 +190,11 @@ Within the software center search for "mumble" and install the client then run i From the menu select Configure then Settings. Select the Advanced checkbox then select Network. Select Force TCP mode and proxy type Socks5. Hostname should be set to localhost and port should be 9050.

-
-

mumble_config.jpg +

mumble_config.jpg

-

Select Apply and Ok, then on the menu Server and Connect. @@ -299,9 +206,9 @@ Click on "add new" to add a new server and enter the default domain name

-
-

Using with Android

-
+
+

Using with Android

+

Install F-Droid

diff --git a/website/EN/app_nextcloud.html b/website/EN/app_nextcloud.html index e148fcf0..6b9faaa1 100644 --- a/website/EN/app_nextcloud.html +++ b/website/EN/app_nextcloud.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,25 +144,21 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
-
-

NextCloud

-
- -
+
+

NextCloud

+
-

nextcloud.jpg +

nextcloud.jpg

-

NextCloud is a system for file synchronisation and also has many other plugins for calendar, videoconferencing, collaborative document editing and federated file sharing. It's a lot more elaborate than Syncthing, but there may be situations where centralized control of your files on your server is better than a purely peer-to-peer approach (eg. if you need to remove a user's access to files). @@ -263,25 +167,28 @@ NextCloud is a system for file synchronisation and also has many other plugins f

The videoconferencing plugin requires a browser with WebRTC support and so is unlikely to work in a Tor browser, but may still be a better option than using proprietary systems.

+
+
-
-

Operational considerations

-
+
+

Operational considerations

+

If your ISP or the government in your area is part of your threat model then NextCloud may not be the best choice for hosting files and Syncthing could be preferable. In the past the NextCloud company is known to have remotely scanned servers without permission and reported server admins who don't immediately update to the latest version of the software to their ISPs or to questionable government agencies. Depending upon where you are located such activities by the developer, which are not really in the spirit of independent self-hosting, could have very undesirable results.

-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -294,9 +201,9 @@ Select Add/Remove Apps then nextcloud. You will then be asked for

-
-

Initial setup

-
+
+

Initial setup

+

Go to the Administrator control panel and select Passwords then nextcloud. This will give you the password to initially log in to the system and you can change it later from a client app if needed.

diff --git a/website/EN/app_peertube.html b/website/EN/app_peertube.html index 454b0fae..767ed128 100644 --- a/website/EN/app_peertube.html +++ b/website/EN/app_peertube.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,34 +144,32 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
-
-

peertube.jpg +

peertube.jpg

-

This is a video hosting system similar to Mediagoblin but using webtorrent to help distribute the files to or between clients. This should be more practical for situations where a video becomes popular because the load is then spread across the network, with performance increasing with the number of nodes. However, the torrenting aspect of it only works with WebRTC enabled browsers and so this means it's unlikely to fully work with a Tor browser. Without WebRTC then from a user point of view it's effectively the same thing as Mediagoblin.

-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -278,9 +184,9 @@ Select Add/Remove Apps then peertube. You will then be asked for a
-
-

Initial setup

-
+
+

Initial setup

+

Navigate to your site and select Signup to create a new account. By default the maximum number of accounts on your system is limited to a small number so that millions of random internet users can't then begin uploading dubious content. After that it's pretty straightforward.

@@ -291,9 +197,9 @@ If you wish it's possible to turn off further signups via the Administrator c
-
-

Importing videos from YouTube/Vimeo/Dailymotion

-
+
+

Importing videos from YouTube/Vimeo/Dailymotion

+

It's possible to import videos from the main proprietary video hosting sites. Only do this if they're videos which you made, or if the license is Creative Commons. Hosting arbitrary videos under nonfree licenses is likely to get you into trouble, and we know how that works out from the P2P wars of the 2000s (i.e. badly).

@@ -304,9 +210,9 @@ Go to the Administrator control panel, select App settings then
-
-

Importing videos from your desktop

-
+
+

Importing videos from your desktop

+

The most convenient way to add new videos to PeerTube is if you have the syncthing app installed. Set up syncthing with a folder called ~/Sync in your home directory. Create a subdirectory called ~/Sync/peertube_upload. Within that directory make a text file called login.txt. This will contain your PeerTube login details.

diff --git a/website/EN/app_pihole.html b/website/EN/app_pihole.html index 65a57a41..6c40c55f 100644 --- a/website/EN/app_pihole.html +++ b/website/EN/app_pihole.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

PI-Hole: The Black Hole for Web Adverts

-
+
+

PI-Hole: The Black Hole for Web Adverts

+

Idiots who have an inflated sense of self-entitlement will tell you that it's your moral duty to view their mind-numbingly tedious corporate ads on their web site or YouTube channel, or else their kids will starve and the sky will fall because their revenue stream will dry up. But that's bullshit. There is nothing intrinsic or morally mandatory about adverts propping up the livelihoods of netizens, and indeed a web not primarily based on advertising money might have been a much better and more interesting place by now, with a lot less spying.

@@ -263,10 +169,12 @@ You can block ads for any devices connected to your local network by installing

Also don't expect perfection. Though many ads may be blocked by this system some will still get through. It's a constant cat and mouse game between advertisers and blockers.

+
+
-
-

Set a static IP address

-
+
+

Set a static IP address

+

Ensure that your system has a static local IP address (typically 192.168..) using the option on the control panel. You will also need to know the IP address of your internet router, which is usually 192.168.1.1 or 192.168.1.254.

@@ -277,17 +185,18 @@ When that's done select About this system from the control panel and see
-
-

On each client system within your local network

-
+
+

On each client system within your local network

+

Make sure that you add the static IP address for the server to /etc/hosts.

-
STATIC_IP=[your server static IP]
-sudo echo "$STATIC_IP [your domain name]" >> /etc/hosts
-
+ +
STATIC_IP=[your server static IP]
+sudo echo "$STATIC_IP [your domain name]" >> /etc/hosts
+

@@ -295,12 +204,13 @@ On Arch/Parabola:

-
sudo pacman -S openresolv
-sudo sed -i "s|#name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
-sudo sed -i "s|name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
+
+
sudo pacman -S openresolv
+sudo sed -i "s|#name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
+sudo sed -i "s|name_servers=.*|name_servers=$STATIC_IP|g" /etc/resolvconf.conf
 sudo chattr -i /etc/resolv.conf
 sudo resolvconf -u
-

+

@@ -308,21 +218,22 @@ Or on a Debian based system:

-
sudo apt-get install resolvconf
-echo 'domain localdomain' > /tmp/resolvconf
-echo 'search localdomain' >> /tmp/resolvconf
-echo "nameserver $STATIC_IP" >> /tmp/resolvconf
+
+
sudo apt-get install resolvconf
+echo 'domain localdomain' > /tmp/resolvconf
+echo 'search localdomain' >> /tmp/resolvconf
+echo "nameserver $STATIC_IP" >> /tmp/resolvconf
 sudo mv /tmp/resolvconf /etc/resolvconf/resolv.conf.d/head
 sudo chattr -i /etc/resolv.conf
 sudo resolvconf -u
-

+
-
-

On your internet router

-
+
+

On your internet router

+

If you can access the settings on your local internet router then this is the simplest way to provide ad blocking for all devices which connect to it. Unfortunately some router models don't let you edit the DNS settings and if that's the case you might want to consider getting a different router.

@@ -332,9 +243,9 @@ Edit the DNS settings and add the IPv4 address which you got from the control pa

-
-

LibreCMC

-
+
+

LibreCMC

+

On a router running LibreCMC from the Network menu select DHCP and DNS. Enter the static IP address of your Freedombone system within DNS Forwardings, then at the bottom of the page click on Save & Apply. Any devices which connect to your router will now have ad blocking.

@@ -342,18 +253,23 @@ On a router running LibreCMC from the Network menu select DHCP and DNS
-
-

Configuring block lists

-
+
+

Configuring block lists

+

You can configure the block lists which the system uses by going to the administrator control panel, selecting App Settings then choosing pihole. You can also add any extra domain names to the whitelist if they're being wrongly blocked or to the blacklist if they're not blocked by the current lists.

-
-Return to the home page -
+
+

+<center> +Return to the <a href="index.html">home page</a> +</center> +

+ +
diff --git a/website/EN/app_pleroma.html b/website/EN/app_pleroma.html index 1a3fa739..554fc8a8 100644 --- a/website/EN/app_pleroma.html +++ b/website/EN/app_pleroma.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,21 +144,18 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
-
-

pleroma-logo.png +

pleroma-logo.png

-

@@ -266,22 +171,21 @@ Pleroma is an OStatus and ActivityPub compatible social networking server, compa Some general advice about life in the fediverse can be found here.

-
-

pleroma.jpg +

pleroma.jpg

-
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
@@ -296,9 +200,9 @@ Select Add/Remove Apps then pleroma. You will then be asked for a
-
-

Initial setup

-
+
+

Initial setup

+

The first thing you'll need to do is register a new account. You can set your profile details and profile image by selecting the small settings icon to the right of your name.

@@ -309,49 +213,44 @@ Once you have done that then you can disable further registrations from the A
-
-

Mastodon user interface

-
+
+

Mastodon user interface

+

If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once you have registered an account navigate to /yourpleromadomainname/web and log in.

-
-

pleromamastodon.jpg +

pleromamastodon.jpg

-
-
-

Mobile apps

-
+
+

Mobile apps

+

It's also possible to use Mastodon apps together with Pleroma, such as Tusky, since it supports the Mastodon API. You may need to install IcecatMobile and set it as your default browser (under Settings/Apps/Menu) in order for the initial oauth registration process to work.

-
-

tusky.jpg +

tusky.jpg

-
-
-

Blocking controls

-
-
+ +
+

Blocking controls

+
-

control_panel_blocking.jpg +

control_panel_blocking.jpg

-

The biggest hazard with Pleroma is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the Administrator control panel and selecting Domain or User Blocking, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage. diff --git a/website/EN/app_postactiv.html b/website/EN/app_postactiv.html index 25a462bf..4286e336 100644 --- a/website/EN/app_postactiv.html +++ b/website/EN/app_postactiv.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

PostActiv

-
+
+

PostActiv

+

PostActiv is a fork of GNU Social which includes some extra fixes and optimisations to improve performance. It federates just like GNU Social does and so whether you choose GNU Social or PostActiv is really just down to personal prefernce.

@@ -256,24 +162,25 @@ PostActiv is a fork of GNU Social which inclu Some general advice about life in the fediverse can be found here.

-
-

postactiv_pleroma.jpg +

postactiv_pleroma.jpg

+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -290,9 +197,9 @@ After the install has completed go to Security settings and select Cre

-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your Postactiv domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -307,54 +214,54 @@ Navigate to your PostActiv domain name and log in.
-
-

Switching user interfaces

-
+
+

Switching user interfaces

+

A few web based user interfaces are available for PostActiv. They are selectable by going to the Administrator control panel and choosing App settings then postactiv.

-
-

postactiv_settings.jpg +

postactiv_settings.jpg

-
    -
  • Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived
    • -
  • Pleroma: A modern and lightweight user interface
    • -
  • Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations.
    • +
  • Qvitter: Looks similar to Twitter during its golden era, before the ads and other antifeatures arrived +
    • +
  • Pleroma: A modern and lightweight user interface +
    • +
  • Classic: Like the original StatusNet UI. Minimal Javascript and has good support for threaded conversations. +
-
-

Using with Emacs

-
-
+
+

Using with Emacs

+
-

gnu-social-mode.jpg +

gnu-social-mode.jpg

-

If you are an Emacs user it's also possible to set up GNU Social mode, which is compatible with PostActiv. You can do that as follows:

-
mkdir ~/elisp
+
+
mkdir ~/elisp
 git clone https://github.com/bashrc/gnu-social-mode ~/elisp/gnu-social-mode
-echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
-echo "(require 'gnu-social-mode)" >> ~/.emacs
-echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
-echo "      gnu-social-server \"yourpostactivdomain\"" >> ~/.emacs
-echo "    gnu-social-username \"yourusername\"" >> ~/.emacs
-echo "    gnu-social-password \"postactivpassword\")" >> ~/.emacs
-

+echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
+echo "(require 'gnu-social-mode)" >> ~/.emacs
+echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
+echo "      gnu-social-server \"yourpostactivdomain\"" >> ~/.emacs
+echo "    gnu-social-username \"yourusername\"" >> ~/.emacs
+echo "    gnu-social-password \"postactivpassword\")" >> ~/.emacs
+

@@ -362,8 +269,9 @@ And as a quick reference the main keys are:

-
M-x gnu-social
-
+ +
M-x gnu-social
+

@@ -374,54 +282,54 @@ The basics: - + - + -i -Show icons +i +Show icons -CTRL-c CTRL-s -Post status update +CTRL-c CTRL-s +Post status update -r -Repeat +r +Repeat -F -Favourite +F +Favourite -CTRL-c CTRL-h -Highlight +CTRL-c CTRL-h +Highlight -R -Reply to user +R +Reply to user -CTRL-c CTRL-r -Show replies +CTRL-c CTRL-r +Show replies -CTRL-c CTRL-f -Friends timeline +CTRL-c CTRL-f +Friends timeline -CTRL-c CTRL-v -View user profile +CTRL-c CTRL-v +View user profile @@ -434,19 +342,19 @@ Navigation: - + - + -j -Next +j +Next -k -Previous +k +Previous @@ -459,70 +367,68 @@ Showing timelines: - + - + -g -Current timeline +g +Current timeline -CTRL-c CTRL-a -Public timeline +CTRL-c CTRL-a +Public timeline -CTRL-c CTRL-g -Group timeline +CTRL-c CTRL-g +Group timeline -CTRL-c CTRL-t -Tag timeline +CTRL-c CTRL-t +Tag timeline -CTRL-c CTRL-k -Stop +CTRL-c CTRL-k +Stop -CTRL-c CTRL-u -User timeline +CTRL-c CTRL-u +User timeline -CTRL-c CTRL-c -Conversation timeline +CTRL-c CTRL-c +Conversation timeline -CTRL-c CTRL-o -Remote user timeline +CTRL-c CTRL-o +Remote user timeline -CTRL-c CTRL-d -Post direct Message +CTRL-c CTRL-d +Post direct Message

-
-

Blocking controls

-
-
+
+

Blocking controls

+
-

control_panel_blocking.jpg +

control_panel_blocking.jpg

-

The biggest hazard with PostActiv is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the Administrator control panel and selecting Domain or User Blocking, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage. diff --git a/website/EN/app_privatebin.html b/website/EN/app_privatebin.html index 67ec1dfc..436f4ae8 100644 --- a/website/EN/app_privatebin.html +++ b/website/EN/app_privatebin.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - - + + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.

-
+

-

logo.png +

logo.png

-
- -
-

PrivateBin

-
+
+

PrivateBin

+

This is an encrypted pastebin, such that the server has zero knowledge of the content. It's intended for small amounts of text less than 32K in length. It's not intended for transfering large files, or for storing pastes for more than a day.

@@ -255,15 +161,18 @@ This is an encrypted pastebin, such that the server has zero knowledge of the co

Because this is completely open to any user on the internet you should be wary of the potential for DDoS, and only install this app if you really need to avoid using other pastebins or if other pastebin sites are censored or untrustable. There are traffic limits set within this app to attempt to minimize the potential for flooding attacks, but that might still not be sufficient in the worst cases.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

+ 
ssh myusername@mydomain -p 2222
diff --git a/website/EN/app_profanity.html b/website/EN/app_profanity.html index 30faa505..4842c790 100644 --- a/website/EN/app_profanity.html +++ b/website/EN/app_profanity.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,18 +144,16 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

Profanity

-
+ +
@@ -189,7 +97,7 @@ @licstart The following is the entire license notice for the JavaScript code in this tag. -Copyright (C) 2012-2017 Free Software Foundation, Inc. +Copyright (C) 2012-2013 Free Software Foundation, Inc. The JavaScript code in this tag is free software: you can redistribute it and/or modify it under the terms of the GNU @@ -236,40 +144,39 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
-
-

Riot Web

-
- -
+
+

Riot Web

+
-

riotweb.jpg +

riotweb.jpg

-

Riot Web is a browser based user interface for the Matrix federated communications system. It allows you to do encrypted one-to-one or group chat, and has some fancy WebRTC features for voice and video conversations. The WebRTC stuff won't work in a Tor browser though. This type of system is fine for general public communications and collaboration on open source projects or gaming groups. For things which require real privacy though stick to XMPP with OMEMO.

+
+
-
-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+ +
ssh myusername@mydomain -p 2222
+

@@ -282,9 +189,9 @@ Select Add/Remove Apps then riot and also make sure that matrix

-
-

Initial setup

-
+
+

Initial setup

+

Go to the Administrator control panel and select Passwords then matrix. This will give you the password to initially log in using the Riot Web user interface. Log in, and that's it. Happy chatting.

diff --git a/website/EN/app_rss.html b/website/EN/app_rss.html index 78872b04..fe169a99 100644 --- a/website/EN/app_rss.html +++ b/website/EN/app_rss.html @@ -3,33 +3,26 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - - - - - - + + + + - + @@ -235,38 +144,37 @@ for the JavaScript code in this tag.
-
+

-

logo.png +

logo.png

-
- -
-

RSS Reader

-
+
+

RSS Reader

+

The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier.

-
-

rss_reader_mobile.jpg +

rss_reader_mobile.jpg

+
-
-
-

With Emacs

-
+
+

With Emacs

+

If you are an Emacs user then you can also read your RSS feeds via the Avandu mode.

@@ -311,6 +219,7 @@ Add the following to your configuration, changing the address and password as ap

+ 
(setq avandu-tt-rss-api-url "http://rss_reader_onion_address/api/"
       avandu-user "admin"
       avandu-password "mypassword")
@@ -322,6 +231,7 @@ If you don't already have Emacs set up to route through Tor then also add the fo
 

 
 

+
 
(setq socks-noproxy '("localhost"))
 (require 'socks)
 (require 'tls)
@@ -334,6 +244,7 @@ And ensure that the Tor daemon is installed. On a debian based system:
 

 
 

+
 
sudo apt-get install tor
 

 

@@ -343,6 +254,7 @@ or on Arch/Parabola:
 

 
 

+
 
sudo pacman -S tor
 sudo systemctl enable tor
 sudo systemctl start tor
diff --git a/website/EN/app_searx.html b/website/EN/app_searx.html
index 7b400650..e47c07eb 100644
--- a/website/EN/app_searx.html
+++ b/website/EN/app_searx.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
SearX

-

 
+

+
SearX

+

 

 SearX is a metasearch engine. That means it returns results from other selected search engines. It's accessible via an onion address and provides a private search ability. Really the only advantage it gives you over searching directly from a Tor browser is the ability to customise your search experience.
 

@@ -257,22 +163,22 @@ In terms of security both the connection between you and the server, and the out
 

 
 
-

-
 

-
searx.jpg
+
searx.jpg
 

 

 

+

 
-

-
Installation

-

+

+
Installation

+

 

 ssh into the system with:
 

 
 

+
 
ssh myusername@mydomain.com -p 2222
 

 

@@ -287,18 +193,18 @@ Once it has installed go to About on the Administrator control panel
 

 
-

-
Make it your default search

-

+

+
Make it your default search

+

 

 In a Tor browser click on the magnifying glass icon next to the search box and you can then add your metasearch site. A small icon will appear called "Freedombone Metasearch" and you can then right click on it and make it the default search.
 

 

 

 
-

-
Enabling password login

-

+

+
Enabling password login

+

 

 It's possible that you might not want just anyone on the interwebs to be able to use your metasearch engine. Even with the onion routing this might carry some legal risk or make you a target for denial-of-service attempts (although Tor's rate limits and the firewall will give you some defense against that).
 

@@ -309,9 +215,9 @@ To enable password login go to the Administrator control panel then Ap
 

 

 
-

-
Customization

-

+

+
Customization

+

 

 It's also possible to customise the background image if you go to App settings then select searx.
 

diff --git a/website/EN/app_syncthing.html b/website/EN/app_syncthing.html
index 5709c808..5d477593 100644
--- a/website/EN/app_syncthing.html
+++ b/website/EN/app_syncthing.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -235,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Syncthing

-

 
+

+
Syncthing

+

 

 Syncthing provides a similar capability to proprietary systems such as Dropbox, and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "men in the middle", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from.
 

@@ -254,17 +161,20 @@ Syncthing provides a similar capability to proprietary systems such as Dropbox,
 

 Freedombone provides Syncthing shared directories for each user on the system, plus a single shared directory for all users. The expected most common scenario here is that of a family in which members may not want to share all of their files with each other, but might want to share some in a common pool (eg. birthday photos). You can also easily share between different servers.
 

+

+

 
-

-
On a laptop

-

+

+
On a laptop

+

 

 Install syncthing on a Debian based distro:
 

 
 

+
 
curl -s https://syncthing.net/release-key.txt | sudo apt-key add -
-echo "deb http://apt.syncthing.net/ syncthing release" | sudo tee /etc/apt/sources.list.d/syncthing.list
+echo "deb http://apt.syncthing.net/ syncthing release" | sudo tee /etc/apt/sources.list.d/syncthing.list
 sudo apt-get update
 sudo apt-get install syncthing
 

@@ -275,6 +185,7 @@ Or on Arch/Parabola:
 

 
 

+
 
sudo pacman -S syncthing
 

 

@@ -288,6 +199,7 @@ In another terminal log into Freedombone:
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -296,13 +208,11 @@ In another terminal log into Freedombone:
 Then select File Synchronization.
 

 
-

 
 

-
control_panel_file_sync.jpg
+
control_panel_file_sync.jpg
 

 

-

 
 

 Select Show device ID and copy the long string of letters and numbers shown, using the shift key then select the text followed by right click then select copy.
@@ -312,13 +222,11 @@ Select Show device ID and copy the long string of letters and numbers sho
 Open a non-Tor browser and enter  http://127.0.0.1:8384 as the URL. You should now see the minimalistic user interface. Under Remote Devices select Add Remote Device. In the Device ID field paste the string you just copied (CTRL+v). The Device name can be anything. Under Share Folders with Device check default (or whatever folder you created on your local machine), then save.
 

 
-

 
 

-
syncthing_browser.jpg
+
syncthing_browser.jpg
 

 

-

 
 

 From the top menu select Actions and then Show ID, then copy the ID string (usually select then CTRL+c). Go back to the terminal control panel menu and select Add an ID then paste what you just copied (CTRL+v). Optionally you can also provide a description so that you later can know what that string corresponds to.
@@ -330,9 +238,9 @@ Now wait for a few minutes. Eventually you will see two messages appear within t
 

 

 
-

-
On Android

-

+

+
On Android

+

 

 Install Syncthing and Connectbot from F-droid.
 

diff --git a/website/EN/app_tahoelafs.html b/website/EN/app_tahoelafs.html
index 905d246b..fe675aba 100644
--- a/website/EN/app_tahoelafs.html
+++ b/website/EN/app_tahoelafs.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,32 +144,33 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Tahoe-LAFS

-

 
+

+
Tahoe-LAFS

+

 

 This is a robust system for encrypted file storage on one or more servers. Files are accessed via a URL which contains the public key with which it was encrypted.
 

+

+

 
-

-
Installation

-

+

+
Installation

+

 

 Log into your system with:
 

 
 

-
ssh myusername@mydomain -p 2222
-

+
+
ssh myusername@mydomain -p 2222
+

 

 
 

@@ -274,9 +183,9 @@ Select Add/Remove Apps then tahoelafs. This system is entirely bas
 

 

 
-

-
Initial setup

-

+

+
Initial setup

+

 

 Get the login password for your Tahoe-LAFS system by going to Passwords on the Administrator control panel and selecting tahoelafs.
 

@@ -287,20 +196,18 @@ Go to the About screen on the Administrator control panel and look
 

 

 
-

-
Adding more servers

-

+

+
Adding more servers

+

 

 You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually.
 

 
-

 
 

-
control_panel_tahoelafs.jpg
+
control_panel_tahoelafs.jpg
 

 

-

 
 

 Other servers will typically be Freedombone systems with Tahoe-LAFS installed. Your Tahoe-LAFS server settings can be found on the About screen of the Administrator control panel. Use an end-to-end encrypted chat app to copy and paste those details and send them to other friends. To add the server details go to App settings on the Administrator control panel then select tahoelafs and Add server.
diff --git a/website/EN/app_tox.html b/website/EN/app_tox.html
index 2895b7dc..91e9b77b 100644
--- a/website/EN/app_tox.html
+++ b/website/EN/app_tox.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -235,30 +144,31 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Tox

-

 
+

+
Tox

+

 

 Tox is an encrypted peer-to-peer messaging system and so should work without Freedombone. It uses a system of nodes which act as a sort of directory service allowing users to find and connect to each other. The Tox node ID on the Freedombone can be found within App Settings under tox within the Administrator control panel. If you have other users connect to your node then you will be able to continue chatting even when no other nodes are available.
 

+

+

 
-

-
The Toxic client

-

+

+
The Toxic client

+

 

 Log into your system with:
 

 
 

+
 
ssh myusername@mydomain -p 2222
 

 

@@ -267,16 +177,14 @@ Log into your system with:
 Then from the menu select Run an app followed by tox. Tox is encrypted by default and also routed through Tor, so it should be reasonably secure both in terms of message content and metadata.
 

 
-

 
 

-
toxic.jpg
+
toxic.jpg
 

 

 

 

 

-

 

 
 
 
@@ -235,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Turtl

-

 
+

+
Turtl

+

 

 

 "Now is a very important time in history. Every aspect of our lives is moving into the digital world faster than we realize. We use apps like Dropbox or Evernote because of their convenience, but in doing so we sacrifice our privacy. What data isn't sold to advertisers or stolen by hackers is carved up by government surveillance."
@@ -262,22 +169,22 @@ Since the data at rest is stored in PGP encrypted format this is a good system t
 

 
 
-

-
 

-
turtl.jpg
+
turtl.jpg
 

 

 

+

 
-

-
Installation

-

+

+
Installation

+

 

 Log into your system with:
 

 
 

+
 
ssh myusername@mydomain -p 2222
 

 

@@ -296,9 +203,9 @@ After the install has completed go to Security settings and select Cre
 

 

 
-

-
Initial setup

-

+

+
Initial setup

+

 

 The most common use case will be with Android devices. The Android app isn't currently available within F-droid (see the FAQ for details) but can be downloaded from the Turtl site.
 

@@ -313,10 +220,9 @@ You should then be able to log in and start using the app. You might also want t
 

 

 
-
-

-
Locking it down

-

+

+
Locking it down

+

 

 Once you have created accounts it's a good idea to turn off new turtl signups. This will prevent millions of random users on the interwebs from creating accounts on your system and killing your server, or possibly other nefarious security scenarios. Go to the administrator control panel and select App Settings then turtl. You will then be able to disable new user registrations and also set the data storage limit for users. If you need additional users later you can always temporarily re-enable signups.
 

diff --git a/website/EN/app_vpn.html b/website/EN/app_vpn.html
index 964c4599..f0f8f43e 100644
--- a/website/EN/app_vpn.html
+++ b/website/EN/app_vpn.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
OpenVPN

-

 
+

+
OpenVPN

+

 

 

 "The Net interprets censorship as damage and routes around it." – John Gilmore
@@ -265,15 +171,18 @@ Using a Tor browser is another way to get around censorship, but there might be
 

 On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
 

+

+

 
-

-
Installation

-

+

+
Installation

+

 

 ssh into the system with:
 

 
 

+
 
ssh myusername@mydomainname -p 2222
 

 

@@ -288,14 +197,15 @@ Only use ports 443 or 80 for VPN as an absolute last resort, since doing
 

 

 
-

-
Usage

-

+

+
Usage

+

 

 When the installation is complete you can download your VPN keys and configuration files onto your local machine.
 

 
 

+
 
scp -P 2222 myusername@mydomainname:/home/myusername/client.ovpn .
 scp -P 2222 myusername@mydomainname:/home/myusername/stunnel* .
 

@@ -306,6 +216,7 @@ You will need to ensure that the openvpn and stunnel packages are
 

 
 

+
 
sudo pacman -S openvpn stunnel4
 

 

@@ -315,6 +226,7 @@ Or on a Debian based system:
 

 
 

+
 
sudo apt-get install openvpn stunnel4
 

 

@@ -324,6 +236,7 @@ Now you can connect to your VPN with:
 

 
 

+
 
sudo stunnel stunnel-client.conf
 sudo openvpn client.ovpn
 

@@ -335,29 +248,30 @@ You should see a series of messages with "Initialization Sequence Completed
 

 
-

-
Changing port number

-

+

+
Changing port number

+

 

 Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
 

 
 

+
 
ssh myusername@mydomainname -p 2222
 

 

 
 

-Select Administrator controls then App Settings then vpn. Choose Change TLS port and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the Usage section above.
+Select Administrator controls then App Settings then vpn. Choose Change TLS port and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the Usage section above.
 

 

 

 
-

-
Generating new keys

-

+

+
Generating new keys

+

 

-It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the Administrator controls by going to App Settings then vpn then choosing Regenerate keys for a user and downloading the new keys as described in the Usage section above.
+It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the Administrator controls by going to App Settings then vpn then choosing Regenerate keys for a user and downloading the new keys as described in the Usage section above.
 

 

 

diff --git a/website/EN/app_xmpp.html b/website/EN/app_xmpp.html
index 25aa7682..4f5a5c6f 100644
--- a/website/EN/app_xmpp.html
+++ b/website/EN/app_xmpp.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
XMPP/Jabber

-

 
+

+
XMPP/Jabber

+

 

 Most people know XMPP as "Jabber" and it's sometimes regarded and an old protocol once used by Google and Facebook but which is no longer relevant. However, it still works and if appropriately configured, as it is on Freedombone, can provide the best chat messaging security currently available.
 

@@ -259,31 +165,34 @@ With regard to chat apps you might have read a lot of stuff about end-to-end
 

 A well written article on the state of XMPP and how it compares to other chat protocols can be found here.
 

+

+

 
-

-
Using with Profanity

-

+

+
Using with Profanity

+

 

 You can install the profanity app via Add/remove apps on the Administrator control panel. Logging in and then selecting Run App and profanity will start it.
 

 

 

-

-
Using with Gajim

-

+

+
Using with Gajim

+

 

 In mid 2016 Gajim became the first desktop XMPP client to support the OMEMO end-to-end security standard, which is superior to the more traditional OTR since it also includes multi-user chat and the ratcheting mechanism pioneered by Open Whisper Systems. To install it:
 

 
 

-
su -c 'echo "deb ftp://ftp.gajim.org/debian unstable main" > /etc/apt/sources.list.d/gajim.list'
+
+
su -c 'echo "deb ftp://ftp.gajim.org/debian unstable main" > /etc/apt/sources.list.d/gajim.list'
 sudo apt-get update
 sudo apt-get -y install gajim-dev-keyring
 sudo apt-get -y install git tor python-dev python-pip gajim-nightly
 mkdir ~/.local/share/gajim/plugins -p
-cd ~/.local/share/gajim/plugins
+cd ~/.local/share/gajim/plugins
 git clone https://github.com/omemo/gajim-omemo
-sudo pip install protobuf==2.6.1, python-axolotl==0.1.35
+sudo pip install protobuf==2.6.1, python-axolotl==0.1.35
 

 

 
@@ -308,6 +217,7 @@ If you wish to make backups of the OMEMO keys then they can be found within:
 

 
 

+
 
~/.local/share/gajim
 

 

@@ -318,9 +228,9 @@ If you wish to use OpenPGP to encrypt your messages then go to Edit/Accounts<
 

 

 
-

-
Using with Jitsi

-

+

+
Using with Jitsi

+

 

 Jitsi can be downloaded from https://jitsi.org
 

@@ -347,9 +257,9 @@ You can also see this vide
 

 

 
-

-
Using with Ubuntu

-

+

+
Using with Ubuntu

+

 

 The default XMPP client in Ubuntu is Empathy.  Using Empathy isn't as secure as using Jitsi, since it doesn't include the off the record feature, but since it's the default it's what many users will have easy access to.
 

@@ -368,18 +278,18 @@ Click on Advanced and make sure that Encryption required and Ig
 

 

 
-

-
Using Tor Messenger

-

+
 
-

-
Using with Android/Conversations

-

+

+
Using with Android/Conversations

+

 

 Install F-Droid
 

@@ -401,6 +311,7 @@ From the menu select Manage accounts and add a new account.
 

 
 

+
 
Jabber ID: myusername@mydomain
 Password:  your XMPP password
 Hostname:  mydomain (preferably your xmpp onion address)
diff --git a/website/EN/apps.html b/website/EN/apps.html
index 37b3f77a..9ba8ef42 100644
--- a/website/EN/apps.html
+++ b/website/EN/apps.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,13 +144,12 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

 
 

 

@@ -254,18 +161,15 @@ for the JavaScript code in this tag.
 The base install of the system just contains an email server and Mutt client, but not much else. In addition from within the Administrator control panel under Add/remove apps the following are installable. This list only applies on the home server version, with the mesh network version having a different and smaller set of apps.
 

 
-

 
 

-
control_panel_apps.jpg
+
control_panel_apps.jpg
 

 

-

 
-
-

-
Akaunting

-

+

+
Akaunting

+

 

 A web based accounts system for small businesses or freelancers.
 

@@ -275,9 +179,9 @@ A web based accounts system for small businesses or freelancers.
 

 

 

-

-
BDS Mail

-

+

+
BDS Mail

+

 

 It's like ordinary email, but with i2p as the transport mechanism.
 

@@ -287,9 +191,9 @@ It's like ordinary email, but with i
 

 

 

-

-
Bludit

-

+

+
Bludit

+

 

 This is a simple databaseless blogging system which uses markdown files. It should run well on any hardware.
 

@@ -299,9 +203,9 @@ This is a simple databaseless blogging system which uses markdown files. It shou
 

 

 

-

-
CryptPad

-

+

+
CryptPad

+

 

 Collaborate on editing documents, presentations and source code, or vote on things. All with a good level of security.
 

@@ -311,9 +215,9 @@ Collaborate on editing documents, presentations and source code, or vote on thin
 

 

 

-

-
DLNA

-

+

+
DLNA

+

 

 Enables you to use the system as a music server which any DLNA compatible devices can connect to within your home network.
 

@@ -323,9 +227,9 @@ Enables you to use the system as a music server which any DLNA compatible device
 

 

 

-

-
Dokuwiki

-

+

+
Dokuwiki

+

 

 A databaseless wiki system.
 

@@ -335,9 +239,9 @@ A databaseless wiki system.
 

 

 

-

-
Edith

-

+

+
Edith

+

 

 Extremely simple and distraction-free notes system.
 

@@ -347,9 +251,9 @@ Extremely simple and distraction-free notes system.
 

 

 

-

-
Emacs

-

+

+
Emacs

+

 

 If you use the Mutt client to read your email then this will set it up to use emacs for composing new mail.
 

@@ -359,17 +263,17 @@ If you use the Mutt client to read your email then this will set it up to use em
 

 

 

-

-
Email Server

-

+

+
Email Server

+

 

 Since many apps require email registration an email server is installed by default. You can find advice on using the email system here.
 

 

 

-

-
Etherpad

-

+

+
Etherpad

+

 

 Collaborate on creating documents in real time. Maybe you're planning a holiday with other family members or creating documentation for a Free Software project along with other volunteers. Etherpad is hard to beat for simplicity and speed. Only users of the system will be able to access it.
 

@@ -379,9 +283,9 @@ Collaborate on creating documents in real time. Maybe you're planning a holiday
 

 

 

-

-
Federated wiki

-

+

+
Federated wiki

+

 

 A new approach to creating wiki content.
 

@@ -391,9 +295,9 @@ A new approach to creating wiki content.
 

 

 

-

-
Friendica

-

+

+
Friendica

+

 

 Federated social network system.
 

@@ -403,9 +307,9 @@ Federated social network system.
 

 

 

-

-
GNU Social

-

+

+
GNU Social

+

 

 Federated social network based on the OStatus protocol. You can "remote follow" other users within the GNU Social federation.
 

@@ -415,9 +319,9 @@ Federated social network based on the OStatus protocol. You can "remote follo
 

 

 

-

-
Gogs

-

+

+
Gogs

+

 

 Lightweight git project hosting system. You can mirror projects from Github, or if Github turns evil then just host your own projects while retaining the familiar fork-and-pull workflow. If you can use Github then you can also use Gogs.
 

@@ -427,9 +331,9 @@ Lightweight git project hosting system. You can mirror projects from Github, or
 

 

 

-

-
HTMLy

-

+

+
HTMLy

+

 

 Databaseless blogging system. Quite simple and with a markdown-like format.
 

@@ -439,9 +343,9 @@ Databaseless blogging system. Quite simple and with a markdown-like format.
 

 

 

-

-
Hubzilla

-

+

+
Hubzilla

+

 

 Web publishing platform with social network like features and good privacy controls so that it's possible to specify who can see which content. Includes photo albums, calendar, wiki and file storage.
 

@@ -451,9 +355,9 @@ Web publishing platform with social network like features and good privacy contr
 

 

 

-

-
Icecast media stream

-

+

+
Icecast media stream

+

 

 Make your own internet radio station.
 

@@ -463,9 +367,9 @@ Make your own internet radio station.
 

 

 

-

-
IRC Server (ngirc)

-

+

+
IRC Server (ngirc)

+

 

 Run your own IRC chat channel which can be secured with a password and accessible via an onion address. A bouncer is included so that you can receive messages sent while you were offline. Works with Hexchat and other popular clients.
 

@@ -475,18 +379,18 @@ Run your own IRC chat channel which can be secured with a password and accessibl
 

 

 

-

-
Jitsi Meet

-

+

+
Jitsi Meet

+

 

 Experimental WebRTC video conferencing system, similar to Google Hangouts. This may not be fully functional, but is hoped to be in the near future.
 

 

 

 
-

-
KanBoard

-

+

+
KanBoard

+

 

 A simple kanban system for managing projects or TODO lists.
 

@@ -496,9 +400,9 @@ A simple kanban system for managing projects or TODO lists.
 

 

 

-

-
Key Server

-

+

+
Key Server

+

 

 An OpenPGP key server for storing and retrieving GPG public keys.
 

@@ -508,9 +412,9 @@ An OpenPGP key server for storing and retrieving GPG public keys.
 

 

 

-

-
Koel

-

+

+
Koel

+

 

 Access your music collection from any internet connected device.
 

@@ -520,9 +424,9 @@ Access your music collection from any internet connected device.
 

 

 

-

-
Lychee

-

+

+
Lychee

+

 

 Make your photo albums available on the web.
 

@@ -532,9 +436,9 @@ Make your photo albums available on the web.
 

 

 

-

-
Mailpile

-

+

+
Mailpile

+

 

 Modern email client which supports GPG encryption.
 

@@ -544,9 +448,9 @@ Modern email client which supports GPG encryption.
 

 

 

-

-
Matrix

-

+

+
Matrix

+

 

 Multi-user chat with some security and moderation controls.
 

@@ -556,9 +460,9 @@ Multi-user chat with some security and moderation controls.
 

 

 

-

-
Mediagoblin

-

+

+
Mediagoblin

+

 

 Publicly host video and audio files so that you don't need to use YouTube/Vimeo/etc.
 

@@ -568,9 +472,9 @@ Publicly host video and audio files so that you don't need to use YouTube/Vimeo/
 

 

 

-

-
Mumble

-

+

+
Mumble

+

 

 The popular VoIP and text chat system. Say goodbye to old-fashioned telephony conferences with silly dial codes. Also works well on mobile.
 

@@ -580,9 +484,9 @@ The popular VoIP and text chat system. Say goodbye to old-fashioned telephony co
 

 

 

-

-
NextCloud

-

+

+
NextCloud

+

 

 Store files on your server and sync them with laptops or mobile devices. Includes many plugins including videoconferencing and collaborative document editing.
 

@@ -592,9 +496,9 @@ Store files on your server and sync them with laptops or mobile devices. Include
 

 

 

-

-
PeerTube

-

+

+
PeerTube

+

 

 Peer-to-peer video hosting. Similar to Mediagoblin, but the P2P aspect better enables the streaming load to be shared across servers.
 

@@ -604,9 +508,9 @@ Peer-to-peer video hosting. Similar to Mediagoblin, but the P2P aspect better en
 

 

 

-

-
PI-Hole

-

+

+
PI-Hole

+

 

 The black hole for web adverts. Block adverts at the domain name level within your local network. It can significantly reduce bandwidth, speed up page load times and protect your systems from being tracked by spyware.
 

@@ -616,9 +520,9 @@ The black hole for web adverts. Block adverts at the domain name level within yo
 

 

 

-

-
Pleroma

-

+

+
Pleroma

+

 

 Fediverse instance which is compatible with GNU Social and Mastodon, and suited for systems without much RAM or CPU resource.
 

@@ -628,9 +532,9 @@ Fediverse instance which is compatible with GNU Social and Mastodon, and suited
 

 

 

-

-
PostActiv

-

+

+
PostActiv

+

 

 An alternative federated social networking system compatible with GNU Social, Pleroma and Mastodon. It includes some optimisations and fixes currently not available within the main GNU Social project.
 

@@ -640,9 +544,9 @@ An alternative federated social networking system compatible with GNU Social, Pl
 

 

 

-

-
PrivateBin

-

+

+
PrivateBin

+

 

 A pastebin where the server has zero knowledge of the content being pasted.
 

@@ -652,9 +556,9 @@ A pastebin where the server has zero knowledge of the content being pasted.
 

 

 

-

-
Profanity

-

+

+
Profanity

+

 

 A shell based XMPP client which you can run on the Freedombone server via ssh.
 

@@ -664,9 +568,9 @@ A shell based XMPP client which you can run on the Freedombone server via ssh.
 

 

 

-

-
Riot Web

-

+

+
Riot Web

+

 

 A browser based user interface for the Matrix federated communications system, including WebRTC audio and video chat.
 

@@ -676,9 +580,9 @@ A browser based user interface for the Matrix federated communications system, i
 

 

 

-

-
SearX

-

+

+
SearX

+

 

 A metasearch engine for customised and private web searches.
 

@@ -688,9 +592,9 @@ A metasearch engine for customised and private web searches.
 

 

 

-

-
tt-rss

-

+

+
tt-rss

+

 

 Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via an onion address. Have "the right to read" without the Surveillance State knowing what you're reading. Also available with a user interface suitable for viewing on mobile devices via a browser such as OrFox.
 

@@ -700,9 +604,9 @@ Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via a
 

 

 

-

-
Syncthing

-

+

+
Syncthing

+

 

 Possibly the best way to synchronise files across all of your devices. Once it has been set up it "just works" with no user intervention needed.
 

@@ -712,9 +616,9 @@ Possibly the best way to synchronise files across all of your devices. Once it h
 

 

 

-

-
Tahoe-LAFS

-

+

+
Tahoe-LAFS

+

 

 Robust and encrypted storage of files on one or more server.
 

@@ -724,9 +628,9 @@ Robust and encrypted storage of files on one or more server.
 

 

 

-

-
Tox

-

+

+
Tox

+

 

 Client and bootstrap node for the Tox chat/VoIP system.
 

@@ -736,9 +640,9 @@ Client and bootstrap node for the Tox chat/VoIP system.
 

 

 

-

-
Turtl

-

+

+
Turtl

+

 

 A system for privately creating and sharing notes and images, similar to Evernote but without the spying.
 

@@ -748,18 +652,18 @@ A system for privately creating and sharing notes and images, similar to Evernot
 

 

 

-

-
Vim

-

+

+
Vim

+

 

 If you use the Mutt client to read your email then this will set it up to use vim for composing new mail.
 

 

 

 
-

-
Virtual Private Network (VPN)

-

+

+
Virtual Private Network (VPN)

+

 

 Set up a VPN on your server so that you can bypass local internet censorship.
 

@@ -769,9 +673,9 @@ Set up a VPN on your server so that you can bypass local internet censorship.
 

 

 

-

-
XMPP

-

+

+
XMPP

+

 

 Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as client state notification to save battery power on your mobile devices, support for seamless roaming between networks and message carbons so that you can receive the same messages while being simultaneously logged in to your account on more than one device.
 

diff --git a/website/EN/armbian.html b/website/EN/armbian.html
index 729c26a6..7c5fafc2 100644
--- a/website/EN/armbian.html
+++ b/website/EN/armbian.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,17 +144,21 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+
+

+

+<center><h1>Installing on Armbian</h1></center>
+

+
 

 
-
-
Installing on Armbian

-
 

 

 "we are the music makers, we are the dreamers of dreams. cyberpunks and pirates. chaotic spectres haunting cyberspace. engineers, artists, hackers."
@@ -262,7 +174,8 @@ Download the Armbian image for your board. It must be version 9 (Stretch), other
 

 
 

-
sudo dd bs=1M if=[Armbian .img file] of=/dev/sdX conv=fdatasync
+
+
sudo dd bs=1M if=[Armbian .img file] of=/dev/sdX conv=fdatasync
 

 

 
@@ -287,6 +200,7 @@ Once you know the local IP address of your ARM board then you can log into it wi
 

 
 

+
 
ssh root@[local IP address]
 

 

@@ -295,19 +209,18 @@ Once you know the local IP address of your ARM board then you can log into it wi
 Using the default Armbian password of 1234. You should see the Armbian welcome message and will be asked to change the password, then create a new user account.
 

 
-

 
 

-
armbian_setup.jpg
+
armbian_setup.jpg
 

 

-

 
 

 When the user account is created type exit to leave the ssh session then log back in with your new user account.
 

 
 

+
 
ssh myusername@[local IP address]
 

 

@@ -317,6 +230,7 @@ Become the root user:
 

 
 

+
 
sudo su
 

 

@@ -326,9 +240,10 @@ Then clone the Freedombone repository and checkout the stretch development branc
 

 
 

+
 
apt-get -y install git dialog build-essential
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 

 

@@ -338,6 +253,7 @@ Install the Freedombone commands:
 

 
 

+
 
make install
 

 

@@ -347,6 +263,7 @@ And now you can begin installing the Freedombone system. There are two ways of d
 

 
 

+
 
freedombone menuconfig
 

 

@@ -356,6 +273,7 @@ Alternatively, if you don't own a domain name, don't have administrator access t
 

 
 

+
 
freedombone menuconfig-onion
 

 

@@ -365,6 +283,7 @@ You will then be taken through a few questions and the system will install. Afte
 

 
 

+
 
ssh myusername@freedombone.local -p 2222
 

 

diff --git a/website/EN/backups.html b/website/EN/backups.html
index 7ca0b0cf..55e937f7 100644
--- a/website/EN/backups.html
+++ b/website/EN/backups.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,57 +144,58 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

 
-

-
Backups

-

-
-

+
 
-

-
Backup keys

-

+

+
Backup keys

+

 

 As part of the Freedombone installation the GPG key used to encrypt backups will have been added to the .gnupg keyring in your home directory. Ensure that you have a copy of all your keys by plugging in a LUKS encrypted USB drive and then running the commands:
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -304,9 +213,9 @@ A pro-tip for the best possible security is to create multiple USB drives contai
 

 

 

-

-
Backup to USB

-

+

+
Backup to USB

+

 

 First and foremost - encrypt your USB drives! Even if you think you have "nothing to hide" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the Disk Utility application. Some instructions can be found here.
 

@@ -320,6 +229,7 @@ Log into the system and become the root user, then run the backup command
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -337,14 +247,15 @@ When the backup ends remove the USB drive and keep it somewhere safe. Even if it
 

 

 

-

-
Restore from USB

-

+

+
Restore from USB

+

 

 Log into the system and become the root user:
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -362,9 +273,9 @@ Enter the LUKS password for the USB drive. When the restore is complete you can
 

 

 

-

-
Distributed/remote backups

-

+

+
Distributed/remote backups

+

 

 Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
 

@@ -374,6 +285,7 @@ Firstly you will need to have a user account on one or more of your friends serv
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -387,13 +299,12 @@ You can then enter the usernames, domains and ssh logins for one or more remote
 

 

 

-

-
Restore from a friend

-

-

-

-
With a completely new Freedombone installation

-

+

+
Restore from a friend

+

+

+
With a completely new Freedombone installation

+

 

 This is the ultimate disaster recovery scenario in which you are beginning completely from scratch with new hardware and a new Freedombone installation (configured with the same username and domain names). It is assumed that the old hardware was destroyed, but that you have the backup key stored on a USB thumb drive.
 

@@ -403,6 +314,7 @@ First log in and if you don't already have one then create a new friends list:
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -420,9 +332,9 @@ Finally select Restore from remote backup and enter the domain name of th
 

 

 

-

-
On an existing Freedombone installation

-

+

+
On an existing Freedombone installation

+

 

 This is for more common situations in which maybe some data became corrupted and you want to restore it.
 

@@ -432,6 +344,7 @@ Log in as root:
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -440,9 +353,14 @@ Log in as root:
 Select Administrator controls then Backup and Restore then Restore from remote backup and enter the domain name of the remote server that you wish to restore from.
 

 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

 

 

 

diff --git a/website/EN/beaglebone.html b/website/EN/beaglebone.html
index dddba8f8..f3822cd9 100644
--- a/website/EN/beaglebone.html
+++ b/website/EN/beaglebone.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Installing Freedombone on a Beaglebone Black

-

 
+

+
Installing Freedombone on a Beaglebone Black

+

 

 The Beaglebone Black is small, cheap, a fully open hardware design, has a hardware random number generator and consumes very little electrical power, making it suitable for all kinds of uses. There is also a wireless version.
 

@@ -256,25 +162,29 @@ The Beaglebone Black is small, cheap, a fully open hardware design, has a hardwa
 You can easily use one to run your own internet services from home.
 

 
-

 
 

-
bbb_board.jpg
+
bbb_board.jpg
 

 

-

 
 

 You will need:
 

 
 
    
-
  • A Beaglebone Black. The exact revision of the hardware isn't very important, but it should have an ethernet socket.
    • 
-
  • Optionally a plastic or metal case to protect the electronics.
    • 
-
  • An ethernet cable. Typically these are colour coded either blue or yellow. Either colour will do. If you're using the Wireless version of the Beaglebone Black then you don't need this.
    • 
-
  • Either a 5v power supply with 5.5mm barrel plug, or a miniUSB type B cable (typically supplied with the Beaglebone) and USB to mains adaptor.
    • 
-
  • A microSD card at least 8 gigabytes in size. In tests Sandisk class 10 works well. Prefer smaller but faster I/O rating to larger but slower.
    • 
-
  • A microSD card adaptor for your laptop or desktop system, so that you can copy the disk image to the card.
    • 
+
  • A Beaglebone Black. The exact revision of the hardware isn't very important, but it should have an ethernet socket.
+
    • 
+
  • Optionally a plastic or metal case to protect the electronics.
+
    • 
+
  • An ethernet cable. Typically these are colour coded either blue or yellow. Either colour will do. If you're using the Wireless version of the Beaglebone Black then you don't need this.
+
    • 
+
  • Either a 5v power supply with 5.5mm barrel plug, or a miniUSB type B cable (typically supplied with the Beaglebone) and USB to mains adaptor.
+
    • 
+
  • A microSD card at least 8 gigabytes in size. In tests Sandisk class 10 works well. Prefer smaller but faster I/O rating to larger but slower.
+
    • 
+
  • A microSD card adaptor for your laptop or desktop system, so that you can copy the disk image to the card.
+
    • 
 

 
 

@@ -286,9 +196,10 @@ On your laptop or desktop prepare a microSD card image as follows. To create an
 

 
 

+
 
sudo apt-get install git dialog build-essential
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-image --setup debian
@@ -300,22 +211,21 @@ Or on Arch/Parabola:
 

 
 

+
 
sudo pacman -S git dialog
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-image --setup parabola
 

 

 
-

 
 

-
microsd_reader.jpg
+
microsd_reader.jpg
 

 

-

 
 

 If you own a domain name and have it linked to a dynamic DNS account (eg. freeDNS) and want to make a system accessible via an ordinary browser then run:
@@ -337,25 +247,21 @@ freedombone-image -t beaglebone --onion-addresses-only yes
 Onion addresses have the advantage of being difficult to censor and you don't need to buy a domain or have a dynamic DNS account. An onion based system also means you don't need to think about NAT traversal type issues. This does not mean that everything gets routed through Tor, it just means that the sites for apps which you install will be available through Tor's address system.
 

 
-

 
 

-
bbb_back.jpg
+
bbb_back.jpg
 

 

-

 
 

 Now follow the instructions given here to copy the image to the microSD drive beginning with running the freedombone-client command. Wherever it says "USB drive" substitute "microSD drive". When the microSD drive is ready plug it into the front of the Beaglebone. The photo below also includes an Atheros wifi USB dongle plugged into the front, but that's not necessary unless you want to set up the system to run on a wifi network.
 

 
-

 
 

-
bbb_front.jpg
+
bbb_front.jpg
 

 

-

 
 

 Connect the power and for the non-wireless versions of the Beaglebone Black also connect the ethernet cable and plug it into your internet router.
@@ -373,6 +279,8 @@ Follow the rest of the instructions given here t
 There are many apps available within the Freedombone system and trying to install them all is probably not a good idea, since this hardware is very resource constrained on CPU and especially on RAM. If the system seems to be becoming unstable and crashing then the most likely cause is running out of RAM, in which case you can try uninstalling some apps. It is possible to monitor RAM usage by logging in with ssh, exiting to the command line and then running the top command.
 

 

+

+

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,39 +144,51 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Supported ARM boards

-

 
+

+
Supported ARM boards

+

 

 The following ARM boards are supported by the build system. If your board isn't listed here then you may still be able to install Freedombone using Armbian.
 

 
 
 
 

 The latest image builds can be found here.
 

 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

+

+

 

 

 
diff --git a/website/EN/code.html b/website/EN/code.html
index 8515b3b3..7edf3947 100644
--- a/website/EN/code.html
+++ b/website/EN/code.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -235,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Code

-

 
+

+
Code

+

 

 Freedombone is really just a couple of bash scripts which install and configure software on a Debian GNU/Linux system. If you're a system administrator, software engineer or Linux hobbyist you'll probably be familiar with command line scripting and be able to make your own modifications or custom variants to suit your needs. Freedombone is licensed under the GNU Affero General Public License version 3 (or later).
 

@@ -271,9 +178,16 @@ Github is closed source. Sooner or later it will probably turn evil or become li
 Longer term it is expected that the source code for this project will also be self-hosted, with Github acting only as a mirror to increase visibility.
 

 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

+

+

 

 

 
diff --git a/website/EN/codeofconduct.html b/website/EN/codeofconduct.html
index 146f9a90..c001e2af 100644
--- a/website/EN/codeofconduct.html
+++ b/website/EN/codeofconduct.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,37 +144,38 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+

+
Code of Conduct

 

 
-
Code of Conduct

-
-

-
Be respectful

-

+

+
Be respectful

+

 

 In any Free Software project with more than one participant inevitably there may be people with whom you may disagree, or find it difficult to cooperate. Accept that, but even so, remain respectful. Disagreement is no excuse for poor behaviour or personal attacks, and a community in which people feel threatened is not a healthy community.
 

 

 

 
-

-
Assume good faith

-

+

+
Assume good faith

+

 

 Freedombone Contributors have many ways of reaching our common goal of providing freedom respecting internet or mesh systems which may differ from your ways. Assume that other people are working towards this goal.
 

 

 

 
-

-
Be collaborative

-

+

+
Be collaborative

+

 

 Freedombone is a moderately complex project, though nothing big and professional like GNU. It's good to ask for help when you need it. Similarly, offers for help should be seen in the context of our shared goal of improving the system.
 

@@ -277,9 +186,9 @@ When you make something for the benefit of the project, be willing to explain to
 

 

 
-

-
Try to be concise

-

+

+
Try to be concise

+

 

 If you're submitting documentation then keep in mind that what you write once could be read by many other people. To avoid TL;DR keep it as short and concise as possible. This will also reduce the amount of translations effort needed.
 

@@ -290,9 +199,9 @@ If you're discussing an issue or bug, try to stay on topic, especially in discus
 

 

 
-

-
Be open

-

+

+
Be open

+

 

 Most ways of communication used within Freedombone (eg Matrix/XMPP) allow for public and private communication. Prefer public methods of communication for Freedombone-related messages, unless posting something sensitive.
 

@@ -303,9 +212,9 @@ This applies to messages for help, too; not only is a public support request muc
 

 

 
-

-
In case of problems

-

+

+
In case of problems

+

 

 While this code of conduct should be adhered to by participants, we recognize that sometimes people may have a bad day, or be unaware of some of the guidelines in this code of conduct. When that happens, you may reply to them and point out this code of conduct. Such messages may be in public or in private, whatever is most appropriate. However, regardless of whether the message is public or not, it should still adhere to the relevant parts of this code of conduct; in particular, it should not be abusive or disrespectful. Assume good faith; it is more likely that participants are unaware of their bad behaviour than that they intentionally try to degrade the quality of the discussion.
 

diff --git a/website/EN/controlpanel.html b/website/EN/controlpanel.html
index a8bcbccb..d4885ff0 100644
--- a/website/EN/controlpanel.html
+++ b/website/EN/controlpanel.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -235,79 +144,80 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Control panel

-

 
+
 
-

-
Main menu

-

+

+
Main menu

+

 

 You can access the main menu by logging into the system.
 

 
 

+
 
ssh myusername@mydomain -p 2222
 

 

@@ -320,13 +230,11 @@ Then selecting Administrator controls.
 It should look like this:
 

 
-

 
 

-
control_panel.jpg
+
control_panel.jpg
 

 

-

 
 

 To select anythng on the control panel use the up and down cursor keys and space bar to tag, then press Enter.
@@ -334,9 +242,9 @@ To select anythng on the control panel use the up and down cursor keys an
 

 

 
-

-
User control panel

-

+

+
User control panel

+

 

 When a user initially logs in they will see a version of the control panel with restricted options aimed at the kinds of things which someone who isn't the administrator might wish to do. An expected scenario is that you might have a few friends or family members on the system, and this is who this menu is intended for.
 

@@ -345,33 +253,29 @@ When a user initially logs in they will see a version of the control panel with
 From this menu checking email or running chat applications is very easy, and they are configured in a safe manner without the user needing to do anything special. Email uses mutt, XMPP uses profanity and IRC uses irssi.
 

 
-

 
 

-
control_panel_user.jpg
+
control_panel_user.jpg
 

 

-

 
 

 It's also possible for the user to define email filtering rules, add a ssh public key for key based login and also add or remove GPG public keys. They can also do this via the commandline if they prefer, but the menu system may provide an easier user interface.
 

 

 

-

-
About screen

-

+

+
About screen

+

 

 To find out your current domain names select the About screen from the main menu. This is especially useful for finding your onion addresses. For improved security by compartmentalisation, and also simpler implementation, each application has its own onion address.
 

 
-

 
 

-
control_panel_about.jpg
+
control_panel_about.jpg
 

 

-

 
 

 You can also see the SIP extension numbers for each user and how much disk space each user is consuming (typically this corresponds with email use).
@@ -383,142 +287,126 @@ The Local Mirrors contains mirrored copies of the git repositories used by the s
 

 

 
-

-
Email filtering rules

-

+

+
Email filtering rules

+

 

 You can add users to mailing lists, or block particular email addresses or subject lines in this menu.
 

 
-

 
 

-
control_panel_filtering.jpg
+
control_panel_filtering.jpg
 

 

 

 

-

 
-

-
Hubzilla menu

-

+

+
Hubzilla menu

+

 

 This allows you to set the global directory location and obtain an SSL/TLS certificate if necessary.
 

 
-

 
 

-
control_panel_hubzilla.jpg
+
control_panel_hubzilla.jpg
 

 

 

 

-

 
-

-
IRC menu

-

+

+
IRC menu

+

 

 You can view the current IRC password or change it from here. Currently the IRC server does not work equally well on clrearnet and via Tor, so there is an option to switch from one to the other. Initially the IRC server will be running on clearnet (i.e. no onion routing).
 

 
-

 
 

-
control_panel_irc.jpg
+
control_panel_irc.jpg
 

 

 

 

-

 
-

-
Media menu

-

+

+
Media menu

+

 

 It's possible to add playable media to a USB drive and plug it into the system, then make it accessible to other devices such as tablets or phones on your local network via DLNA.
 

 
-

 
 

-
control_panel_media.jpg
+
control_panel_media.jpg
 

 

 

 

-

 
-

-
Repository mirrors

-

+

+
Repository mirrors

+

 

 If you don't want to use the default repositories, or don't have access to them, then you can obtain them from another Freedombone server (the details can be found on the other server on the About screen of the control panel).
 

 
-

 
 

-
control_panel_mirrors.jpg
+
control_panel_mirrors.jpg
 

 

 

 

-

 
-

-
Backup and restore menu

-

+

+
Backup and restore menu

+

 

 You can create backups or restore from backup here. It's also possible to create keydrives which store the backup key.
 

 
-

 
 

-
control_panel_backup_restore.jpg
+
control_panel_backup_restore.jpg
 

 

 

 

-

 
-

-
Security menu

-

+

+
Security menu

+

 

 If you need to generate SSL/TLS certificates or change cypher details due to changing recommendations then you can do that here. If you are changing cypher details be extra careful not to make mistakes/typos, which could reduce the security of your system.
 

 
-

 
 

-
control_panel_security.jpg
+
control_panel_security.jpg
 

 

 

 

-

 
-

-
User management menu

-

+

+
User management menu

+

 

 Users can be added or removed here.
 

 
-

 
 

-
control_panel_users.jpg
+
control_panel_users.jpg
 

 

 

 

 

-

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
How to install on an existing Debian system

-

 
+

+
How to install on an existing Debian system

+

 

 

 "The antagonism of surveillance is not privacy but the making of communities in struggle"
@@ -267,11 +173,12 @@ It's still possible to install the system onto these unsupported devices if you
 

 
 

+
 
su
 apt-get update
 apt-get -qy install build-essential git dialog
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 make install
 freedombone menuconfig (or freedombone menuconfig-onion)
@@ -287,10 +194,13 @@ Once installed you can then log in from another system with:
 

 
 

+
 
ssh yourusername@freedombone.local -p 2222
 

 

 

+

+

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,27 +144,28 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+

+
Developers Guide

 

 
-
Developers Guide

-
-

-
Introduction

-

+

+
Introduction

+

 

 Freedombone consists of a set of bash scripts. There are a lot of them, but they're not very complicated. If you're familiar with the GNU/Linux commandline and can hack a bash script then you can probably add a new app or fix a bug in the system. There are no trendy development frameworks to learn or to get in your way. You might also want to consult the Code of Conduct, and there is a Matrix room at #fbone:matrix.freedombone.net
 

 

 

-

-
Adding extra apps

-

+

+
Adding extra apps

+

 

 Suppose you have some internet application which you want to add to the system. To do this you need to create an app script which tells the system how to install/remove and also backup/restore. The script should be designed to work with the current stable version of Debian.
 

@@ -270,8 +179,9 @@ To create a script for a generic PHP plus MySql/MariaDB web app:
 

 
 

-
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --php yes -d mariadb > \
+
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --php yes -d mariadb > \
                      src/freedombone-app-myappname
 

 

@@ -281,9 +191,10 @@ For a Nodejs app with MySql/MariaDB database:
 

 
 

-
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --node yes -d mariadb \
-                     --dir /etc/myappname --daemon yes > \
+
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --node yes -d mariadb \
+                     --dir /etc/myappname --daemon yes > \
                      src/freedombone-app-myappname
 

 

@@ -293,9 +204,10 @@ For a Python app with Postgresql database:
 

 
 

-
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] -d postgresql \
-                     --dir /etc/myappname --daemon yes > \
+
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] -d postgresql \
+                     --dir /etc/myappname --daemon yes > \
                      src/freedombone-app-myappname
 

 

@@ -305,9 +217,10 @@ For a Python app without any database, communicating between the daemon and the
 

 
 

-
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --dir /etc/myappname \
-                     --daemon yes --portinternal 1234 > \
+
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --dir /etc/myappname \
+                     --daemon yes --portinternal 1234 > \
                      src/freedombone-app-myappname
 

 

@@ -317,9 +230,10 @@ For an app without any database which communicates directly on a particular port
 

 
 

-
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --dir /etc/myappname \
-                     --daemon yes --port 5000 > \
+
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --dir /etc/myappname \
+                     --daemon yes --port 5000 > \
                      src/freedombone-app-myappname
 

 

@@ -329,9 +243,10 @@ A generic PHP plus MySql/MariaDB web app which is only available on an onion add
 

 
 

-
freedombone-template --app [name] -e [email] -r [repo url] \
-                     -c [commit] --php yes -d mariadb \
-                     --onion yes > \
+
+
freedombone-template --app [name] -e [email] -r [repo url] \
+                     -c [commit] --php yes -d mariadb \
+                     --onion yes > \
                      src/freedombone-app-myappname
 

 

@@ -341,6 +256,7 @@ For more details see the manpage:
 

 
 

+
 
man freedombone-template
 

 

@@ -354,6 +270,7 @@ When your new script is ready for testing you can install it with:
 

 
 

+
 
make install
 

 

@@ -368,9 +285,9 @@ Submit your working app to 
-
Customising mesh images

-

+

+
Customising mesh images

+

 

 If you want to make your own specially branded version of the mesh images, such as for a particular event, then to change the default desktop backgrounds edit the images within img/backgrounds and to change the available avatars and desktop icons edit the images within img/avatars. Re-create disk images using the instructions shown previously.
 

diff --git a/website/EN/domains.html b/website/EN/domains.html
index 1fcc6d65..b8883fe9 100644
--- a/website/EN/domains.html
+++ b/website/EN/domains.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -235,19 +144,20 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+

+
How to get a domain name

 

 
-
How to get a domain name

-
-

-
The domain name itself

-

+

+
The domain name itself

+

 

 If you want your sites or chat systems to be available via an ordinary web browser (i.e. not a Tor browser) then you'll need to obtain a domain name. The domain name system is ultimately controlled by ICANN and to obtain a domain name for which you can also get a TLS certificate you'll need to buy one. There are various sites which sell domain names, and fortunately they can often be quite cheap - especially if you can think of an obscure name for your site. Prefer sites where the domain name subscription can be automatically renewed, because otherwise trolls can quickly buy your domain when it expires and then hold it for ransom. If you're planning to self-host for more than an ephemeral purpose, such as a conference or festival, then choose the longest subscription period you can afford (typically a few years).
 

@@ -258,9 +168,9 @@ You probably only need one ICANN domain name and then the various Freedombone ap
 

 

 
-

-
Dynamic DNS

-

+

+
Dynamic DNS

+

 

 You will also need a dynamic DNS account, and again this might be something you have to pay a subscription for. Your Freedombone system will have a local network address (typically 192.168.x.y or 10.x.y.z) and also a public IP address assigned by your ISP. Your ISP will change your public IP address every so often (that's why it's called "dynamic") and so there needs to be some way to link the domain name which you've obtained to your changing public IP address. That's what the dynamic DNS service does.
 

@@ -278,6 +188,7 @@ The dynamic DNS service will have their own DNS servers maintaining the IP addre
 

 
 

+
 
NS1.AFRAID.ORG
 NS2.AFRAID.ORG
 NS3.AFRAID.ORG
@@ -290,9 +201,9 @@ It might take a few minutes for the changes to take effect, so don't be too hast
 

 

 
-

-
Configuring with FreeDNS

-

+

+
Configuring with FreeDNS

+

 

 If you are using FreeDNS as a dynamic DNS provider then on their site select "Domains" and add your domain name (this might only be available to paid subscribers). Make sure that they're marked as "private" so that subdomains of your domain name are not used by other users of the site.
 

@@ -304,18 +215,18 @@ Select "Subdomains" from the menu on the left then select the MX entry for your
 

 

 
-

-
Setting up with Freedombone

-

+

+
Setting up with Freedombone

+

 

 When you start the base installation of the system it will ask you to choose a dynamic DNS provider and then enter the login details for the dynamic DNS service.
 

 

 

 
-

-
A note about Tor

-

+

+
A note about Tor

+

 

 If you only want your sites to be available via Tor then none of the above is needed and you can access your sites and systems via their onion addresses. Tor has its own naming system which is independent from ICANN, and you also won't need TLS/SSL certificates since it also manages transport encryption itself. When building disk images use the –onion yes option, or choose one of the ready made onion disk images from downloads.
 

diff --git a/website/EN/faq.html b/website/EN/faq.html
index 69874ea7..31dce71f 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,171 +144,176 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+
+

+
Frequently Asked Questions

+

+
+

+
surveillanceoptions.jpg
+

 

 
-

-
Frequently Asked Questions

-

-
-

 

-surveillanceoptions.jpg
 Possible options for dealing with bulk surveillance at The Glass Room exhibition, 2017
 

-

 
-

+
+

 -+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+

 
 
 


 
 
 
What applications are supported?What applications are supported?
 

 
 
I don't have a static IP address. Can I still install this system?I don't have a static IP address. Can I still install this system?
 

 
 
Why Freedombone and not FreedomBox?Why Freedombone and not FreedomBox?
 

 
 
Why not support building images for Raspberry Pi?Why not support building images for Raspberry Pi?
 

 
 
Why use Tor? I've heard it's used by bad peopleWhy use Tor? I've heard it's used by bad people
 

 
 
How is Tor integrated with Freedombone?How is Tor integrated with Freedombone?
 

 
 
Can I add a clearnet domain to an onion build?Can I add a clearnet domain to an onion build?
 

 
 
Why use Github?Why use Github?
 

 
 
Should I upload my GPG keys to keybase.io?Should I upload my GPG keys to keybase.io?
 

 
 
Keys and emails should not be stored on servers. Why do you do that?Keys and emails should not be stored on servers. Why do you do that?
 

 
 
Why can't I access my .onion site with a Tor browser?Why can't I access my .onion site with a Tor browser?
 

 
 
What is the best hardware to run this system on?What is the best hardware to run this system on?
 

 
 
Can I add more users to the system?Can I add more users to the system?
 

 
 
Why not use Signal for mobile chat?Why not use Signal for mobile chat?
 

 
 
What is the most secure chat app to use on mobile?What is the most secure chat app to use on mobile?
 

 
 
How do I remove a user from the system?How do I remove a user from the system?
 

 
 
Why is logging for web sites turned off by default?Why is logging for web sites turned off by default?
 

 
 
How do I reset the tripwire?How do I reset the tripwire?
 

 
 
Is metadata protected?Is metadata protected?
 

 
 
How do I create email processing rules?How do I create email processing rules?
 

 
 
Why isn't dynamic DNS working?Why isn't dynamic DNS working?
 

 
 
How do I change my encryption settings?How do I change my encryption settings?
 

 
 
How do I get a domain name?How do I get a domain name?
 

 
 
How do I get a "real" SSL/TLS/HTTPS certificate?How do I get a "real" SSL/TLS/HTTPS certificate?
 

 
 
How do I renew a Let's Encrypt certificate?How do I renew a Let's Encrypt certificate?
 

 
 
I tried to renew a Let's Encrypt certificate and it failed. What should I do?I tried to renew a Let's Encrypt certificate and it failed. What should I do?
 

 
 
Why not use the services of $company instead? They took the Seppuku pledgeWhy not use the services of $company instead? They took the Seppuku pledge
 

 
 
Why does my email keep getting rejected as spam by Gmail/etc?Why does my email keep getting rejected as spam by Gmail/etc?
 

 
 
Tor is censored/blocked in my area. What can I do?Tor is censored/blocked in my area. What can I do?
 

 
 
I want to block a particular domain from getting its content into my social network sitesI want to block a particular domain from getting its content into my social network sites
 

 
 
The mesh system doesn't boot from USB driveThe mesh system doesn't boot from USB drive
 

 
 

 

+

+

 
-

-
What applications are supported?

-

+

+
What applications are supported?

+

 

 See here for the complete list of apps. In addition to those as part of the base install you get an email server.
 

 

 

-

-
I don't have a static IP address. Can I still install this system?

-

+

+
I don't have a static IP address. Can I still install this system?

+

 

 Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
 

@@ -410,50 +323,68 @@ The lack of a static IP address can be worked around by using a dynamic DNS serv
 

 

 

-

-
Why Freedombone and not FreedomBox?

-

+

+
Why Freedombone and not FreedomBox?

+

 

 When the project began in late 2013 the FreedomBox project seemed to be going nowhere, and was only designed to work with the DreamPlug hardware. There was some new hardware out - the Beaglebone Black - which could run Debian and was also a free hardware design so seemed more appropriate. Hence the name "Freedombone", being like FreedomBox but on a Beaglebone. There are some similarities and differences between the two projects:
 

 

 
-

-
Similarities

-

+

+
Similarities

+

 
    
-
  • Uses freedom-maker and vmdebootstrap to build debian images
    • 
-
  • Supports the use of Tor onion addresses to access websites
    • 
-
  • Typically runs on ARM single board computers
    • 
-
  • Both projects aim to increase independence and privacy for internet users
    • 
-
  • Both projects aim to make running your own server at home easy
    • 
-
  • Both projects include wiki, blog, VoIP and file sync
    • 
-
  • Both projects enable easy installation and removal of apps
    • 
-
  • Both are typically "bare metal" rather than running as VMs or containers
    • 
-
  • Both currently are hosted on Github
    • 
+
  • Uses freedom-maker and vmdebootstrap to build debian images
+
    • 
+
  • Supports the use of Tor onion addresses to access websites
+
    • 
+
  • Typically runs on ARM single board computers
+
    • 
+
  • Both projects aim to increase independence and privacy for internet users
+
    • 
+
  • Both projects aim to make running your own server at home easy
+
    • 
+
  • Both projects include wiki, blog, VoIP and file sync
+
    • 
+
  • Both projects enable easy installation and removal of apps
+
    • 
+
  • Both are typically "bare metal" rather than running as VMs or containers
+
    • 
+
  • Both currently are hosted on Github
+
    • 
 

 

 

-

-
Differences

-

+

+
Differences

+

 
    
-
  • FreedomBox is a Debian pure blend. Freedombone is not
    • 
-
  • Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
    • 
-
  • FreedomBox is aimed at consumers. Freedombone is aimed at slightly more technical people who don't have time to configure servers
    • 
-
  • Freedombone includes some software not yet in the official Debian repos
    • 
-
  • Freedombone includes an email server set up for use with GPG by default
    • 
-
  • Freedombone has encrypted backups capability
    • 
-
  • Freedombone implements the social key management idea which was described in a 2012 FreedomBox meetup
    • 
-
  • Freedombone implements recommendations from bettercrypto.org whereas FreedomBox sticks to Debian default crypto settings
    • 
-
  • Freedombone has a mesh network version. FreedomBox doesn't yet
    • 
+
  • FreedomBox is a Debian pure blend. Freedombone is not
+
    • 
+
  • Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
+
    • 
+
  • FreedomBox is aimed at consumers. Freedombone is aimed at slightly more technical people who don't have time to configure servers
+
    • 
+
  • Freedombone includes some software not yet in the official Debian repos
+
    • 
+
  • Freedombone includes an email server set up for use with GPG by default
+
    • 
+
  • Freedombone has encrypted backups capability
+
    • 
+
  • Freedombone implements the social key management idea which was described in a 2012 FreedomBox meetup
+
    • 
+
  • Freedombone implements recommendations from bettercrypto.org whereas FreedomBox sticks to Debian default crypto settings
+
    • 
+
  • Freedombone has a mesh network version. FreedomBox doesn't yet
+
    • 
 

 

 

 

-

-
Why not support building images for Raspberry Pi?

-

+

+
Why not support building images for Raspberry Pi?

+

 

 The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
 

@@ -463,9 +394,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
 

 

 

-

-
Why use Tor? I've heard it's used by bad people

-

+

+
Why use Tor? I've heard it's used by bad people

+

 

 Years ago Tor was usually depicted in the mainstream media as something scary inhabited by cyberterrorists and other bad cybers, but today to a large extent Tor is accepted as just another way of routing data in a network. Depending upon where you live there may still be some amount of fearmongering about Tor, but it now seems clear that the trajectory is towards general acceptance.
 

@@ -475,10 +406,14 @@ Tor and its onion addresses, previously called hidden addresses, have a few key
 

 
 
    
-
  • NAT traversal
    • 
-
  • Firewall traversal
    • 
-
  • Avoiding the domain name system (DNS), which is mostly centralized and not secure
    • 
-
  • Avoiding passive bulk surveillance in which governments try to find out who is communicating with who
    • 
+
  • NAT traversal
+
    • 
+
  • Firewall traversal
+
    • 
+
  • Avoiding the domain name system (DNS), which is mostly centralized and not secure
+
    • 
+
  • Avoiding passive bulk surveillance in which governments try to find out who is communicating with who
+
    • 
 

 
 

@@ -486,9 +421,9 @@ On the negative side it's a complex system which is not fully decentralized.
 

 

 

-

-
How is Tor integrated with Freedombone?

-

+

+
How is Tor integrated with Freedombone?

+

 

 Within this project Tor is used more to provide accessibility than the anonymity factor for which Tor is better known. The onion address system provides a way of being able to access sites even if you don't own a conventional domain name or don't have administrator access to your local internet router to be able to do port forwarding.
 

@@ -506,17 +441,17 @@ Even if you're running the "onion only" build, this only means that sites are ac
 

 

 

-

-
Can I add a clearnet domain to an onion build?

-

+

+
Can I add a clearnet domain to an onion build?

+

 

 You could if you manually edited the relevant nginx configuration files and installed some dynamic DNS system yourself. If you already have sysadmin knowledge then that's probably not too hard. But the builds created with the onion-addresses-only option aren't really intended to support access via clearnet domains.
 

 

 

-

-
Why use Github?

-

+

+
Why use Github?

+

 

 Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
 

@@ -534,21 +469,21 @@ Currently many of the repositories used for applications which are not yet packa
 

 

 

-

-
Should I upload my GPG keys to keybase.io?

-

+

+
Should I upload my GPG keys to keybase.io?

+

 

 It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the private keys, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
 

 
 

-Saying something resembling "only noobs will use crackable private key passphrases" isn't good enough. A passphrase should not be considered to be a substitute for a private key.
+Saying something resembling /"only noobs will use crackable private key passphrases"/ isn't good enough. A passphrase should not be considered to be a substitute for a private key.
 

 

 

-

-
Keys and emails should not be stored on servers. Why do you do that?

-

+

+
Keys and emails should not be stored on servers. Why do you do that?

+

 

 Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
 

@@ -557,45 +492,45 @@ Ordinarily this is good advice. However, the threat model for a device in your h
 
 
 
-
+
 
-
+
 
 
 
-At home
-In a warehouse
+At home
+In a warehouse
 
 
 
 
-Accessible to a small number of people
-Accessible to possibly many random strangers
+Accessible to a small number of people
+Accessible to possibly many random strangers
 
 
 
-You control the environment
-You have no control over the warehouse
+You control the environment
+You have no control over the warehouse
 
 
 
-You know what gets plugged in to the box
-Anything could be plugged in to the box and you might not know
+You know what gets plugged in to the box
+Anything could be plugged in to the box and you might not know
 
 
 
-You know where your home is
-The warehouse could be anywhere in the world
+You know where your home is
+The warehouse could be anywhere in the world
 
 
 
-Normally requires a warrant to search
-Requires little or no justification to search
+Normally requires a warrant to search
+Requires little or no justification to search
 
 
 
-You know what jurisdiction your home is within
-You may have no idea what jurisdiction the warehouse is within
+You know what jurisdiction your home is within
+You may have no idea what jurisdiction the warehouse is within
 
 
 
@@ -606,9 +541,9 @@ In the home environment a box with a good firewall and no GUI components install
 

 

 
-

-
Why can't I access my .onion site with a Tor browser?

-

+

+
Why can't I access my .onion site with a Tor browser?

+

 

 Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select whitelist and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
 

@@ -618,9 +553,9 @@ Another factor to be aware of is that it can take a while for the onion address
 

 

 

-

-
What is the best hardware to run this system on?

-

+

+
What is the best hardware to run this system on?

+

 

 It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you UPS capability to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
 

@@ -630,14 +565,15 @@ It was originally designed to run on the Beaglebone Black, but that should be re
 

 

 

-

-
Can I add more users to the system?

-

+

+
Can I add more users to the system?

+

 

 Yes. Freedombone can support a small number of users, for a "friends and family" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
 

 
 

+
 
ssh username@mydomainname -p 2222
 

 

@@ -655,9 +591,9 @@ Another point is that Freedombone installations are not intended to support many
 

 

 

-

-
Why not use Signal for mobile chat?

-

+

+
Why not use Signal for mobile chat?

+

 

 Celebrities recommend Signal. It's Free Software so it must be good, right?
 

@@ -667,12 +603,18 @@ If you are currently using a proprietary chat app, something without any encrypt
 

 
 
    
-
  • It uses phone numbers. Phone numbers are used for Signal's initial verification, and they can of course be intercepted or faked. Plus it means that Open Whisper Systems keeps a list of phone numbers on its centralised server for its "X has joined Signal" notification. Even if they're hashed, they're still unique identifiers and rainbow tables for the phone number system probably exist. Phone numbers are convenient for some users, but are also a non-trivial security risk. If you're using Signal then consider what it knows about who your contacts are, where that data is located and who else might have access to that. Consider what might happen if an adversary gets to know your mobile number.
    • 
-
  • It's based on a single server run by Open Whisper Systems. That's a single point of failure and ought to be a big red flag (of the sporting rather than the socialist variety) as a possible locus for concentrated nefariousness.
    • 
-
  • It requires the installation of Google Play. If you already have Google Play installed on a stock Android OS then this doesn't increase your security problems, but for other more secure Android variants it's a massive increase in attack surface. There is a separate apk available for download, but it won't receive updates and the hash shown on the site often doesn't match.
    • 
-
  • It depends entirely upon the Google message pushing system. That means that Google at least knows who Signal messages are being sent to and may be able to infer the rest via your (insecure) Android phone contact list or via timing correlation of alternating deliveries. Remember that for an adversary metadata in aggregate is much better than having the content of messages. At any time Google could decide that it doesn't want to support Signal, or in adverse circumstances they could be leaned upon by the usual agencies or government cronies.
    • 
-
  • Their privacy policy indicates that they will give whatever server data they have to third parties under some conditions. Of course this is always claimed to be for the very best of reasons - such as combating fraud - but once that sort of disclosure capability exists it may be abused without you ever knowing about it. Consider how difficult, or not, it may be for a government to reverse engineer a database of hashed telephone numbers.
    • 
-
  • Forking isn't really an option. A fork was tried, but Moxie got annoyed when it still used his server. At the same time the level of interest in federating the server is not detectable with our best intrumentation, and is suspected to be negative. That's a catch 22 which effectively means that independent implementations of Signal will always leave some users unable to communicate with each other.
    • 
+
  • It uses phone numbers. Phone numbers are used for Signal's initial verification, and they can of course be intercepted or faked. Plus it means that Open Whisper Systems keeps a list of phone numbers on its centralised server for its /"X has joined Signal"/ notification. Even if they're hashed, they're still unique identifiers and rainbow tables for the phone number system probably exist. Phone numbers are convenient for some users, but are also a non-trivial security risk. If you're using Signal then consider what it knows about who your contacts are, where that data is located and who else might have access to that. Consider what might happen if an adversary gets to know your mobile number.
+
    • 
+
  • It's based on a single server run by Open Whisper Systems. That's a single point of failure and ought to be a big red flag (of the sporting rather than the socialist variety) as a possible locus for concentrated nefariousness.
+
    • 
+
  • It requires the installation of Google Play. If you already have Google Play installed on a stock Android OS then this doesn't increase your security problems, but for other more secure Android variants it's a massive increase in attack surface. There is a separate apk available for download, but it won't receive updates and the hash shown on the site often doesn't match.
+
    • 
+
  • It depends entirely upon the Google message pushing system. That means that Google at least knows who Signal messages are being sent to and may be able to infer the rest via your (insecure) Android phone contact list or via timing correlation of alternating deliveries. Remember that for an adversary metadata in aggregate is much better than having the content of messages. At any time Google could decide that it doesn't want to support Signal, or in adverse circumstances they could be leaned upon by the usual agencies or government cronies.
+
    • 
+
  • Their privacy policy indicates that they will give whatever server data they have to third parties under some conditions. Of course this is always claimed to be for the very best of reasons - such as combating fraud - but once that sort of disclosure capability exists it may be abused without you ever knowing about it. Consider how difficult, or not, it may be for a government to reverse engineer a database of hashed telephone numbers.
+
    • 
+
  • Forking isn't really an option. A fork was tried, but Moxie got annoyed when it still used his server. At the same time the level of interest in federating the server is not detectable with our best intrumentation, and is suspected to be negative. That's a catch 22 which effectively means that independent implementations of Signal will always leave some users unable to communicate with each other.
+
    • 
 

 
 

@@ -680,9 +622,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
 

 

 

-

-
What is the most secure chat app to use on mobile?

-

+

+
What is the most secure chat app to use on mobile?

+

 

 On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
 

@@ -692,18 +634,19 @@ The current safest way to chat is to use Conv
 

 
 

-There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
+There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
 

 

 

-

-
How do I remove a user from the system?

-

+

+
How do I remove a user from the system?

+

 

 To remove a user:
 

 
 

+
 
ssh username@mydomainname -p 2222
 

 

@@ -713,9 +656,9 @@ Select Administrator controls then Manage Users and then Delete
 

 

 

-

-
Why is logging for web sites turned off by default?

-

+

+
Why is logging for web sites turned off by default?

+

 

 If you're making profits out of the logs by running large server warehouses and then data mining what users click on - as is the business model of well known internet companies - then logging everything makes total sense. However, if you're running a home server then logging really only makes sense if you're trying to diagnose some specific problem with the system, and outside of that context logging everything becomes more of a liability than an asset.
 

@@ -729,14 +672,15 @@ On the Freedombone system web logs containing IP addresses are turned off by def
 

 

 

-

-
How do I reset the tripwire?

-

+

+
How do I reset the tripwire?

+

 

 The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
 

 
 

+
 
ssh username@mydomain -p 2222
 

 

@@ -746,9 +690,9 @@ Select Administrator controls then "reset tripwire" using cursors and spa
 

 

 

-

-
Is metadata protected?

-

+

+
Is metadata protected?

+

 

 

 "We kill people based on metadata"
@@ -764,10 +708,11 @@ Even when using Freedombone metadata analysis by third parties is still possible
 

 

 

-

-
How do I create email processing rules?

-

+

+
How do I create email processing rules?

+

 

+
 
ssh username@domainname -p 2222
 

 

@@ -780,39 +725,39 @@ Select Administrator controls then Email Filtering Rules then you
 
 
 
-
+
 
-
+
 
 
 
-freedombone-addlist
-Adds a mailing list
+freedombone-addlist
+Adds a mailing list
 
 
 
-freedombone-rmlist
-Removes a mailing list
+freedombone-rmlist
+Removes a mailing list
 
 
 
-freedombone-addemail
-Transfers emails from an address to a given folder
+freedombone-addemail
+Transfers emails from an address to a given folder
 
 
 
-freedombone-rmemail
-Removes an email transferal rule
+freedombone-rmemail
+Removes an email transferal rule
 
 
 
-freedombone-ignore
-Ignores email from an address or with a subject line containing text
+freedombone-ignore
+Ignores email from an address or with a subject line containing text
 
 
 
-freedombone-unignore
-Removes an ignore rule
+freedombone-unignore
+Removes an ignore rule
 
 
 
@@ -822,14 +767,15 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
 

 

 

-

-
Why isn't dynamic DNS working?

-

+

+
Why isn't dynamic DNS working?

+

 

 If you run the command:
 

 
 

+
 
systemctl status inadyn
 

 

@@ -839,6 +785,7 @@ And see some error related to checking for changes in the IP address then you ca
 

 
 

+
 
https://check.torproject.org/
 https://www.whatsmydns.net/whats-my-ip-address.html
 https://www.privateinternetaccess.com/pages/whats-my-ip/
@@ -847,14 +794,15 @@ https://www.privateinternetaccess.com/pages/whats-my-ip/
 

 

 
-

-
How do I change my encryption settings?

-

+

+
How do I change my encryption settings?

+

 

 Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
 

 
 

+
 
ssh myusername@mydomain -p 2222
 

 

@@ -864,9 +812,9 @@ Select Administrator controls then select Security Settings. You w
 

 

 

-

-
How do I get a domain name?

-

+

+
How do I get a domain name?

+

 

 Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
 

@@ -876,6 +824,7 @@ Remove any existing nameservers for your domain (or select "custom" nameservers)
 

 
 

+
 
NS1.AFRAID.ORG
 NS2.AFRAID.ORG
 NS3.AFRAID.ORG
@@ -896,6 +845,7 @@ To route email to one of your freedns domains:
 

 
 

+
 
editor /etc/mailname
 

 

@@ -905,6 +855,7 @@ Add any extra domains which you own, then save and exit.
 

 
 

+
 
editor /etc/exim4/update-exim4.conf.conf
 

 

@@ -918,6 +869,7 @@ Save and exit, then restart exim.
 

 
 

+
 
update-exim4.conf.template -r
 update-exim4.conf
 service exim4 restart
@@ -930,14 +882,15 @@ You should now be able to send an email from postmaster@mynewdomainname a
 

 

 
-

-
How do I get a "real" SSL/TLS/HTTPS certificate?

-

+

+
How do I get a "real" SSL/TLS/HTTPS certificate?

+

 

 If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
 

 
 

+
 
ssh username@mydomainname -p 2222
 

 

@@ -951,9 +904,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
 

 

 

-

-
How do I renew a Let's Encrypt certificate?

-

+

+
How do I renew a Let's Encrypt certificate?

+

 

 Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
 

@@ -963,6 +916,7 @@ If you need to manually renew a certificate:
 

 
 

+
 
ssh username@mydomainname -p 2222
 

 

@@ -972,14 +926,15 @@ Select Administrator controls then Security settings then Renew
 

 

 

-

-
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

-

+

+
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

+

 

 Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
 

 
 

+
 
ssh username@mydomainname -p 2222
 

 

@@ -989,17 +944,17 @@ Select Administrator controls then Security settings then Creat
 

 

 

-

-
Why not use the services of $company instead? They took the Seppuku pledge

-

+

+
Why not use the services of $company instead? They took the Seppuku pledge

+

 

-That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
+That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
 

 

 

-

-
Why does my email keep getting rejected as spam by Gmail/etc?

-

+

+
Why does my email keep getting rejected as spam by Gmail/etc?

+

 

 Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
 

@@ -1009,6 +964,7 @@ Often ISPs will run their own SMTP mail server which you can use for proxying, t
 

 
 

+
 
ssh username@mydomainname -p 2222
 

 

@@ -1030,9 +986,9 @@ So the situation with email presently is pretty bad, and there's a clear selecti
 

 

 

-

-
Tor is censored/blocked in my area. What can I do?

-

+

+
Tor is censored/blocked in my area. What can I do?

+

 

 If you can find some details for an obfs4 Tor bridge (its IP address, port number and key or nickname) then you can set up the system to use it to connect to the Tor network. Unlike relay nodes the IP addresses for bridges are not public information and so can't be easily known and added to block lists by authoritarian regimes or over-zealous ISPs.
 

@@ -1041,7 +997,7 @@ If you can find some details for an obfs4 Tor bridge (its IP address, port numbe
 ssh into your Freedombone system, go to the administrator control panel, select security settings then Tor Bridges and Add a bridge. You can then enter the details.
 

 
-

+

 
 

 
control_panel_bridges.jpg
@@ -1059,9 +1015,9 @@ You can also set your system to act as a Tor bridge, although this is not recomm
 

 

 
-

-
I want to block a particular domain from getting its content into my social network sites

-

+

+
I want to block a particular domain from getting its content into my social network sites

+

 

 If you're being pestered by some domain which contains bad/illegal/harrassing content or irritating users you can block domains at the firewall level. Go to the administrator control panel and select domain blocking. You can then block, unblock and view the list of blocked domains.
 

@@ -1076,9 +1032,9 @@ Select Administrator controls then Domain blocking.
 

 

 
-

-
The mesh system doesn't boot from USB drive

-

+

+
The mesh system doesn't boot from USB drive

+

 

 If the system doesn't boot and reports an error which includes /dev/mapper/loop0p1 then reboot with Ctrl-Alt-Del and when you see the grub menu press e and manually change /dev/mapper/loop0p1 to /dev/sdb1, then press Ctrl-x. If that doesn't work then reboot and try /dev/sdc1 instead.
 

@@ -1088,9 +1044,14 @@ After the system has booted successfully the problem should resolve itself on su
 

 
 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

 

 

 


From 0126fe2baac8f997966a768f4f507ab331a22d03 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 13:03:24 +0100
Subject: [PATCH 061/133] New formatting on images

---
 doc/EN/faq.org      |   3 -
 website/EN/faq.html | 270 ++++++++++++++++++++++----------------------
 2 files changed, 132 insertions(+), 141 deletions(-)

diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index 885a02f0..3d5096a2 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -9,9 +9,6 @@
 #+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
 
-
-* Frequently Asked Questions
-
 #+attr_html: :width 100% :align center
 [[file:images/surveillanceoptions.jpg]]
 
diff --git a/website/EN/faq.html b/website/EN/faq.html
index 31dce71f..48e56a92 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -152,10 +152,6 @@ for the JavaScript code in this tag.
 

 
 
-

-
Frequently Asked Questions

-

-
 

 
surveillanceoptions.jpg
 

@@ -175,145 +171,143 @@ for the JavaScript code in this tag.
 
 
 
-What applications are supported?
+What applications are supported?
 
 
 
-I don't have a static IP address. Can I still install this system?
+I don't have a static IP address. Can I still install this system?
 
 
 
-Why Freedombone and not FreedomBox?
+Why Freedombone and not FreedomBox?
 
 
 
-Why not support building images for Raspberry Pi?
+Why not support building images for Raspberry Pi?
 
 
 
-Why use Tor? I've heard it's used by bad people
+Why use Tor? I've heard it's used by bad people
 
 
 
-How is Tor integrated with Freedombone?
+How is Tor integrated with Freedombone?
 
 
 
-Can I add a clearnet domain to an onion build?
+Can I add a clearnet domain to an onion build?
 
 
 
-Why use Github?
+Why use Github?
 
 
 
-Should I upload my GPG keys to keybase.io?
+Should I upload my GPG keys to keybase.io?
 
 
 
-Keys and emails should not be stored on servers. Why do you do that?
+Keys and emails should not be stored on servers. Why do you do that?
 
 
 
-Why can't I access my .onion site with a Tor browser?
+Why can't I access my .onion site with a Tor browser?
 
 
 
-What is the best hardware to run this system on?
+What is the best hardware to run this system on?
 
 
 
-Can I add more users to the system?
+Can I add more users to the system?
 
 
 
-Why not use Signal for mobile chat?
+Why not use Signal for mobile chat?
 
 
 
-What is the most secure chat app to use on mobile?
+What is the most secure chat app to use on mobile?
 
 
 
-How do I remove a user from the system?
+How do I remove a user from the system?
 
 
 
-Why is logging for web sites turned off by default?
+Why is logging for web sites turned off by default?
 
 
 
-How do I reset the tripwire?
+How do I reset the tripwire?
 
 
 
-Is metadata protected?
+Is metadata protected?
 
 
 
-How do I create email processing rules?
+How do I create email processing rules?
 
 
 
-Why isn't dynamic DNS working?
+Why isn't dynamic DNS working?
 
 
 
-How do I change my encryption settings?
+How do I change my encryption settings?
 
 
 
-How do I get a domain name?
+How do I get a domain name?
 
 
 
-How do I get a "real" SSL/TLS/HTTPS certificate?
+How do I get a "real" SSL/TLS/HTTPS certificate?
 
 
 
-How do I renew a Let's Encrypt certificate?
+How do I renew a Let's Encrypt certificate?
 
 
 
-I tried to renew a Let's Encrypt certificate and it failed. What should I do?
+I tried to renew a Let's Encrypt certificate and it failed. What should I do?
 
 
 
-Why not use the services of $company instead? They took the Seppuku pledge
+Why not use the services of $company instead? They took the Seppuku pledge
 
 
 
-Why does my email keep getting rejected as spam by Gmail/etc?
+Why does my email keep getting rejected as spam by Gmail/etc?
 
 
 
-Tor is censored/blocked in my area. What can I do?
+Tor is censored/blocked in my area. What can I do?
 
 
 
-I want to block a particular domain from getting its content into my social network sites
+I want to block a particular domain from getting its content into my social network sites
 
 
 
-The mesh system doesn't boot from USB drive
+The mesh system doesn't boot from USB drive
 
 
 
 

-

-

 
-

-
What applications are supported?

-

+

+
What applications are supported?

+

 

 See here for the complete list of apps. In addition to those as part of the base install you get an email server.
 

 

 

-

-
I don't have a static IP address. Can I still install this system?

-

+

+
I don't have a static IP address. Can I still install this system?

+

 

 Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
 

@@ -323,17 +317,17 @@ The lack of a static IP address can be worked around by using a dynamic DNS serv
 

 

 

-

-
Why Freedombone and not FreedomBox?

-

+

+
Why Freedombone and not FreedomBox?

+

 

 When the project began in late 2013 the FreedomBox project seemed to be going nowhere, and was only designed to work with the DreamPlug hardware. There was some new hardware out - the Beaglebone Black - which could run Debian and was also a free hardware design so seemed more appropriate. Hence the name "Freedombone", being like FreedomBox but on a Beaglebone. There are some similarities and differences between the two projects:
 

 

 
-

-
Similarities

-

+

+
Similarities

+

 
    
 
  • Uses freedom-maker and vmdebootstrap to build debian images
 
    • 
@@ -356,9 +350,9 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
 

 

 

-

-
Differences

-

+

+
Differences

+

 
    
 
  • FreedomBox is a Debian pure blend. Freedombone is not
 
    • 
@@ -382,9 +376,9 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
 

 

 

-

-
Why not support building images for Raspberry Pi?

-

+

+
Why not support building images for Raspberry Pi?

+

 

 The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
 

@@ -394,9 +388,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
 

 

 

-

-
Why use Tor? I've heard it's used by bad people

-

+

+
Why use Tor? I've heard it's used by bad people

+

 

 Years ago Tor was usually depicted in the mainstream media as something scary inhabited by cyberterrorists and other bad cybers, but today to a large extent Tor is accepted as just another way of routing data in a network. Depending upon where you live there may still be some amount of fearmongering about Tor, but it now seems clear that the trajectory is towards general acceptance.
 

@@ -421,9 +415,9 @@ On the negative side it's a complex system which is not fully decentralized.
 

 

 

-

-
How is Tor integrated with Freedombone?

-

+

+
How is Tor integrated with Freedombone?

+

 

 Within this project Tor is used more to provide accessibility than the anonymity factor for which Tor is better known. The onion address system provides a way of being able to access sites even if you don't own a conventional domain name or don't have administrator access to your local internet router to be able to do port forwarding.
 

@@ -441,17 +435,17 @@ Even if you're running the "onion only" build, this only means that sites are ac
 

 

 

-

-
Can I add a clearnet domain to an onion build?

-

+

+
Can I add a clearnet domain to an onion build?

+

 

 You could if you manually edited the relevant nginx configuration files and installed some dynamic DNS system yourself. If you already have sysadmin knowledge then that's probably not too hard. But the builds created with the onion-addresses-only option aren't really intended to support access via clearnet domains.
 

 

 

-

-
Why use Github?

-

+

+
Why use Github?

+

 

 Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
 

@@ -469,9 +463,9 @@ Currently many of the repositories used for applications which are not yet packa
 

 

 

-

-
Should I upload my GPG keys to keybase.io?

-

+

+
Should I upload my GPG keys to keybase.io?

+

 

 It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the private keys, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
 

@@ -481,9 +475,9 @@ Saying something resembling /"only noobs will use crackable private key passphra
 

 

 

-

-
Keys and emails should not be stored on servers. Why do you do that?

-

+

+
Keys and emails should not be stored on servers. Why do you do that?

+

 

 Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
 

@@ -541,9 +535,9 @@ In the home environment a box with a good firewall and no GUI components install
 

 

 
-

-
Why can't I access my .onion site with a Tor browser?

-

+

+
Why can't I access my .onion site with a Tor browser?

+

 

 Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select whitelist and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
 

@@ -553,9 +547,9 @@ Another factor to be aware of is that it can take a while for the onion address
 

 

 

-

-
What is the best hardware to run this system on?

-

+

+
What is the best hardware to run this system on?

+

 

 It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you UPS capability to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
 

@@ -565,9 +559,9 @@ It was originally designed to run on the Beaglebone Black, but that should be re
 

 

 

-

-
Can I add more users to the system?

-

+

+
Can I add more users to the system?

+

 

 Yes. Freedombone can support a small number of users, for a "friends and family" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
 

@@ -591,9 +585,9 @@ Another point is that Freedombone installations are not intended to support many
 

 

 

-

-
Why not use Signal for mobile chat?

-

+

+
Why not use Signal for mobile chat?

+

 

 Celebrities recommend Signal. It's Free Software so it must be good, right?
 

@@ -622,9 +616,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
 

 

 

-

-
What is the most secure chat app to use on mobile?

-

+

+
What is the most secure chat app to use on mobile?

+

 

 On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
 

@@ -634,13 +628,13 @@ The current safest way to chat is to use Conv
 

 
 

-There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
+There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
 

 

 

-

-
How do I remove a user from the system?

-

+

+
How do I remove a user from the system?

+

 

 To remove a user:
 

@@ -656,9 +650,9 @@ Select Administrator controls then Manage Users and then Delete
 

 

 

-

-
Why is logging for web sites turned off by default?

-

+

+
Why is logging for web sites turned off by default?

+

 

 If you're making profits out of the logs by running large server warehouses and then data mining what users click on - as is the business model of well known internet companies - then logging everything makes total sense. However, if you're running a home server then logging really only makes sense if you're trying to diagnose some specific problem with the system, and outside of that context logging everything becomes more of a liability than an asset.
 

@@ -672,9 +666,9 @@ On the Freedombone system web logs containing IP addresses are turned off by def
 

 

 

-

-
How do I reset the tripwire?

-

+

+
How do I reset the tripwire?

+

 

 The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
 

@@ -690,9 +684,9 @@ Select Administrator controls then "reset tripwire" using cursors and spa
 

 

 

-

-
Is metadata protected?

-

+

+
Is metadata protected?

+

 

 

 "We kill people based on metadata"
@@ -708,9 +702,9 @@ Even when using Freedombone metadata analysis by third parties is still possible
 

 

 

-

-
How do I create email processing rules?

-

+

+
How do I create email processing rules?

+

 

 
 
ssh username@domainname -p 2222
@@ -767,9 +761,9 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
 

 

 

-

-
Why isn't dynamic DNS working?

-

+

+
Why isn't dynamic DNS working?

+

 

 If you run the command:
 

@@ -794,9 +788,9 @@ https://www.privateinternetaccess.com/pages/whats-my-ip/
 

 

 
-

-
How do I change my encryption settings?

-

+

+
How do I change my encryption settings?

+

 

 Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
 

@@ -812,9 +806,9 @@ Select Administrator controls then select Security Settings. You w
 

 

 

-

-
How do I get a domain name?

-

+

+
How do I get a domain name?

+

 

 Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
 

@@ -882,9 +876,9 @@ You should now be able to send an email from postmaster@mynewdomainname a
 

 

 
-

-
How do I get a "real" SSL/TLS/HTTPS certificate?

-

+

+
How do I get a "real" SSL/TLS/HTTPS certificate?

+

 

 If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
 

@@ -904,9 +898,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
 

 

 

-

-
How do I renew a Let's Encrypt certificate?

-

+

+
How do I renew a Let's Encrypt certificate?

+

 

 Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
 

@@ -926,9 +920,9 @@ Select Administrator controls then Security settings then Renew
 

 

 

-

-
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

-

+

+
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

+

 

 Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
 

@@ -944,17 +938,17 @@ Select Administrator controls then Security settings then Creat
 

 

 

-

-
Why not use the services of $company instead? They took the Seppuku pledge

-

+

+
Why not use the services of $company instead? They took the Seppuku pledge

+

 

 That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
 

 

 

-

-
Why does my email keep getting rejected as spam by Gmail/etc?

-

+

+
Why does my email keep getting rejected as spam by Gmail/etc?

+

 

 Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
 

@@ -986,9 +980,9 @@ So the situation with email presently is pretty bad, and there's a clear selecti
 

 

 

-

-
Tor is censored/blocked in my area. What can I do?

-

+

+
Tor is censored/blocked in my area. What can I do?

+

 

 If you can find some details for an obfs4 Tor bridge (its IP address, port number and key or nickname) then you can set up the system to use it to connect to the Tor network. Unlike relay nodes the IP addresses for bridges are not public information and so can't be easily known and added to block lists by authoritarian regimes or over-zealous ISPs.
 

@@ -1015,9 +1009,9 @@ You can also set your system to act as a Tor bridge, although this is not recomm
 

 

 
-

-
I want to block a particular domain from getting its content into my social network sites

-

+

+
I want to block a particular domain from getting its content into my social network sites

+

 

 If you're being pestered by some domain which contains bad/illegal/harrassing content or irritating users you can block domains at the firewall level. Go to the administrator control panel and select domain blocking. You can then block, unblock and view the list of blocked domains.
 

@@ -1032,9 +1026,9 @@ Select Administrator controls then Domain blocking.
 

 

 
-

-
The mesh system doesn't boot from USB drive

-

+

+
The mesh system doesn't boot from USB drive

+

 

 If the system doesn't boot and reports an error which includes /dev/mapper/loop0p1 then reboot with Ctrl-Alt-Del and when you see the grub menu press e and manually change /dev/mapper/loop0p1 to /dev/sdb1, then press Ctrl-x. If that doesn't work then reboot and try /dev/sdc1 instead.
 


From 65c6de6e4b3183f133eeba94f38f7dacb956df9a Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 13:33:09 +0100
Subject: [PATCH 062/133] Update document formatting

---
 doc/EN/faq.org               |   3 +-
 doc/EN/fediverse.org         |   7 +-
 doc/EN/homeserver.org        |  29 +--
 doc/EN/installation.org      |  13 +-
 doc/EN/installmethods.org    |   3 +-
 doc/EN/mesh.org              |  14 +-
 doc/EN/mesh_capabilities.org |  11 +-
 doc/EN/mesh_custom.org       |  11 +-
 doc/EN/mesh_images.org       |  17 +-
 doc/EN/mesh_philosophic.org  |   7 +-
 doc/EN/meshindex.org         |   9 +-
 doc/EN/mirrors.org           |  47 -----
 doc/EN/mobile.org            |  13 +-
 doc/EN/related.org           |  49 -----
 doc/EN/release3.org          |   9 +-
 doc/EN/security.org          |   3 +-
 doc/EN/socialinstance.org    |  24 +--
 doc/EN/support.org           |  17 +-
 doc/EN/usage.org             |  14 +-
 doc/EN/usage_email.org       |  11 +-
 doc/EN/users.org             |   4 +-
 doc/EN/variants.org          |  50 -----
 website/EN/mirrors.html      | 366 -----------------------------------
 website/EN/related.html      | 305 -----------------------------
 website/EN/variants.html     | 308 -----------------------------
 25 files changed, 72 insertions(+), 1272 deletions(-)
 delete mode 100644 doc/EN/mirrors.org
 delete mode 100644 doc/EN/related.org
 delete mode 100644 doc/EN/variants.org
 delete mode 100644 website/EN/mirrors.html
 delete mode 100644 website/EN/related.html
 delete mode 100644 website/EN/variants.html

diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index 3d5096a2..dc800cbe 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -329,9 +329,8 @@ If you can find some details for an obfs4 Tor bridge (its IP address, port numbe
 
 ssh into your Freedombone system, go to the *administrator control panel*, select *security settings* then *Tor Bridges* and *Add a bridge*. You can then enter the details.
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel_bridges.jpg]]
-#+END_CENTER
 
 Any bridges that you add will also show up on the About screen of the administrator control panel.
 
diff --git a/doc/EN/fediverse.org b/doc/EN/fediverse.org
index 5af89588..90f6cdbd 100644
--- a/doc/EN/fediverse.org
+++ b/doc/EN/fediverse.org
@@ -6,13 +6,10 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_CENTER
-*Homesteading the Fediverse*
-#+END_CENTER
+* Homesteading the Fediverse
 
 Some things you might want to know about the Fediverse:
 
diff --git a/doc/EN/homeserver.org b/doc/EN/homeserver.org
index 1871ca3b..ec0afaa1 100644
--- a/doc/EN/homeserver.org
+++ b/doc/EN/homeserver.org
@@ -1,19 +1,16 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, home server
+#+DESCRIPTION: Freedombone home server setup
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
 
-#+begin_export html
-
Home Server

-#+end_export
+* Home Server
 
 The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
 
@@ -47,9 +44,8 @@ Now prepare your local system to talk to the freedombone by running the followin
 freedombone-client
 #+end_src
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/tor_onion.jpg]]
-#+END_CENTER
 
 The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the *--onion-addresses-only yes* option from the last command shown above. Also see the [[./domains.html][guide on setting up an ICANN domain name]].
 
@@ -57,9 +53,8 @@ The *onion-addresses-only* option *does not* mean that everything gets routed th
 
 If you want to create images for microSD cards used within various single board computers then replace the *i386* with *beaglebone* / *cubieboard2* / *cubietruck* / *a20-olinuxino-lime* / *a20-olinuxino-lime2* / *a20-olinuxino-micro* or *apu*.
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/beaglebone_black9.jpg]]
-#+END_CENTER
 
 This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
 
@@ -107,9 +102,8 @@ freedombone-client --verify
 
 This will show the hash code for the public ssh key of the Freedombone system.
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/ssh_key_verify.jpg]]
-#+END_CENTER
 
 Open another terminal window then run:
 
@@ -120,15 +114,13 @@ ssh myusername@freedombone.local -p 2222
 
 Use the password you wrote down earlier to log in. Select the *administrator control panel* with up and down cursor keys, space bar and enter key. You should see something like this, and you might need to re-enter your password.
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel.jpg]]
-#+END_CENTER
 
 Then select *About*. You'll see a list of sites and their onion addresses.
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel_about.jpg]]
-#+END_CENTER
 
 The About screen contains the ssh server public key hashes and you can compare the relevant one with the previous terminal window to verify that they're the same. If they're not then you might have a /machine-in-the-middle/ snooping on you.
 
@@ -136,9 +128,8 @@ You have now confirmed a secure connection. Probably. If you're still sceptical
 
 Press any key to exit from the About screen. You can then select *Add/Remove apps* and add whatever applications you wish to run. Note that some apps will only run on x86 systems, but most will install and run on ARM single board computers. More details on particular apps can be [[./apps.html][found here]].
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel_apps.jpg]]
-#+END_CENTER
 
 Once your apps have installed you can go back to the About screen, pick an onion address and try it within a Tor compatible browser. You'll need to know the login passwords and those can be found within the /Passwords/ section of the administrator control panel. An axiom of the Freedombone system is that /if given the choice users will usually use insecure passwords/, so on this system passwords are generated randomly. If you need to then you can transfer the passwords into your favourite password manager and remove them from the server by going to the *Security Settings* section of the administrator control panel and choosing *Export passwords* and *Password storage*.
 
diff --git a/doc/EN/installation.org b/doc/EN/installation.org
index 3fca1d84..f5d8acf1 100644
--- a/doc/EN/installation.org
+++ b/doc/EN/installation.org
@@ -1,20 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, installation
+#+DESCRIPTION: Freedombone installation
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_EXPORT html
-

-
Installation

-

-#+END_EXPORT
+* Installation
 
 | [[Building an image for a Single Board Computer or Virtual Machine]] |
 | [[Checklist]]                                                        |
diff --git a/doc/EN/installmethods.org b/doc/EN/installmethods.org
index 522a086e..457ac946 100644
--- a/doc/EN/installmethods.org
+++ b/doc/EN/installmethods.org
@@ -6,9 +6,8 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
 Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. [[https://freedns.afraid.org][FreeDNS]] is the one recommended, but others are available.
 
diff --git a/doc/EN/mesh.org b/doc/EN/mesh.org
index aab59e7f..39c67da7 100644
--- a/doc/EN/mesh.org
+++ b/doc/EN/mesh.org
@@ -1,18 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, mesh
+#+DESCRIPTION: Freedombone mesh network
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+begin_export html
-
Mesh Network

-#+end_export
+* Mesh Network
 
 The Freedombone Mesh is a wireless solution for autonomous or internet connected communication that can be rapidly deployed in temporary, emergency or post-disaster situations where internet access is unavailable or compromised.
 
@@ -22,9 +19,8 @@ The Freedombone Mesh is a wireless solution for autonomous or internet connected
  * [[./mesh_custom.html][Customisation]]
  * [[./mesh_usage.html][How to use it]]
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/mesh_desktop1.png]]
-#+END_CENTER
 
 Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small businesses who don't want the overhead of server maintenance, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies.
 
diff --git a/doc/EN/mesh_capabilities.org b/doc/EN/mesh_capabilities.org
index 5adf8d8e..678e5346 100644
--- a/doc/EN/mesh_capabilities.org
+++ b/doc/EN/mesh_capabilities.org
@@ -1,18 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, mesh
+#+DESCRIPTION: Freedombone mesh network capabilities
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+begin_export html
-
Mesh Network: Capabilities

-#+end_export
+* Mesh Network: Capabilities
 
 The mesh system has the following capabilities:
 
diff --git a/doc/EN/mesh_custom.org b/doc/EN/mesh_custom.org
index 29596d8e..7809b339 100644
--- a/doc/EN/mesh_custom.org
+++ b/doc/EN/mesh_custom.org
@@ -1,18 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, mesh
+#+DESCRIPTION: Freedombone mesh network customisation
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+begin_export html
-
Mesh Network: Customisation

-#+end_export
+* Mesh Network: Customisation
 
 If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.
 
diff --git a/doc/EN/mesh_images.org b/doc/EN/mesh_images.org
index 20534c8b..2cff5e79 100644
--- a/doc/EN/mesh_images.org
+++ b/doc/EN/mesh_images.org
@@ -1,18 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, mesh
+#+DESCRIPTION: Freedombone mesh network images
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+begin_export html
-
Mesh Network: Images

-#+end_export
+* Mesh Network: Images
 
 * Pre-built Disk Images
 ** Writing many images quickly
@@ -33,9 +30,8 @@ sudo apt-get install gnome-multi-writer
 The MultiWriter tool is also available within mesh client images, so that you can use mesh systems to create more copies of the same system.
 ** Client images
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/mesh_netbook.jpg]]
-#+END_CENTER
 
 "Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 16GB in size.
 
@@ -70,9 +66,8 @@ sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdata
 ** Router images
 Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
 *** Beaglebone Black
-#+BEGIN_CENTER
+#+attr_html: :width 50% :align center
 [[file:images/mesh_router.jpg]]
-#+END_CENTER
 
 The above picture shows a Beaglebone Black with the image copied onto a microSD card (there's no need to do anything with the internal EMMC). A USB Atheros wifi adaptor with a large antenna is attached and in this case power is from the mains, although it could be from a battery or solar power system capable of supplying 5 volts and maybe 1A (depending upon how active the router is).
 
diff --git a/doc/EN/mesh_philosophic.org b/doc/EN/mesh_philosophic.org
index b52f8cef..0448ea8e 100644
--- a/doc/EN/mesh_philosophic.org
+++ b/doc/EN/mesh_philosophic.org
@@ -6,13 +6,10 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+begin_export html
-
Mesh Network: Philosophic

-#+end_export
+* Mesh Network: Philosophic
 
 #+begin_quote
  "/I see mesh networks naturally evolving to become the dominant form of network over the next few decades, because it’s the most practical solution to a number of problems that will have to be solved in order to build the VR web as well as to connect the entire world to the internet. Centralized networks are only possible in highly developed countries with existing infrastructures like power and telephone grids, as well as roads. You can’t build a tower where you don’t have either power or access. For vast areas of the world, mesh networks will be the only feasible solution./" -- Valkyrie Ice
diff --git a/doc/EN/meshindex.org b/doc/EN/meshindex.org
index b23b05be..c557fcf5 100644
--- a/doc/EN/meshindex.org
+++ b/doc/EN/meshindex.org
@@ -6,15 +6,10 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_EXPORT html
-

-
Welcome to the Freedombone Mesh

-

-#+END_EXPORT
+* Welcome to the Freedombone Mesh
 
 The following apps are available:
 
diff --git a/doc/EN/mirrors.org b/doc/EN/mirrors.org
deleted file mode 100644
index f3f47737..00000000
--- a/doc/EN/mirrors.org
+++ /dev/null
@@ -1,47 +0,0 @@
-#+TITLE:
-#+AUTHOR: Bob Mottram
-#+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Mirroring git repositories
-#+OPTIONS: ^:nil toc:nil
-#+HTML_HEAD: 
-
-#+BEGIN_CENTER
-[[file:images/logo.png]]
-#+END_CENTER
-
-#+BEGIN_EXPORT html
-

-
Mirrors

-

-#+END_EXPORT
-
-| [[What are mirrors and why do they exist?]]                         |
-| [[What security do mirrors have?]]                                  |
-| [[How do I set up mirrors?]]                                        |
-| [[Do mirrors include debian package repositories?]]                 |
-| [[What do I need to do to keep the mirrored repositories updated?]] |
-
-* What are mirrors and why do they exist?
-It would be nice if all of the applications used by this project were packaged for Debian, but currently they're not. This means that various upstream git repositories are used and these mostly reside on Github. What if Github were to go away, become paying only or be censored in some manner which was difficult to work around? To guard against this possibility the repositories are mirrored on each install and can then be made available to other users so that new installations or updates could still occur without the original default repos.
-* What security do mirrors have?
-On each install you have a /mirrors/ user created, whose only purpose is to mirror upstream repositories. A random password is generated for the /mirrors/ user which can be seen within the control panel and so given to other users who may need it.
-* How do I set up mirrors?
-The interactive installer will ask whether you want to configure the main respositories. Enter the URL, which will typically be an onion address, the ssh port number and the password for the mirrors on that system.
-* Do mirrors include debian package repositories?
-No. Packages for Debian will still be accessed in the conventional manner.
-* Can I change mirrors after the system has been installed
-Yes. From the control panel select "/Set the main repository/"
-
-#+BEGIN_CENTER
-[[file:images/controlpanel/control_panel_mirrors.jpg]]
-#+END_CENTER
-
-* What do I need to do to keep the mirrored repositories updated?
-Nothing. That happens as part of regular automatic updates.
-
-#+BEGIN_EXPORT html
-

-Return to the home page
-

-#+END_EXPORT
diff --git a/doc/EN/mobile.org b/doc/EN/mobile.org
index 1fb82841..eef17c4c 100644
--- a/doc/EN/mobile.org
+++ b/doc/EN/mobile.org
@@ -1,20 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, mobile
+#+DESCRIPTION: Freedombone mobile setup
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_EXPORT html
-

-
Mobile

-

-#+END_EXPORT
+* Mobile
 
 Mobile phones are insecure devices, but they're regarded as being so essential to modern life that telling people not to use them isn't a viable option. Here are some recommendations on setting up a mobile phone (aka "smartphone") to work with Freedombone.
 
diff --git a/doc/EN/related.org b/doc/EN/related.org
deleted file mode 100644
index b9a64e93..00000000
--- a/doc/EN/related.org
+++ /dev/null
@@ -1,49 +0,0 @@
-#+TITLE:
-#+AUTHOR: Bob Mottram
-#+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
-#+OPTIONS: ^:nil toc:nil
-#+HTML_HEAD: 
-
-#+BEGIN_CENTER
-[[file:images/logo.png]]
-#+END_CENTER
-
-#+BEGIN_EXPORT html
-

-
Related Projects

-

-#+END_EXPORT
-
-#+BEGIN_EXPORT html
- 

-The following projects made Freedombone possible.

- 
-  
-    
-    
-    
-  
-  
-    
-    
-    
-  
-  
-    
-    
-    
-  
-  
-    
-    
-    
-  
-  
-    
-    
-  
-
Nginx
Openssl
Gnupg
Debian
Freedombox
Beagleboard
Dokuwiki
GNU Social
Hubzilla
Tor
Prosody
Syncthing
Tox
Bettercrypto

-

-#+END_EXPORT
diff --git a/doc/EN/release3.org b/doc/EN/release3.org
index ba8984e7..4c890a59 100644
--- a/doc/EN/release3.org
+++ b/doc/EN/release3.org
@@ -6,15 +6,10 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/release3.jpg]]
-#+END_CENTER
 
-#+BEGIN_EXPORT html
-

-
Building an internet run by the users, for the users

-

-#+END_EXPORT
+* Building an internet run by the users, for the users
 
 The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without undesirable intermediaries.
 
diff --git a/doc/EN/security.org b/doc/EN/security.org
index d2f21925..edcaaf23 100644
--- a/doc/EN/security.org
+++ b/doc/EN/security.org
@@ -6,9 +6,8 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
 * Authentication with keys
 It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
diff --git a/doc/EN/socialinstance.org b/doc/EN/socialinstance.org
index cade74e1..7106503e 100644
--- a/doc/EN/socialinstance.org
+++ b/doc/EN/socialinstance.org
@@ -6,15 +6,10 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_EXPORT HTML
-

-
Social Instance

-

-#+END_EXPORT
+* Social Instance
 
 A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:
 
@@ -46,25 +41,22 @@ Also note that if the laptop has a removable SSD drive it's possible to copy the
 
 Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/laptop_router.jpg]]
-#+END_CENTER
 
 * Boot the laptop from the USB drive
 
 You may need to alter the BIOS settings to get this to work reliably.
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/bios_boot_usb.jpg]]
-#+END_CENTER
 
 * Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop
 
 Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/port_forwarding.png]]
-#+END_CENTER
 
 * From another machine ssh into the laptop
 
@@ -82,12 +74,10 @@ Enter your user details, domain name and dynamic DNS settings.
 
 Navigate to your domain and register a new user.
 
-#+BEGIN_CENTER
+#+attr_html: :width 100% :align center
 [[file:images/pleroma_register.jpg]]
-#+END_CENTER
 
 More details about setting up and using Pleroma [[./app_pleroma.html][can be found here]].
 
-#+BEGIN_CENTER
+#+attr_html: :width 50% :align center
 [[file:images/tusky.jpg]]
-#+END_CENTER
diff --git a/doc/EN/support.org b/doc/EN/support.org
index a8f8a514..95ae8431 100644
--- a/doc/EN/support.org
+++ b/doc/EN/support.org
@@ -1,20 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, support
+#+DESCRIPTION: How to support the Freedombone project
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_EXPORT html
-

-
Support

-

-#+END_EXPORT
+* Support
 
 * Contact details
 
@@ -48,9 +43,9 @@ A better design for this website would be nice to have. Photos, icons or other a
 ** Howto videos
 If you're good at making videos then a howto for installing Freedombone onto various types of hardware, or testing the mesh system in realistic/exotic scenarios would be good. You could even host videos on PeerTube or Mediagoblin.
 ** More education and promotion
-#+BEGIN_CENTER
+#+attr_html: :width 50% :align center
 [[./images/educate.png]]
-#+END_CENTER
+
 Many people are unaware that running their own internet services /is even a possibility/. Many also believe that internet services can be provided only if they're supported by advertising or donations, and that only gigantic data centres have enough computing capacity to serve web pages on a worldwide scale. Others may be fearful of encryption due to misrepresentations or misunderstandings of it in the mainstream media. Some may be intimidated by the apparent complexity and think that you need to be some sort of silicon valley genius in order to run a web service on your own. Even many technically-minded folks often believe that they can't run a home server unless they have a static IP address, which isn't true, and others are put off by thinking that any such server will be immediately [[https://en.wikipedia.org/wiki/Pwn][pwned]] by blackhat hackers.
 
 Raising awareness beyond the near zero current level, overcoming fear and paranoia and dispelling some of the prevalent myths will definitely help.
diff --git a/doc/EN/usage.org b/doc/EN/usage.org
index 4bc059bd..7e29419b 100644
--- a/doc/EN/usage.org
+++ b/doc/EN/usage.org
@@ -1,20 +1,15 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone
+#+DESCRIPTION: How to use the Freedombone system
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
-#+BEGIN_EXPORT html
-

-
Usage

-

-#+END_EXPORT
+* Usage
 
 | [[Improving security]]                                   |
 | [[Administrating the system via an onion address (Tor)]] |
@@ -93,4 +88,5 @@ sudo su
 control
 #+END_SRC
 
+#+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel_manage_users.jpg]]
diff --git a/doc/EN/usage_email.org b/doc/EN/usage_email.org
index 75112993..f032bc5f 100644
--- a/doc/EN/usage_email.org
+++ b/doc/EN/usage_email.org
@@ -1,14 +1,13 @@
 #+TITLE:
 #+AUTHOR: Bob Mottram
 #+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
+#+KEYWORDS: freedombone, email
+#+DESCRIPTION: How to use email on Freedombone
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
 | [[Things to be aware of]]                           |
 | [[A technical note about email transport security]] |
@@ -59,10 +58,8 @@ gpg --send-keys username@domainname
 exit
 #+END_SRC
 * Mutt email client
-
-#+BEGIN_CENTER
+#+attr_html: :width 80% :align center
 [[./images/mutt.jpeg]]
-#+END_CENTER
 
 Mutt is a terminal based email client which comes already installed onto the Freedombone. To access it you'll need to access it via ssh with:
 
diff --git a/doc/EN/users.org b/doc/EN/users.org
index 29be50d6..17b08222 100644
--- a/doc/EN/users.org
+++ b/doc/EN/users.org
@@ -6,9 +6,8 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+BEGIN_CENTER
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
-#+END_CENTER
 
 Log into the system with:
 
@@ -18,4 +17,5 @@ ssh username@domainname -p 2222
 
 Select *Administrator controls* then *User Management*.
 
+#+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel_manage_users.jpg]]
diff --git a/doc/EN/variants.org b/doc/EN/variants.org
deleted file mode 100644
index a2bab6ab..00000000
--- a/doc/EN/variants.org
+++ /dev/null
@@ -1,50 +0,0 @@
-#+TITLE:
-#+AUTHOR: Bob Mottram
-#+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
-#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
-#+OPTIONS: ^:nil toc:nil
-#+HTML_HEAD: 
-
-#+BEGIN_CENTER
-[[file:images/logo.png]]
-#+END_CENTER
-
-#+BEGIN_EXPORT html
-

-
Variants

-

-#+END_EXPORT
-
-Freedombone may be installed either in its entirety or as different variants with a more specialised purpose.  So for example if you just want to run a blog but don't care about any other services then you can do that. The following variants are available:
-
-#+BEGIN_EXPORT html
- 

- 
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-
Mailbox
An email server with GPG encryption
Cloud
Sync and share files. Never lose important files again
Social
Social networking with Hubzilla and GNU Social
Media
Runs media services such as DLNA to play music or videos on your devices
Writer
Host your blog and wiki
Chat
Encrypted IRC, XMPP, Tox and VoIP services for one-to-one and many-to-many chat
Developer
Github-like system to host your software projects
Mesh
A wireless mesh network which is like the internet, but not the internet

-

-#+END_EXPORT
-
-Non-mesh installs also come with an RSS reader which provides strong reading privacy on desktop and mobile via the use of a Tor onion service.
-
-#+BEGIN_EXPORT html
-

-Return to the home page
-

-#+END_EXPORT
diff --git a/website/EN/mirrors.html b/website/EN/mirrors.html
deleted file mode 100644
index 1e721178..00000000
--- a/website/EN/mirrors.html
+++ /dev/null
@@ -1,366 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-

-
-

-

-

-
-

-
logo.png
-

-

-

-
-

-
Mirrors

-

-
-
-
-
---
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-



What are mirrors and why do they exist?
What security do mirrors have?
How do I set up mirrors?
Do mirrors include debian package repositories?
What do I need to do to keep the mirrored repositories updated?

-
-

-
What are mirrors and why do they exist?

-

-

-It would be nice if all of the applications used by this project were packaged for Debian, but currently they're not. This means that various upstream git repositories are used and these mostly reside on Github. What if Github were to go away, become paying only or be censored in some manner which was difficult to work around? To guard against this possibility the repositories are mirrored on each install and can then be made available to other users so that new installations or updates could still occur without the original default repos.
-

-

-

-

-
What security do mirrors have?

-

-

-On each install you have a mirrors user created, whose only purpose is to mirror upstream repositories. A random password is generated for the mirrors user which can be seen within the control panel and so given to other users who may need it.
-

-

-

-

-
How do I set up mirrors?

-

-

-The interactive installer will ask whether you want to configure the main respositories. Enter the URL, which will typically be an onion address, the ssh port number and the password for the mirrors on that system.
-

-

-

-

-
Do mirrors include debian package repositories?

-

-

-No. Packages for Debian will still be accessed in the conventional manner.
-

-

-

-

-
Can I change mirrors after the system has been installed

-

-

-Yes. From the control panel select "Set the main repository"
-

-
-

-
-

-
control_panel_mirrors.jpg
-

-

-

-

-

-
-

-
What do I need to do to keep the mirrored repositories updated?

-

-

-Nothing. That happens as part of regular automatic updates.
-

-
-

-Return to the home page
-

-

-

-

-

-
-
-
-

-Back to top | E-mail me
-

-

-
-
diff --git a/website/EN/related.html b/website/EN/related.html
deleted file mode 100644
index 47da1bfd..00000000
--- a/website/EN/related.html
+++ /dev/null
@@ -1,305 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-

-
-

-

-

-
-

-
logo.png
-

-

-

-
-

-
Related Projects

-

-
- 

-The following projects made Freedombone possible.

- 
-  
-    
-    
-    
-  
-  
-    
-    
-    
-  
-  
-    
-    
-    
-  
-  
-    
-    
-    
-  
-  
-    
-    
-  
-
Nginx
Openssl
Gnupg
Debian
Freedombox
Beagleboard
Dokuwiki
GNU Social
Hubzilla
Tor
Prosody
Syncthing
Tox
Bettercrypto

-

-

-

-
-
-
-

-Back to top | E-mail me
-

-

-
-
diff --git a/website/EN/variants.html b/website/EN/variants.html
deleted file mode 100644
index 8fed739a..00000000
--- a/website/EN/variants.html
+++ /dev/null
@@ -1,308 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-

-
-

-

-

-
-

-
logo.png
-

-

-

-
-

-
Variants

-

-
-

-Freedombone may be installed either in its entirety or as different variants with a more specialised purpose.  So for example if you just want to run a blog but don't care about any other services then you can do that. The following variants are available:
-

-
- 

- 
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-
Mailbox
An email server with GPG encryption
Cloud
Sync and share files. Never lose important files again
Social
Social networking with Hubzilla and GNU Social
Media
Runs media services such as DLNA to play music or videos on your devices
Writer
Host your blog and wiki
Chat
Encrypted IRC, XMPP, Tox and VoIP services for one-to-one and many-to-many chat
Developer
Github-like system to host your software projects
Mesh
A wireless mesh network which is like the internet, but not the internet

-

-
-

-Non-mesh installs also come with an RSS reader which provides strong reading privacy on desktop and mobile via the use of a Tor onion service.
-

-
-

-Return to the home page
-

-

-

-
-
-
-

-Back to top | E-mail me
-

-

-
-

From a1e13ec3c037d9910b4a8f66fdb3a6a8ca005157 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 13:34:44 +0100
Subject: [PATCH 063/133] Update document formatting

---
 website/EN/faq.html               |   6 +-
 website/EN/fediverse.html         |  59 ++--
 website/EN/homeserver.html        | 202 ++++--------
 website/EN/installation.html      | 504 +++++++++++++-----------------
 website/EN/installmethods.html    |   6 +-
 website/EN/mesh.html              | 179 +++--------
 website/EN/mesh_capabilities.html | 203 ++++--------
 website/EN/mesh_custom.html       | 158 ++--------
 website/EN/mesh_images.html       | 226 +++++---------
 website/EN/mesh_philosophic.html  | 218 ++++---------
 website/EN/meshindex.html         | 182 +++--------
 website/EN/mobile.html            | 288 +++++++----------
 website/EN/release3.html          | 208 ++++--------
 website/EN/security.html          |   6 +-
 website/EN/socialinstance.html    |  98 +++---
 website/EN/support.html           | 234 +++++---------
 website/EN/usage.html             | 235 +++++---------
 website/EN/usage_email.html       |  14 +-
 website/EN/users.html             |   8 +-
 19 files changed, 1004 insertions(+), 2030 deletions(-)

diff --git a/website/EN/faq.html b/website/EN/faq.html
index 48e56a92..5f791b0d 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -991,13 +991,11 @@ If you can find some details for an obfs4 Tor bridge (its IP address, port numbe
 ssh into your Freedombone system, go to the administrator control panel, select security settings then Tor Bridges and Add a bridge. You can then enter the details.
 

 
-

 
 

-
control_panel_bridges.jpg
+
control_panel_bridges.jpg
 

 

-

 
 

 Any bridges that you add will also show up on the About screen of the administrator control panel.
diff --git a/website/EN/fediverse.html b/website/EN/fediverse.html
index 795e80b9..edb5529b 100644
--- a/website/EN/fediverse.html
+++ b/website/EN/fediverse.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -145,71 +145,68 @@ for the JavaScript code in this tag.
 

 

 

-

 
 

-
logo.png
-

-

-

-
-

-

-Homesteading the Fediverse
+
logo.png
 

 

 
+

+
Homesteading the Fediverse

+

 

 Some things you might want to know about the Fediverse:
 

+

+

 
-

-
Federation as a concept

-

+

+
Federation as a concept

+

 

 The political definition of a federation is "a union of partially self-governing states or regions under a central (federal) government". The fediverse isn't exactly like that, in that there is no federal government. However there are protocols which govern the communication between instances and that might be analogized to being a sort of elementary constitution or mutual agreement binding all participants together. The protocols are merely ways of moving data around though, and don't impose any sort of moral code.
 

 

 

-

-
Keep the number of users on each server small

-

+

+
Keep the number of users on each server small

+

 

 The importance of this can't be overstated. Servers with lots of users always eventually have problems where the interests of the users are not the same as the interests of the server administrator. If you are the server administrator, or if there are only a small squad-size group of people on the server, then it's a lot easier to resolve differences and everyone's interests are likely to be similar.
 

 

 

 
-

-
Drama will happen

-

+

+
Drama will happen

+

 

 It's inevitable in any social network, but fortunately your options for dealing with it are better than they are in the giant proprietary monoliths. In the proprietary world Google or Facebook don't give a damn about the fate of individual users. On a server with a small number of users if you're getting griefed then the administrator is likely to care and be able to do something about it.
 

 

 

 
-

-
Don't be afraid to block

-

+

+
Don't be afraid to block

+

 

 Especially if other servers are publishing content which may not be legal in your jurisdiction then don't be afraid to use domain or user blocking from the Administrator control panel. The same applies if users on other servers are trying to harass you. Blocking creates politics and drama but this is a feature not a bug. It allows you to craft your own distinct community and user experience while also existing in the wider federation. It's hard to do this on sites like Twitter or Facebook. Try to keep blocking to a minimum though and avoid doing it for insubstantial reasons. If you have other users on your server then publish the blocked domains list somewhere they can see. That avoids disappointment and enables you to have a discussion about the validity of blocking decisions.
 

 

 

 
-

-
Network structure maps on to social structure

-

+

+
Network structure maps on to social structure

+

 

 Over time follows and blocking rules come to match the underlying social geography of affinity groups. Blocking will happen and users will move around or start new servers. Drama related to blocking will dissipate.
 

 

 

 
-

-
Keep your follows under the Dunbar number

-

+

+
Keep your follows under the Dunbar number

+

 

 Keep the number of other frequently active users you're following to under a couple of hundred. Your actual number of follows might be larger than this but could include users who rarely post anything.
 

@@ -220,9 +217,9 @@ Once there are more than a couple of hundred highly active users in your timelin
 

 

 
-

-
Avoid big public servers

-

+

+
Avoid big public servers

+

 

 It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
 

diff --git a/website/EN/homeserver.html b/website/EN/homeserver.html
index cfbda0ed..317d699d 100644
--- a/website/EN/homeserver.html
+++ b/website/EN/homeserver.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,17 +144,17 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

 
 
-
Home Server

-
+

+
Home Server

+

 

 The quickest way to get started is as follows. You will need to be running a Debian based system (version 8 or later), have an old but still working laptop or netbook which you can use as a server, and 8GB or larger USB thumb drive and an ethernet cable to connect the laptop to your internet router.
 

@@ -256,9 +164,10 @@ First install freedombone onto your local system (not the target hardware that y
 

 
 

+
 
sudo apt-get install git dialog build-essential
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-image --setup debian
@@ -271,9 +180,10 @@ Or on Arch/Parabola:
 

 
 

+
 
sudo pacman -S git dialog
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-image --setup parabola
@@ -286,17 +196,16 @@ Now prepare your local system to talk to the freedombone by running the followin
 

 
 

+
 
freedombone-client
 

 

 
-

 
 

-
tor_onion.jpg
+
tor_onion.jpg
 

 

-

 
 

 The version in which sites are available only via onion addresses is the easiest to get started with, since you can evaluate the system without committing to buying an ICANN domain name or needing to get involved with SSL/TLS certificates at all. However, if you do want your sites to be available typically as subdomains of a domain name which you own then remove the –onion-addresses-only yes option from the last command shown above. Also see the guide on setting up an ICANN domain name.
@@ -310,13 +219,11 @@ The onion-addresses-only option does not mean that everything gets
 If you want to create images for microSD cards used within various single board computers then replace the i386 with beaglebone / cubieboard2 / cubietruck / a20-olinuxino-lime / a20-olinuxino-lime2 / a20-olinuxino-micro or apu.
 

 
-

 
 

-
beaglebone_black9.jpg
+
beaglebone_black9.jpg
 

 

-

 
 

 This takes a while. Maybe an hour or so, depending on the speed of your system and the internets. The good news though is that once created you can use the resulting image any number of times, and you don't need to trust some pre-built image.
@@ -327,6 +234,7 @@ List what drives are on your system with:
 

 
 

+
 
ls /dev/sd*
 

 

@@ -340,8 +248,9 @@ You can now copy the image to the USB thumb drive, replacing sdX with the
 

 
 

-
dd if=/dev/zero of=/dev/sdX bs=1M count=8
-dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
+
+
dd if=/dev/zero of=/dev/sdX bs=1M count=8
+dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -354,6 +263,7 @@ As the system boots for the first time the login is:
 

 
 

+
 
username: fbone
 password: freedombone
 

@@ -364,6 +274,7 @@ If you're installing from a microSD card on a single board computer without a sc
 

 
 

+
 
ssh fbone@freedombone.local -p 2222
 

 

@@ -385,6 +296,7 @@ When it's installed on your local system open a terminal and verify the ssh serv
 

 
 

+
 
freedombone-client --verify
 

 

@@ -393,19 +305,18 @@ When it's installed on your local system open a terminal and verify the ssh serv
 This will show the hash code for the public ssh key of the Freedombone system.
 

 
-

 
 

-
ssh_key_verify.jpg
+
ssh_key_verify.jpg
 

 

-

 
 

 Open another terminal window then run:
 

 
 

+
 
freedombone-client
 ssh myusername@freedombone.local -p 2222
 

@@ -415,25 +326,21 @@ ssh myusername@freedombone.local -p 2222
 Use the password you wrote down earlier to log in. Select the administrator control panel with up and down cursor keys, space bar and enter key. You should see something like this, and you might need to re-enter your password.
 

 
-

 
 

-
control_panel.jpg
+
control_panel.jpg
 

 

-

 
 

 Then select About. You'll see a list of sites and their onion addresses.
 

 
-

 
 

-
control_panel_about.jpg
+
control_panel_about.jpg
 

 

-

 
 

 The About screen contains the ssh server public key hashes and you can compare the relevant one with the previous terminal window to verify that they're the same. If they're not then you might have a machine-in-the-middle snooping on you.
@@ -447,13 +354,11 @@ You have now confirmed a secure connection. Probably. If you're still sceptical
 Press any key to exit from the About screen. You can then select Add/Remove apps and add whatever applications you wish to run. Note that some apps will only run on x86 systems, but most will install and run on ARM single board computers. More details on particular apps can be found here.
 

 
-

 
 

-
control_panel_apps.jpg
+
control_panel_apps.jpg
 

 

-

 
 

 Once your apps have installed you can go back to the About screen, pick an onion address and try it within a Tor compatible browser. You'll need to know the login passwords and those can be found within the Passwords section of the administrator control panel. An axiom of the Freedombone system is that if given the choice users will usually use insecure passwords, so on this system passwords are generated randomly. If you need to then you can transfer the passwords into your favourite password manager and remove them from the server by going to the Security Settings section of the administrator control panel and choosing Export passwords and Password storage.
@@ -472,16 +377,19 @@ Of course, this is just one way in which you can install the Freedombone system.
 

 
 

+
 
man freedombone-image
 

 

 
-

+

 

 This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
 

 

 

+

+

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,66 +144,66 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Installation

-

 
+
 
-

-
Building an image for a Single Board Computer or Virtual Machine

-

+

+
Building an image for a Single Board Computer or Virtual Machine

+

 

 You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the freedombone-image command.
 

@@ -305,12 +213,13 @@ Install the freedombone commands onto your laptop/desktop:
 

 
 

-
sudo apt-get install git build-essential dialog
+
+
sudo apt-get install git build-essential dialog
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
-

+

 

 
 

@@ -318,8 +227,9 @@ Then install packages needed for building images:
 

 
 

-
freedombone-image --setup debian
-

+
+
freedombone-image --setup debian
+

 

 
 

@@ -327,8 +237,9 @@ or on an Arch/Parabola system:
 

 
 

-
freedombone-image --setup parabola
-

+
+
freedombone-image --setup parabola
+

 

 
 

@@ -336,8 +247,9 @@ A typical use case to build an 8GB image for a Beaglebone Black is as follows. Y
 

 
 

-
freedombone-image -t beaglebone -s 8G
-

+
+
freedombone-image -t beaglebone -s 8G
+

 

 
 

@@ -345,8 +257,9 @@ If you prefer an advanced installation with all of the options available then us
 

 
 

-
freedombone-image -t beaglebone -s 8G --minimal no
-

+
+
freedombone-image -t beaglebone -s 8G --minimal no
+

 

 
 

@@ -354,8 +267,9 @@ To build a 64bit Qemu image:
 

 
 

-
freedombone-image -t qemu-x86_64 -s 8G
-

+
+
freedombone-image -t qemu-x86_64 -s 8G
+

 

 
 

@@ -367,72 +281,86 @@ If the image build fails with an error such as "Error reading from server. Re
 

 
 

-
freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian
-

+
+
freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian
+

 

 

 

 
-

-
Checklist

-

+

+
Checklist

+

 

 Before installing Freedombone you will need a few things.
 

 
 
    
-
  • Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt.
    • 
-
  • System with a new installation of Debian Stretch or a downloaded/prepared disk image
    • 
-
  • Ethernet connection between the system and your internet router
    • 
-
  • That it is possible to forward ports from the internet router to the system, typically via firewall settings
    • 
-
  • Have ssh access to the system, typically via fbone@freedombone.local on port 2222
    • 
+
  • Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt.
+
    • 
+
  • System with a new installation of Debian Stretch or a downloaded/prepared disk image
+
    • 
+
  • Ethernet connection between the system and your internet router
+
    • 
+
  • That it is possible to forward ports from the internet router to the system, typically via firewall settings
+
    • 
+
  • Have ssh access to the system, typically via fbone@freedombone.local on port 2222
+
    • 
 

 

 

-

-
Installation

-

+

+
Installation

+

 

 There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
 

 

 
-

-
On a Laptop, Netbook or Desktop machine

-

+

+
On a Laptop, Netbook or Desktop machine

+

 

 If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
 

 
 

-
su
+
+
su
 apt-get update
 apt-get -y install git dialog build-essential
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 make install
 freedombone menuconfig
-

+

 

 

 

 
-

-
On a single board computer (SBC)

-

+

+
On a single board computer (SBC)

+

 

 Currently the following boards are supported:
 

 
 
 
 

@@ -440,8 +368,9 @@ If there is no existing image available then you can build one from scratch. See
 

 
 

-
gpg --verify filename.img.asc
-

+
+
gpg --verify filename.img.asc
+

 

 
 

@@ -449,8 +378,9 @@ And the hash with:
 

 
 

-
sha256sum filename.img
-

+
+
sha256sum filename.img
+

 

 
 

@@ -458,8 +388,9 @@ If the image is compressed then decompress it with:
 

 
 

-
unxz filename.img.xz
-

+
+
unxz filename.img.xz
+

 

 
 

@@ -467,8 +398,9 @@ Then copy it to a microSD card. Depending on your system you may need an adaptor
 

 
 

-
sudo dd bs=1M if=filename.img of=/dev/sdX conv=fdatasync
-

+
+
sudo dd bs=1M if=filename.img of=/dev/sdX conv=fdatasync
+

 

 
 

@@ -476,8 +408,9 @@ Where sdX is the microSD drive. You can check which drive is the microSD
 

 
 

-
ls /dev/sd*
-

+
+
ls /dev/sd*
+

 

 
 

@@ -489,8 +422,9 @@ With the board connected and running you can ssh into the system with:
 

 
 

-
ssh fbone@freedombone.local -p 2222
-

+
+
ssh fbone@freedombone.local -p 2222
+

 

 
 

@@ -499,16 +433,17 @@ Using the password 'freedombone'. Take a note of the new login password and then
 

 

 
-

-
As a Virtual Machine

-

+

+
As a Virtual Machine

+

 

 Qemu is currently supported, since it's s fully free software system. You can run a 64 bit Qemu image with:
 

 
 

-
qemu-system-x86_64 -m 1G filename.img
-

+
+
qemu-system-x86_64 -m 1G filename.img
+

 

 
 

@@ -518,42 +453,42 @@ The default login will be username 'fbone' and password 'freedombone'. Take a no
 

 

 
-

-
Social Key Management - the 'Unforgettable Key'

-

+

+
Social Key Management - the 'Unforgettable Key'

+

 

 During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities
 

 

 
-

-
You have the gnupg keyring on an encrypted USB drive

-

+

+
You have the gnupg keyring on an encrypted USB drive

+

 

 If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments.
 

 

 

-

-
You have a number of key fragments on USB drives retrieved from friends

-

+

+
You have a number of key fragments on USB drives retrieved from friends

+

 

-If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more Keydrives.
+If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more Keydrives.
 

 

 

-

-
You can specify some ssh login details for friends servers containing key fragments

-

+

+
You can specify some ssh login details for friends servers containing key fragments

+

 

 Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled.
 

 

 

 

-

-
Final Setup

-

+

+
Final Setup

+

 

 Any manual post-installation setup instructions or passwords can be found in /home/username/README.
 

@@ -566,128 +501,129 @@ On your internet router, typically under firewall settings, open the following p
 
 
 
-
+
 
-
+
 
 
 
-Service
-Ports
+Service
+Ports
 
 
 
 
-HTTP
-80
+HTTP
+80
 
 
 
-HTTPS
-443
+HTTPS
+443
 
 
 
-SSH
-2222
+SSH
+2222
 
 
 
-DLNA
-1900
+DLNA
+1900
 
 
 
-DLNA
-8200
+DLNA
+8200
 
 
 
-XMPP
-5222..5223
+XMPP
+5222..5223
 
 
 
-XMPP
-5269
+XMPP
+5269
 
 
 
-XMPP
-5280..5281
+XMPP
+5280..5281
 
 
 
-IRC
-6697
+IRC
+6697
 
 
 
-Git
-9418
+Git
+9418
 
 
 
-Email
-25
+Email
+25
 
 
 
-Email
-587
+Email
+587
 
 
 
-Email
-465
+Email
+465
 
 
 
-Email
-993
+Email
+993
 
 
 
-VoIP
-64738
+VoIP
+64738
 
 
 
-VoIP
-5060
+VoIP
+5060
 
 
 
-Tox
-33445
+Tox
+33445
 
 
 
-Syncthing
-22000
+Syncthing
+22000
 
 
 
 

 

 
-

-
Keydrives

-

+

+
Keydrives

+

 

 After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
 

 

-

-
Master Keydrive

-

+

+
Master Keydrive

+

 

 This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the Disk Utility application. Then plug it into the Freedombone system, then from your local machine run:
 

 
 

-
ssh myusername@mydomainname -p 2222
-

+
+
ssh myusername@mydomainname -p 2222
+

 

 
 

@@ -695,16 +631,17 @@ Select Administrator controls then Backup and Restore then Back
 

 

 

-

-
Fragment keydrives

-

+

+
Fragment keydrives

+

 

 This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this can be done from the Disk Utility application. Plug it into the Freedombone system then from your local machine run the following commands:
 

 
 

-
ssh myusername@mydomainname -p 2222
-

+
+
ssh myusername@mydomainname -p 2222
+

 

 
 

@@ -717,45 +654,52 @@ Fragments are randomly assigned and so you will need at least three or four keyd
 

 

 

-

-
On Client Machines

-

+

+
On Client Machines

+

 

 You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
 

 
 

-
sudo apt-get update
+
+
sudo apt-get update
 sudo apt-get install git dialog haveged build-essential
 git clone https://github.com/bashrc/freedombone
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-client
-

+

 

 

 

 
-

-
Administering the system

-

+

+
Administering the system

+

 

 To administer the system after installation log in via ssh, become the root user and then launch the control panel.
 

 
 

-
ssh myusername@freedombone.local -p 2222
-

+
+
ssh myusername@freedombone.local -p 2222
+

 

 
 

 Select Administrator controls then from there you will be able to perform various tasks, such as backups, adding and removing users and so on. You can also do this via commands, which are typically installed as /usr/local/bin/freedombone* and the corresponding manpages.
 

 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

 

 

 

diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html
index 75a9791f..b60e8710 100644
--- a/website/EN/installmethods.html
+++ b/website/EN/installmethods.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -145,13 +145,11 @@ for the JavaScript code in this tag.
 

 

 

-

 
 

-
logo.png
+
logo.png
 

 

-

 
 

 Most people don't have a static external IP address, so you will need to have an account on a dymanic DNS service. FreeDNS is the one recommended, but others are available.
diff --git a/website/EN/mesh.html b/website/EN/mesh.html
index dd0cf430..da58c248 100644
--- a/website/EN/mesh.html
+++ b/website/EN/mesh.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,35 +144,38 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-
Mesh Network

 
+

+
Mesh Network

+

 

 The Freedombone Mesh is a wireless solution for autonomous or internet connected communication that can be rapidly deployed in temporary, emergency or post-disaster situations where internet access is unavailable or compromised.
 

 
 
 
-

 
 

-
mesh_desktop1.png
+
mesh_desktop1.png
 

 

-

 
 

 Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small businesses who don't want the overhead of server maintenance, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies.
@@ -282,12 +193,14 @@ Systems only need to be within wifi range of each other for the mesh to be creat
 Like LibreMesh, this system uses a combination of batman-adv on network layer 2 and BMX on layer 3. Routing protocols OLSR2 and Babel are also selectable.
 

 
-

+

 

 This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
 

 

 

+

+

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,42 +144,59 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-
Mesh Network: Capabilities

 
+

+
Mesh Network: Capabilities

+

 

 The mesh system has the following capabilities:
 

 
 
    
-
  • Discovery of other users on the network
    • 
-
  • Text based chat, one-to-one and in groups
    • 
-
  • Voice chat (VoIP) and video calls
    • 
-
  • Private and public sharing of files
    • 
-
  • Blogging
    • 
-
  • Collaborative editing of documents and presentations
    • 
-
  • Creating and broadcasting audio media/podcasts
    • 
-
  • Social network stream. Follow/unfollow other peers
    • 
-
  • No network administration required
    • 
-
  • No servers
    • 
-
  • Internet connection is optional
    • 
-
  • Works from bootable USB drives or microSD drives
    • 
-
  • Data is mesh routed between systems
    • 
-
  • Private communications is end-to-end secured and forward secret
    • 
-
  • Publicly shared data is content addressable
    • 
+
  • Discovery of other users on the network
+
    • 
+
  • Text based chat, one-to-one and in groups
+
    • 
+
  • Voice chat (VoIP) and video calls
+
    • 
+
  • Private and public sharing of files
+
    • 
+
  • Blogging
+
    • 
+
  • Collaborative editing of documents and presentations
+
    • 
+
  • Creating and broadcasting audio media/podcasts
+
    • 
+
  • Social network stream. Follow/unfollow other peers
+
    • 
+
  • No network administration required
+
    • 
+
  • No servers
+
    • 
+
  • Internet connection is optional
+
    • 
+
  • Works from bootable USB drives or microSD drives
+
    • 
+
  • Data is mesh routed between systems
+
    • 
+
  • Private communications is end-to-end secured and forward secret
+
    • 
+
  • Publicly shared data is content addressable
+
    • 
 

 
 

 This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the small world effect will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
 

 

+

+

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,16 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-
Mesh Network: Customisation

 
+

+
Mesh Network: Customisation

+

 

 If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within img/backgrounds and to change the available avatars and desktop icons edit the images within img/avatars. Re-create disk images using the instructions shown previously.
 

@@ -254,6 +162,8 @@ If you want to make your own specially branded version, such as for a particular
 If you need particular dconf commands to alter desktop appearance or behavior then see the function mesh_client_startup_applications within src/freedombone-image-customise.
 

 

+

+

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,23 +144,23 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+

+
Mesh Network: Images

 

 
-
Mesh Network: Images

-
-

-
Pre-built Disk Images

-

-

-

-
Writing many images quickly

-

+

+
Pre-built Disk Images

+

+

+
Writing many images quickly

+

 

 There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the dd command is used for writing to the target drive, but to write to multiple drives you can use a tool such as GNOME MultiWriter.
 

@@ -262,6 +170,7 @@ For example on Arch/Parabola:
 

 
 

+
 
sudo pacman -S gnome-multi-writer
 

 

@@ -271,6 +180,7 @@ Or on Debian based systems:
 

 
 

+
 
sudo apt-get install gnome-multi-writer
 

 

@@ -280,22 +190,21 @@ The MultiWriter tool is also available within mesh client images, so that you ca
 

 

 

-

-
Client images

-

-

+

+
Client images

+

 
 

-
mesh_netbook.jpg
+
mesh_netbook.jpg
 

 

-

 
 

 "Client" isn't exactly the right term, but it's a mesh peer with a user interface. These images can be copied to a USB drive, then you can plug it into a laptop/netbook/desktop machine and boot from it. You will probably also need an Atheros USB wifi dongle (the black protruding object on the left side of the netbook in the picture above), because most built-in wifi usually requires proprietary firmware. In the commands below substitute /dev/sdX with the USB drive device, excluding any trailing numbers (eg. /dev/sdb). The USB drive you're copying to will need to be at least 16GB in size.
 

 
 

+
 
sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz
 wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz.sig
@@ -303,8 +212,8 @@ gpg --verify freedombone-meshclient-i386.img.xz.sig
 sha256sum freedombone-meshclient-i386.img.xz
 49391230de6a4f1966db091813deb8f9d93c947677f5483baa52400d7fcba7d3
 unxz freedombone-meshclient-i386.img.xz
-sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync
+sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -317,6 +226,7 @@ If you're in an emergency and don't have Atheros wifi dongles then there is also
 

 
 

+
 
sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz
 wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz.sig
@@ -324,36 +234,35 @@ gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig
 sha256sum freedombone-meshclient-insecure-i386.img.xz
 c11783741e66df5072ffcbef8d9b04260a2298d84e33c72fefa4bb539d094810
 unxz freedombone-meshclient-insecure-i386.img.xz
-sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync
+sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync
 

 

 

 

 
-

-
Router images

-

+

+
Router images

+

 

 Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
 

 

-

-
Beaglebone Black

-

-

+

+
Beaglebone Black

+

 
 

-
mesh_router.jpg
+
mesh_router.jpg
 

 

-

 
 

 The above picture shows a Beaglebone Black with the image copied onto a microSD card (there's no need to do anything with the internal EMMC). A USB Atheros wifi adaptor with a large antenna is attached and in this case power is from the mains, although it could be from a battery or solar power system capable of supplying 5 volts and maybe 1A (depending upon how active the router is).
 

 
 

+
 
sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz
 wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz.sig
@@ -361,7 +270,7 @@ gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
 sha256sum freedombone-mesh_beaglebone-armhf.img.xz
 ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2
 unxz freedombone-mesh_beaglebone-armhf.img.xz
-sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync
+sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -377,9 +286,9 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
 

 

 
-

-
Building Disk Images

-

+

+
Building Disk Images

+

 

 It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
 

@@ -389,6 +298,7 @@ First you will need to create an image. On a Debian based system (tested on Debi
 

 
 

+
 
sudo apt-get -y install git wget build-essential
 wget https://freedombone.net/downloads/current/freedombone.tar.gz
 wget https://freedombone.net/downloads/current/freedombone.tar.gz.sig
@@ -396,7 +306,7 @@ gpg --verify freedombone.tar.gz.sig
 sha256sum freedombone.tar.gz
 afbb536564140aa28c6491d45b7474ced5a0b018539ffd3e96b13b242a41792e
 tar -xzvf freedombone.tar.gz
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-image --setup debian
@@ -409,6 +319,7 @@ If you don't have Atheros or free software compatible wifi adapter then you can
 

 
 

+
 
freedombone-image -t i386 -v meshclient --insecure yes
 

 

@@ -422,6 +333,7 @@ List what drives are on your system with:
 

 
 

+
 
ls /dev/sd*
 

 

@@ -435,8 +347,9 @@ You can now copy the image to the USB thumb drive, replacing sdX with the
 

 
 

-
sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
+
+
sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -457,6 +370,7 @@ You can also use single board computers (SBCs) such as the BeagleBone Black to m
 

 
 

+
 
freedombone-image -t beaglebone -v mesh
 

 

diff --git a/website/EN/mesh_philosophic.html b/website/EN/mesh_philosophic.html
index 46858dfc..7021fe66 100644
--- a/website/EN/mesh_philosophic.html
+++ b/website/EN/mesh_philosophic.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,16 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-
Mesh Network: Philosophic

 
+

+
Mesh Network: Philosophic

+

 

 

 "I see mesh networks naturally evolving to become the dominant form of network over the next few decades, because it’s the most practical solution to a number of problems that will have to be solved in order to build the VR web as well as to connect the entire world to the internet. Centralized networks are only possible in highly developed countries with existing infrastructures like power and telephone grids, as well as roads. You can’t build a tower where you don’t have either power or access. For vast areas of the world, mesh networks will be the only feasible solution." – Valkyrie Ice
@@ -255,91 +163,93 @@ for the JavaScript code in this tag.
 

 The Freedombone mesh roughly follows MondoNet's ten social specifications:
 

+

+

 
-

-
Decentralized

-

+

+
Decentralized

+

 

 The network should not be operated, maintained, or in any way reliant upon a single or minimally differentiated set of entities or technologies. No individual, entity or group should be central to the network to the extent that their absence would measurably impact its functionality or scope. Network participation should not require access to fixed, physical infrastructure of any sort.
 

 

 

 
-

-
Universally Accessible

-

+

+
Universally Accessible

+

 

 The requisite technology and expertise required to participate in the network should be available at minimal cost and effort to every human being on the planet. Furthermore, all users should be able to extend the network’s content and functionality to suit their own needs, or those of others. No aspect of the network’s functioning should be reliant upon proprietary technologies, information or capital.
 

 

 

 
-

-
Censor-proof

-

+

+
Censor-proof

+

 

 The network should be resistant to both regulatory and technical attempts to limit the nature of the information shared, restrict usage by given individuals or communities, or render the network, or any portion of it, inoperable or inaccessible.
 

 

 

 
-

-
Surveillance-proof

-

+

+
Surveillance-proof

+

 

 The network should enable users to choose exactly what information they share with whom, and to participate anonymously if they so desire. Users should only have access to information if they are the designated recipients, or if it has been published openly.
 

 

 

 
-

-
Secure

-

+

+
Secure

+

 

 The network should be organized in a way that minimizes the risk of malicious attacks or engineering failure. Information exchanged on the network should meet or exceed the delivery rate and reliability of information exchanged via the Internet.
 

 

 

 
-

-
Scalable

-

+

+
Scalable

+

 

 The network should be organized with the expectation that its scale could reach or even exceed that of today’s Internet. Special care should be taken to address to the challenge of maintaining efficiency without the presence of a centralized backbone.
 

 

 

 
-

-
Permanent

-

+

+
Permanent

+

 

 The network’s density and redundancy should be great enough that, despite its ad hoc nature, it will persistently operate on a broad scale, and be available in full to any user within range of another peer.
 

 

 

 
-

-
Fast (enough)

-

+

+
Fast (enough)

+

 

 The network should always achieve whatever speed is required for a “bottom line” level of social and cultural participation. At present, we assert that the network’s data transfer rate should, at a minimum, be enough for voice-over-IP (VoIP) communications, and low-bitrate streaming video.
 

 

 

 
-

-
Independent

-

+

+
Independent

+

 

 While the network will have the capacity to exchange information with Internet users and nodes, it should be able to operate independently, as well. A large-scale failure or closure of Internet infrastructure and content should have minimal effect on the network’s operations.
 

 

 

 
-

-
Evolvable

-

+

+
Evolvable

+

 

 The network should be built with future development in mind. The platform should be flexible enough to support technologies, protocols and modes of usage that have not yet been developed.
 

diff --git a/website/EN/meshindex.html b/website/EN/meshindex.html
index 30aecd5b..023e83e2 100644
--- a/website/EN/meshindex.html
+++ b/website/EN/meshindex.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,27 +144,35 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

 
-

-
Welcome to the Freedombone Mesh

+

+
Welcome to the Freedombone Mesh

+

+

 The following apps are available:
-

+

 
- 

- 
-  
-    
-    
-  
-

Secure Scuttlebutt

Tox

-

+

+

+ <center>
+ <table style="width:80%; border:0">
+  <tr>
+    <td><center><b><a href="ssb.apk"><img src="images/ssb.png"/></a></b><br><a href="ssb.apk">Secure Scuttlebutt</a></center></td>
+    <td><center><b><a href="trifa.apk"><img src="images/trifa.png"/></a></b><br><a href="trifa.apk">Tox</a></center></td>
+  </tr>
+</table>
+</center>
+

+
+

+

+

 

 

 
diff --git a/website/EN/mobile.html b/website/EN/mobile.html
index cc71090d..8fea5f2e 100644
--- a/website/EN/mobile.html
+++ b/website/EN/mobile.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
-
+
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,50 +144,55 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Mobile

-

 
+

+
Mobile

+

 

 Mobile phones are insecure devices, but they're regarded as being so essential to modern life that telling people not to use them isn't a viable option. Here are some recommendations on setting up a mobile phone (aka "smartphone") to work with Freedombone.
 

 
- 

- 
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-  
-    
-    
-  
-
Open

Use a free and open source operating system. Open means more trustworthy
Remove

If there are any proprietary apps then remove or deactivate them
Encrypt

Make sure your phone is encrypted with a password which isn't easy to guess
Apps

Use F-droid to install new apps
Lock

Enable a lock screen with a maximum number of password guesses
Onion

Onion route your connections to avoid bulk metadata collection
Email

Access webmail in a browser
Services

Connect to the Freedombone services
Battery

Avoid battery-eating apps and disable some optimisations
Block

Prevent access to know bad domains

-

+

+

+ <center>
+ <table style="width:80%; border:0">
+  <tr>
+    <td><center><b><h3>Open</h3></b><br>Use a free and open source operating system. Open means more trustworthy</center></td>
+    <td><center><b><h3>Remove</h3></b><br>If there are any proprietary apps then remove or deactivate them</center></td>
+  </tr>
+  <tr>
+    <td><center><b><h3>Encrypt</h3></b><br>Make sure your phone is encrypted with a password which isn't easy to guess</center></td>
+    <td><center><b><h3>Apps</h3></b><br>Use F-droid to install new apps</center></td>
+  </tr>
+  <tr>
+    <td><center><b><h3>Lock</h3></b><br>Enable a lock screen with a maximum number of password guesses</center></td>
+    <td><center><b><h3>Onion</h3></b><br>Onion route your connections to avoid bulk metadata collection</center></td>
+  </tr>
+  <tr>
+    <td><center><b><h3>Email</h3></b><br>Access webmail in a browser</center></td>
+    <td><center><b><h3>Services</h3></b><br>Connect to the Freedombone services</center></td>
+  </tr>
+  <tr>
+    <td><center><b><h3>Battery</h3></b><br>Avoid battery-eating apps and disable some optimisations</center></td>
+    <td><center><b><h3>Block</h3></b><br>Prevent access to know bad domains</center></td>
+  </tr>
+</table>
+</center>
+

 
-

-
Open

-

+

+

+

+
+

+
Open

+

 

 Use a Linux based phone operating system. Typically this will mean Android, but could also mean LineageOS or Replicant. LineageOS is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by LineageOS. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
 

@@ -294,27 +207,27 @@ In the end it comes down to the fact that if the source code for the device c
 

 

 
-

-
Remove

-

+

+
Remove

+

 

 So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of surveillance capital. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge.
 

 

 

 
-

-
Encrypt

-

+

+
Encrypt

+

 

 Encrypt your phone. This can usually be done via Settings/Security and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on.
 

 

 

 
-

-
Apps

-

+

+
Apps

+

 

 Installing F-droid and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls.
 

@@ -325,18 +238,18 @@ Avoid using the Open Whisper Systems Signal app if you can, no matter what "expe
 

 

 
-

-
Lock

-

+

+
Lock

+

 

 Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called Locker, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data.
 

 

 

 
-

-
Onion

-

+

+
Onion

+

 

 Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not theoretically impossible but at least very hard for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read.
 

@@ -347,26 +260,26 @@ In F-droid under the repositories menu you can enable the guardian pro
 

 

 
-

-
Email

-

+

+
Email

+

 

 The easiest way to access email is by installing the Mailpile app. This keeps your GPG keys off of possibly insecure mobile devices but still enables encrypted email communications in an easy way. You can use K9 mail if you prefer, but that will require installing OpenKeychain and having your GPG keys on the device, which is a lot more risky.
 

 

 

-

-
Services

-

+

+
Services

+

 

 For information on configuring various apps to work with Freedombone see the usage section. Also see advice on chat apps in the FAQ.
 

 

 

 
-

-
Battery

-

+

+
Battery

+

 

 Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
 

@@ -385,9 +298,9 @@ It's also recommended to disable battery optimisations for Conversations and Orb
 

 

 
-

-
Blocking bad domains

-

+

+
Blocking bad domains

+

 

 You can block known bad domains by editing the /system/etc/hosts file on your device. It is possible to use extensive ad-blocking hosts files used by other ad-blocking systems such as pi-hole, but merely blocking Facebook and Google Analytics will protect you against much of the corporate surveillance which goes on. Even if you don't have a Facebook account this may still be useful since they will still try to create a "ghost profile" of you, so the less data they have the better.
 

@@ -405,6 +318,7 @@ On your system (not the device) install the android-tools package. For ex
 

 
 

+
 
sudo pacman -S android-tools
 

 

@@ -414,6 +328,7 @@ Connect the device to your system via a USB cable, then:
 

 
 

+
 
adb root
 adb remount
 adb pull /system/etc/hosts
@@ -425,6 +340,7 @@ Now edit the hosts file which was pulled and append:
 

 
 

+
 
127.0.0.1       www.facebook.com
 127.0.0.1       facebook.com
 127.0.0.1       static.ak.fbcdn.net
@@ -449,6 +365,7 @@ Then upload the hosts file back again with:
 

 
 

+
 
adb push hosts /system/etc/hosts
 

 

@@ -457,9 +374,14 @@ Then upload the hosts file back again with:
 Once that's done you may want to set Root access on the device back to Disabled and turn Android debugging off.
 

 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

 

 

 

diff --git a/website/EN/release3.html b/website/EN/release3.html
index e78b461a..6f006557 100644
--- a/website/EN/release3.html
+++ b/website/EN/release3.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,18 +144,16 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
release3.jpg
+
release3.jpg
 

 

-

-
-

-
Building an internet run by the users, for the users

-

 
+

+
Building an internet run by the users, for the users

+

 

 The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without undesirable intermediaries.
 

@@ -257,18 +163,27 @@ Freedombone version 3 is based on Debian 9 (Stretch). It was released in July 20
 

 
 
    
-
  • Faster initial setup
    • 
-
  • More installable apps, including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb
    • 
-
  • Automated security tests
    • 
-
  • Improved XMPP configuration for support of the Conversations app features
    • 
-
  • Improved blocking controls for a better federated network experience
    • 
-
  • Uses elliptic curve based GPG keys for better performance on low power single board computers
    • 
-
  • Pre-downloaded repos distributed within images for faster and more autonomous app installs
    • 
+
  • Faster initial setup
+
    • 
+
  • More installable apps, including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb
+
    • 
+
  • Automated security tests
+
    • 
+
  • Improved XMPP configuration for support of the Conversations app features
+
    • 
+
  • Improved blocking controls for a better federated network experience
+
    • 
+
  • Uses elliptic curve based GPG keys for better performance on low power single board computers
+
    • 
+
  • Pre-downloaded repos distributed within images for faster and more autonomous app installs
+
    • 
 

+

+

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
 

@@ -278,9 +193,10 @@ Copy the image to a microSD card or USB thumb drive, replacing sdX with the iden
 

 
 

-
unxz downloadedimagefile.img.xz
-dd bs=1M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync
-

+
+
unxz downloadedimagefile.img.xz
+dd bs=1M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync
+

 

 
 

@@ -296,9 +212,10 @@ As the system boots for the first time the login is:
 

 
 

-
username: fbone
+
+
username: fbone
 password: freedombone
-

+

 

 
 

@@ -306,8 +223,9 @@ If you're installing from a microSD card on a single board computer without a sc
 

 
 

-
ssh fbone@freedombone.local -p 2222
-

+
+
ssh fbone@freedombone.local -p 2222
+

 

 
 

@@ -324,9 +242,9 @@ More detailed installation instructions are linked from t
 

 

 
-

-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from the Debian Jessie version first create a master keydrive. Go to the Administrator control panel and select Backup and restore then Backup GPG key to USB (master keydrive). Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting Backup data to USB drive and using another LUKS encrypted USB drive.
 

diff --git a/website/EN/security.html b/website/EN/security.html
index 4d2656de..b6cd0a5b 100644
--- a/website/EN/security.html
+++ b/website/EN/security.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -145,13 +145,11 @@ for the JavaScript code in this tag.
 

 

 

-

 
 

-
logo.png
+
logo.png
 

 

-

 
 

 
Authentication with keys

diff --git a/website/EN/socialinstance.html b/website/EN/socialinstance.html
index daf25f15..594817b4 100644
--- a/website/EN/socialinstance.html
+++ b/website/EN/socialinstance.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -145,23 +145,15 @@ for the JavaScript code in this tag.
 

 

 

-

 
 

-
logo.png
+
logo.png
 

-

-

-
-

-

-

-
Social Instance

-

-

-
 

 
+

+
Social Instance

+

 

 A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:
 

@@ -182,10 +174,12 @@ A social instance image allows you to easily set up a fediverse server, which fe
 

 The installation process is the same as usual, with the only difference being that on initial setup it will go straight to the domain setup details for your instance. In summary:
 

+

+

 
-

-
Copy the image to the USB drive

-

+

+
Copy the image to the USB drive

+

 

 Substitute sdX with the device name for your USB drive.
 

@@ -208,60 +202,54 @@ Also note that if the laptop has a removable SSD drive it's possible to copy the
 

 

 
-

-
Connect the laptop to your internet router

-

+

+
Connect the laptop to your internet router

+

 

 Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.
 

 
-

 
 

-
laptop_router.jpg
+
laptop_router.jpg
 

 

 

 

-

-
-

-
Boot the laptop from the USB drive

-

-

-You may need to alter the BIOS settings to get this to work reliably.
-

-
-

-
-

-
bios_boot_usb.jpg
-

-

-

-

-

 
 

-
Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop

+
Boot the laptop from the USB drive

 

 

-Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.
+You may need to alter the BIOS settings to get this to work reliably.
 

 
-

 
 

-
port_forwarding.png
+
bios_boot_usb.jpg
 

 

 

 

-

 
 

-
From another machine ssh into the laptop

+
Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop

 

+

+Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.
+

+
+
+

+
port_forwarding.png
+

+

+

+

+
+

+
From another machine ssh into the laptop

+

 

 
 
ssh fbone@freedombone.local -p 2222
@@ -274,44 +262,40 @@ Or alternatively you can log in directly on the laptop. The initial username is
 

 

 
-

-
Follow the setup procedure

-

+

+
Follow the setup procedure

+

 

 Enter your user details, domain name and dynamic DNS settings.
 

 

 

 
-

-
When installation is complete

-

+

+
When installation is complete

+

 

 Navigate to your domain and register a new user.
 

 
-

 
 

-
pleroma_register.jpg
+
pleroma_register.jpg
 

 

-

 
 

 More details about setting up and using Pleroma can be found here.
 

 
-

 
 

-
tusky.jpg
+
tusky.jpg
 

 

 

 

 

-

 

 
 
 
@@ -189,7 +97,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2017 Free Software Foundation, Inc.
+Copyright (C) 2012-2013 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -236,21 +144,20 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

+
+

+
Support

 

 
-

-
Support

-

-
-

-
Contact details

-

+

+
Contact details

+

 

 This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
 

@@ -277,22 +184,21 @@ This site can also be accessed via a Tor browser at 
-
Things which would be nice to have

-

-

-

-
Ideas

-

+

+
Things which would be nice to have

+

+

+
Ideas

+

 

 Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included.
 

 

 

 
-

-
Money

-

+

+
Money

+

 

 At the present time this project is not seeking any funding. There is no crowdfunding campaign and no slick marketing video. Those aren't ruled out as future possibilities, but for now they're just not needed.
 

@@ -303,42 +209,41 @@ If you find this project useful then you may wish to consider donating to 
 

 
-

-
Testing and reporting bugs

-

+

+
Testing and reporting bugs

+

 

 Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities.
 

 

 

 
-

-
Web design and artwork

-

+
 
-

-
Howto videos

-

+

+
Howto videos

+

 

 If you're good at making videos then a howto for installing Freedombone onto various types of hardware, or testing the mesh system in realistic/exotic scenarios would be good. You could even host videos on PeerTube or Mediagoblin.
 

 

 

-

-
More education and promotion

-

-

+

+
More education and promotion

+

 
 

-
educate.png
+
educate.png
 

 

-

+
 

 Many people are unaware that running their own internet services is even a possibility. Many also believe that internet services can be provided only if they're supported by advertising or donations, and that only gigantic data centres have enough computing capacity to serve web pages on a worldwide scale. Others may be fearful of encryption due to misrepresentations or misunderstandings of it in the mainstream media. Some may be intimidated by the apparent complexity and think that you need to be some sort of silicon valley genius in order to run a web service on your own. Even many technically-minded folks often believe that they can't run a home server unless they have a static IP address, which isn't true, and others are put off by thinking that any such server will be immediately pwned by blackhat hackers.
 

@@ -349,25 +254,30 @@ Raising awareness beyond the near zero current level, overcoming fear and parano
 

 

 
-

-
Translations

-

+

+
Translations

+

 

 To add translations modify the json files within the locale subdirectory. Then make a pull request on the Github site.
 

 

 

 
-

-
Packaging

-

+

+
Packaging

+

 

 Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 

 
-

-Return to the home page
-

+

+

+<center>
+Return to the <a href="index.html">home page</a>
+</center>
+

+
+

 

 

 

diff --git a/website/EN/usage.html b/website/EN/usage.html
index 5c35e3ce..a4a6c4f7 100644
--- a/website/EN/usage.html
+++ b/website/EN/usage.html
@@ -3,33 +3,26 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
 
-
-
-
+
+
+
+
-
+
 
 
@@ -235,139 +144,140 @@ for the JavaScript code in this tag.
 
 

 

-

+

 
 

-
logo.png
+
logo.png
 

 

-

-
-

-
Usage

-

 
+
 
-

-
Improving security

-

+

+
Improving security

+

 

 It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
 

 
 

+
 
freedombone-client
 

 

@@ -389,14 +299,15 @@ You'll need to make sure that you have a copy of the ~/.ssh directory on your lo
 

 

 

-

-
Administrating the system via an onion address (Tor)

-

+

+
Administrating the system via an onion address (Tor)

+

 

 You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
 

 
 

+
 
ssh username@freedombone.local -p 2222
 

 

@@ -406,6 +317,7 @@ Select Administrator controls then select "About this system" and look fo
 

 
 

+
 
freedombone-client
 

 

@@ -415,6 +327,7 @@ This will set up your ssh environment to be able to handle onion addresses. Then
 

 
 

+
 
ssh username@address.onion -p 2222
 

 

@@ -424,14 +337,15 @@ Subsequently even if dynamic DNS isn't working you may still be able to administ
 

 

 

-

-
Adding or removing users

-

+

+
Adding or removing users

+

 

 Log into the system with:
 

 
 

+
 
ssh username@domainname -p 2222
 

 

@@ -441,6 +355,7 @@ Select Administrator controls then User Management. Depending upon
 

 
 

+
 
sudo su
 control
 

@@ -448,7 +363,7 @@ control
 
 
 

-
control_panel_manage_users.jpg
+
control_panel_manage_users.jpg
 

 

 

diff --git a/website/EN/usage_email.html b/website/EN/usage_email.html
index 28b814e9..d3216405 100644
--- a/website/EN/usage_email.html
+++ b/website/EN/usage_email.html
@@ -4,13 +4,13 @@
 
 
 
-
+
 
 
 
-
-
+
 
-
-
-
-
-

-
-

-

-

-
-

-
logo.png
-

-

-
-

-
Control panel

-

-
-
-
---
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-



Main menu
User control panel
About screen
Email filtering rules
Hubzilla menu
IRC menu
Media menu
Repository mirrors
Backup and restore menu
Security menu
User management menu

-

-

-
-

-
Main menu

-

-

-You can access the main menu by logging into the system.
-

-
-

-
-
ssh myusername@mydomain -p 2222
-

-

-
-

-Then selecting Administrator controls.
-

-
-

-It should look like this:
-

-
-
-

-
control_panel.jpg
-

-

-
-

-To select anythng on the control panel use the up and down cursor keys and space bar to tag, then press Enter.
-

-

-

-
-

-
User control panel

-

-

-When a user initially logs in they will see a version of the control panel with restricted options aimed at the kinds of things which someone who isn't the administrator might wish to do. An expected scenario is that you might have a few friends or family members on the system, and this is who this menu is intended for.
-

-
-

-From this menu checking email or running chat applications is very easy, and they are configured in a safe manner without the user needing to do anything special. Email uses mutt, XMPP uses profanity and IRC uses irssi.
-

-
-
-

-
control_panel_user.jpg
-

-

-
-

-It's also possible for the user to define email filtering rules, add a ssh public key for key based login and also add or remove GPG public keys. They can also do this via the commandline if they prefer, but the menu system may provide an easier user interface.
-

-

-

-

-
About screen

-

-

-To find out your current domain names select the About screen from the main menu. This is especially useful for finding your onion addresses. For improved security by compartmentalisation, and also simpler implementation, each application has its own onion address.
-

-
-
-

-
control_panel_about.jpg
-

-

-
-

-You can also see the SIP extension numbers for each user and how much disk space each user is consuming (typically this corresponds with email use).
-

-
-

-The Local Mirrors contains mirrored copies of the git repositories used by the system. If they don't have access to default repositories (mostly Github) then you can give these details to other users and then they can set their main repository such that they can pull from your system. Obviously any users doing this need to trust that you havn't modified the mirrored repositories in any way.
-

-

-

-
-

-
Email filtering rules

-

-

-You can add users to mailing lists, or block particular email addresses or subject lines in this menu.
-

-
-
-

-
control_panel_filtering.jpg
-

-

-

-

-
-

-
Hubzilla menu

-

-

-This allows you to set the global directory location and obtain an SSL/TLS certificate if necessary.
-

-
-
-

-
control_panel_hubzilla.jpg
-

-

-

-

-
-

-
IRC menu

-

-

-You can view the current IRC password or change it from here. Currently the IRC server does not work equally well on clrearnet and via Tor, so there is an option to switch from one to the other. Initially the IRC server will be running on clearnet (i.e. no onion routing).
-

-
-
-

-
control_panel_irc.jpg
-

-

-

-

-
-

-
Media menu

-

-

-It's possible to add playable media to a USB drive and plug it into the system, then make it accessible to other devices such as tablets or phones on your local network via DLNA.
-

-
-
-

-
control_panel_media.jpg
-

-

-

-

-
-

-
Repository mirrors

-

-

-If you don't want to use the default repositories, or don't have access to them, then you can obtain them from another Freedombone server (the details can be found on the other server on the About screen of the control panel).
-

-
-
-

-
control_panel_mirrors.jpg
-

-

-

-

-
-

-
Backup and restore menu

-

-

-You can create backups or restore from backup here. It's also possible to create keydrives which store the backup key.
-

-
-
-

-
control_panel_backup_restore.jpg
-

-

-

-

-
-

-
Security menu

-

-

-If you need to generate SSL/TLS certificates or change cypher details due to changing recommendations then you can do that here. If you are changing cypher details be extra careful not to make mistakes/typos, which could reduce the security of your system.
-

-
-
-

-
control_panel_security.jpg
-

-

-

-

-
-

-
User management menu

-

-

-Users can be added or removed here.
-

-
-
-

-
control_panel_users.jpg
-

-

-

-

-

-

-
-
-
-

-Back to top | E-mail me
-

-

-
-

From 806a7bbf62e285b8fcdf911ea2ef6d5229037bf1 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 14:52:12 +0100
Subject: [PATCH 068/133] GFDL footers

---
 doc/EN/fediverse.org       |  7 ++-----
 doc/EN/homeserver.org      |  5 ++---
 doc/EN/mesh.org            |  5 ++---
 doc/EN/support.org         |  7 ++-----
 website/EN/fediverse.html  |  8 +++-----
 website/EN/homeserver.html |  8 ++++----
 website/EN/mesh.html       |  8 ++++----
 website/EN/support.html    | 11 ++++-------
 8 files changed, 23 insertions(+), 36 deletions(-)

diff --git a/doc/EN/fediverse.org b/doc/EN/fediverse.org
index 90f6cdbd..0d415a80 100644
--- a/doc/EN/fediverse.org
+++ b/doc/EN/fediverse.org
@@ -35,8 +35,5 @@ Once there are more than a couple of hundred highly active users in your timelin
 * Avoid big public servers
 It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
 
-
-
-#+BEGIN_CENTER
-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion. This documentation is under the [[https://www.gnu.org/licenses/fdl-1.3.txt][GNU Free Documentation License version 1.3]]
-#+END_CENTER
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/homeserver.org b/doc/EN/homeserver.org
index ec0afaa1..c20dfb77 100644
--- a/doc/EN/homeserver.org
+++ b/doc/EN/homeserver.org
@@ -143,6 +143,5 @@ Of course, this is just one way in which you can install the Freedombone system.
 man freedombone-image
 #+end_src
 
-#+BEGIN_CENTER
-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
-#+END_CENTER
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh.org b/doc/EN/mesh.org
index 39c67da7..1e0c458c 100644
--- a/doc/EN/mesh.org
+++ b/doc/EN/mesh.org
@@ -30,6 +30,5 @@ Systems only need to be within wifi range of each other for the mesh to be creat
 
 Like [[https://libremesh.org][LibreMesh]], this system uses a combination of [[https://en.wikipedia.org/wiki/B.A.T.M.A.N.][batman-adv]] on network layer 2 and [[http://bmx6.net][BMX]] on layer 3. Routing protocols [[http://www.olsr.org][OLSR2]] and [[https://www.irif.fr/~jch/software/babel][Babel]] are also selectable.
 
-#+BEGIN_CENTER
-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
-#+END_CENTER
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/support.org b/doc/EN/support.org
index 95ae8431..d7403395 100644
--- a/doc/EN/support.org
+++ b/doc/EN/support.org
@@ -56,8 +56,5 @@ To add translations modify the json files within the *locale* subdirectory. Then
 ** Packaging
 Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 
-#+BEGIN_EXPORT html
-

-Return to the home page
-

-#+END_EXPORT
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/website/EN/fediverse.html b/website/EN/fediverse.html
index edb5529b..07f63552 100644
--- a/website/EN/fediverse.html
+++ b/website/EN/fediverse.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -225,10 +225,8 @@ It may seem like a good idea and it may seem like you're doing a service to the
 

 
 
-
-

-

-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion. This documentation is under the GNU Free Documentation License version 1.3
+

+
gfdl.png
 

 

 

diff --git a/website/EN/homeserver.html b/website/EN/homeserver.html
index 317d699d..bf0b1fc9 100644
--- a/website/EN/homeserver.html
+++ b/website/EN/homeserver.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -382,9 +382,9 @@ Of course, this is just one way in which you can install the Freedombone system.
 

 

 
-

-

-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
+
+

+
gfdl.png
 

 

 

diff --git a/website/EN/mesh.html b/website/EN/mesh.html
index da58c248..5925e346 100644
--- a/website/EN/mesh.html
+++ b/website/EN/mesh.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -193,9 +193,9 @@ Systems only need to be within wifi range of each other for the mesh to be creat
 Like LibreMesh, this system uses a combination of batman-adv on network layer 2 and BMX on layer 3. Routing protocols OLSR2 and Babel are also selectable.
 

 
-

-

-This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion
+
+

+
gfdl.png
 

 

 

diff --git a/website/EN/support.html b/website/EN/support.html
index b5605565..3d358ab5 100644
--- a/website/EN/support.html
+++ b/website/EN/support.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -270,13 +270,10 @@ To add translations modify the json files within the locale subdirectory.
 Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 

 
-

-

-<center>
-Return to the <a href="index.html">home page</a>
-</center>
-

 
+

+
gfdl.png
+

 

 

 


From 2a53814aedcedc98170055070e557b44ffbfa328 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 15:21:25 +0100
Subject: [PATCH 069/133] External IP lookup

---
 src/freedombone-utils-network | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/freedombone-utils-network b/src/freedombone-utils-network
index 86fb3ac8..559d7623 100755
--- a/src/freedombone-utils-network
+++ b/src/freedombone-utils-network
@@ -34,7 +34,6 @@ IPV6_NETWORK='2001:470:26:307'
 # OpenDNS ipv6 DNS  2620:0:ccc::2
 IPV4_ADDRESS_TEST_DESTINATION='85.214.73.63'
 IPV6_ADDRESS_TEST_DESTINATION='2620:0:ccc::2'
-EXTERNAL_IP_LOOKUP_URL='ifcfg.me'
 
 # The static IP address of the system within the local network
 # By default the IP address is dynamic within your LAN
@@ -88,7 +87,7 @@ function install_static_network {
 }
 
 function get_external_ipv4_address {
-    nslookup . $EXTERNAL_IP_LOOKUP_URL | grep Address | tail -n 1 | awk -F ' ' '{print $2}'
+    curl ipinfo.io/ip
 }
 
 function get_ipv4_address {
@@ -105,7 +104,7 @@ function update_external_ip {
     ip_update_script=/usr/bin/externalipupdate
     { echo '#!/bin/bash';
       echo "existing_ip=\$(cat $CONFIGURATION_FILE | grep \"EXTERNAL_IPV4_ADDRESS=\" | head -n 1 | awk -F '=' '{print \$2}')'";
-      echo "curr_ip=\$(nslookup . $EXTERNAL_IP_LOOKUP_URL | grep Address | tail -n 1 | awk -F ' ' '{print \$2}')";
+      echo "curr_ip=\$(curl ipinfo.io/ip)";
       echo "if [[ \"\$curr_ip\" != \"\$existing_ip\" ]]; then";
       echo "  sed -i \"s|EXTERNAL_IPV4_ADDRESS=.*|EXTERNAL_IPV4_ADDRESS=\${curr_ip}|g\" $CONFIGURATION_FILE";
       echo "  echo \"\$(date)\" >> ~/${PROJECT_NAME}-external-ip-changes.txt";

From 797b2a3a353e0f6890159cd4c565055c84112f03 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 15:24:24 +0100
Subject: [PATCH 070/133] curl silent mode

---
 src/freedombone-utils-network | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/freedombone-utils-network b/src/freedombone-utils-network
index 559d7623..2ca83867 100755
--- a/src/freedombone-utils-network
+++ b/src/freedombone-utils-network
@@ -87,7 +87,7 @@ function install_static_network {
 }
 
 function get_external_ipv4_address {
-    curl ipinfo.io/ip
+    curl -s ipinfo.io/ip
 }
 
 function get_ipv4_address {
@@ -104,7 +104,7 @@ function update_external_ip {
     ip_update_script=/usr/bin/externalipupdate
     { echo '#!/bin/bash';
       echo "existing_ip=\$(cat $CONFIGURATION_FILE | grep \"EXTERNAL_IPV4_ADDRESS=\" | head -n 1 | awk -F '=' '{print \$2}')'";
-      echo "curr_ip=\$(curl ipinfo.io/ip)";
+      echo "curr_ip=\$(curl -s ipinfo.io/ip)";
       echo "if [[ \"\$curr_ip\" != \"\$existing_ip\" ]]; then";
       echo "  sed -i \"s|EXTERNAL_IPV4_ADDRESS=.*|EXTERNAL_IPV4_ADDRESS=\${curr_ip}|g\" $CONFIGURATION_FILE";
       echo "  echo \"\$(date)\" >> ~/${PROJECT_NAME}-external-ip-changes.txt";

From fa65bdfdb4f75c1671866c8dd7dc6548ba454cbb Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 17:33:16 +0100
Subject: [PATCH 071/133] gfdl footers

---
 doc/EN/apps.org                | 4 ++++
 doc/EN/codeofconduct.org       | 4 ++++
 doc/EN/devguide.org            | 4 ++++
 doc/EN/faq.org                 | 4 ++++
 doc/EN/installmethods.org      | 3 +++
 website/EN/apps.html           | 9 ++++++++-
 website/EN/codeofconduct.html  | 9 ++++++++-
 website/EN/devguide.html       | 9 ++++++++-
 website/EN/faq.html            | 9 ++++++++-
 website/EN/installmethods.html | 8 +++++++-
 website/EN/mesh.html           | 2 +-
 website/EN/support.html        | 2 +-
 12 files changed, 60 insertions(+), 7 deletions(-)

diff --git a/doc/EN/apps.org b/doc/EN/apps.org
index 243380fe..4196d2e8 100644
--- a/doc/EN/apps.org
+++ b/doc/EN/apps.org
@@ -190,3 +190,7 @@ Set up a VPN on your server so that you can bypass local internet censorship.
 Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as /client state notification/ to save battery power on your mobile devices, support for seamless roaming between networks and /message carbons/ so that you can receive the same messages while being simultaneously logged in to your account on more than one device.
 
 [[./app_xmpp.html][How to use it]]
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/codeofconduct.org b/doc/EN/codeofconduct.org
index fa7a7988..d48db145 100644
--- a/doc/EN/codeofconduct.org
+++ b/doc/EN/codeofconduct.org
@@ -44,3 +44,7 @@ While this code of conduct should be adhered to by participants, we recognize th
 Serious or persistent offenders will be kicked from chat rooms and any of their subsequent patches will be unlikely to be upstreamed. In this context "serious" means that someone is causing others to feel unsafe or be unable to contribute, for whatever reason.
 
 This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/devguide.org b/doc/EN/devguide.org
index 3e982c36..59337fcb 100644
--- a/doc/EN/devguide.org
+++ b/doc/EN/devguide.org
@@ -93,3 +93,7 @@ Submit your working app to *https://github.com/bashrc/freedombone/issues* or cre
 If you want to make your own specially branded version of the mesh images, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.
 
 If you need particular /dconf/ commands to alter desktop appearance or behavior then see the function /mesh_client_startup_applications/ within *src/freedombone-image-customise*.
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index 11e1d27a..24b9cb89 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -356,3 +356,7 @@ After the system has booted successfully the problem should resolve itself on su
 Return to the home page
 
 #+END_EXPORT
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/installmethods.org b/doc/EN/installmethods.org
index 457ac946..76167c4a 100644
--- a/doc/EN/installmethods.org
+++ b/doc/EN/installmethods.org
@@ -26,3 +26,6 @@ A list of other supported ARM boards [[./boards.html][can be found here]], or yo
  * [[./mobile.html][Advice on setting up a mobile phone]]
  * [[./apps.html][Apps available on the system]]
  * [[./faq.html][Frequently Asked Questions]]
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/website/EN/apps.html b/website/EN/apps.html
index 9ba8ef42..6fd06565 100644
--- a/website/EN/apps.html
+++ b/website/EN/apps.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -683,6 +683,13 @@ Chat server which can be used together with client such as Gajim or Conversation
 

 How to use it
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/codeofconduct.html b/website/EN/codeofconduct.html
index c001e2af..864ae67d 100644
--- a/website/EN/codeofconduct.html
+++ b/website/EN/codeofconduct.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -226,6 +226,13 @@ Serious or persistent offenders will be kicked from chat rooms and any of their
 

 This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/devguide.html b/website/EN/devguide.html
index 3c8f1372..145c35d1 100644
--- a/website/EN/devguide.html
+++ b/website/EN/devguide.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -295,6 +295,13 @@ If you want to make your own specially branded version of the mesh images, such
 

 If you need particular dconf commands to alter desktop appearance or behavior then see the function mesh_client_startup_applications within src/freedombone-image-customise.
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/faq.html b/website/EN/faq.html
index 94e7e08c..9e84f1c3 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -1044,6 +1044,13 @@ Return to the <a href="index.html">home page</a>
 

 
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html
index b60e8710..d835880e 100644
--- a/website/EN/installmethods.html
+++ b/website/EN/installmethods.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -187,6 +187,12 @@ A list of other supported ARM boards can be found hereFrequently Asked Questions
 
 
+
+
+

+
gfdl.png
+

+

 

 

 
diff --git a/website/EN/mesh.html b/website/EN/mesh.html
index 5925e346..d87717db 100644
--- a/website/EN/mesh.html
+++ b/website/EN/mesh.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
diff --git a/website/EN/support.html b/website/EN/support.html
index 3d358ab5..b95b050b 100644
--- a/website/EN/support.html
+++ b/website/EN/support.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 

From e7bf8f59a4d281560f26feef362857c8e24be9fe Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 18:05:18 +0100
Subject: [PATCH 072/133] gfdl footers

---
 doc/EN/mesh_capabilities.org      |  3 +++
 doc/EN/mesh_custom.org            |  4 ++++
 doc/EN/mesh_images.org            |  4 ++++
 doc/EN/mesh_philosophic.org       |  4 ++++
 doc/EN/mesh_usage.org             |  4 ++++
 doc/EN/mobile.org                 |  6 +++++-
 doc/EN/users.org                  |  3 +++
 website/EN/mesh_capabilities.html |  8 +++++++-
 website/EN/mesh_custom.html       |  9 ++++++++-
 website/EN/mesh_images.html       |  9 ++++++++-
 website/EN/mesh_philosophic.html  |  9 ++++++++-
 website/EN/mesh_usage.html        |  9 ++++++++-
 website/EN/mobile.html            | 11 +++++++++--
 website/EN/users.html             |  8 +++++++-
 14 files changed, 82 insertions(+), 9 deletions(-)

diff --git a/doc/EN/mesh_capabilities.org b/doc/EN/mesh_capabilities.org
index 678e5346..de8edd38 100644
--- a/doc/EN/mesh_capabilities.org
+++ b/doc/EN/mesh_capabilities.org
@@ -30,3 +30,6 @@ The mesh system has the following capabilities:
  - Publicly shared data is /content addressable/
 
 This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the [[https://en.wikipedia.org/wiki/Small-world_network][small world effect]] will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_custom.org b/doc/EN/mesh_custom.org
index 7809b339..4366c2b1 100644
--- a/doc/EN/mesh_custom.org
+++ b/doc/EN/mesh_custom.org
@@ -14,3 +14,7 @@
 If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within *img/backgrounds* and to change the available avatars and desktop icons edit the images within *img/avatars*. Re-create disk images using the instructions shown previously.
 
 If you need particular /dconf/ commands to alter desktop appearance or behavior then see the function /mesh_client_startup_applications/ within *src/freedombone-image-customise*.
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_images.org b/doc/EN/mesh_images.org
index 2cff5e79..d16506e6 100644
--- a/doc/EN/mesh_images.org
+++ b/doc/EN/mesh_images.org
@@ -142,3 +142,7 @@ freedombone-image -t beaglebone -v mesh
 #+end_src
 
 The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_philosophic.org b/doc/EN/mesh_philosophic.org
index c9408a2b..6d250429 100644
--- a/doc/EN/mesh_philosophic.org
+++ b/doc/EN/mesh_philosophic.org
@@ -46,3 +46,7 @@ While the network will have the capacity to exchange information with Internet u
 
 * Evolvable
 The network should be built with future development in mind. The platform should be flexible enough to support technologies, protocols and modes of usage that have not yet been developed.
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_usage.org b/doc/EN/mesh_usage.org
index 96fe6ea4..81ff4e99 100644
--- a/doc/EN/mesh_usage.org
+++ b/doc/EN/mesh_usage.org
@@ -180,3 +180,7 @@ You can also visit other blogs, edit or delete your previous entry and change yo
 
 #+attr_html: :width 80% :align center
 [[file:images/mesh_select_blog_theme.png]]
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mobile.org b/doc/EN/mobile.org
index eef17c4c..ad517efe 100644
--- a/doc/EN/mobile.org
+++ b/doc/EN/mobile.org
@@ -74,7 +74,7 @@ In F-droid under the *repositories* menu you can enable the *guardian project*,
 * Email
 The easiest way to access email is by installing the [[./app_mailpile.html][Mailpile]] app. This keeps your GPG keys off of possibly insecure mobile devices but still enables encrypted email communications in an easy way. You can use K9 mail if you prefer, but that will require installing OpenKeychain and having your GPG keys on the device, which is a lot more risky.
 * Services
-For information on configuring various apps to work with Freedombone see the [[file:./usage.html][usage section]]. Also see advice on chat apps in the [[file:./faq.html][FAQ]].
+For information on configuring various apps to work with Freedombone see the [[file:./apps.html][apps section]]. Also see advice on chat apps in the [[file:./faq.html][FAQ]].
 
 * Battery
 Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
@@ -140,3 +140,7 @@ Once that's done you may want to set *Root access* on the device back to *Disabl
 Return to the home page
 
 #+END_EXPORT
+
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/users.org b/doc/EN/users.org
index 17b08222..8f10e0a7 100644
--- a/doc/EN/users.org
+++ b/doc/EN/users.org
@@ -19,3 +19,6 @@ Select *Administrator controls* then *User Management*.
 
 #+attr_html: :width 80% :align center
 [[file:images/controlpanel/control_panel_manage_users.jpg]]
+
+#+attr_html: :width 10% :height 2% :align center
+[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/website/EN/mesh_capabilities.html b/website/EN/mesh_capabilities.html
index 5f6b15f6..f5a2dc3d 100644
--- a/website/EN/mesh_capabilities.html
+++ b/website/EN/mesh_capabilities.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -194,6 +194,12 @@ The mesh system has the following capabilities:
 

 This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the small world effect will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
 

+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/mesh_custom.html b/website/EN/mesh_custom.html
index eaaeb1d8..693c43ae 100644
--- a/website/EN/mesh_custom.html
+++ b/website/EN/mesh_custom.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -161,6 +161,13 @@ If you want to make your own specially branded version, such as for a particular
 

 If you need particular dconf commands to alter desktop appearance or behavior then see the function mesh_client_startup_applications within src/freedombone-image-customise.
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/mesh_images.html b/website/EN/mesh_images.html
index 381019ef..cc2d1e1d 100644
--- a/website/EN/mesh_images.html
+++ b/website/EN/mesh_images.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -378,6 +378,13 @@ You can also use single board computers (SBCs) such as the BeagleBone Black to m
 

 The resulting image can be copied to a microSD card, inserted into a Beaglebone Black and booted. Don't forget to plug in an Atheros USB wifi dongle.
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/mesh_philosophic.html b/website/EN/mesh_philosophic.html
index 144c052e..acaca474 100644
--- a/website/EN/mesh_philosophic.html
+++ b/website/EN/mesh_philosophic.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -253,6 +253,13 @@ While the network will have the capacity to exchange information with Internet u
 

 The network should be built with future development in mind. The platform should be flexible enough to support technologies, protocols and modes of usage that have not yet been developed.
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/mesh_usage.html b/website/EN/mesh_usage.html
index 4257dc41..02f876bf 100644
--- a/website/EN/mesh_usage.html
+++ b/website/EN/mesh_usage.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -518,6 +518,13 @@ You can also visit other blogs, edit or delete your previous entry and change yo
 
mesh_select_blog_theme.png
 

 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/mobile.html b/website/EN/mobile.html
index 8fea5f2e..dec0e086 100644
--- a/website/EN/mobile.html
+++ b/website/EN/mobile.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -272,7 +272,7 @@ The easiest way to access email is by installing the Services
 

 

-For information on configuring various apps to work with Freedombone see the usage section. Also see advice on chat apps in the FAQ.
+For information on configuring various apps to work with Freedombone see the apps section. Also see advice on chat apps in the FAQ.
 

 

 

@@ -382,6 +382,13 @@ Return to the <a href="index.html">home page</a>
 

 
 

+
+
+
+

+
gfdl.png
+

+

 

 

 

diff --git a/website/EN/users.html b/website/EN/users.html
index 7cad89de..32ae7228 100644
--- a/website/EN/users.html
+++ b/website/EN/users.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -170,6 +170,12 @@ Select Administrator controls then User Management.
 
control_panel_manage_users.jpg
 

 

+
+
+

+
gfdl.png
+

+

 

 

 

From 0d36c9c4fe31de8a58adbf13f44fea5cb85a8654 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 18:06:09 +0100
Subject: [PATCH 073/133] Usage page no longer used

---
 doc/EN/usage.org      |  92 ----------
 website/EN/usage.html | 397 ------------------------------------------
 2 files changed, 489 deletions(-)
 delete mode 100644 doc/EN/usage.org
 delete mode 100644 website/EN/usage.html

diff --git a/doc/EN/usage.org b/doc/EN/usage.org
deleted file mode 100644
index 7e29419b..00000000
--- a/doc/EN/usage.org
+++ /dev/null
@@ -1,92 +0,0 @@
-#+TITLE:
-#+AUTHOR: Bob Mottram
-#+EMAIL: bob@freedombone.net
-#+KEYWORDS: freedombone
-#+DESCRIPTION: How to use the Freedombone system
-#+OPTIONS: ^:nil toc:nil
-#+HTML_HEAD: 
-
-#+attr_html: :width 80% :height 10% :align center
-[[file:images/logo.png]]
-
-* Usage
-
-| [[Improving security]]                                   |
-| [[Administrating the system via an onion address (Tor)]] |
-| [[./mobile.html][Mobile advice]]                                        |
-| [[./usage_email.html][Using Email]]                                          |
-| [[./app_syncthing.html][Syncing to the Cloud]]                                 |
-| [[./app_dlna.html][Play Music]]                                           |
-| [[./app_gnusocial.html][Microblogging (GNU Social)]]                           |
-| [[./app_postactiv.html][Microblogging (PostActiv)]]                            |
-| [[./app_ghost.html][Blogging with Ghost]]                                  |
-| [[./app_htmly.html][Blogging with HTMLy]]                                  |
-| [[./app_hubzilla.html][Social Network]]                                       |
-| [[./app_lychee.html][Photo albums]]                                         |
-| [[./app_mediagoblin.html][Hosting video and audio content]]                      |
-| [[./app_dokuwiki.html][Wiki]]                                                 |
-| [[./app_etherpad.html][Collaborative document editing]]                       |
-| [[./app_irc.html][Multi-user chat with IRC]]                             |
-| [[./app_xmpp.html][XMPP/Jabber]]                                          |
-| [[./app_tox.html][Tox]]                                                  |
-| [[./app_mumble.html][Mumble]]                                               |
-| [[./app_mailpile.jtml][Mailpile]]                                             |
-| [[./app_rss.html][RSS Reader]]                                           |
-| [[./app_radicale.html][CalDAV calendar server]]                               |
-| [[./app_gogs.html][Git Projects]]                                         |
-| [[Adding or removing users]]                             |
-| [[./app_pihole.html][Blocking Ads]]                                         |
-| [[./app_turtl.html][Making and sharing notes and images]]                  |
-
-* Improving security
-It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
-
-#+begin_src bash
-freedombone-client
-#+end_src
-
-On your local system (i.e. whatever you're logging in to the Freedombone system from, typically a laptop). Then:
-
-#+begin_src
-ssh myusername@freedombone.local -p 2222
-#+end_src
-
-Select *Administrator controls* and re-enter your password, then *Manage Users* and *Change user ssh public key*. Copy and paste the ssh public keys which appeared after the *freedombone-client* command was run. Then go to *Security settings* and select *Allow ssh login with passwords* followed by *no*.
-
-You'll need to make sure that you have a copy of the ~/.ssh directory on your local system. You could just copy that directory to a USB drive and then keep that somewhere safe so that you can restore the keys if you need to.
-* Administrating the system via an onion address (Tor)
-You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
-
-#+BEGIN_SRC bash
-ssh username@freedombone.local -p 2222
-#+END_SRC
-
-Select /Administrator controls/ then select "About this system" and look for the onion address for ssh. You can then close the terminal and open another, then do the following on your local system:
-
-#+BEGIN_SRC bash
-freedombone-client
-#+END_SRC
-
-This will set up your ssh environment to be able to handle onion addresses. Then you can test ssh with:
-
-#+BEGIN_SRC bash
-ssh username@address.onion -p 2222
-#+END_SRC
-
-Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating.
-* Adding or removing users
-Log into the system with:
-
-#+BEGIN_SRC bash
-ssh username@domainname -p 2222
-#+END_SRC
-
-Select *Administrator controls* then *User Management*. Depending upon the type of installation after selecting administrator controls you might need to enter:
-
-#+BEGIN_SRC bash
-sudo su
-control
-#+END_SRC
-
-#+attr_html: :width 80% :align center
-[[file:images/controlpanel/control_panel_manage_users.jpg]]
diff --git a/website/EN/usage.html b/website/EN/usage.html
deleted file mode 100644
index a4a6c4f7..00000000
--- a/website/EN/usage.html
+++ /dev/null
@@ -1,397 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-

-
-

-

-

-
-

-
logo.png
-

-

-
-
-
-

-
Improving security

-

-

-It's a lot more secure to log in to the Freedombone system using ssh keys rather than with a password. You can set that up by first running:
-

-
-

-
-
freedombone-client
-

-

-
-

-On your local system (i.e. whatever you're logging in to the Freedombone system from, typically a laptop). Then:
-

-
-
-ssh myusername@freedombone.local -p 2222
-

-
-

-Select Administrator controls and re-enter your password, then Manage Users and Change user ssh public key. Copy and paste the ssh public keys which appeared after the freedombone-client command was run. Then go to Security settings and select Allow ssh login with passwords followed by no.
-

-
-

-You'll need to make sure that you have a copy of the ~/.ssh directory on your local system. You could just copy that directory to a USB drive and then keep that somewhere safe so that you can restore the keys if you need to.
-

-

-

-

-
Administrating the system via an onion address (Tor)

-

-

-You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
-

-
-

-
-
ssh username@freedombone.local -p 2222
-

-

-
-

-Select Administrator controls then select "About this system" and look for the onion address for ssh. You can then close the terminal and open another, then do the following on your local system:
-

-
-

-
-
freedombone-client
-

-

-
-

-This will set up your ssh environment to be able to handle onion addresses. Then you can test ssh with:
-

-
-

-
-
ssh username@address.onion -p 2222
-

-

-
-

-Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating.
-

-

-

-

-
Adding or removing users

-

-

-Log into the system with:
-

-
-

-
-
ssh username@domainname -p 2222
-

-

-
-

-Select Administrator controls then User Management. Depending upon the type of installation after selecting administrator controls you might need to enter:
-

-
-

-
-
sudo su
-control
-

-

-
-
-

-
control_panel_manage_users.jpg
-

-

-

-

-

-

-
-
-
-

-Back to top | E-mail me
-

-

-
-

From 90344acbefc069b7b7ec0e56d66f533689a73767 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 18:20:09 +0100
Subject: [PATCH 074/133] Include documentation license

---
 doc/EN/apps.org                   |   2 +-
 doc/EN/codeofconduct.org          |   3 +-
 doc/EN/devguide.org               |   2 +-
 doc/EN/faq.org                    |   2 +-
 doc/EN/fediverse.org              |   2 +-
 doc/EN/homeserver.org             |   2 +-
 doc/EN/index.org                  |   2 +-
 doc/EN/installmethods.org         |   2 +-
 doc/EN/mesh.org                   |   2 +-
 doc/EN/mesh_capabilities.org      |   2 +-
 doc/EN/mesh_custom.org            |   2 +-
 doc/EN/mesh_images.org            |   2 +-
 doc/EN/mesh_philosophic.org       |   2 +-
 doc/EN/mesh_usage.org             |   2 +-
 doc/EN/mobile.org                 |   2 +-
 doc/EN/support.org                |   2 +-
 doc/EN/users.org                  |   2 +-
 website/EN/apps.html              |   4 +-
 website/EN/codeofconduct.html     |   5 +-
 website/EN/devguide.html          |   4 +-
 website/EN/faq.html               |   4 +-
 website/EN/fdl-1.3.txt            | 451 ++++++++++++++++++++++++++++++
 website/EN/fediverse.html         |   4 +-
 website/EN/homeserver.html        |   4 +-
 website/EN/index.html             |   4 +-
 website/EN/installmethods.html    |   4 +-
 website/EN/mesh.html              |   4 +-
 website/EN/mesh_capabilities.html |   4 +-
 website/EN/mesh_custom.html       |   4 +-
 website/EN/mesh_images.html       |   4 +-
 website/EN/mesh_philosophic.html  |   4 +-
 website/EN/mesh_usage.html        |   4 +-
 website/EN/mobile.html            |   4 +-
 website/EN/support.html           |   4 +-
 website/EN/users.html             |   4 +-
 35 files changed, 502 insertions(+), 53 deletions(-)
 create mode 100644 website/EN/fdl-1.3.txt

diff --git a/doc/EN/apps.org b/doc/EN/apps.org
index 4196d2e8..d5f79ceb 100644
--- a/doc/EN/apps.org
+++ b/doc/EN/apps.org
@@ -193,4 +193,4 @@ Chat server which can be used together with client such as Gajim or Conversation
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/codeofconduct.org b/doc/EN/codeofconduct.org
index d48db145..b7da752f 100644
--- a/doc/EN/codeofconduct.org
+++ b/doc/EN/codeofconduct.org
@@ -45,6 +45,5 @@ Serious or persistent offenders will be kicked from chat rooms and any of their
 
 This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.
 
-
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/devguide.org b/doc/EN/devguide.org
index 59337fcb..605dbb3b 100644
--- a/doc/EN/devguide.org
+++ b/doc/EN/devguide.org
@@ -96,4 +96,4 @@ If you need particular /dconf/ commands to alter desktop appearance or behavior
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index 24b9cb89..eda02c67 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -359,4 +359,4 @@ Return to the home page
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/fediverse.org b/doc/EN/fediverse.org
index 0d415a80..bd9b1c3c 100644
--- a/doc/EN/fediverse.org
+++ b/doc/EN/fediverse.org
@@ -36,4 +36,4 @@ Once there are more than a couple of hundred highly active users in your timelin
 It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/homeserver.org b/doc/EN/homeserver.org
index c20dfb77..8e5f6d69 100644
--- a/doc/EN/homeserver.org
+++ b/doc/EN/homeserver.org
@@ -144,4 +144,4 @@ man freedombone-image
 #+end_src
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/index.org b/doc/EN/index.org
index 2b8bac74..9db5be9c 100644
--- a/doc/EN/index.org
+++ b/doc/EN/index.org
@@ -22,4 +22,4 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h
 If you like this project and want to support continued development then [[./support.html][here's what to do]].
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/installmethods.org b/doc/EN/installmethods.org
index 76167c4a..78f1b8a2 100644
--- a/doc/EN/installmethods.org
+++ b/doc/EN/installmethods.org
@@ -28,4 +28,4 @@ A list of other supported ARM boards [[./boards.html][can be found here]], or yo
  * [[./faq.html][Frequently Asked Questions]]
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh.org b/doc/EN/mesh.org
index 1e0c458c..4b18dbe3 100644
--- a/doc/EN/mesh.org
+++ b/doc/EN/mesh.org
@@ -31,4 +31,4 @@ Systems only need to be within wifi range of each other for the mesh to be creat
 Like [[https://libremesh.org][LibreMesh]], this system uses a combination of [[https://en.wikipedia.org/wiki/B.A.T.M.A.N.][batman-adv]] on network layer 2 and [[http://bmx6.net][BMX]] on layer 3. Routing protocols [[http://www.olsr.org][OLSR2]] and [[https://www.irif.fr/~jch/software/babel][Babel]] are also selectable.
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_capabilities.org b/doc/EN/mesh_capabilities.org
index de8edd38..a1a14bc4 100644
--- a/doc/EN/mesh_capabilities.org
+++ b/doc/EN/mesh_capabilities.org
@@ -32,4 +32,4 @@ The mesh system has the following capabilities:
 This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the [[https://en.wikipedia.org/wiki/Small-world_network][small world effect]] will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_custom.org b/doc/EN/mesh_custom.org
index 4366c2b1..bafa9087 100644
--- a/doc/EN/mesh_custom.org
+++ b/doc/EN/mesh_custom.org
@@ -17,4 +17,4 @@ If you need particular /dconf/ commands to alter desktop appearance or behavior
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_images.org b/doc/EN/mesh_images.org
index d16506e6..9c0a5c80 100644
--- a/doc/EN/mesh_images.org
+++ b/doc/EN/mesh_images.org
@@ -145,4 +145,4 @@ The resulting image can be copied to a microSD card, inserted into a Beaglebone
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_philosophic.org b/doc/EN/mesh_philosophic.org
index 6d250429..1ba0a28e 100644
--- a/doc/EN/mesh_philosophic.org
+++ b/doc/EN/mesh_philosophic.org
@@ -49,4 +49,4 @@ The network should be built with future development in mind. The platform should
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_usage.org b/doc/EN/mesh_usage.org
index 81ff4e99..8d62f8c4 100644
--- a/doc/EN/mesh_usage.org
+++ b/doc/EN/mesh_usage.org
@@ -183,4 +183,4 @@ You can also visit other blogs, edit or delete your previous entry and change yo
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mobile.org b/doc/EN/mobile.org
index ad517efe..f7bffc65 100644
--- a/doc/EN/mobile.org
+++ b/doc/EN/mobile.org
@@ -143,4 +143,4 @@ Return to the home page
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/support.org b/doc/EN/support.org
index d7403395..cbb72024 100644
--- a/doc/EN/support.org
+++ b/doc/EN/support.org
@@ -57,4 +57,4 @@ To add translations modify the json files within the *locale* subdirectory. Then
 Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/users.org b/doc/EN/users.org
index 8f10e0a7..4c71b666 100644
--- a/doc/EN/users.org
+++ b/doc/EN/users.org
@@ -21,4 +21,4 @@ Select *Administrator controls* then *User Management*.
 [[file:images/controlpanel/control_panel_manage_users.jpg]]
 
 #+attr_html: :width 10% :height 2% :align center
-[[https://www.gnu.org/licenses/fdl-1.3.txt][file:images/gfdl.png]]
+[[fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/website/EN/apps.html b/website/EN/apps.html
index 6fd06565..7750c1df 100644
--- a/website/EN/apps.html
+++ b/website/EN/apps.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -687,7 +687,7 @@ Chat server which can be used together with client such as Gajim or Conversation
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/codeofconduct.html b/website/EN/codeofconduct.html
index 864ae67d..f5bd31f4 100644
--- a/website/EN/codeofconduct.html
+++ b/website/EN/codeofconduct.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -228,9 +228,8 @@ This is not a big project and so there is no division of labor or special enforc
 

 
 
-
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/devguide.html b/website/EN/devguide.html
index 145c35d1..56abc3c8 100644
--- a/website/EN/devguide.html
+++ b/website/EN/devguide.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -299,7 +299,7 @@ If you need particular dconf commands to alter desktop appearance or beha
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/faq.html b/website/EN/faq.html
index 9e84f1c3..13098c36 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -1048,7 +1048,7 @@ Return to the <a href="index.html">home page</a>
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/fdl-1.3.txt b/website/EN/fdl-1.3.txt
new file mode 100644
index 00000000..bf128beb
--- /dev/null
+++ b/website/EN/fdl-1.3.txt
@@ -0,0 +1,451 @@
+
+                GNU Free Documentation License
+                 Version 1.3, 3 November 2008
+
+
+ Copyright (C) 2000, 2001, 2002, 2007, 2008 Free Software Foundation, Inc.
+     
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+0. PREAMBLE
+
+The purpose of this License is to make a manual, textbook, or other
+functional and useful document "free" in the sense of freedom: to
+assure everyone the effective freedom to copy and redistribute it,
+with or without modifying it, either commercially or noncommercially.
+Secondarily, this License preserves for the author and publisher a way
+to get credit for their work, while not being considered responsible
+for modifications made by others.
+
+This License is a kind of "copyleft", which means that derivative
+works of the document must themselves be free in the same sense.  It
+complements the GNU General Public License, which is a copyleft
+license designed for free software.
+
+We have designed this License in order to use it for manuals for free
+software, because free software needs free documentation: a free
+program should come with manuals providing the same freedoms that the
+software does.  But this License is not limited to software manuals;
+it can be used for any textual work, regardless of subject matter or
+whether it is published as a printed book.  We recommend this License
+principally for works whose purpose is instruction or reference.
+
+
+1. APPLICABILITY AND DEFINITIONS
+
+This License applies to any manual or other work, in any medium, that
+contains a notice placed by the copyright holder saying it can be
+distributed under the terms of this License.  Such a notice grants a
+world-wide, royalty-free license, unlimited in duration, to use that
+work under the conditions stated herein.  The "Document", below,
+refers to any such manual or work.  Any member of the public is a
+licensee, and is addressed as "you".  You accept the license if you
+copy, modify or distribute the work in a way requiring permission
+under copyright law.
+
+A "Modified Version" of the Document means any work containing the
+Document or a portion of it, either copied verbatim, or with
+modifications and/or translated into another language.
+
+A "Secondary Section" is a named appendix or a front-matter section of
+the Document that deals exclusively with the relationship of the
+publishers or authors of the Document to the Document's overall
+subject (or to related matters) and contains nothing that could fall
+directly within that overall subject.  (Thus, if the Document is in
+part a textbook of mathematics, a Secondary Section may not explain
+any mathematics.)  The relationship could be a matter of historical
+connection with the subject or with related matters, or of legal,
+commercial, philosophical, ethical or political position regarding
+them.
+
+The "Invariant Sections" are certain Secondary Sections whose titles
+are designated, as being those of Invariant Sections, in the notice
+that says that the Document is released under this License.  If a
+section does not fit the above definition of Secondary then it is not
+allowed to be designated as Invariant.  The Document may contain zero
+Invariant Sections.  If the Document does not identify any Invariant
+Sections then there are none.
+
+The "Cover Texts" are certain short passages of text that are listed,
+as Front-Cover Texts or Back-Cover Texts, in the notice that says that
+the Document is released under this License.  A Front-Cover Text may
+be at most 5 words, and a Back-Cover Text may be at most 25 words.
+
+A "Transparent" copy of the Document means a machine-readable copy,
+represented in a format whose specification is available to the
+general public, that is suitable for revising the document
+straightforwardly with generic text editors or (for images composed of
+pixels) generic paint programs or (for drawings) some widely available
+drawing editor, and that is suitable for input to text formatters or
+for automatic translation to a variety of formats suitable for input
+to text formatters.  A copy made in an otherwise Transparent file
+format whose markup, or absence of markup, has been arranged to thwart
+or discourage subsequent modification by readers is not Transparent.
+An image format is not Transparent if used for any substantial amount
+of text.  A copy that is not "Transparent" is called "Opaque".
+
+Examples of suitable formats for Transparent copies include plain
+ASCII without markup, Texinfo input format, LaTeX input format, SGML
+or XML using a publicly available DTD, and standard-conforming simple
+HTML, PostScript or PDF designed for human modification.  Examples of
+transparent image formats include PNG, XCF and JPG.  Opaque formats
+include proprietary formats that can be read and edited only by
+proprietary word processors, SGML or XML for which the DTD and/or
+processing tools are not generally available, and the
+machine-generated HTML, PostScript or PDF produced by some word
+processors for output purposes only.
+
+The "Title Page" means, for a printed book, the title page itself,
+plus such following pages as are needed to hold, legibly, the material
+this License requires to appear in the title page.  For works in
+formats which do not have any title page as such, "Title Page" means
+the text near the most prominent appearance of the work's title,
+preceding the beginning of the body of the text.
+
+The "publisher" means any person or entity that distributes copies of
+the Document to the public.
+
+A section "Entitled XYZ" means a named subunit of the Document whose
+title either is precisely XYZ or contains XYZ in parentheses following
+text that translates XYZ in another language.  (Here XYZ stands for a
+specific section name mentioned below, such as "Acknowledgements",
+"Dedications", "Endorsements", or "History".)  To "Preserve the Title"
+of such a section when you modify the Document means that it remains a
+section "Entitled XYZ" according to this definition.
+
+The Document may include Warranty Disclaimers next to the notice which
+states that this License applies to the Document.  These Warranty
+Disclaimers are considered to be included by reference in this
+License, but only as regards disclaiming warranties: any other
+implication that these Warranty Disclaimers may have is void and has
+no effect on the meaning of this License.
+
+2. VERBATIM COPYING
+
+You may copy and distribute the Document in any medium, either
+commercially or noncommercially, provided that this License, the
+copyright notices, and the license notice saying this License applies
+to the Document are reproduced in all copies, and that you add no
+other conditions whatsoever to those of this License.  You may not use
+technical measures to obstruct or control the reading or further
+copying of the copies you make or distribute.  However, you may accept
+compensation in exchange for copies.  If you distribute a large enough
+number of copies you must also follow the conditions in section 3.
+
+You may also lend copies, under the same conditions stated above, and
+you may publicly display copies.
+
+
+3. COPYING IN QUANTITY
+
+If you publish printed copies (or copies in media that commonly have
+printed covers) of the Document, numbering more than 100, and the
+Document's license notice requires Cover Texts, you must enclose the
+copies in covers that carry, clearly and legibly, all these Cover
+Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on
+the back cover.  Both covers must also clearly and legibly identify
+you as the publisher of these copies.  The front cover must present
+the full title with all words of the title equally prominent and
+visible.  You may add other material on the covers in addition.
+Copying with changes limited to the covers, as long as they preserve
+the title of the Document and satisfy these conditions, can be treated
+as verbatim copying in other respects.
+
+If the required texts for either cover are too voluminous to fit
+legibly, you should put the first ones listed (as many as fit
+reasonably) on the actual cover, and continue the rest onto adjacent
+pages.
+
+If you publish or distribute Opaque copies of the Document numbering
+more than 100, you must either include a machine-readable Transparent
+copy along with each Opaque copy, or state in or with each Opaque copy
+a computer-network location from which the general network-using
+public has access to download using public-standard network protocols
+a complete Transparent copy of the Document, free of added material.
+If you use the latter option, you must take reasonably prudent steps,
+when you begin distribution of Opaque copies in quantity, to ensure
+that this Transparent copy will remain thus accessible at the stated
+location until at least one year after the last time you distribute an
+Opaque copy (directly or through your agents or retailers) of that
+edition to the public.
+
+It is requested, but not required, that you contact the authors of the
+Document well before redistributing any large number of copies, to
+give them a chance to provide you with an updated version of the
+Document.
+
+
+4. MODIFICATIONS
+
+You may copy and distribute a Modified Version of the Document under
+the conditions of sections 2 and 3 above, provided that you release
+the Modified Version under precisely this License, with the Modified
+Version filling the role of the Document, thus licensing distribution
+and modification of the Modified Version to whoever possesses a copy
+of it.  In addition, you must do these things in the Modified Version:
+
+A. Use in the Title Page (and on the covers, if any) a title distinct
+   from that of the Document, and from those of previous versions
+   (which should, if there were any, be listed in the History section
+   of the Document).  You may use the same title as a previous version
+   if the original publisher of that version gives permission.
+B. List on the Title Page, as authors, one or more persons or entities
+   responsible for authorship of the modifications in the Modified
+   Version, together with at least five of the principal authors of the
+   Document (all of its principal authors, if it has fewer than five),
+   unless they release you from this requirement.
+C. State on the Title page the name of the publisher of the
+   Modified Version, as the publisher.
+D. Preserve all the copyright notices of the Document.
+E. Add an appropriate copyright notice for your modifications
+   adjacent to the other copyright notices.
+F. Include, immediately after the copyright notices, a license notice
+   giving the public permission to use the Modified Version under the
+   terms of this License, in the form shown in the Addendum below.
+G. Preserve in that license notice the full lists of Invariant Sections
+   and required Cover Texts given in the Document's license notice.
+H. Include an unaltered copy of this License.
+I. Preserve the section Entitled "History", Preserve its Title, and add
+   to it an item stating at least the title, year, new authors, and
+   publisher of the Modified Version as given on the Title Page.  If
+   there is no section Entitled "History" in the Document, create one
+   stating the title, year, authors, and publisher of the Document as
+   given on its Title Page, then add an item describing the Modified
+   Version as stated in the previous sentence.
+J. Preserve the network location, if any, given in the Document for
+   public access to a Transparent copy of the Document, and likewise
+   the network locations given in the Document for previous versions
+   it was based on.  These may be placed in the "History" section.
+   You may omit a network location for a work that was published at
+   least four years before the Document itself, or if the original
+   publisher of the version it refers to gives permission.
+K. For any section Entitled "Acknowledgements" or "Dedications",
+   Preserve the Title of the section, and preserve in the section all
+   the substance and tone of each of the contributor acknowledgements
+   and/or dedications given therein.
+L. Preserve all the Invariant Sections of the Document,
+   unaltered in their text and in their titles.  Section numbers
+   or the equivalent are not considered part of the section titles.
+M. Delete any section Entitled "Endorsements".  Such a section
+   may not be included in the Modified Version.
+N. Do not retitle any existing section to be Entitled "Endorsements"
+   or to conflict in title with any Invariant Section.
+O. Preserve any Warranty Disclaimers.
+
+If the Modified Version includes new front-matter sections or
+appendices that qualify as Secondary Sections and contain no material
+copied from the Document, you may at your option designate some or all
+of these sections as invariant.  To do this, add their titles to the
+list of Invariant Sections in the Modified Version's license notice.
+These titles must be distinct from any other section titles.
+
+You may add a section Entitled "Endorsements", provided it contains
+nothing but endorsements of your Modified Version by various
+parties--for example, statements of peer review or that the text has
+been approved by an organization as the authoritative definition of a
+standard.
+
+You may add a passage of up to five words as a Front-Cover Text, and a
+passage of up to 25 words as a Back-Cover Text, to the end of the list
+of Cover Texts in the Modified Version.  Only one passage of
+Front-Cover Text and one of Back-Cover Text may be added by (or
+through arrangements made by) any one entity.  If the Document already
+includes a cover text for the same cover, previously added by you or
+by arrangement made by the same entity you are acting on behalf of,
+you may not add another; but you may replace the old one, on explicit
+permission from the previous publisher that added the old one.
+
+The author(s) and publisher(s) of the Document do not by this License
+give permission to use their names for publicity for or to assert or
+imply endorsement of any Modified Version.
+
+
+5. COMBINING DOCUMENTS
+
+You may combine the Document with other documents released under this
+License, under the terms defined in section 4 above for modified
+versions, provided that you include in the combination all of the
+Invariant Sections of all of the original documents, unmodified, and
+list them all as Invariant Sections of your combined work in its
+license notice, and that you preserve all their Warranty Disclaimers.
+
+The combined work need only contain one copy of this License, and
+multiple identical Invariant Sections may be replaced with a single
+copy.  If there are multiple Invariant Sections with the same name but
+different contents, make the title of each such section unique by
+adding at the end of it, in parentheses, the name of the original
+author or publisher of that section if known, or else a unique number.
+Make the same adjustment to the section titles in the list of
+Invariant Sections in the license notice of the combined work.
+
+In the combination, you must combine any sections Entitled "History"
+in the various original documents, forming one section Entitled
+"History"; likewise combine any sections Entitled "Acknowledgements",
+and any sections Entitled "Dedications".  You must delete all sections
+Entitled "Endorsements".
+
+
+6. COLLECTIONS OF DOCUMENTS
+
+You may make a collection consisting of the Document and other
+documents released under this License, and replace the individual
+copies of this License in the various documents with a single copy
+that is included in the collection, provided that you follow the rules
+of this License for verbatim copying of each of the documents in all
+other respects.
+
+You may extract a single document from such a collection, and
+distribute it individually under this License, provided you insert a
+copy of this License into the extracted document, and follow this
+License in all other respects regarding verbatim copying of that
+document.
+
+
+7. AGGREGATION WITH INDEPENDENT WORKS
+
+A compilation of the Document or its derivatives with other separate
+and independent documents or works, in or on a volume of a storage or
+distribution medium, is called an "aggregate" if the copyright
+resulting from the compilation is not used to limit the legal rights
+of the compilation's users beyond what the individual works permit.
+When the Document is included in an aggregate, this License does not
+apply to the other works in the aggregate which are not themselves
+derivative works of the Document.
+
+If the Cover Text requirement of section 3 is applicable to these
+copies of the Document, then if the Document is less than one half of
+the entire aggregate, the Document's Cover Texts may be placed on
+covers that bracket the Document within the aggregate, or the
+electronic equivalent of covers if the Document is in electronic form.
+Otherwise they must appear on printed covers that bracket the whole
+aggregate.
+
+
+8. TRANSLATION
+
+Translation is considered a kind of modification, so you may
+distribute translations of the Document under the terms of section 4.
+Replacing Invariant Sections with translations requires special
+permission from their copyright holders, but you may include
+translations of some or all Invariant Sections in addition to the
+original versions of these Invariant Sections.  You may include a
+translation of this License, and all the license notices in the
+Document, and any Warranty Disclaimers, provided that you also include
+the original English version of this License and the original versions
+of those notices and disclaimers.  In case of a disagreement between
+the translation and the original version of this License or a notice
+or disclaimer, the original version will prevail.
+
+If a section in the Document is Entitled "Acknowledgements",
+"Dedications", or "History", the requirement (section 4) to Preserve
+its Title (section 1) will typically require changing the actual
+title.
+
+
+9. TERMINATION
+
+You may not copy, modify, sublicense, or distribute the Document
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense, or distribute it is void, and
+will automatically terminate your rights under this License.
+
+However, if you cease all violation of this License, then your license
+from a particular copyright holder is reinstated (a) provisionally,
+unless and until the copyright holder explicitly and finally
+terminates your license, and (b) permanently, if the copyright holder
+fails to notify you of the violation by some reasonable means prior to
+60 days after the cessation.
+
+Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, receipt of a copy of some or all of the same material does
+not give you any rights to use it.
+
+
+10. FUTURE REVISIONS OF THIS LICENSE
+
+The Free Software Foundation may publish new, revised versions of the
+GNU Free Documentation License from time to time.  Such new versions
+will be similar in spirit to the present version, but may differ in
+detail to address new problems or concerns.  See
+https://www.gnu.org/licenses/.
+
+Each version of the License is given a distinguishing version number.
+If the Document specifies that a particular numbered version of this
+License "or any later version" applies to it, you have the option of
+following the terms and conditions either of that specified version or
+of any later version that has been published (not as a draft) by the
+Free Software Foundation.  If the Document does not specify a version
+number of this License, you may choose any version ever published (not
+as a draft) by the Free Software Foundation.  If the Document
+specifies that a proxy can decide which future versions of this
+License can be used, that proxy's public statement of acceptance of a
+version permanently authorizes you to choose that version for the
+Document.
+
+11. RELICENSING
+
+"Massive Multiauthor Collaboration Site" (or "MMC Site") means any
+World Wide Web server that publishes copyrightable works and also
+provides prominent facilities for anybody to edit those works.  A
+public wiki that anybody can edit is an example of such a server.  A
+"Massive Multiauthor Collaboration" (or "MMC") contained in the site
+means any set of copyrightable works thus published on the MMC site.
+
+"CC-BY-SA" means the Creative Commons Attribution-Share Alike 3.0 
+license published by Creative Commons Corporation, a not-for-profit 
+corporation with a principal place of business in San Francisco, 
+California, as well as future copyleft versions of that license 
+published by that same organization.
+
+"Incorporate" means to publish or republish a Document, in whole or in 
+part, as part of another Document.
+
+An MMC is "eligible for relicensing" if it is licensed under this 
+License, and if all works that were first published under this License 
+somewhere other than this MMC, and subsequently incorporated in whole or 
+in part into the MMC, (1) had no cover texts or invariant sections, and 
+(2) were thus incorporated prior to November 1, 2008.
+
+The operator of an MMC Site may republish an MMC contained in the site
+under CC-BY-SA on the same site at any time before August 1, 2009,
+provided the MMC is eligible for relicensing.
+
+
+ADDENDUM: How to use this License for your documents
+
+To use this License in a document you have written, include a copy of
+the License in the document and put the following copyright and
+license notices just after the title page:
+
+    Copyright (c)  YEAR  YOUR NAME.
+    Permission is granted to copy, distribute and/or modify this document
+    under the terms of the GNU Free Documentation License, Version 1.3
+    or any later version published by the Free Software Foundation;
+    with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
+    A copy of the license is included in the section entitled "GNU
+    Free Documentation License".
+
+If you have Invariant Sections, Front-Cover Texts and Back-Cover Texts,
+replace the "with...Texts." line with this:
+
+    with the Invariant Sections being LIST THEIR TITLES, with the
+    Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST.
+
+If you have Invariant Sections without Cover Texts, or some other
+combination of the three, merge those two alternatives to suit the
+situation.
+
+If your document contains nontrivial examples of program code, we
+recommend releasing these examples in parallel under your choice of
+free software license, such as the GNU General Public License,
+to permit their use in free software.
diff --git a/website/EN/fediverse.html b/website/EN/fediverse.html
index 07f63552..3dc72176 100644
--- a/website/EN/fediverse.html
+++ b/website/EN/fediverse.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -226,7 +226,7 @@ It may seem like a good idea and it may seem like you're doing a service to the
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/homeserver.html b/website/EN/homeserver.html
index bf0b1fc9..79b9064f 100644
--- a/website/EN/homeserver.html
+++ b/website/EN/homeserver.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -384,7 +384,7 @@ Of course, this is just one way in which you can install the Freedombone system.
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/index.html b/website/EN/index.html
index 2fdb7b61..90fc371a 100644
--- a/website/EN/index.html
+++ b/website/EN/index.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -177,7 +177,7 @@ If you like this project and want to support continued development then 
-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html
index d835880e..d7676a62 100644
--- a/website/EN/installmethods.html
+++ b/website/EN/installmethods.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -190,7 +190,7 @@ A list of other supported ARM boards can be found here
-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh.html b/website/EN/mesh.html
index d87717db..7eb6f33d 100644
--- a/website/EN/mesh.html
+++ b/website/EN/mesh.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -195,7 +195,7 @@ Like LibreMesh, this system uses a combinati
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_capabilities.html b/website/EN/mesh_capabilities.html
index f5a2dc3d..abbc2018 100644
--- a/website/EN/mesh_capabilities.html
+++ b/website/EN/mesh_capabilities.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -197,7 +197,7 @@ This system should be quite scalable. Both qTox and IPFS are based upon distribu
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_custom.html b/website/EN/mesh_custom.html
index 693c43ae..c579ecad 100644
--- a/website/EN/mesh_custom.html
+++ b/website/EN/mesh_custom.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -165,7 +165,7 @@ If you need particular dconf commands to alter desktop appearance or beha
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_images.html b/website/EN/mesh_images.html
index cc2d1e1d..ca7ad416 100644
--- a/website/EN/mesh_images.html
+++ b/website/EN/mesh_images.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -382,7 +382,7 @@ The resulting image can be copied to a microSD card, inserted into a Beaglebone
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_philosophic.html b/website/EN/mesh_philosophic.html
index acaca474..791e7d56 100644
--- a/website/EN/mesh_philosophic.html
+++ b/website/EN/mesh_philosophic.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -257,7 +257,7 @@ The network should be built with future development in mind. The platform should
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_usage.html b/website/EN/mesh_usage.html
index 02f876bf..3e5e4ce0 100644
--- a/website/EN/mesh_usage.html
+++ b/website/EN/mesh_usage.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -522,7 +522,7 @@ You can also visit other blogs, edit or delete your previous entry and change yo
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mobile.html b/website/EN/mobile.html
index dec0e086..953043d9 100644
--- a/website/EN/mobile.html
+++ b/website/EN/mobile.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -386,7 +386,7 @@ Return to the <a href="index.html">home page</a>
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/support.html b/website/EN/support.html
index b95b050b..ee2a64ab 100644
--- a/website/EN/support.html
+++ b/website/EN/support.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -272,7 +272,7 @@ Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/users.html b/website/EN/users.html
index 32ae7228..41423ea4 100644
--- a/website/EN/users.html
+++ b/website/EN/users.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -173,7 +173,7 @@ Select Administrator controls then User Management.
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 


From 6fc94e20199603f4ece14178c07afef53e254c8f Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 18:22:38 +0100
Subject: [PATCH 075/133] file link

---
 doc/EN/apps.org       | 2 +-
 doc/EN/index.org      | 2 +-
 website/EN/apps.html  | 4 ++--
 website/EN/index.html | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/doc/EN/apps.org b/doc/EN/apps.org
index d5f79ceb..46cf9460 100644
--- a/doc/EN/apps.org
+++ b/doc/EN/apps.org
@@ -193,4 +193,4 @@ Chat server which can be used together with client such as Gajim or Conversation
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/index.org b/doc/EN/index.org
index 9db5be9c..24058e04 100644
--- a/doc/EN/index.org
+++ b/doc/EN/index.org
@@ -22,4 +22,4 @@ If you find bugs, or want to add a new app to this system see the [[./devguide.h
 If you like this project and want to support continued development then [[./support.html][here's what to do]].
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/website/EN/apps.html b/website/EN/apps.html
index 7750c1df..ee24ddd0 100644
--- a/website/EN/apps.html
+++ b/website/EN/apps.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -687,7 +687,7 @@ Chat server which can be used together with client such as Gajim or Conversation
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/index.html b/website/EN/index.html
index 90fc371a..f011c376 100644
--- a/website/EN/index.html
+++ b/website/EN/index.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -177,7 +177,7 @@ If you like this project and want to support continued development then 
-
gfdl.png
+
gfdl.png
 

 

 


From ea37577009d45eb7a83b547ece9e85ad73b5def6 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 18:26:01 +0100
Subject: [PATCH 076/133] file link

---
 doc/EN/codeofconduct.org          | 2 +-
 doc/EN/devguide.org               | 2 +-
 doc/EN/faq.org                    | 2 +-
 doc/EN/fediverse.org              | 2 +-
 doc/EN/homeserver.org             | 2 +-
 doc/EN/installmethods.org         | 2 +-
 doc/EN/mesh.org                   | 2 +-
 doc/EN/mesh_capabilities.org      | 2 +-
 doc/EN/mesh_custom.org            | 2 +-
 doc/EN/mesh_images.org            | 2 +-
 doc/EN/mesh_philosophic.org       | 2 +-
 doc/EN/mesh_usage.org             | 2 +-
 doc/EN/mobile.org                 | 2 +-
 doc/EN/support.org                | 2 +-
 doc/EN/users.org                  | 2 +-
 website/EN/codeofconduct.html     | 4 ++--
 website/EN/devguide.html          | 4 ++--
 website/EN/faq.html               | 4 ++--
 website/EN/fediverse.html         | 4 ++--
 website/EN/homeserver.html        | 4 ++--
 website/EN/index.html             | 2 +-
 website/EN/installmethods.html    | 4 ++--
 website/EN/mesh.html              | 4 ++--
 website/EN/mesh_capabilities.html | 4 ++--
 website/EN/mesh_custom.html       | 4 ++--
 website/EN/mesh_images.html       | 4 ++--
 website/EN/mesh_philosophic.html  | 4 ++--
 website/EN/mesh_usage.html        | 4 ++--
 website/EN/mobile.html            | 4 ++--
 website/EN/support.html           | 4 ++--
 website/EN/users.html             | 4 ++--
 31 files changed, 46 insertions(+), 46 deletions(-)

diff --git a/doc/EN/codeofconduct.org b/doc/EN/codeofconduct.org
index b7da752f..2c837783 100644
--- a/doc/EN/codeofconduct.org
+++ b/doc/EN/codeofconduct.org
@@ -46,4 +46,4 @@ Serious or persistent offenders will be kicked from chat rooms and any of their
 This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/devguide.org b/doc/EN/devguide.org
index 605dbb3b..b78e3f1d 100644
--- a/doc/EN/devguide.org
+++ b/doc/EN/devguide.org
@@ -96,4 +96,4 @@ If you need particular /dconf/ commands to alter desktop appearance or behavior
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index eda02c67..41d08319 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -359,4 +359,4 @@ Return to the home page
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/fediverse.org b/doc/EN/fediverse.org
index bd9b1c3c..d4302e4e 100644
--- a/doc/EN/fediverse.org
+++ b/doc/EN/fediverse.org
@@ -36,4 +36,4 @@ Once there are more than a couple of hundred highly active users in your timelin
 It may seem like a good idea and it may seem like you're doing a service to the community by allowing random strangers to register, but servers with thousands of users only cause problems - social, administrative, financial and possibly also legal. The financial strain of running a powerful server with high reliability may be enough to encourage the administrator to begin pushing advertising onto the system, or sell user content, and then before you know it you have identical problems to Twitter. Instead try to encourage people to set up their own servers. Follow this principle and a lot of arguments and stress will be more easily avoided.
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/homeserver.org b/doc/EN/homeserver.org
index 8e5f6d69..12a75e6c 100644
--- a/doc/EN/homeserver.org
+++ b/doc/EN/homeserver.org
@@ -144,4 +144,4 @@ man freedombone-image
 #+end_src
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/installmethods.org b/doc/EN/installmethods.org
index 78f1b8a2..a93226dc 100644
--- a/doc/EN/installmethods.org
+++ b/doc/EN/installmethods.org
@@ -28,4 +28,4 @@ A list of other supported ARM boards [[./boards.html][can be found here]], or yo
  * [[./faq.html][Frequently Asked Questions]]
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh.org b/doc/EN/mesh.org
index 4b18dbe3..9e8d8e97 100644
--- a/doc/EN/mesh.org
+++ b/doc/EN/mesh.org
@@ -31,4 +31,4 @@ Systems only need to be within wifi range of each other for the mesh to be creat
 Like [[https://libremesh.org][LibreMesh]], this system uses a combination of [[https://en.wikipedia.org/wiki/B.A.T.M.A.N.][batman-adv]] on network layer 2 and [[http://bmx6.net][BMX]] on layer 3. Routing protocols [[http://www.olsr.org][OLSR2]] and [[https://www.irif.fr/~jch/software/babel][Babel]] are also selectable.
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_capabilities.org b/doc/EN/mesh_capabilities.org
index a1a14bc4..fb6066da 100644
--- a/doc/EN/mesh_capabilities.org
+++ b/doc/EN/mesh_capabilities.org
@@ -32,4 +32,4 @@ The mesh system has the following capabilities:
 This system should be quite scalable. Both qTox and IPFS are based upon distributed hash tables (DHT) so that each peer does not need to store the full index of data for the entire network. Gossiping between SSB peers may be slower, but the [[https://en.wikipedia.org/wiki/Small-world_network][small world effect]] will presumably still make for quite efficient delivery in a large network. Caching or pinning of IPFS data and its content addressability means that if a file or blog becomes popular then performance should improve as the number of downloads increases, which is the opposite of the client/server paradigm.
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_custom.org b/doc/EN/mesh_custom.org
index bafa9087..82ca14ad 100644
--- a/doc/EN/mesh_custom.org
+++ b/doc/EN/mesh_custom.org
@@ -17,4 +17,4 @@ If you need particular /dconf/ commands to alter desktop appearance or behavior
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_images.org b/doc/EN/mesh_images.org
index 9c0a5c80..41c5479e 100644
--- a/doc/EN/mesh_images.org
+++ b/doc/EN/mesh_images.org
@@ -145,4 +145,4 @@ The resulting image can be copied to a microSD card, inserted into a Beaglebone
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_philosophic.org b/doc/EN/mesh_philosophic.org
index 1ba0a28e..0bd9d168 100644
--- a/doc/EN/mesh_philosophic.org
+++ b/doc/EN/mesh_philosophic.org
@@ -49,4 +49,4 @@ The network should be built with future development in mind. The platform should
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mesh_usage.org b/doc/EN/mesh_usage.org
index 8d62f8c4..64cb6590 100644
--- a/doc/EN/mesh_usage.org
+++ b/doc/EN/mesh_usage.org
@@ -183,4 +183,4 @@ You can also visit other blogs, edit or delete your previous entry and change yo
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/mobile.org b/doc/EN/mobile.org
index f7bffc65..3e5811d1 100644
--- a/doc/EN/mobile.org
+++ b/doc/EN/mobile.org
@@ -143,4 +143,4 @@ Return to the home page
 
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/support.org b/doc/EN/support.org
index cbb72024..33edf7a6 100644
--- a/doc/EN/support.org
+++ b/doc/EN/support.org
@@ -57,4 +57,4 @@ To add translations modify the json files within the *locale* subdirectory. Then
 Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/doc/EN/users.org b/doc/EN/users.org
index 4c71b666..611adebc 100644
--- a/doc/EN/users.org
+++ b/doc/EN/users.org
@@ -21,4 +21,4 @@ Select *Administrator controls* then *User Management*.
 [[file:images/controlpanel/control_panel_manage_users.jpg]]
 
 #+attr_html: :width 10% :height 2% :align center
-[[fdl-1.3.txt][file:images/gfdl.png]]
+[[file:fdl-1.3.txt][file:images/gfdl.png]]
diff --git a/website/EN/codeofconduct.html b/website/EN/codeofconduct.html
index f5bd31f4..1080c5b9 100644
--- a/website/EN/codeofconduct.html
+++ b/website/EN/codeofconduct.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -229,7 +229,7 @@ This is not a big project and so there is no division of labor or special enforc
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/devguide.html b/website/EN/devguide.html
index 56abc3c8..bcd440ff 100644
--- a/website/EN/devguide.html
+++ b/website/EN/devguide.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -299,7 +299,7 @@ If you need particular dconf commands to alter desktop appearance or beha
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/faq.html b/website/EN/faq.html
index 13098c36..923b752b 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -1048,7 +1048,7 @@ Return to the <a href="index.html">home page</a>
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/fediverse.html b/website/EN/fediverse.html
index 3dc72176..898892f8 100644
--- a/website/EN/fediverse.html
+++ b/website/EN/fediverse.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -226,7 +226,7 @@ It may seem like a good idea and it may seem like you're doing a service to the
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/homeserver.html b/website/EN/homeserver.html
index 79b9064f..c064478c 100644
--- a/website/EN/homeserver.html
+++ b/website/EN/homeserver.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -384,7 +384,7 @@ Of course, this is just one way in which you can install the Freedombone system.
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/index.html b/website/EN/index.html
index f011c376..3734c345 100644
--- a/website/EN/index.html
+++ b/website/EN/index.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
diff --git a/website/EN/installmethods.html b/website/EN/installmethods.html
index d7676a62..e0d80f0d 100644
--- a/website/EN/installmethods.html
+++ b/website/EN/installmethods.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -190,7 +190,7 @@ A list of other supported ARM boards can be found here
-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh.html b/website/EN/mesh.html
index 7eb6f33d..afb30f6d 100644
--- a/website/EN/mesh.html
+++ b/website/EN/mesh.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -195,7 +195,7 @@ Like LibreMesh, this system uses a combinati
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_capabilities.html b/website/EN/mesh_capabilities.html
index abbc2018..3f3fac93 100644
--- a/website/EN/mesh_capabilities.html
+++ b/website/EN/mesh_capabilities.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -197,7 +197,7 @@ This system should be quite scalable. Both qTox and IPFS are based upon distribu
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_custom.html b/website/EN/mesh_custom.html
index c579ecad..d80c3121 100644
--- a/website/EN/mesh_custom.html
+++ b/website/EN/mesh_custom.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -165,7 +165,7 @@ If you need particular dconf commands to alter desktop appearance or beha
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_images.html b/website/EN/mesh_images.html
index ca7ad416..6bdba301 100644
--- a/website/EN/mesh_images.html
+++ b/website/EN/mesh_images.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -382,7 +382,7 @@ The resulting image can be copied to a microSD card, inserted into a Beaglebone
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_philosophic.html b/website/EN/mesh_philosophic.html
index 791e7d56..ec8944e8 100644
--- a/website/EN/mesh_philosophic.html
+++ b/website/EN/mesh_philosophic.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -257,7 +257,7 @@ The network should be built with future development in mind. The platform should
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mesh_usage.html b/website/EN/mesh_usage.html
index 3e5e4ce0..d4bf10fe 100644
--- a/website/EN/mesh_usage.html
+++ b/website/EN/mesh_usage.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -522,7 +522,7 @@ You can also visit other blogs, edit or delete your previous entry and change yo
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/mobile.html b/website/EN/mobile.html
index 953043d9..4eb61faa 100644
--- a/website/EN/mobile.html
+++ b/website/EN/mobile.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -386,7 +386,7 @@ Return to the <a href="index.html">home page</a>
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/support.html b/website/EN/support.html
index ee2a64ab..0a32daf1 100644
--- a/website/EN/support.html
+++ b/website/EN/support.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -272,7 +272,7 @@ Helping to package GNU Social and Hubzilla for Debian would be beneficial.
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 

diff --git a/website/EN/users.html b/website/EN/users.html
index 41423ea4..62f1e7b7 100644
--- a/website/EN/users.html
+++ b/website/EN/users.html
@@ -4,7 +4,7 @@
 
 
 
-
+
 
 
 
@@ -173,7 +173,7 @@ Select Administrator controls then User Management.
 
 
 

-
gfdl.png
+
gfdl.png
 

 

 


From b13d4316271729988df3c0b9545a6ea23c854a82 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 19:48:56 +0100
Subject: [PATCH 077/133] Scuttlebot version

---
 src/freedombone-app-scuttlebot | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 035ad683..6e1ea432 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -35,7 +35,7 @@ SHOW_ICANN_ADDRESS_ON_ABOUT=0
 
 SCUTTLEBOT_DOMAIN_NAME=
 SCUTTLEBOT_CODE=
-SCUTTLEBOT_VERSION='10.4.6'
+SCUTTLEBOT_VERSION='11.2.0'
 SCUTTLEBOT_PORT=8010
 SCUTTLEBOT_ONION_PORT=8623
 GIT_SSB_PORT=7718
@@ -382,9 +382,15 @@ function mesh_install_scuttlebot {
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
-npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}
-npm install --arch=$NPM_ARCH -g git-ssb
-npm install --arch=$NPM_ARCH -g git-remote-ssb
+if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
+    exit 1
+fi
+if ! npm install --arch=$NPM_ARCH -g git-ssb; then
+    exit 2
+fi
+if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
+    exit 3
+fi
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
     chroot "$rootdir" /usr/bin/install_scuttlebot

From 70d768371da240d152c7f786841e31def13f2d3f Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 20:19:03 +0100
Subject: [PATCH 078/133] Setup npm on mesh

---
 src/freedombone-app-scuttlebot | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 6e1ea432..d3ddddbb 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -357,8 +357,27 @@ function scuttlebot_git_setup {
     fi
 }
 
+function mesh_setup_npm {
+    cat < "$rootdir/usr/bin/install_npm_global"
+#!/bin/bash
+if [ ! -d ~/.npm-global ]; then
+    mkdir ~/.npm-global
+fi
+npm config set prefix '~/.npm-global'
+if [[ "$PATH" != *'~/.npm-global/bin'* ]]; then
+    export PATH=~/.npm-global/bin:$PATH
+    echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
+fi
+source ~/.profile
+EOF
+    chroot "$rootdir" /bin/chmod +x /usr/bin/install_npm_global
+    chroot "$rootdir" /usr/bin/install_npm_global
+    rm "$rootdir/usr/bin/install_npm_global"
+}
+
 function mesh_install_dat {
     get_npm_arch
+    mesh_setup_npm
 
     cat < "$rootdir/usr/bin/install_dat"
 #!/bin/bash
@@ -379,6 +398,7 @@ function mesh_install_scuttlebot {
     mesh_install_dat
 
     get_npm_arch
+    mesh_setup_npm
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash

From 96e5e1f85d7b6215125ff7877ac236de7020f21f Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 20:37:43 +0100
Subject: [PATCH 079/133] Setup global npm before installing patchwork on mesh

---
 src/freedombone-image-customise | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise
index 4d70cba3..5582bcc7 100755
--- a/src/freedombone-image-customise
+++ b/src/freedombone-image-customise
@@ -589,6 +589,7 @@ install_patchwork() {
     fi
 
     get_npm_arch
+    mesh_setup_npm
 
     git clone "$PATCHWORK_REPO" "$rootdir/etc/patchwork"
     if [ ! -d "$rootdir/etc/patchwork" ]; then

From 0a8147e8c3c95614d8f7ac5b2c9cba09f21b8af8 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 20:41:03 +0100
Subject: [PATCH 080/133] Remove cacache

---
 src/freedombone-app-scuttlebot | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index d3ddddbb..c0902470 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -402,6 +402,9 @@ function mesh_install_scuttlebot {
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
+if [ -d ~/.npm/_cacache ]; then
+    rm -rf ~/.npm/_cacache
+fi
 if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
     exit 1
 fi

From c4b952a45ec53d6f5b356992ca7c7a743744399b Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 20:59:10 +0100
Subject: [PATCH 081/133] Install socks

---
 src/freedombone-app-scuttlebot | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index c0902470..3659067c 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -405,15 +405,18 @@ function mesh_install_scuttlebot {
 if [ -d ~/.npm/_cacache ]; then
     rm -rf ~/.npm/_cacache
 fi
-if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
+if ! npm install --arch=$NPM_ARCH -g socks@2.1.6; then
     exit 1
 fi
-if ! npm install --arch=$NPM_ARCH -g git-ssb; then
+if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
     exit 2
 fi
-if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
+if ! npm install --arch=$NPM_ARCH -g git-ssb; then
     exit 3
 fi
+if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
+    exit 4
+fi
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
     chroot "$rootdir" /usr/bin/install_scuttlebot

From b3f4ebe2ae6f392858898636e062439c9801829d Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 21:17:37 +0100
Subject: [PATCH 082/133] Tidying

---
 src/freedombone-app-scuttlebot | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 3659067c..4ee36d5c 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -402,12 +402,6 @@ function mesh_install_scuttlebot {
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
-if [ -d ~/.npm/_cacache ]; then
-    rm -rf ~/.npm/_cacache
-fi
-if ! npm install --arch=$NPM_ARCH -g socks@2.1.6; then
-    exit 1
-fi
 if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
     exit 2
 fi

From 1f6546d464a25c4b103827e22049880bb35be779 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 21:27:29 +0100
Subject: [PATCH 083/133] ownership of npm

---
 src/freedombone-app-scuttlebot | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 4ee36d5c..d17d1ebc 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -402,6 +402,8 @@ function mesh_install_scuttlebot {
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
+chown -R $(whoami):$(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}
+chown -R $(whoami):$(whoami) ~/.npm
 if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
     exit 2
 fi

From a67fc56d8cc6eeb7885c6c6f4dbbb5fe2f100ce1 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Thu, 12 Apr 2018 22:51:03 +0100
Subject: [PATCH 084/133] Try permissions option

---
 src/freedombone-app-scuttlebot | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index d17d1ebc..fc08ebaf 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -402,16 +402,14 @@ function mesh_install_scuttlebot {
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
-chown -R $(whoami):$(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}
-chown -R $(whoami):$(whoami) ~/.npm
-if ! npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
-    exit 2
+if ! npm install --unsafe-perm --verbose --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
+    exit 1
 fi
 if ! npm install --arch=$NPM_ARCH -g git-ssb; then
-    exit 3
+    exit 2
 fi
 if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
-    exit 4
+    exit 3
 fi
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot

From 561fd38b7a6c568730fc4d5470dd0afd71bb5c0a Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 11:16:49 +0100
Subject: [PATCH 085/133] exports before scuttlebot install

---
 src/freedombone-app-scuttlebot | 21 +++------------------
 src/freedombone-utils-nodejs   | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index fc08ebaf..8d1f7aa4 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -357,24 +357,6 @@ function scuttlebot_git_setup {
     fi
 }
 
-function mesh_setup_npm {
-    cat < "$rootdir/usr/bin/install_npm_global"
-#!/bin/bash
-if [ ! -d ~/.npm-global ]; then
-    mkdir ~/.npm-global
-fi
-npm config set prefix '~/.npm-global'
-if [[ "$PATH" != *'~/.npm-global/bin'* ]]; then
-    export PATH=~/.npm-global/bin:$PATH
-    echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
-fi
-source ~/.profile
-EOF
-    chroot "$rootdir" /bin/chmod +x /usr/bin/install_npm_global
-    chroot "$rootdir" /usr/bin/install_npm_global
-    rm "$rootdir/usr/bin/install_npm_global"
-}
-
 function mesh_install_dat {
     get_npm_arch
     mesh_setup_npm
@@ -402,6 +384,9 @@ function mesh_install_scuttlebot {
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
+export PATH=~/.npm-global/bin:$PATH
+export NPM_CONFIG_PREFIX=~/.npm-global
+source ~/.profile
 if ! npm install --unsafe-perm --verbose --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
     exit 1
 fi
diff --git a/src/freedombone-utils-nodejs b/src/freedombone-utils-nodejs
index 9d4b5aee..1285f109 100755
--- a/src/freedombone-utils-nodejs
+++ b/src/freedombone-utils-nodejs
@@ -244,6 +244,25 @@ function nodejs_upgrade {
     npm update -g
 }
 
+function mesh_setup_npm {
+    cat < "$rootdir/usr/bin/install_npm_global"
+#!/bin/bash
+if [ ! -d ~/.npm-global ]; then
+    mkdir ~/.npm-global
+fi
+npm config set prefix '~/.npm-global'
+if [[ "$PATH" != *'~/.npm-global/bin'* ]]; then
+    export PATH=~/.npm-global/bin:$PATH
+    echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
+fi
+export NPM_CONFIG_PREFIX=~/.npm-global
+source ~/.profile
+EOF
+    chroot "$rootdir" /bin/chmod +x /usr/bin/install_npm_global
+    chroot "$rootdir" /usr/bin/install_npm_global
+    rm "$rootdir/usr/bin/install_npm_global"
+}
+
 function nodejs_setup_global_modules {
     if [ ! -f /usr/local/bin/node ]; then
         return

From c66933077f342a20dcc2eb0c29e646e09086a9ac Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 11:40:20 +0100
Subject: [PATCH 086/133] Leave out scuttlebot

---
 src/freedombone-image-customise | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise
index 5582bcc7..30e9c41e 100755
--- a/src/freedombone-image-customise
+++ b/src/freedombone-image-customise
@@ -945,7 +945,7 @@ initialise_mesh() {
     #install_librevault
     install_patchwork
     install_web_server
-    mesh_install_scuttlebot
+    #mesh_install_scuttlebot
     #install_ferment
 
     chroot "$rootdir" apt-get clean

From 6aefd00751dbc4a20e29ffc6cffaab6bb948f951 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 12:35:48 +0100
Subject: [PATCH 087/133] Don't install scuttlebot as root

---
 src/freedombone-app-scuttlebot  | 86 ++++++++++++++++++---------------
 src/freedombone-image-customise |  2 +-
 2 files changed, 48 insertions(+), 40 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 8d1f7aa4..69f48045 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -56,7 +56,7 @@ function logging_off_scuttlebot {
 }
 
 function scuttlebot_create_invite {
-    invite_string=$(su -c "sbot invite.create 1" - scuttlebot | sed 's/"//g')
+    invite_string=$(su -c "/etc/scuttlebot/node_modules/.bin/sbot invite.create 1" - scuttlebot | sed 's/"//g')
 
     clear
     echo -e "\\n\\nYour Scuttlebot invite code is:\\n\\n${invite_string}\\n\\n"
@@ -382,37 +382,35 @@ function mesh_install_scuttlebot {
     get_npm_arch
     mesh_setup_npm
 
-    cat < "$rootdir/usr/bin/install_scuttlebot"
-#!/bin/bash
-export PATH=~/.npm-global/bin:$PATH
-export NPM_CONFIG_PREFIX=~/.npm-global
-source ~/.profile
-if ! npm install --unsafe-perm --verbose --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}; then
-    exit 1
-fi
-if ! npm install --arch=$NPM_ARCH -g git-ssb; then
-    exit 2
-fi
-if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
-    exit 3
-fi
-EOF
-    chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
-    chroot "$rootdir" /usr/bin/install_scuttlebot
-    rm "$rootdir/usr/bin/install_scuttlebot"
-
-    if [ ! -f "$rootdir/usr/local/bin/sbot" ]; then
-        echo $'Scuttlebot was not installed'
-        exit 528253
-    fi
-
     if [ ! -d "$rootdir/etc/scuttlebot" ]; then
         mkdir -p "$rootdir/etc/scuttlebot"
     fi
 
-    # an unprivileged user to run as
+    # an unprivileged user to install and run as
     chroot "$rootdir" useradd -d /etc/scuttlebot/ scuttlebot
 
+    cat < "$rootdir/usr/bin/install_scuttlebot"
+#!/bin/bash
+cd /etc/scuttlebot || exit 1
+if ! npm install --arch=$NPM_ARCH scuttlebot@${SCUTTLEBOT_VERSION}; then
+    exit 2
+fi
+if ! npm install --arch=$NPM_ARCH -g git-ssb; then
+    exit 3
+fi
+if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
+    exit 4
+fi
+EOF
+    chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
+    chroot "$rootdir" su -c '/usr/bin/install_scuttlebot' - scuttlebot
+    rm "$rootdir/usr/bin/install_scuttlebot"
+
+    if [ ! -f "$rootdir/etc/scuttlebot/node_modules/.bin/sbot" ]; then
+        echo $'Scuttlebot was not installed'
+        exit 528253
+    fi
+
     # daemon
     { echo '[Unit]';
       echo 'Description=Scuttlebot (messaging system)';
@@ -424,7 +422,7 @@ EOF
       echo 'User=scuttlebot';
       echo 'Group=scuttlebot';
       echo "WorkingDirectory=/etc/scuttlebot";
-      echo 'ExecStart=/usr/local/bin/sbot server';
+      echo 'ExecStart=/etc/scuttlebot/node_modules/.bin/sbot server';
       echo 'Restart=always';
       echo 'Environment="USER=scuttlebot"';
       echo '';
@@ -439,8 +437,27 @@ function install_scuttlebot {
     function_check install_nodejs
     install_nodejs scuttlebot
 
-    npm install -g scuttlebot@${SCUTTLEBOT_VERSION}
-    if [ ! -f /usr/local/bin/sbot ]; then
+    if [ ! -d /etc/scuttlebot ]; then
+        mkdir -p /etc/scuttlebot
+    fi
+
+    # an unprivileged user to install and run as
+    useradd -d /etc/scuttlebot/ scuttlebot
+
+    cat < /usr/bin/install_scuttlebot
+#!/bin/bash
+cd /etc/scuttlebot || exit 1
+if ! npm install scuttlebot@${SCUTTLEBOT_VERSION}; then
+    exit 2
+fi
+exit 0
+EOF
+    chmod +x /usr/bin/install_scuttlebot
+    su -c '/usr/bin/install_scuttlebot' - scuttlebot
+    rm /usr/bin/install_scuttlebot
+
+    if [ ! -f /etc/scuttlebot/node_modules/.bin/sbot ]; then
+        echo $'Scuttlebot was not installed'
         exit 528253
     fi
 
@@ -448,15 +465,6 @@ function install_scuttlebot {
     npm install -g git-ssb
     npm install -g git-remote-ssb
 
-    if [ ! -d /etc/scuttlebot ]; then
-        mkdir -p /etc/scuttlebot
-    fi
-
-    npm install -g dat
-
-    # an unprivileged user to run as
-    useradd -d /etc/scuttlebot/ scuttlebot
-
     # daemon
     { echo '[Unit]';
       echo 'Description=Scuttlebot (messaging system)';
@@ -468,7 +476,7 @@ function install_scuttlebot {
       echo 'User=scuttlebot';
       echo 'Group=scuttlebot';
       echo "WorkingDirectory=/etc/scuttlebot";
-      echo 'ExecStart=/usr/local/bin/sbot server';
+      echo 'ExecStart=/etc/scuttlebot/node_modules/.bin/sbot server';
       echo 'Restart=always';
       echo 'Environment="USER=scuttlebot"';
       echo '';
diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise
index 30e9c41e..5582bcc7 100755
--- a/src/freedombone-image-customise
+++ b/src/freedombone-image-customise
@@ -945,7 +945,7 @@ initialise_mesh() {
     #install_librevault
     install_patchwork
     install_web_server
-    #mesh_install_scuttlebot
+    mesh_install_scuttlebot
     #install_ferment
 
     chroot "$rootdir" apt-get clean

From 93801c7331d9be8eb88daf2d845a57f1e1ceffb3 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 12:36:29 +0100
Subject: [PATCH 088/133] exit

---
 src/freedombone-app-scuttlebot | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 69f48045..549b389c 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -401,6 +401,7 @@ fi
 if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
     exit 4
 fi
+exit 0
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
     chroot "$rootdir" su -c '/usr/bin/install_scuttlebot' - scuttlebot

From 12c690abd503d668b141b6cf00dc104419ddb940 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 13:07:33 +0100
Subject: [PATCH 089/133] Don't try to install global packages as a local user

---
 src/freedombone-app-scuttlebot | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 549b389c..2c338a0b 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -395,12 +395,6 @@ cd /etc/scuttlebot || exit 1
 if ! npm install --arch=$NPM_ARCH scuttlebot@${SCUTTLEBOT_VERSION}; then
     exit 2
 fi
-if ! npm install --arch=$NPM_ARCH -g git-ssb; then
-    exit 3
-fi
-if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
-    exit 4
-fi
 exit 0
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
@@ -412,6 +406,20 @@ EOF
         exit 528253
     fi
 
+    cat < "$rootdir/usr/bin/install_git_ssb"
+#!/bin/bash
+if ! npm install --arch=$NPM_ARCH -g git-ssb; then
+    exit 1
+fi
+if ! npm install --arch=$NPM_ARCH -g git-remote-ssb; then
+    exit 2
+fi
+exit 0
+EOF
+    chroot "$rootdir" /bin/chmod +x /usr/bin/install_git_ssb
+    chroot "$rootdir" /usr/bin/install_git_ssb
+    rm "$rootdir/usr/bin/install_git_ssb"
+
     # daemon
     { echo '[Unit]';
       echo 'Description=Scuttlebot (messaging system)';

From 78d67f601971672a899b59a4af52b599ea15716b Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 13:30:40 +0100
Subject: [PATCH 090/133] Ensure scuttlebot ownership of the directory

---
 src/freedombone-app-scuttlebot | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 2c338a0b..520fd8a2 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -388,6 +388,7 @@ function mesh_install_scuttlebot {
 
     # an unprivileged user to install and run as
     chroot "$rootdir" useradd -d /etc/scuttlebot/ scuttlebot
+    chroot "$rootdir" chown -R scuttlebot:scuttlebot /etc/scuttlebot
 
     cat < "$rootdir/usr/bin/install_scuttlebot"
 #!/bin/bash
@@ -398,7 +399,7 @@ fi
 exit 0
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
-    chroot "$rootdir" su -c '/usr/bin/install_scuttlebot' - scuttlebot
+    chroot "$rootdir" sudo -u scuttlebot /usr/bin/install_scuttlebot
     rm "$rootdir/usr/bin/install_scuttlebot"
 
     if [ ! -f "$rootdir/etc/scuttlebot/node_modules/.bin/sbot" ]; then
@@ -452,6 +453,7 @@ function install_scuttlebot {
 
     # an unprivileged user to install and run as
     useradd -d /etc/scuttlebot/ scuttlebot
+    chown -R scuttlebot:scuttlebot /etc/scuttlebot
 
     cat < /usr/bin/install_scuttlebot
 #!/bin/bash

From d292fdf9e393095fa603d07fd992ce83096c72c9 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 14:14:53 +0100
Subject: [PATCH 091/133] Don't install bmx7

---
 src/freedombone-image-customise | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/freedombone-image-customise b/src/freedombone-image-customise
index 5582bcc7..34494fc9 100755
--- a/src/freedombone-image-customise
+++ b/src/freedombone-image-customise
@@ -935,7 +935,7 @@ initialise_mesh() {
     install_avahi
     install_batman
     install_bmx6
-    install_bmx7
+    #install_bmx7
     install_olsr2
     install_babel
     mesh_shutdown_script

From 0ce090ab8bd885a7f35e4351b0b61780a66036f7 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 14:43:17 +0100
Subject: [PATCH 092/133] exports before installing git-ssb

---
 src/freedombone-app-scuttlebot | 4 ++++
 src/freedombone-utils-nodejs   | 1 +
 2 files changed, 5 insertions(+)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 520fd8a2..e820b842 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -409,6 +409,10 @@ EOF
 
     cat < "$rootdir/usr/bin/install_git_ssb"
 #!/bin/bash
+npm config set prefix '~/.npm-global'
+export PATH=~/.npm-global/bin:$PATH
+export NPM_CONFIG_PREFIX=~/.npm-global
+source ~/.profile
 if ! npm install --arch=$NPM_ARCH -g git-ssb; then
     exit 1
 fi
diff --git a/src/freedombone-utils-nodejs b/src/freedombone-utils-nodejs
index 1285f109..b86e7f57 100755
--- a/src/freedombone-utils-nodejs
+++ b/src/freedombone-utils-nodejs
@@ -256,6 +256,7 @@ if [[ "$PATH" != *'~/.npm-global/bin'* ]]; then
     echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
 fi
 export NPM_CONFIG_PREFIX=~/.npm-global
+echo 'export NPM_CONFIG_PREFIX=~/.npm-global' >> ~/.bashrc
 source ~/.profile
 EOF
     chroot "$rootdir" /bin/chmod +x /usr/bin/install_npm_global

From 3f16b9b3de9d78c7e8676f9c6894cc007bac5706 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 15:24:07 +0100
Subject: [PATCH 093/133] Use new global modules directory for scuttlebot

---
 src/freedombone-app-scuttlebot | 20 ++++++++++----------
 src/freedombone-base-tripwire  |  3 +++
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index e820b842..56fc14dd 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -259,14 +259,14 @@ function git_ssb_script {
 
 function scuttlebot_git_setup {
     if [[ "$1" == "mesh" ]]; then
-        if [ ! -d "$rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight" ]; then
-            mkdir "$rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight"
+        if [ ! -d "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight" ]; then
+            mkdir "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight"
         fi
-        if [ ! -f "$rootdir/usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" ]; then
+        if [ ! -f "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp "$rootdir/usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" "$rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css"
+        cp "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css"
 
         git_ssb_nginx_site=$rootdir/etc/nginx/sites-available/git_ssb
         { echo 'server {';
@@ -284,14 +284,14 @@ function scuttlebot_git_setup {
             exit 7357225
         fi
 
-        if [ ! -d /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then
-            mkdir /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight
+        if [ ! -d /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then
+            mkdir /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight
         fi
-        if [ ! -f /usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then
+        if [ ! -f /root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp /usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css
+        cp /root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css
 
         git_ssb_nginx_site=/etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME}
         function_check nginx_http_redirect
@@ -313,7 +313,7 @@ function scuttlebot_git_setup {
     fi
 
     { echo '';
-      echo '  root /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web;';
+      echo '  root /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web;';
       echo '';
       echo '  location = / {';
       echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
@@ -339,7 +339,7 @@ function scuttlebot_git_setup {
           echo '  add_header X-Content-Type-Options nosniff;';
           echo '  add_header X-Frame-Options SAMEORIGIN;';
           echo '';
-          echo '  root /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web;';
+          echo '  root /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web;';
           echo '';
           echo '  location = / {';
           echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
diff --git a/src/freedombone-base-tripwire b/src/freedombone-base-tripwire
index 67baa7fa..ea059d1a 100755
--- a/src/freedombone-base-tripwire
+++ b/src/freedombone-base-tripwire
@@ -122,6 +122,9 @@ function install_tripwire {
     if ! grep -q '!/usr/local/lib/node_modules' /etc/tripwire/twpol.txt; then
         sed -i '\|/etc\t\t->.*|a\    !/usr/local/lib/node_modules ;' /etc/tripwire/twpol.txt
     fi
+    if ! grep -q '!/root/.npm-global/node_modules' /etc/tripwire/twpol.txt; then
+        sed -i '\|/etc\t\t->.*|a\    !/root/.npm-global/node_modules ;' /etc/tripwire/twpol.txt
+    fi
     # Events here are likely due to USB HRNG activity
     if ! grep -q '!/dev/char' /etc/tripwire/twpol.txt; then
         sed -i '\|/dev\t\t->.*|a\    !/dev/char ;' /etc/tripwire/twpol.txt

From 30eca6b2ad804072ed8fd6150d11348b4995aac1 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 16:26:26 +0100
Subject: [PATCH 094/133] modules paths

---
 src/freedombone-app-scuttlebot | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 56fc14dd..2d694e65 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -259,14 +259,14 @@ function git_ssb_script {
 
 function scuttlebot_git_setup {
     if [[ "$1" == "mesh" ]]; then
-        if [ ! -d "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight" ]; then
-            mkdir "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight"
+        if [ ! -d "$rootdir/root/.npm-global/node_modules/git-ssb-web/highlight" ]; then
+            mkdir "$rootdir/root/.npm-global/node_modules/git-ssb-web/highlight"
         fi
-        if [ ! -f "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" ]; then
+        if [ ! -f "$rootdir/root/.npm-global/highlight.js/styles/foundation.css" ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css"
+        cp "$rootdir/root/.npm-global/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/node_modules/git-ssb-web/highlight/foundation.css"
 
         git_ssb_nginx_site=$rootdir/etc/nginx/sites-available/git_ssb
         { echo 'server {';
@@ -284,14 +284,14 @@ function scuttlebot_git_setup {
             exit 7357225
         fi
 
-        if [ ! -d /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then
-            mkdir /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight
+        if [ ! -d /root/.npm-global/node_modules/git-ssb-web/highlight ]; then
+            mkdir /root/.npm-global/node_modules/git-ssb-web/highlight
         fi
-        if [ ! -f /root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then
+        if [ ! -f /root/.npm-global/node_modules/highlight.js/styles/foundation.css ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp /root/.npm-global/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css
+        cp /root/.npm-global/node_modules/highlight.js/styles/foundation.css /root/.npm-global/node_modules/git-ssb-web/highlight/foundation.css
 
         git_ssb_nginx_site=/etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME}
         function_check nginx_http_redirect
@@ -313,7 +313,7 @@ function scuttlebot_git_setup {
     fi
 
     { echo '';
-      echo '  root /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web;';
+      echo '  root /root/.npm-global/node_modules/git-ssb-web;';
       echo '';
       echo '  location = / {';
       echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
@@ -339,7 +339,7 @@ function scuttlebot_git_setup {
           echo '  add_header X-Content-Type-Options nosniff;';
           echo '  add_header X-Frame-Options SAMEORIGIN;';
           echo '';
-          echo '  root /root/.npm-global/node_modules/git-ssb/node_modules/git-ssb-web;';
+          echo '  root /root/.npm-global/node_modules/git-ssb-web;';
           echo '';
           echo '  location = / {';
           echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";

From 3c342619d50d3f576feae9769794f231d2538dd5 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 17:38:40 +0100
Subject: [PATCH 095/133] lib directory

---
 src/freedombone-app-scuttlebot | 18 +++++++++---------
 src/freedombone-base-tripwire  |  4 ++--
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 2d694e65..a1133766 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -259,14 +259,14 @@ function git_ssb_script {
 
 function scuttlebot_git_setup {
     if [[ "$1" == "mesh" ]]; then
-        if [ ! -d "$rootdir/root/.npm-global/node_modules/git-ssb-web/highlight" ]; then
-            mkdir "$rootdir/root/.npm-global/node_modules/git-ssb-web/highlight"
+        if [ ! -d "$rootdir/root/.npm-global/lib/node_modules/git-ssb-web/highlight" ]; then
+            mkdir "$rootdir/root/.npm-global/lib/node_modules/git-ssb-web/highlight"
         fi
         if [ ! -f "$rootdir/root/.npm-global/highlight.js/styles/foundation.css" ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp "$rootdir/root/.npm-global/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/node_modules/git-ssb-web/highlight/foundation.css"
+        cp "$rootdir/root/.npm-global/lib/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/lib/node_modules/git-ssb-web/highlight/foundation.css"
 
         git_ssb_nginx_site=$rootdir/etc/nginx/sites-available/git_ssb
         { echo 'server {';
@@ -284,14 +284,14 @@ function scuttlebot_git_setup {
             exit 7357225
         fi
 
-        if [ ! -d /root/.npm-global/node_modules/git-ssb-web/highlight ]; then
-            mkdir /root/.npm-global/node_modules/git-ssb-web/highlight
+        if [ ! -d /root/.npm-global/lib/node_modules/git-ssb-web/highlight ]; then
+            mkdir /root/.npm-global/lib/node_modules/git-ssb-web/highlight
         fi
-        if [ ! -f /root/.npm-global/node_modules/highlight.js/styles/foundation.css ]; then
+        if [ ! -f /root/.npm-global/lib/node_modules/highlight.js/styles/foundation.css ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp /root/.npm-global/node_modules/highlight.js/styles/foundation.css /root/.npm-global/node_modules/git-ssb-web/highlight/foundation.css
+        cp /root/.npm-global/lib/node_modules/highlight.js/styles/foundation.css /root/.npm-global/lib/node_modules/git-ssb-web/highlight/foundation.css
 
         git_ssb_nginx_site=/etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME}
         function_check nginx_http_redirect
@@ -313,7 +313,7 @@ function scuttlebot_git_setup {
     fi
 
     { echo '';
-      echo '  root /root/.npm-global/node_modules/git-ssb-web;';
+      echo '  root /root/.npm-global/lib/node_modules/git-ssb-web;';
       echo '';
       echo '  location = / {';
       echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
@@ -339,7 +339,7 @@ function scuttlebot_git_setup {
           echo '  add_header X-Content-Type-Options nosniff;';
           echo '  add_header X-Frame-Options SAMEORIGIN;';
           echo '';
-          echo '  root /root/.npm-global/node_modules/git-ssb-web;';
+          echo '  root /root/.npm-global/lib/node_modules/git-ssb-web;';
           echo '';
           echo '  location = / {';
           echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
diff --git a/src/freedombone-base-tripwire b/src/freedombone-base-tripwire
index ea059d1a..9c1cc444 100755
--- a/src/freedombone-base-tripwire
+++ b/src/freedombone-base-tripwire
@@ -122,8 +122,8 @@ function install_tripwire {
     if ! grep -q '!/usr/local/lib/node_modules' /etc/tripwire/twpol.txt; then
         sed -i '\|/etc\t\t->.*|a\    !/usr/local/lib/node_modules ;' /etc/tripwire/twpol.txt
     fi
-    if ! grep -q '!/root/.npm-global/node_modules' /etc/tripwire/twpol.txt; then
-        sed -i '\|/etc\t\t->.*|a\    !/root/.npm-global/node_modules ;' /etc/tripwire/twpol.txt
+    if ! grep -q '!/root/.npm-global/lib/node_modules' /etc/tripwire/twpol.txt; then
+        sed -i '\|/etc\t\t->.*|a\    !/root/.npm-global/lib/node_modules ;' /etc/tripwire/twpol.txt
     fi
     # Events here are likely due to USB HRNG activity
     if ! grep -q '!/dev/char' /etc/tripwire/twpol.txt; then

From b5e3659ead34b37d941f97958a69a88a08bd671d Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 18:10:21 +0100
Subject: [PATCH 096/133] Comment out for now

---
 src/freedombone-app-scuttlebot | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index a1133766..13563747 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -443,8 +443,8 @@ EOF
       echo '[Install]';
       echo 'WantedBy=multi-user.target'; } > "$rootdir/etc/systemd/system/scuttlebot.service"
 
-    scuttlebot_git_setup mesh
-    git_ssb_script mesh
+    #scuttlebot_git_setup mesh
+    #git_ssb_script mesh
 }
 
 function install_scuttlebot {

From 306766000b9cd70671d832648525d86a8b9bd756 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Fri, 13 Apr 2018 20:36:55 +0100
Subject: [PATCH 097/133] Update mesh initial login image

---
 img/mesh_initial_login.jpg | Bin 117016 -> 27130 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/img/mesh_initial_login.jpg b/img/mesh_initial_login.jpg
index 8ecfaace7dd1adfb6d3c5a768353dc550f25f6f5..c414a4a07447afde30bb3acc97ee1c6103398be4 100644
GIT binary patch
literal 27130
zcmd3O2Urtbx9%ha2tD+s5HKLUcR@lELI(w@N>f2W6dQs|C4}ZUHGF0X{wfbsNDLhYG_0Y=wwJ!z
zLyU>@ANP-jI?29&0sUtcVoN1+2R&BJqc8c!A-cgpp@G9UQ!I{Dwsqzc_9hX8?^Y52
zGu7YiM)93`rZ@JrR{6Aybe-I%Tq>IM9J#5*`&$Nrkcp5jI736yf7--pQkVi2n5SrV
zeS|TF9CqW>?9Mm6z17H(DvBPItqe#aP*Op5LS*1xA2&;42g9Il0P&Z
zJ@r-Z?C}a-4~VUMO1BfBKoC8=`%`{J7!C8Ou!m4GWY8zYg}gfW^)to(zG%kVo$fyJ
zC}?-kiuW!K2DlgA{;^nqFi$W4ZRnLXw6lS&7
zPsjoMe^jTPfl&kF20=1-@n|fPz5*~!Buk5$OuTi%ESEd-0pcPVo}Zq6I5c_qpPl#(
zM}#YQ$krI0YlfmvfgmS@+0FVH;)yqS5I4QL2fC+EMvxmYGVF4_;6L{r@v_a@(@0tefscX$tJK0C^TR=-}Nkc?R98~Og
zeqr?84L$s(T{y#kQ((=MLaF$YA;UykBNpBhX&V+@ibqirnOQ^&)hF&|JZh%7N(Oy@
z5m)jh3yOhk_?yeWEJyH~Azv~UYpP4UN>G<)kQ=F22L=#kuxWUsl}?1YAu@#w*YRMZ
zr8^c>u#k)auNhy9Rkue$|JS?6rJN>9z?jlf;Euq+nIpaai5m38JHBaTpBmfAj`VOTFb18Zxi6Ur
zlxW5`2>@^S$ii_osxB$12S_d?;$QlZ5}u7tLIZ-DH6ZP5hyhUniIIdD@X}-e@W%rH
zV7t3dq4JhTXXZ3BsayAF$0m7r5R}+>Vh~`q7P~-(wmc(3Cp2s!2FnW`f(#v?7s76)
z0v^N^nF7wqoAIZOK@2;Q4hO6YNYh+^n$>L42vQ~l!U+cf-atH2fC>VrO$+Y>vhYO;
zZxDiYE5aZdRDKsgg8ks--+upAR)e78=}EWe*=OZwoZ;j_P&GX`gZ!iz9EHpw@$o)9
z6l28;(aEy$LJ>i`4Omz+5l}3f0gwa%gn@_o7eeIg{>hao7M%d
zsQ1QL397LPs`z)l+-yUNs=keb^8sjsJ%HkY5H@{JTiy*2;oKpE4dTcj8`?~G2oX1V
z@W4~wXoAemyVul0;9g*flmk$HIfDh~FbXq!CHqOBze$5EYVxq$geLuuJEMuvFTYLG
z;)o=2>^q`E@w)$5W-jaT?wG30>j}UBS5DrO#?veLVv5X}nSBbtApTXvzUnOze~kn!
zAP78&0h=+IHotnvT}deL|4F8~O&^GK5bEtK$J!WCv<
z6ll`YfDA!96JqyW{3HKYE%xb|_uvFiO9U(kBEkUA*rc)b>a)9Qf29K5)V))~%TFAKfqk(8uXihz`gU5Hlp(jqof`^M0;nJ+020O)
z0v|VD&*|jc%xasTp^*Z_5cr+3vHKE8JVZ=ORV3X(GkYFnqKIn0Kc)}u+ab-on_f!A
zA0sGT0pP@Wh`+&zv}|R(tC?F7c9aaKDm>UcbW_2n`klz23Kztq*PRucRgnH=>R;WL
zBH(7Q;o*cw`+`AEdVO|_|1SW*=R5~{jZV$LZ>>Mag(ow!6A!+?p1>O*03u9e=Gf)$
zlA(RrkVsPWpX}2A)-tH-_Q&ZsdPXVnlAQ>2_u}^=1!3FjJWq^Q$;K4Qf*4whrJmZ`*Sl>6l2R_d0>Q+6%S?i)?4e8JE-fb67I3L&~ag{Qk@
zpL)O`ur^sN?7}~#7`<8$&SmQ*0q?usan@a0b<_Q#nzRcRON#>r1cP1*64I-yUT}U!
z1RruBgpibB#Nrm6Md0F}qGAi7R9Ya2{Yv6;<0}4dRM3zbn0`u~&ffmT13++3X`TMZ
zfNUb6&%F)9ZpI(P19(CNS$R}Pc%SseP20c|l;ZS>H>2nSC->0Fs1YHCJ$?{8k3n6R
zu@EAAu&p_evEo518|afsZj_!4}7@<{A6&GXYZ2
zmZ7APenjf%85snB#K16w+PBO6q?*sf?h*tu76M=(C27>aL=2A#Efxqv9wd(~nD{$`
z5WU4J*;ZKSnB8lrYko&2UQ6mD5fMGHJ2&|n!*{{l!ri9mpFmDslV~Tfa?TF3@KdP
z#lc=61X7y`WezOnSL1|fhy&=0!#plFm75%!4)ZAM9o
z9{O%EtSwkBPlRW9+h`~{7YKrgK`5;|*2Ttj&mQO$S+l%W3vv^QqRafMcFG(NIsp=G
zur@y`03Z(!6!Kw~uJe!%ZOlQe_W&_6*dX>JPl|nt_~WMxCifc}MSj<~aB+0zBp%LL
zga_KzFb<{zMjo7FAu^dZRxpT|FaFov0>snV9&}1)JN?$=XN^(s^6&e+%dheU6al&u
zk_Th*%NrB~t|oKDi+vdnv>o#c?hQ;_uK}(wL$v6?7X%ExB|XDBmMgJ9k12ZG|05AJ
z0^{^V2vY&W&{%+(nl{)#8VnX_f^~VK!45*%<^*#GG5Dnlh|xwx
z%8*Epr&)w&Gf)=Fz4H*AXGOrRBCz<&DoqcZ!U$>*^u2rbY3I8a=N17(loU!H4UaF)
zJj9IN&6s^&Iu9vwU{R6?T%}n=co;_V{UQ$Hf%kn2fcbN1xF2#1qSIOn86A9
z*I5h^B7ZyNtnHiybfZ!7;BRdpN&ck_v1YhSf^(p@sc!-yP2j*2;T@(I;t@{6k%0;(
zFV_rc(J~tPQ)psDQ~46Bc(1#WN}u
z;yhkEb#_2uX*a0&{{n@h^U2r8MiHL}2NC&L9-=52@m0lRQ)g}PJDjxtsvwrCf+2m!
zH$)*7Kmt7dkptHv9STA*f@eeEaStdU59v6$xOp&Q%C;!1xRNT~LuDJz;8-GfB7_D~
z2zum+vb_yzBXkja>Gz#c-zRH(hi7kfY4kA%UL3tcsDt6Xu%q=6H@6I}iI4I&XGIU8
z+~_QbW5IVWip!T1Zq#%gr-0gifm)pFRacUHC*OENkV&2RNYYU=(DdKk
z5YPcYgXHV@MiP#i)QVG+0y-$;|53yLFc09I2<7^J=wRqR(T5t2e!Ff^_pclm?ohr*
zKWgH^nK<1Tc%V#S`$O|M?0Q+m3kFh!x_WeiSD@cz#gim2zPohnr`OAJ9zPhX)7z=R
z5FD8Oc4#JlX-PEjVW#=ilfY{(LL;nePN9(<-;!p2tX%%0!1gNdL_*KZdwGA$s{^k1
ziJe49%EHeN1@u3NlT?M9PH=zeTtB?4im|T!@egIwq<2n!$q$Fx
zA<4B4HL*T{sv3e=(p!qp8BIZh8`s^srR4a$)RptPT?KP@QZ0*hGi#r
z_I@3zZtLyIHe|%U3-_JgJXeFT0#q
z(YhA)+$%JOiEneMzlBPmEpaU}L#ZA~f0iR%HRDdWKa0!4Z7#XL7WuP$f2q;{_U*y`
zrGBKV!tD2QNd+TF1^!f3cJjbL^LPIrIjgQAJ$C&X0Dr&M>CvFIh
z$(l8kn6WgbW3L{bsyvuf_UNkW_xz>xtmvnY_&D9RRGw&+@+xhsxQH&9+$Hi+%UiuRbE&PxI
zuOh;2z}*C#2baz5z34W03?Es3_@3jJA3fHu_umzL6t%}tN0v=_L3w~WbvNSx;YvY;
zw)cn2;M%VA-lY>m8NB-ZYL>HcpYKX>@!0#NmE7rJFSf@d+|tAR6Bh1(a2NY275Z&)
znnm~TGz@ad#XqarccIjnnALTnBnW9tymdMKYiP-Z(!jhEWxK4;geWei_xbSqjQc=u
zGUu&kKJCrS;8b&F?lc~9tFrT95r5D>Ib1$@ylFf3v(+qCOeDK7e_bW?i)!1I@Wc9-
zZDkFyyuJoxSrdO>>nk^(*15Q>ibWzv?1KC{`7>~ka|zFL)V9(
zI=4G}kLm5OpzlGHhZ?zVA?^mWzH2O&aySc>Gk92zeDE6$IbF2nxY}zDDvg&P8;()0>_mZl^%`XK&*Z*Sb8QZs)`$^wE<@a+QLZ|6Z-kor-aYg?
zs8S9tAEsoVd+2|dDlRB?rCJ2jnXGY0jkDZCtcc6R6$?A$@-5Sa`?riA8`Y;{WiUCX
zESK0(cvbkpg{Bmp<9gg7VMyt%<|fDuNP6Ikz=MdXtmg^$!`S&LuSABFKP#R&ehk>u
zsb?vjv|W5}(Vr{CE>`sHyf#_nn`o-X=6=FFjZmeQI62`{uyRDV^+p
zyE3G?aN&f`lIruE8(H5Eb&tjWqmOdWwEoHOFKZ2{A6Cz->5EcV8_#Vy-m`XN|CawE
zI2r4Q+|PWHTs|m&#N|c(kJ_sXZ-*w=LaC3J182XkH_SEecr#JlJ(HtYdam*2!q3g>
znU%Nq7H>Ps@?M0uc4;SCz1=Hi^9Z+jRhrZKyegdvY3HeMn^XBh<&gUZbo=E}$a_7_
zFWose>W??Bd|nHhEY`OUQw|3ifa8Sk&5;OtaG>3zgS&JtPB9M*Qb`$PfPpQ3^X420
zkN=yM8P}2hxjWByh;b26Tm&4+T!Jeetj2kEQYmo#f22aPlOh3I1YD#YIuebASH0qy
z)||5i_Fra}=Nt7J=E^7ARW0{@e(WFK5^B>uclAve=U1v2CeB##1nb=GK4tymm5qY+
z>xbT~eSNDmzCT1WCeyEI!LKOm^|6PnUt$Cfy}2J4dXUw9c4gtg+wF><{gfWEzGqc>
zxbyqlB0rvsCgMqE1@_Yae#K(-DSzn5%Inqm`dyWoe$RxLJAb_W+_gGgpD^Ip@R?Qh
zYyRrzrXNOPi5)&F&a5$@(&?ij_^VPytB^n!s8~qAGH}bUO4_ED=(6QQ*462THBr&)
z8J$Iyt2gpjyjI6wbzZV*Pz&n0va~YGf9|={gE!%`lBw^LbGBUnt874`Hcnxhtv`lD
zz6*Fp&T>q>1u3Bg{%%9kBN$L9dL-lKUwjB_|#g>be~s?gWl=poMo(RU_`B%aQtaF*9r%S#1cJ1R_qTE@UTGzN
zJtpR6>q78(^R869%&~rFvHLUR`Si<7-Awz=m(Q9TX6Wu0)Qei${WzMSsE2c7``nsv
z`kdAD-i2JPv?D#P1^d}{w?uZN*Wm~!2733$RfxBzNY8s}re{wMoRq8-w>^25JM*+=
zkwpl9QjpqEu7k~*OucJ1cV3VGWCp1to8#<_{lyj@oR_s_2KHN+kzVGID~)^0W6Q6{)~4)vXQbGr$7Ffq+aZXKQ!)HqBKrZ@-sx_Fm|@)K`YyTToM$x!R|M$J3Znw^tQ(dPLq3C|1dst*jJl
zJc!d6>|Fhr#xcI~(aQ{{%dpsS#{2ai=`Ts=+up=WCOGJ`@g2FpepICO%KeOiXGNz}
zZ)RK09NMk(pPkrk*Rk1t@x-TpA@Von+3Au(ul?~4BP6YvCdNLRyxed9W3k#{{oNo=
z;&7>*-MJCHXuB
z&4rEcf(fl6`20C1zj(`1&`e-yprf&}xOwo`W8W7K?lE}G<%&r-+~+%YkEE%LRIKxrFuh4G26Ls|8vQe`pP7dCqA{Kw&`ZP$}tM?03iR`K5?)V4}029#=OsD8s~a!NhjO&#}Nz4bOtkMhLkPW?c3qghz-
z<|9-jf(}WKLV~-q%}1!5keITkT@nUs(D%jmctkGVL#cAUW$dpgX&t_LG2C{7QGjSrCp>aC&Yayru+KvaqtlQAVr*d=%x7FtyKU&Tj(YnGQniQ9ac-t`PnaF_qhK2L-Rb;^&dLEn#TJ
z99K6Dk;E|K^86tj^)vJbdtThWa#;Hk?^4&C(CkCKyQaa1A6Gm!sQ8v`-YTY^YltkM
z!y0xgY?X<2vKN=tD8%D2tP4gpIa)!j`WSxo0-RQQ;ow<+aA}ZGN
zE=nB@Pf%8}$T{nhAo591?pe;>IUkOSi&A)`XVVuHzSnhvBSN#{vAC1DtO1)9oA06T
z&1R6QZvDdiwQWtSL}CC}YN+$R$8)LJO6ik#HHhde@}j?%P~V+US$VNT3yfzAtqzas
zu$|+@8WB(J-CjI*D{|cdjUR|yJo8f8V|DE;9z>#-T{#Pyi6#5(0^#A~UhdmB*2N67HufYm*Aqh{AdE_7UipeLu-
za&(hVGEcKq;y2}vaQs$JK9_+jdzp)_^c4rwf3r=7SfH%zTysl^dths!w3yghp*k{p
z=43TQFgN5_HHq^X)AmnT2*)T*!UFH1FHuY`#<6A8(u99CRU~7I75O
zWeRzRRr`%|fuq=JCSJwr%P
z0v$Jvh?i1aZfi6s-MR%jM*qY@iLoP~*)=g5;nt>QII3=V7O^;rwZgYcKuETf2g{!^
z&?iG=ZtIfQWm&$%nUw6MK@#eL5p|%
zX6r6(5YPt0X95`F-b1}|6L;b5c?)eJmap85)-UtXPB#s_<<*N>CB%qb~I;A
zxOHb7yVEdX{Z%!MYWZqM%izu<0foDh>zOC00eajSJ6gKSYIS@*BWK^hO6+$)^>fAv
zg+ou4e9T2sYCcvG`1e4jo?P=X@{->|4VhJ}YE+K2G_0UM>xAWauLRedlLS*xmB=n%k%%zkk
zP)IHp_lf0j6Q${;Q-k6OYS9DyLcJESk5t-snruBR+8QI7gS0w
z8x>`Hpasw>6-z_|i*tIyZ9WLBw8qWzUWP0QlC@Xf398F~W;+RmFs{~)ukoC=f~IAo
ztwc|_ALB{)EwC@D$};iW^9I8UE#?U5XAnxWeVxR!ciYJjQ>&-Dxh$&jN6=0PRwgsv
z+oeg}B?502t4z^Hb7v8r31O#tY;gFk^iA8R3P%;5S|{e+l=$*hhaR~ofmcVM%DgYq
zM{4YLb*)K9NUL2ioK-_eRi{K|Zb0Qcc+Os94U7S*AlgKr+~%75$;f={2GpTATx@mD
z!f=m{TGR`tqV--@A>|RNgZ?j0GYb{9x@_BkJkeZJ4`ayS)xT$TKTZ2W%6iOs?@t(!
z-6wA1IjztdMk?=&n-r(=Wr*7B8kraA?;P;7lA!nS$=z$uD@JdCy4r>sNHoGQkhxko
zj`Q*y*vY$pfnjco%uy@d5}d;2Ua?E9MeOA@7*>l2j|eG+l$t4=Vn**_jH%LXWUi`I
z++hA3n`yM4lyooy!p=+z&3pvf@-R}?s@=-uyb{ruDYu`wPdV^jT9iTltAXzE`}&;j
zNYXS98I26&nn9xpw{4z=f-k`{_B<*f&^h6mut=ltDP@l3avmM{_Mz`_mHU-cC`Fzo
zy+*-M#9?XX%=d&KF?A#)yME7YG0*n-is7~bvL#-m3q9)ZYxC_J$gXBIblWMlh2U#>
z_;U0YCS=)bCd>tT69^;w8Ohv1m&aarNiV)o=e*~4fqKZqau>Ri?fT@MP`A3VE?
zYQfladClI}seBhBC48s;$64}^q7?c
zSAcU&NynIog%138eBNegPFO7`hy5Fs^J&8Fr(^dHm04zem0ay?QVD$W?^IeP8_ZVH
z^%SjI%B$H+_)Z$PG%I%hWctoMb9H5A|I76cJ?5+^v(qnb%C>VcleYTScO%fm1929f
zI{Mu|(ddLkWB$V{MS9Cu!@S>K`!VtVqOv4AZZlFhZDl?NH5$J>m3}JSbDe9fw!JEv
z)Ol#3@xtKIu%tzixcG_$dwH`O@d0ok*d0elCWWePK-+T0Ppn=EPwH9FUN_~;L(CXO
z_m~R?p{|p+=*HIHcIutN?ulIvBrh70AXQHR!66Q3yhw4s!?wJoE1H5XGN$?u)@^1U
zZ{gg-^02@p9$UV4MLY0r>trF?n=JtyRkMo#Yc2XJRZwFjoopdSKZ0GMbxu5+mfMMww%iej-^V
ziI!FeW4BtLW^7I-Z9pvNqGC~uPs}i}S8jVd85_DWgzpxMv+KO6rp1ML5+t>-e=IPm
zr&=Ds(-H
z?(9Wqs~(}$(>#h1&p@xv)Ea@6oIx8(_5O5{Lq0QcL?%S$&NsEbMcN)qbDIr9GC|zF
zIpNMh9Su{-wpoG(tgaTZ2K&8K<<8^y4HqI2BW4m>$(5W!$lzBRjwW8X+1s5*JjiQc%*;M2g*bJ}%*3%7rRT?<#?Z0uojD_B3w1?r;=oUP67@}`FPT$-3Y}dyD-@R5aGP)3qWE0tNy)yDT|d?8O^Un=AcBi~xvb00^W6Eh4oW-Uaih3m4){3)
zl&ZUH78Z#qGsRgNs*vm3hP?umHLhh@S`|q?=k|-Q{&80)OspF4XYbB!VRTEf0iYg1_rYl%${!QYEQ=K$AiZ
zsNVbrh_=_D22emHE1-bkMY8`et&J|Ut~fwA;C>JR^!{BKU`Yb`egcl_Cqb#E9*hF=
zME#nzJI$2-n?6}IC>R2^0viS^4FQ<8YS4Iv01d*fhEyVp-}Yf%3KbU6NCxa_Ycik*
z%L6_d!$yIA6o1gKS3Ou;Mj@G@Hvu;#f9-$C11(A~OQ=0Sp4On70?2(f4K}hmF3IUpwYo38ITYN+oFNMeEMl_X8CD6hYe}K2v(F~U;-aV
zs5-o>xmGV;1E>Qg!(b1PfxMq2K!Ax^!Cf>oO24a1K;|XkqbtcULk-XiRHy+k4S@Fi
zSDgj|8m%a4FS0ZuDA%^bEwEEozl4DoBp~2NJGG+p!@U5iu(s$`g5ORPnl7yo&JcL@
z1Nfi<LkF>3cv!YfPmz%QAmKF`?>5(
zprs#l`N4pl5|rV9>gRq%uABINVC-;!C+JFilet-e0}F#lcFI$zJ`ByiWDv<$Of){Q
zX<(uNxTBeiqk7RKX-vSl51Zkb{JA=Ps*S9w2*4a1UO1Rpz=|K+JF6O*_+Krc%as6L
z1J=OB+qan^cM~WU1ON-ufT_adeW-yufoqw-7D1yM{GJVBa`k``C5T+av}QI6fQ3D!
zISZ42O1buIQx}&dQ2-%rQDW7d@+z*r8n~z;1cK59$GjjJjwejsHRP1q8GwKTE+;~0
zv4EmswPaTck5yS(gnSIhhgO0l@D#)!#3#$II+nTxf}Sv+_Nm!}z(*qc&8=MU!wkf*Jn-oyoi
zQ(Pb>v7;}Yp)^3?_e$dQf?VYRRKaH0L2gjJqkxHw00@t
zLWg0S^Pn*#4G
z1IbP^rfsJaAv%%)m}jwEXzU*aggGR90HzHBNCj7o6{X6unn+SLgOH{W(hQTRCPwo3
zBMvoVAZM61ST&vpz*^l9lQ4)n?$Y0+epeCwQP3uNKnVo@+(JM#gvi1}B&%ykCY}h6
zQKW%tB&ux{rHLev1?bcYu^@B-)gVuj{UoW=2Rrd*&IJ&-Us8g&z~>4RmWYQSGhCtp
zj)=yhOt5BjaJB#%k|6A=mer`}ObA8tCms4do-fya5A0znZeM%I6`n~n`UwS8!k7hQ
zW<`bwDg<2HZ^D0$0=B5kJs3V(TR{?3HK=d^7
zFdvPJ%>W!pKoSD({sH|{^MRNoAUb(m7Muwn>?x>%mk=%ymqwNRBLr$h2)x3MKy*S#
zKYL^+9QNvDKO6;Sjx?809T$l39wNmaWJ^F1$qGD|8isHYILa$Y
zkhp&ek|_%OGz`U_LV_fduxudVabQAwJAgV4%yXT%bdSGD|E}r~2oRkwgdC>L$yth?uK;tBt3S!&yz6<%VJk4RP!{GW
z$pMrFf<)0Pe-a>{i9@82z{nCP8B3XfIRG!9ysCbgm0%iBs}L~LH1l}_nz850$MsWj
zQHcng6v7AOfkv_)#6pJ5xLo}+T|Z_8Y(VlAf>{9_)B%lg_yz*qO6Bj|4(4PWWF-!P
zE3n^6rI#@jk4loD5F{EqYhj@&YGMp^QM3H06LsP021F>UvXZX?K5*k94KAzd%m6X-
zHi*Dw0h@qtPBx$b%1h-9@JG?x<;(R7a0B(o(PRsMl0Ae=g5(Rb{3M4B>G7yU;6-7h
z70n2R8ovHP^nrfU#g!;cSmpaLwSYv$6%d)k&@6r$!K(82}@@V@!1oqv+!JI5D5p|qZwJF{JL$L>(;$er=Pw~1@Qo6
z%kEpvRT<);{sQ`ftN=B7{c4*kivSXECVYLZlNCWPj>Z5Ohl+j
zu}Dh}`=Tv@nY33p3hc`q&7VeU;Exr)EArYD*an3PwqYue0g(tpt?yAMq!V5R$ocVz^;U7WPuSe3gZN)-O}A*m(-Ij550cZ5j_;rylXiq~bs#
zAVFqUBh<2kLHN^OY5p=)yADqrwTxjgAd0X*-(jC#yaI_rfP{D=Dv}THGTR2{O+Z%o
zci1ObgcjiqsM{Zo3e6#KoU6G{2q1Aml4OJ@Za{&Ek976vUzP+NO`BW5cG#)SC42?;
zb91DcRs#K#0Y{?MMZmGd3Vi29=~TRH16*l>iX`we?pLn|kZdX>gRcYc;imIg$$=M?`o^-XwDwr-8u$kW>H(
zyaRy%IaK8e6NFD;Fxbz4K#(0NM8ZX=i=cwX#e+effP)2_gGUEQR1t6_f;@0{O_Syv
zEvu*?Riz>BJz&z*0M{&h`inlCx!=2eK>Qa7Gyp3=0z?^rf_Rhc@siO9KgkYob3*Yu
zmke5IT>M~DKFM?U3F_dp9k@shr*Qxl=K#Y3q7@oBY?%lyDiD6q6VS90z78z?BxqQY
z2oePar2XKh1i+_F7SsZmo-p{Y71x<4LwiJr#2aD3rfdZ$^
zA0hpoBLAbKNGAbBBH$RPKsA6u{*Ofd-o|A~V#1N&clG4JyL#YG4@Hmq^R6DJm}gQS
zM%mT_i#M>FSBl83Ja+u|x4}S4AM<{8N1f#A*(H~H&JD=2J&F(Y@S~e=1wZ3erpJ@x
z-->&Bj_Mk3x3-~c3u_8rG%a{nF$Ufq_!sMeH0NLIFR|aJY0m#b>#wf;gaAkUz==jF
z|9e5lCc>>B)W~TW%V~2=KYhYEB^TQA^=C}d(>EN`3O*OK&j3T=P7SZLYSVwJJ1jpj
zNmzeWw`OAPwgL6=-rZlVaOm0jm18+irR}#d5(hpPj1k{`uD-cfJU^>(J|+K5!v23QR2z
zrnQWpU|xR?-}NZ-cygpen~&NML;j`o2JZOD4QN+cZT2?C^bbKJ0d6}(k^_G%i;FJe
zz6o2YS!pQthf&r~nO$wlQPjvD#Q%K|h3?x=800S3bayH8H${xzoYm6RSuIx7syk~E
zp%ndSemR#ACDnL-_4zcR<-sJs!tI|rNh3}DvESSB*4EFrTfaTE9xqwB9KWThQX=Tq
z+IG#kFXy_S+%eo++L(Rp#(|)*uaobumg#Me?LQtox=*Cq2@|{?uE+FU=fhwQ!R=y9
z#lvR`ZhDVn>05I2Ra-vlGB&+$`TX_yg>hY77M_qELXK$V0%#Uq)`^FFbpLD&`W+;E__}>8ZkLK0eb3PY|r9Zu6`fg|O
zis;;8%^ux=ZQv>8{;WzzwzGvDy9OHKdQ2+?r@n8~6KOk?|MJpeDCdomr+cA4JoOZvFz6RIb;c@lrct8rvM!Bm&S
zTwkN^Q(<#{E
z)};A@bJC*Brf|jiHev1LV5FYzyARZ9&5m|~q~*H#LDQI0!cSfY!cLh|U57o%i!!B=
z=hW@ql@=GOiJ$wCU-Y)|y>-p=^aujT&F_K(&s
z4QDxn+RT2Iee~(FF}(bC%_m9>ZHS2y)7p*_LyLhY-2Vdw{Ktnl9C)e@ilMkTXRw$q
z%g8mO7dH}vuX3GRIUXfOPvuzB{5`)T5DfHm^oU=R2ZB>f8Dn4z-nzvq;dAGYC$$`l
zsOFuGKGk`or6(voWcHWQGNwL^<@k`@cE-M`g!h_~RW%(r5$UU4oVKgLdAl
z?GCdswZhyZHZ6W)V0`_Y-ajyZg>%-@QAbzT;)eO!rN2M}2{Dr>}DR;_9V@?_UMoCYtELSDshJKQGM=
zkOJ1LYk6gpQj>NJSvjzN<@Q4ryK8c~B>K(X`?zgFg5PxmQu2*u=U!dm^mxZK@S@!c
zXZhGgEd!Ojx-xT^>q@d1@-oxfDc`8_JHuk)uMQn@*Ao^haUQa=FS_NCG8=kLGPA@=
zPeUUu|G1;%jkf1q!WLyhWjpteX5bzudX0bn__l3N`K0(Hb(pP8Te+dcGIROfy~M>v
za1){bcDBsyN`2PLw*1Gpe2;%|$t#s9ks+6oOF^aJ>8kXUQ?$$VH)XTa!Z+Bc+WvEu
z!Z%+!?@K*)8*}vi3%&E(_SEG$#h#cP*?{z}eo8*wes^-@ja-OBYi1t7Z&sw<`B+H&
z+xf6&qk_-+Z!6~1we_1{>7HxlcKa^;GijZXO`_@j^4o!i;Ht6bngb2H?l9)$XjjcG
zf1SH)mH77bZJ%ow&K7%5Hi($4h5CD+8M+f2^5sD5;iUM-Njt!=iM3h8smDXP&peg7
zTT^C|lXI`BJm{*hHrko*^e2%mn)~U3l9ilYg)d&-_2Tu=bQQk{+q~iO_eQ3gW9b#C
z{vW;t?w9azdCS;Sn?db3`}pd~1(7`>)+>9Nj_9xlaT7+n&I~r3hOa5wg+<#jQU2i+
zZQ$=FT^g0ae=Fo_d|5)&CsyXn$)T4SfScbx{_5hNerTdF*lK?znVfoV!Ysuuq_~{V
zo&DRp?x8`^<>Q1<&~us{swzL7IXgKdz0*SlqKLC
z3#GBRTCnzO6aRzlu2#u+(!qcKK({fU>Q{g1BawN3ZfjOl<}veA!+UV{;;e~f$gsD#TR$5sgh59&xCXr*cU49th(-gpHK5ao}Zv!
zQTeGBu16gnwYf)IdnYQnW&IF8j$Vj(k?MC8+w2z47ivmJiQxWdFfa2^tFZT5XPjBz
zV7~R_>0~dBcDX<=&jee(+5NKwIlfP6QVh4Mw84*OvKg;)-p~Gk8+zuCkW~+vJcLfd
z&S7rbJ-$@2RN|XCbzE#$35CsXCGM`}ZXa&c$d-^NtuLlb0^4?(5Ca{n50-Mv=4;6>
z#lM2c2iRP0#UslILC>y#z-H|-mYrrgOz7%~z?IVJMcri}Ta`$EJ?8DJfJ>$yt
z;pMNBJvkz}!C&4#zAB=77M!K;bgK*c@GzEri`KERhtae{OSCvohKi3_lDKg^7tSn6
z((;-u)`%vOyLtG~ovz@v9Q1dv;IEU9bm{Q(IlO~w9_$p+Hqo8uXy$fuZ}GX)9MI%^
z+;`-=)er8*%=LMx)<;hsMGG~eq6A1Cdpcw;mv;94Xj+iVs4%f$XxHc8!ZyQ`^IW!r
zb@ADi9qw*E;e6H69XD%EZ$NDZ_oEI}dCsuJ?+teOrXlIayMt{v
z#o@@>okz39aXvOR8{q%jye*C3Jr&?sRVzf6AQg{@q&$+(XYBb-IsWP#FUy(BJKDVQ
zas%Hspw#=EKafqsmlZDWrk_1d$5Qlcm{X$QM1bAU$hY+u`g~CHmqH$_#J1ACt6vOc
z>TW(TEb&`3opE2$5~cD8eRsWHCHF;D#c@PiW{cn5sDnqukks2
z3YD;aPhD|X)KA(lI>DFUGq2kzI@rD`vgVHB3Vrx<|H9Y&kQ$Sv$Ky4r*V1Qs>1XBK8I67zg#)~CA~yT
zc(v0NIf^QYkx)MLlZ(mQ^F`YvVsNyS{$$HD{xEgBxijAc8FJ6Hw~Q(;u?7o;8+cx}
z9u*oA7}K>C_D;1N9%^I1_>wpF3D*ug+b>_Y+ORQ><<1L)8-(;!3>=7+y8UeI(db7y
zABH2oYS34H8^*iyp}K6kKOfguqFG$8Ii|Hg2=%_$!%|jpfr})&$e`%7CQoN_{BWPj
zV3cps2Orb@PHrh3(NdK3;Mc0=ZhK=(-aOawd9s^;i6}c=6{9$;wo@+hVt?$}G83Yb
zT+rp)8<5=l52c(o@lCRib~K7(uSTDJZT1v;B=|F-G%q#E{k?O^hzMWll4g4!dH5**
zqQ#&e-Y#F#olfbvlPnv{{%_u`uTTye*B(>ev9jQ$(%P}_)s2-L#!tYQ5PY8U;qW+R_O57W)DTzci*4JobP=wyqi8JmcJY_r{N*N5h|^Nx<6Aukc(x4K)Lg-u?C2Ud$n6b@#+
zY{h)I^I+i}SsNc$x7U1mfgD9_kPuob<7=mU$e4dI-#?#Q#iq&7{bl5-I7Uc!`didI
z!+_s9r1OvF^)|%`ts4p;Ruu9Bf)-45~*C78M5<6w{1*gzCJT(
zrYv&P8{J9htJ)U#(IM;Sy+MmoM8t!RM5q21~{0~}V
zMISv$YBS^Din;wBzvEovN@kT%wK$eLBuEz8uIpn3>^T5Q|Q@Mog(bGybl*v3A$3VFKK4`
z-?2_F^3e4ftVF9L-bh2G{)_ZLZg95(2t}ooQ#j;~WvhyO*_|U)JhR@Mg&ROX#{UWkfg}
z5ytxX8e51;f1~%or2BoG1;xuh_cb~WKbA
z&bB&#FT}``xY=Y1PlJc28g-sp~`#>C=T6;DhHW^H_Z&iM6?b*m$
z^94YwQMB$Y$H=GHPiKsNAfn35k95VBh>}p#WpQ-ZcYJqfJ8Zlx|MQ
z@3xdUBHMHq>&5E_uF3lo?Pi%QtO_ZPOL@14A5__C?M~xgmB@Q1V`Zz}@aSdxZo`nr
zd%Ikj9TH0o4q9o;CaibswV^d`YYMfq_w5Z`ZLGPM_QLW`Q;d9X+W#u%yn~wDwgsLb
z$w43rNDW5?lwPI8Kvar=7^H*}AapQ5C_#h(hYkwTRSq2@1PP&pUZoS7g7P5LfJhM(
zDI$mp9)ug6`{v#EX5PDZ?musSd*)l~kG0nRW_`2vtl4{il?rU2%9A0~{tFj#(o)8^
znTKN)Ql7LTAB}z)U6G|*tO+NCG<6+-%H@HH6GAA96u86H1nok(2ENyA8JSsz{^vlD
z?RmE!PYt)EVeD1#%qFY)9N2iB)OJHikL97{MK(p$-qpa@$d9GWIT5jZa%n@optX?m
zFE?x-s(t4qgynC}#;oz-zZx+*9tqX?sPM;uaJ994M%;mML?cVNtCPG%MTXwcb35m%
z6{9Ul1DAXp@FE6x9j*hx4I-!hBwNWFg^E84e{Gh>Gg&l8fFA=SEAgUFkXo;}S!R;-
zs}c`V&)}ac|Q~Mw?
zv1@In436ib#fE2R=3s9xWHuMynt^HSs{hc{y+9z&4y~}=F!WqD;F(xxIQur;a7-;$
z9^XJCtINl_%Y
zn9J00*H{@<7p7ZT%<{eQ|8rUWX?qW5@&}Ui7D(c^NQ#}+6L}<|V^d>0oeablTZ!er
z$?^LpBq~(CMVi{jXEuSS)QoJRTX`S9aaw|X?JdOM-l`QN!$}$KL*_R&jgZ(cXVZxI4T2+zIVAErn>6m
zlqwr4uQ~Gz@csPMqU)V7zcm(YBAc_|!b7ibVJms0v5h73V#{yIihNyDXq(u00W18n
zs-Yl$^U5OR_d<7>X}Vd`DV93@!HXQQC!3{l@^%uljE!t|RWq04v7MD9O
z*~AEn)pid0UIgdkjkSzeiZW+mVDFW*8Aublx!e3g3w>1kX?bG$Qe?ATxdjr3N
zeOe!f)?+op@jya0qpHsJYhvA+l%2fn?He}KvXlfJwFd71FGS(cV6Z1TFKdxSIN;4O1&jCHHUZbk^79i>vLvy
zPk7XT@&4V?z{2K_0?^R4!$x+BR=x0OfhBFX#Gi!*&!An8#QE8RyHLqfU>Bg}UC15K<@>z$nCPiP5nA
zyy4d~pVKSzrZ#LRg0;=z`z1MvHeHhy<*oD$0d6T%WIj|VxCWqgBMI%@j~*v4{3RF9
zhNyPjMO*}42Pew4hA)=YTKAzd@*H8;BBE<B3Tq#v5&3H%0
z7U$CDlQ#Ihel2
zJ?uh_?C!aA7-q^txO4Bogo0lVSg;jSFp2`S-&EzSZbVo`eCFZ>q4+gY{i|kZg%YP3piZwhndqbL8GY-t~re`Zo
z?r=#FT);2a|FWV|?PoPHe;or9tMQV^*F9Iw$jA&Ci?V;=VeUv#|LM{|$;v+ICQV^4
zhetSA(2oe!V+CSISp(iSU6J9^!Qfabr}pUL(rpL!p?(5-XC_7LSXow?OT_hE;_0CP
zP3h4?%KxL7@<^|69b@t}9IVl4))`24a$@#nXoTAgKYx~sIVnW~i{)QAqdU+oNab0a
z;pO0bqXgNiNMO^SoQ%wvZa(Mr_ewnX@FLJN?-&4Qo}SjB?X|2lOs$6*7pxOCCp99=
z1C9X}ACAh#f0$~!n?CA%|6tU$VpSD4`AkY`xjC8EI)!aMVGfx?t!APt&Cw3HBS+)c
ze@IAH9M$HUVm^wzE$UWUWIue&iw9Lh8EEuOtUiAkRZ$^M1&}#BLrr~1S%|h7FPHh!
zH5h;1u0A8>-JD;(ot0M9#d8hL-;hSnj26$MxLGhwHDRon
z-U{@+ZRXxu)_C)|o6#Fb**crta6`NnOW~55Q2^EA?q*rN?fF%t`zM)KqqSe-Mqii*
z-+KQrny{ni(7eB+Bv_i%ZkakzdtTzpQ(jP~(&o-tqTID#74U8LWVsXMLI8fset@CF
zz(&Iy=pKn@>JP#Zek)NMSI9|6BU?ZI#~9Mq*Vd1~mNyg%A4sBiiMB%oU+Kwq$}bVq
z7oc6>+WT`wFSn6J1#tYKpP9wuak%hVBk=93hxatCE3|0g{2@H@jlAY3~ydBt-3h!4G-B
z0|mFygLHo3B4YXb%{TD?^bXVLCjnyjzdRFJte+sxFd6;D4DnOEbWoALM^~cp;ZJn7
z4wyzF8izMuzxc)T!f9DEjRPZ*_o)Thy#w&{SXEg{WvFc@E8L2s)TZ-G7F00z1YLC(
zyws{!^G$+I@rNsBgH?hC<$Lr8assd2@vh(PBdFyfr|}Fk=8qj7j2P(q0!utKjye49Qb@pvv66<&q3KqtXih@CFzi&&)MG&|+*uQ;iI-iP
zZ1Hq+C9u)Bg}eX0byaF@ye?qu)A!Ev=G{Wx$-~~Y&q@lSa)w()@p)`p9QS?gx7GE;
zp=HE;)$DxM$@H=Qo#a{l3*_@H`$-f)ZRTL=Od`Z4`SPlmGx4+Oi%xc!>Z^hwq4Dk<
zj{$6%6n<&EcYQzHg!8xSj@Es!ZXjtHv>Mcpo?>MCbpS~YgxpFS0o!_CD&EG*zwnyN
zX|KeW+;D;B`!L&_5aPDL(E5jf%%f%C*qH0y^uo~}?lTgA58
z`@!uR0o4`ri?N#1ja8*=1(1Ej(X`fOuT97IvZ(}YL5$ZF}PPQr9}Nu
zWgk{6SK`yj&3E&r;DFJXOM{972cY~MfK6;Ell0EZb9iU>Qy8;-Hihy=`kmq2bj|zL
z&N8c(mAMfO_kF3=9444P&I2+XjW4x5EjK@>+3GUyx5!%=pvh^m7X}$O{|+IIB&vt#
z)1B0(``zrbSyk3?ir;J<+OLKU9(HX%m^@^gYwM9A9K{r#?X}%Nfn4)5j|%-!9s*OH
zX?wZZY7pVQ&s^PPY^fQEMqfRkibM>CZ-7Q)*UNcO@{4n%{oCiwgutiQJY#vD
zSFHP0X>w}7)?YO!J~pM5hrzE^=Xws#2Jv{r9RrG@;$@%#K@XdJ0()p5J6%*u%eNel
zYOSM0WEI4XL>jkHfMO&1si@()#sqE&vS9op0EPn1BDH`%^~s+gKuv7QOifP(wo=^<
z5b|Z%0#kjEmY1>cs`YL9F~Df7rs*ob<|R8ha_l7!g>JfKoRQ+E1?B1&;8t|YKz)sI
z4}x`*tFXiTdcfuf#&|u&-FSqUfzSxF*eqk1*HN&>LrhiXe^qJ3SOj}u`lj@Zc>@J!
zOec~N$UxpLrdmUBHm3cbw*TO{o*8I_NMy$ShiMQIA%S~aALhoJDZa*Uh#d$FD)!#J
zq!SqXyA#{TfC=lE3kJD2DxK>BaSV!EMi+MvLUnVz-dLmAxF5m0X)20
z@ErR?z2o5182xt`*6mhC`DvmobR0s}$
z5ntyJLBpU7g4TJcvjq|7xsEv0TBll->RHbYw!Xh!=Q`iHzVDB7o$X7KH&vgt*Sgoe
z?zNt0`{B}uUy#t$FSH*b2m%@57y57&eU0jnB>o>T&ERjm^UqaM@Kf|K}C@MhmS>R`q|JT=t
zLrBEub*snLAw-B25p_hwhr_4^n2N|c@bdRXkW?LB-FkfZug%~-xa;r#hzJtypzen&
zsD2&zgTgvOgot+o5(h=y?LBJ}>QNojVjPX|&;Plr+n_N+o44zBabaPf7T>I&*{y*mDu3%|)y3;#XPzF`xwnJN`SSmeeLWVfS)SXxaNK7bmY=!5@8+qeH8&@JK;<{@
z&wV?)@8ET(HZ7TRvCpp3$cuHK?K=9h*}CiFa@NggI4b4Nn?c>)Hr_aV_UfJee!ks4
zB>nie>+U2!<{$M=96I9Lbqkeuwv~O^c9VtuKVxUhF?s9tubcg+dPKtq-|rn<{>RJ-
zd$v~uB(_T~@2+_K=)1A6CakV#nz-y_tMvj2a+59zGOInLJyfDfGZO|{X{E9x$b-xx
zqnDK+(k!9GETWKrkO%+)i1huJoqQIV5u&vW4ZtEPMxHG}G}22P$%uy-wU%^JM#RWy
z-8nwNlhvu7U9Lnv*=0!=@n0j?|K7)Tv1O+~4Pl~!Bcro@D94jTm~DX)N{Kvy6q}`G
z2n{bwmxTl#uS6nZBwztkyFQH&7{pxwO~eSzj6REp0!fcrEI=&FxUmhi(9NVXI%hIL
zW(EnYI;2$v9nl~uc~zd&XW^3fyPm!6Hstx>ZHpWaliZ|RU@Y-Tk)%|ZrIXo5Cs9a3
z#Ic?b&I~;^qsZfNQLr4`G(vp*QhSjseBi+kOK0;`B!h}nX#_!9qX$e;!n)vp0U}usd<4T-Fa?{0)1B68
z`C=za#8^c}7v~u_9|a+&m!~Er!3L-Vv&);!u
z-_{vx4q;PNtQ$pp5Lj}Az?PgMbPhH!Mr$<*DRZRRY=HG}M1+VUli>aDizftQJYWy}
zH=c)0(J`o4CkvpE4#~|X8aa_JTxj5%(-CbsYT3d#QO2{eF3}`@UqemrIZqXbm|l&G
z-&Fs0yHet@7*=SNs7$XEIDC=d5X$cmGCIJj;>@rp0VFs&tboGSaDjq%ygDNJLhKdz
zNMb|GV2D{3pd?9xw1fj#NO5u!%Yh|1CBiEtTSQj+^0Fm=HGekaW#1;mi_;Tc6ka`m
zt*`|t(MgAd(p9R>IUGvBn1FbN*~dt=qqwNx)xiibzyqKDxp1O@9bl#qAv;COtwJ0c
zivT%EUbcrJlEDmzQuo7G$gbDthx3V_mRM~T!H}0-kKH_5GuhN)>WhZ4HLw3D3SqKS
zRSvTtns3euG>CL=NM)}?sYKg(SvEfDQ!7ItX*oO0DwadZKW5-hV2Y4oDS!yjy+9}B
z)8r9;WH3gp$;1PwKwyga)?g&(lBZ6pMB@w5-nchs&l83F;mdWcsvu+XvK0st7Y76~
zg~Np#iK_&8P82PZNL)$;3y_319>3#@O!mJMI{!QUw-J1?L+CRinTnrFK~ThLI4DB5
zUQJ2^5I-kbmm^#xQ$gw~yY@S~VUXs|hOSX(TlRXqaZhE4+!w%v#0Tj-c`~Ji6`&FT
zEs`Br0qjwV9bv|fpd|tim#Ij?;Kd;bG=3*=1|dG;iSX}YkWfL(&1uAFk2=i^7WfoG
zq$2|KMh_uJOipr=&)IETKA2I@vvNa^8~1-dHgr?3>(gJS{T&aVD#;}QT8$H8T#Tn|
zI+Pb_wkSQw1Ao6V&mWA)e>e=U4|ou;@XkX*J^ThfBI)cPvje%TYB4rL;Ws13Z-!TH
z^DUB1*O~}}+9UCDRPl)es7x{mBOy=0mzq#^I0MYdBVF9>6Z(I66fcY~8c__qu_T|R
z5b!)t;xvho8kQFPYw4mO)6y1a{(E7h5@d}|Qc@^t6fhJQf3mVDM{Z|0zn9`0N0A&U
zp^r$wcMKQL?|+uWcg;DUZ^W5tR0@H{-3-C!`RsD1(#VR!MDm9%x|ez+ftpzj3kLk&
zs=;+CS0;0MB&A47nTvI9l2sRh&oy>cijK0dssm;SIA5vZJYK|=55OU0rT-Gby~4%g
z?w&^J5Pu=!X^naxEu(ZNC}3`JMluTGDMUPTl8zxm#)L%te!I$Hk1II6|L2-B^WG-p
z-#?XGR5qYe5RC*$9-t+H2{QsM0QzivDr=O9(5-}KnB#YDXlZypXLL}mO
za0vWCA9&*q)B65LFp#@AB
zLK&fhm+k$Sj*EesIv!i%3W-BkH($7W;bQwe%N9N!9$+RClFhzo%H;v5sFh}OV2mlx
zDFCX*aL^je;Qm0I{s35{g!{xF;nv}z5n==+pn?Zwi$I`$gpdh`6Lc%iqcYi?-iPMou9|Xu%LSfC=Hnw*N~YS1SJAOi{aEeq6j=T6&$
z?Yj?lUG-%vtz2E^5I{`SRhb>oL6p#pK)2XPi9~F6AsK7M>tpTYza03D
zR0?TAnaQ$A&}~4iCd^1E)PvRsp^#$M#;l0Ru=7E<(7=;L00ZNq7L~^X`O%Xb{VJZ@
z_NM39DDs;klz7xmGb)whrAzV4
z-Ub&?<)NTDuVtkh*sEeBxOq&*j1i~T+9
z@qn|pdw4y0ISw~Sl_Y^VaJ0=z+tkW%z@;`!$0C^kK{I9(da_~zk%nRriiRcqHsBAq
zZomZ|AtVe-msGMzTEu5CZSr`*Buit6W|K#tlKNA0G*4ldv)x{Jia^MB?46$5$x4~B
zM&~kqhT5*M;i`?-H>n&f4n_!IGl>cel2G9~1keCS;3Yq~XjmP7)I3I<63>u)l0tI{iQEDXI)YQjA^jMi{>?+BLuaHu&VDqo`q;)Z$6Uh`
zr$3*+bi|9si<+(L{%YsU9X+=0dD(L6M{fm9(go^V1__1eoGb=K0+V8?zeFdy0`wle-5jxvvpm()q74T?M
z8DC>o9bzTOaUSLqw1;#z8gIq)`zUMu)~N@@Q5vmqmJ4@NcACr0)f}#
zH$vbkp^zEp@23|bA)y2H@}Z`pGz?SmDV@+qGYpqLateb~q+-+-KZ)Qve_-vjvGEXz
zm!X}HwcM9Ec;zI4nIm;F+En7PDf0!uqn1h!QcIA9jYg{DhQE!lQE5uj{x_-rV@VN@
zAfsuPa|R*f1;l0XtwNf{x#A2a?Z9P12hL%M4i{PI#70jo2UnzJz1-Qoar#$<|9J?#
z2xfDT7Eyv6=_pJe(cpA9*q}PHus1W5r9z<2aXy`g4MH?*~3Tt<^T3|D;t$ZZ@PwS;uot-2K-{Q_l19L@k>K@X!q13^J%*IqoNAd_L3eE@ri
zW-?QNNq8(VN~myKgUpN*u_nZ(e*zSs4tq>px__%l8dSLXP0tCtM}4{Bo2pqGN3M%I
z8!$8d#nPH5CzF&aC2&Zj8EBmc^hq9MLKrEN6&tB?v4IT1kh!q}3fF%X666UZ35Ke*
z2i{l`xdVBu-y}J2JLEGEn*4xWUBn`8
z!YcDoK;V9;5GEp?5+6Dk0mBm@u)JWe-N0a^YCHGQWCE4=0aN!Y0gt44!9ZuB%wf(aKgp^jDx2k?3G|QDL`*d09gkozchn-q@-Zfy
z3#e?jSp(T3U^Q73>+$$k2b2=EcCbR9ECA;ZdB84C{nUgszX?IK2c}7SD0QJ^vKD%2
z{?{!kDUd$<7OsqW(7e(8x6l-%QN^k}k=0wE6nw;nTi})C%MV(u*bzj0lq3*xMT%rq
zfdU{^FaW=Bm){hIZ-sam5RyB1kiV&e1U8qKf
zk98JERR!j^?^|@Pm~lGu(P*W`!IhQB@xUOM#h}njJT_!YkIC0T>M8*dW~C3}K}-sW
z0l~@@8UHIzX9OTXh^9?yG0q_uldMStq%f3|$&7ZY7$GaH1!{`1NwV7N%J6$+)N0T`
zzK}mAb~jGXzkg-*EleWY4+Ta@G@r&rATuQ8FqDTvvW##80287DLq0GA1EW@XfB}ex
zZ{Us3cSi;TrQpz9qWKt~hcT&T6EKYT@O6w5@;KQ@WfWxClSSl#uj`*NmqzB9=Y^@4
zt$8%V0F_0YR|4#!{KOe#N^JOe2nfMQ!{qh^9Ft)dP(qx*08@A#hz$-74PSvFER;!}IIurRwcj6H;yQyRd>&I@k1?vJQ$qFiTE*wu!s;@uN1RIO6Yfn?YEo=w
z7qGgH6-MVEsIfVu59k!K6hmXYLJ|!#XGW9l0T)1uLPG~r1mHM?kRAiY&VV62FpUR+
z;d@|@Kpq&2Xq+sNt}u*cq3Uw{ff+tZb%JVQ7l9d*0HwLw!CT@gHqcczWk5WzMR)|x
z)jTsOQ{Ys4gu$_ek0WAJyC@$bJ%I@@3di7t!7D37Dz>(X(IY;K!l5?e$dIH$W`w-O
z4gr9Ok!Um^l~3!C7DfwcW-u+qf(xEksLw8HkyxfGuqnGdD_>GRZh5oYH~MW%BrmOq
z(3z9Y*0+U5vaf2bi_6%tj3P2cQjItb1%yL4A!lCW-7sYFuZ<;JRq-@=U$JP(!YPy`OCXk
z{`{&s_l5!IZxjmGvEs}m(4mx4%0Tu;ILS(qjV@8jJP0;BR6!=}8Z&a!QYH`h3+(Y<
zpqun0O^Fyzi|C{>Ex5p)?@+ehU@GIzo^oP<`}BzsZsPC8@^>5)}MT3E0^LMR!P%L5_efD5kx8H79%
zy$GoVT$F^hZb`?U=5WIfZU?ko5oL}p
z%2NuUoAeNIAF+B4MU$*5)8KbRm;le^N!G{5Hn5mR!twHu#VkfDMTvM!xCF#9BKX!Q
zT8+pME_cKzl>~klrv)L}&B;~1Lt#`~)09pTd22Q3Qcu*FtNOyGx=Sl;0SPQDDn747
zQBc`xeNl=$vI2}%DS5>Tijg5%MXePQRK$S;+W{TF2aqa}=#z=jEDJUTiM`n(n16}_
z5-?;_q0V@;q!6dhQK&KsxtNH}=Mekj*fL6~+*Wz7w6}X|>)@+PG_owINp&cRD{@8V
zTC65u643y$n~{ntQ@87FT6=YE)SjryoMlBdPp8c30jZ*58ANEo4r~*5fl*2tep>hV
zBXMrw=EY2;2SAH-kWq4$XOR!%0fY$|9j0M8ClOfFb4~&kdzhcz26`Eb3w#^+_k15^t|NBtM%ji4{LV&@#+2RVpgx3)v2C5{@kRW2WlU(
zAAi^AX>0o*pSONW@?Rr)TA@tIhg)LhCotgkVKH{ZW95hSyL1X#M-oaQ^oktPmIPs>
zt#EFn1?uA8HeNgye||%+bAMFT{FLB~U;yE~lSwEX5>FG9r2@?Rw=_Li4DH`XcwCMc0^*Y(*u5jth&*;*&6lZ{3U;d?PxG@`o}*Rl-IT1vA@=jggZiNtR(rM6%;Zu;UQiP^rhWz2T(H8IMbzw(fZCg{s6;W{5O{
zBFjTE;Mizgrd7&8B`-=6&DPJ`ykLjs1KM$_+y~3oU3u!k*~Gndww)eXyszHnzacXMPqhBS@%`t4djW^jJF4;W4XM<}yccg(8^@gmk
zIlbsIy>98ezGLQoS@3VeK7K>?1I?&7c(Gf>tuspp4m!6ndzSWWPZkmQ<-e~t4Y!?o_T`orPiD=Y_Tbq=
zWVttPTHzOqTBXnFdAiSYVbJ-bKejKz#3}>Ls^88CNk%QlM1rLeukKfXj1YG&Z*JI3{#J+=JitXW*nUL2k2*pMI+`_^q$ds>duO?fD0oBx9nCGU$4Wc$x&mXE-&r;u*aB+F~gs~dew2~jZ=^Q
zAtLU^>)h>g^UK5g3Qt#GnAgAZ*~@M(U%c;YWk*b^K0mKv!XYp47X=tQ)5__3C!ce*U&+^NQ2^Tg|&0
z_fz4+!V~is|97Z9{eS=5#*KOX_aE)iVs?D5^#$Lx*tNd!!Jm7UmA}5#{N~6t%cEZG
z`*OG$GDoK{gi4S+Ltn-LQy-Sir$>KG93e1Ibf3Gq;*V$5QEgS-cWf{`c|P-POycRr`5TXI>AHS@m$PRM
z|F7J~dosL(?zxpgEoWcd+;8}xf#Zgp-aKwo&n7>;N2O#Axo`w!^zpXP5^xFPW+d~BWZ=Ejq!h2=$0PW8Y0azeM6ch9|A@b!_q^QY`?
za^r1H&F+dt#~uogeE-5@2ZGXM@I4R02GE@9qUVjvtnTroI{Ib)+43h-T83=>c2e<{af9Y=
z8)iILXgOG3@MPN--Q=7z5l=d=x^O4z#kQ!;-W$DY&XwOh3do$
z(=N1}T2@i^@a#923o3Ss_PpviZ*1|cP49k)nAvg5p@hfZtl9hc)bd4>7Y&%vc1MrX
zD_4$dvHNuP%FL0=-_>mR?Ctyp^QzCjtC=5GJtu45t2evXbq9bI*1tKV7IaIV7M|Yr
zaw?iS_D$<`zbP5OT_)6gtXOC!02z`qqwW5R59E%g23oA9nw-?I7U!#a=iARu%FNqy
zenY3LM-s5gJ`Vy{YYNmxKuf5N=cLLxWR+c&Z#(x#-@ykEYOqp+4QM*^{rcvGL)Rj7
zKJneRZ}zs{@&R@KW0C0MC+SaA%s2J5uJwHKRmin^C;ochchS7Q4g0)!xc7bE&tL4l
zbaeLml~?cHSs8locN4b(SUJPyDA^vu1gu%Qzky!h>}`BUqU=}~9!{ilo8?0>wV;;*c#t}&n7Mu%RZ
zj~g8LLMK2nPM*L{EQaP)C+1o6gEt05m@UrI5wY)H
z_dGK=`Q_SZT%bUdf%rCU*fm{0EU<459RubtQX0Fl-Vc|7<1ygOCz_N*UVJtwxP<@;-|-=9`KU(oZq
zb4u?K^9PPQ{rz4>QY@EYSPESkO5AOv(L8pzPLWySPGEw=
z%4f14@9ER`8K>!4%hKn}-7k52v+stem-~Rc+;84r7Dq;3f4k@17d3M?RJ(vMyoIU$^xfNQ0!okbA~V4--JD^(E&5pp!B2f@m++eOP}SD9STurVg33
z=0V5r+wN+Y_2h_-ZKMLx2d(WW{dPealw~RpCaaFCW+gG`1DZTy`SrWP7xP<>9K6z$
zO-Ecjb8Ob57q6Zbw*Tc1!R!SKmTgG9`0eBT-{xnLQADsRU
z-`5A!GoyU}<{ws`dU%u{yfb0)ygu_lMmQ(#e*W9^`=~|t3u{h2P#cq6EbZrFnOso<
z9dlr^zBoLD(^SC*5};~t7E0a`tpTtW`P24o11LX1%qW6agt
z`5%#>W0r{fwKIv&B#6)BIbdckBQw`$p>I!BRXQpqAiO-Jr)(6QxYK2+?&<|HxU+!x
zEL*+4n)e6(Y#sA2W9zstHQPBmVC#jMQ8$|n9Cx<-v+ji(nx7k4Qr9&iX-!yHvHjlX
zN3V_qbANkYGxYJ?Utn%&N^*oDI1Nb4M9`o40l_64?%2aLagcBy5pk-S-kRS&(*a{T
zLo5J7keNiLXiX}+Ej_|hN>TaHfdO;GT3B$isg$+}vlu{t>_ELSnIF)|nubOHvY0s2
zlZJ+pD45&o+9QOB3p;P@yY%Ms9jBg+EPSy7+C`q53!O`yqjHi2q~$zRsSczM=$ivU7&I5TlYA05$*Z$v!T!5|2peV2
zk0ICA>;O{wWgh!4^Zx##VaA+28)R>9_AW>2^hm(7xBD+ued*kNWOe6sPQL9kB%2I=51TlY6p
zUVT6Z-u=D&zdy7Nex2Ay^XmP#VfZXMd7KBw0C*-QWNK`&4)$4t`5wR=^f98*{$dCE
z)#*saRXsi{3Q|?)IFrH?2y-;-9SJ@LP!+A*4%6rAqaTo|=1U)E
ziIN8s=}#|00Mjbey4xRb_C>ww1qXYw5lzH$kyBt`Nr4laT***U$%`j}h?XBn&klge
zrvfxJOi0^{q@vLHvH<8mu(seZ#bzG5D~txYq&r7Cw_k1sRA^q2unJDPI-I596JbPd
z!e@LK6i!iQ0?`OIS>WO!K1?9ZJT2aMM?ykPV~7XfjC8XJ!Nweh=IliJaY~6lH0{VwBrq
zQ&CwY0MvvlVb;lHF~Yom07Gl>K}3m158FoA6gX>!f;|~>J8VUVjMjl#(tbg07iruK+YiW
zpGU~5*dVJJJEZm^=_G=OEOs%WBq3ZfD-18(VxU7F8>v@Y`6$__My?F#Wj@U#utdZ+
zioA;Le%^+(j)b%h|HLP-{pnFkOe^ByNSuVctV@lNkX6beI5tThGQ>A^<$H(_BQ4j0d8b`V;<
z5q8rE40{47G@j
zXci^2`EY}fl~Bucd5zj8>>$VW1TK!jMzBi(w~QbTMQpe2fz4*hVgPk3#b
zTMVQsbRwp=6sa;DGc6{3(3d=aiN?X9lzD>M>SHd$fDHlhmK)&|csxxb!zYrgC6xlW
z#$lH@TzDG^&?>C;2|^4dNW;X7M2L2LG(`nnx;a#hn+5<%GUV~!!4V%3*QL4KVIe@C
zOdp&c$4UWo%uivU6sRm{XSaK#6zq0U)|??h5mFE_8ZS&E4jp7**U97o(*UaiGt%%_
zs&*TPz`>z>EJ*@(=~_#8r2GH?MQp^7-BDq05e(V-mosCRdU{_j{uzgczMXaWV{RVGqOYIu3)2wl*k$
zKqfw1|3K?Y8JKvQCFX+jAf1#U6ETy7gu~NP0200-T;@h_dN42);ZxY)3kJ9yEc|uEanh8(~
zvWYw%oJo@Wx?Y`%M*^pcLSvnH*uUnhGlP%xQ{vSEJ3>f~eQ*g~wwZAoU!CCD5&
zm*im0)GB2Vm1RIE2bHG5NnGUd{L?EE;b4rAASSXwwO&bwo|PQV(1A371>2HtO7^px
zXo(NIMeXLW!nwtiR$w;>$l5ek9nS-z^P{%bD}KygMV=fPoN$p@a`_sld?5_QhZ6^+
zBb7r6_6jBwCChSt;n9d>9D+z3AO}!wfHK1%B$>`)5$vP{h#1%M=3D|rDbw2X#P$@R
zS)IZdVXit+GCcC`ywgI|!(SXEnG0!ShpaoDT#z&@A}G
zj1A!~z-uHQ(PSV3w=_~{DYa2SlAtDO@qt>mK#26gGC#e^@vudU3*ir6VZmgmt;SfO
zP(`4WbPlXzbGCa~Z_?N;m}X@sq3nQ4GGmg(=Uo9R0-@4OXbk`sY=j5W7%r&E3MYgJ
zjzkNQoaE5L3iXi$q2OSvmiJ4eh3%~j*88M(stC7iPO-gy3@$#YxbkQ$c3@equRI6w
z39}hh?P#SLOSa=S?3C?<7NZt8HqBA#Wl1;bghT9>R8AInuoZAI02IV4Vo8ja_J|My
zwYWI1ybA<2z#FT#0AZO)X>O$Q1S&(qw6=`9
zj!Lcv5@cR&!zi<&@^z|1K7S5{!4ajv5UVgV30ihf7MX-3-UHwf$YcO8Tr6Y|xQ2px
z9!bQ|G}654qaVIE;B6HAU31buotpJr`#Tq|0
zQ0MitK4=unc?t9xt2)K198iz_uoVy!f#57IKU9sNx*6)I0qP)D?^|XI%LIT@rIedsOsk}#}!#j
zLH01{^g-jhxFV$0hK-u!U@gGQ1UFf0&QH`5=dfOvRv&TMvJO@}2*NQ6>?6kJY&Z`1HG!{IM@kInw-yGp`OpRsxOrFeXflW=
zDGv59T(kf>j4@>D*iLqoTw>%55`Sut9t=8VIpl*GKCq1;yq0YsUQ$Rap!9gn3&HV4$I6*s!gp-yN0U?IiNhRhBM)|faU!RQk+*T6mF$b
z3S|6?=e(AzTC^Mmza13*%z~)`#;^Z~&za1zi)y=gWY2
zumIMnxbp4%$2l%srufd_#_b@@v5Kh6l&ZMK1P{jqnZ7J0uRL00mEcYQS`z_>WPhlz
zEQe7KWpVL*2xPDaU<9_XU=0hu3`#w1_eYCjv2)zTG|(ST_3Vs8TyAlUtW(;U^O)T)qLAltCi5m4=v0(g=Z
z2}n1HEzTSUQY#2JnWbDJ6-+KckTY_~u8;8o^13IEDzE>Su5m{3wy`t5DX7ja%Hqc9;z3Shp-l1{C8%h@^nHI1PTra$UC3-E=$YR
z^V*taIiEfWW-s0(kQN~jEJ>*b?m|^Fppr^e(fcEu6CtJ)gl<~wUWnD
zi5tuWtdFIdGEiSoDtsYWVmRDUTBc;hfIPQZ;_>0Z;y?BPlpszY@r)!qg22T~zC!4r
zdAv-JeR`UgOrJ9+va
zVMoQc5kbBIM?=&|Ce3m?MbEalQP1xb$Z-~!^~5sjr}e`_0c3-
zdK3?)S5}Wy6Rxwz`AI1A%tT4kK(1cMEH2V5l`>q`SzHP*37$Tbz?>ENd5DLFkA%nP
zGc=z(0@Mio1M3Kce-uNf4RgV>SYgQ=G4kCDBey}|Al1~y5?(OB$i+z@KTjL_xApp9
zQW2=^0D~-P2BiLZ6Q`Q}G}JV5n7?SKbB3sLJRw>gRDBp$+;6u9X>e7AV8(-9w3e!bP(2)W
zMhHziz=^vA;3$>?SUX@qo~`4vLNT<#KuGDloD}RP{-DB$*Fb%87>sF|ZrC
zq*2BZuGU+y78-jM25k`*jZZls7m9rd_{6XwYN12rM?SK2p#)rsh;e0x1
zSOQ3Cm^qsYvM}&0fDrF4knoVcka8{7^Rey_Mq*~-h(O`24PSB*S4RA1eWApXkpnr&
z91c@Nofyr9F9Z*}I!=Po0oIIC*}XPe1|p~t2%=>NwP_^|dz@;O4gL)y0ifI~5UAYY
zDgnwfo0UR=z)T{KCYSS8UIq_A&45P{=^!4TXr`x=`Me(;AY4(fwyxIzU_Mj}^|0D{
z;u>HRf>cw(aD}4-TyFzf>~eV&1*{DFYsG4q!5QM@R~+7J+3`v#^o7tDL46Cs6dsk4
zmg)0^m_QR?HDEdO(JnYuE2IS3TmnLgyG+A_AS|n7oHR?zS2Rh6k`~DaFOfkUEjS`|
zq$yMlk7ht?#_FSj!=-IibTCZiIG%zXMO=5CD_2GVxMER>+gs47;5;}C`VR+a>?AV3
zJLYmf;^BG!VXE{vWtK^xhLofzI2oP=vMq%1XtgH9WLa5E3~f4Fg=g9qc%pT
zKN01N84)ZePS&cS1P5pO3m$IMT+5}{UrRc;7i)Q57@xx4!xC}Wsam@Fw_PW>8soRC
z2-4!8K!WmCWv0Ny!QvM1BoYs8_TUHh@x?+4(h?nsvV=|SBpDK`<@^P}2Y(eo;s1y)
zJLj%o1C$nyLxCJz9O~=qi!Fw~#{ItcKh59oy7YA9S2a%;wOG_A<@?|kSH8X5z4X>`
zqC9)0YtW=_-y!1V$eoX`%~BR4KA?&_
zSE{>w^XftG>kE3gr
z;;ZFxRlm)7`h3drmHv7Uf2PjMW1BbUUH?C_KAL-a{roz|=+DaM%{p7j`DNx(A8HN%
zJYH8J%+l+SJc^`vbx<9=9RAnw2#Kt&NZhD#$9h63{jE7BsLfaHJII3-ojNmVUD!(a
zxAXV}sC|mGO|NX&cDQKlwjb`#`9l1nL(<@DtCOr76w}5Zt^a!5?z1!8cQ<~$GG+Jr
zxL$c#rUhruNv`i6q!^k$(beEm?vVc577Vt&sz-&LYatDe=%96++}(4$bm{Xhd0iI2
zs@JRWQrGGR!#}6#jSak$S~Mx16uY)>o6UosuKfO0r-$D>Y+OND6}wk{b~8P0
z<0bWP+TFGRFH<{5?^zhr$-
zMA4~k(x3q*&#H_G;?x<<4tpJ$4+SMtY-eLGw@FWpEgze7WY_SJ;)xjtI~`ANaHPc9
zQ}#%nJ;%1Z*ECyw>9T~9O=EseFP=117C)`gvV;_sYesIEuJN7sji!w()@jB4luNU`
zl=rvPA={_Q_F7-fYMbBr-1N!1xxKuT?=7F@ZWEgkD$}f4vD+FgjUDpsx+YyiT68wt
z>aAF*X#1IYa8=Ya*TLe(r$6sEr$@&VXVwo|{CxVj|yt6RsN2iH~n{pGn|DmK@h(XC_d!F7Y`Kl*mukcB<+@nC@$u{(Pxo?9pjmI<6{STfX@I#D9G`aPjSl;~I_Wwx;RfOBHR8PVLe$
zrFiYXzf3G%Q(pf@{MZ*?cU|3dPi6W2qf{>PX94^IB*`TwQBRn&hpaomtGJ=WC5{oi2tH*Bs|
zKPrwbP2J}nDEQOXk$JYd__uu%EBpRX`2EInt_w_|?c#!(-S?A|RVQb{nPNcV!
zE~&q5RjX0W_1@!eFYEI2-p5xRySJ_Sw?--5&%U&{4pk;>s%YA8cK(@n7w<1=Fve16
z@%!>gA5fha5zbA&x2VH@+kn{m0r6X}E*0E+xwONwhtgXu;+nnr?n0aUn@+Fo*lGve
zdonZo8vAM|y7gkwhR#17tFjm(Rq6{e$@4)?$G=kjk)F4;|HN~#3s!rw!=$Q{Qx{mq
zbUD;#@%>dt)7M@Z=z6flG^OTL{F$K@&HtQpa`Ghci36Dn6ZwVZv6?}#Cx5Uzle-vv
zWzz#?=GBAD87EF2Td(SWe~au;MzhqRp{p%3NyYfw-Xn##O6m{YKIgW{5d5@!M5}iC
zS8dKcN-eLSvu51>mACFTQXN0_r}NR$8I8-s2Ty3;CU1Jy-STW@YI3=8#fTr$k3Z;k
z{zA{BeG}~GpT_XNNo?|H>s+HM#2DJ$J@rN0qCZ!}T&T_wj20Z&s~Xv*^ZF=f7qhKp
zewTG$A1iOOcE|_RaoE@Uz8@+Y9Np;t^^lEc%9cM<`f^*|?)}Y|zCC^NH(QFse(Lom
zujR7blix4<+#26$_@i$#hP`igVeq-l?-R~6kG=BCu`Zh>qGrDzKdhYGvF6;Fs>SQN
zP5xj}Bc3!&|1L}7lyDqmu-hisJOCLS_
zzJG|SwCB<42UZqeXY74>|kWm&*iYEi**7%G))FFZ|D)k)rg0
zdCTv%>y?r4)!K2*UJW#vng)z*f4gJ&?6?-smAm&2o%?98dDF{o>n07!&~=w8J{Qgn
zzP@AjhWBH#(=Uei4pfeg$*5c44E%Ff&E=fFWnt%~QQfLa+70Ze@?J@Lo*nhHeB%Dk
z4f^9h@3i$Vc{}guT66iGeG^k_{%ZEa*2yO`p5EH@xaZ*hXZLp*Ki<;M$i&B<3Tj^W
zdg{(7sbWLT)yOZ-y)a{vOTcf;|r`=L9WAphzIgZ(J
zYsR0ykgrtji;6s7)y~=A{DM`(5;omkKCaK|iT`dGKfkI@Ozm)Q}kt4g+vy_^5FvF38~enrvWZ?&9D
zpFVSM$cu!n>1@@mN!5A!n(JMRxjVjE(k7_!o07IYN(z@A?7Vip^j1W6)Y(=U_qSwU
zPG7yDbEgjaso$8EC~u6<7iT|QBj4QZMBS>vf>(oUehv#$ZIn)5e)nq4<$AKHaixnF
zbx&>Lp3qSL&9#J-Rc-#7o8A6MqxSZzO4Io^RqLm3dNuCWE9;cArHcktwd`q}{v_zX
zKMoeR>}8z(Ea>dvMgQOb*cWAsKcGqD`*a$f)2YgvaCgc2b^Xd8jDB>^YJ8CUYOCOP
z@8M(AGEKYK4NXIJmZYq?*SFuhcw+xMl+(Wa0~%l98MymVXcubswZ}~#e^>B6R2I-R
zQ`=9~ORJK;8zLB(9i>=LU(4$?d4=*>9Xi#yHvQ#``08`(CyxJa@8lVUSEpUB@ZMVR
zPI_bGJBd9-*HHMb^`!Budm3fT-7eX?qdQFb^Ju@G>BB6?`*$1vYPNi~^UlGm>AEMT
z`3q0Ks#)^^6*aORUtgBHvzR6FWUVEFC$hSM~m+8AD@#n0e{J_=~}9
zyZusd^GJ_QdEX9h+VZnr_c~oTTR7f9{`!E5{}l8cb-VSLCr3Lr9HYEk
z9Ne3`{mTAZ+a
z&bZf-JoD2Z*ZR+CZu4!Unr{(Y%zSbx_F>N!S8}4GO8Tc2Og_FM&{E9;{*
z8HeHLNYw5=(l%GEd8Laq!l-q|D_atjNAp%(RU`)q?`D6$HF#}NRPgb`nf@yCe>(c==80Ahx<0SpbMTzj
zW4FcJ)<(QB-go*5)6Y$}9f^z1F|12(JF#s-?!34y;~yP<
zRqwmFvCj&w^dEArDzvX{(ussOjW?ca{(P@(%aON|f&F><2PZpE)5i|*rY~LmYGLBc
zt&10LjJwd!R`O{5q&B-|wT+n4+g8~7RQ9S(Hzu|Dp(5jZQ)uuiab$k5bIq(yy{^ug
zIob7WSBHTYBTuEJHj65bFI_Y9m#QVcjrebJFQ1XAe$i-|b<)JkRfCSZU4iPw`9lMH
zE^pU$$=IqM>$7hxZFBcz&8d@R6Z5uNvsQ=gm~OpyCBI+A+3)*3fAWp3X}?nii}T~o
ztFLz4`(qfOf_OS0GO?s<7gkbLc_*}k1d24adRp*$N!rl{$ug@N`zTT5Td&f&2uW5BgU;q2E?)8OH
zbz_r;-!-)yB2ABI6A|8EuXgvL^2Svy&g@EWkXUdh;rz+=rcLKd!%B8fk$8=Tg1n?9
z<0Engb^dPO1UMT~YtriCFD`tuFm83;qxL5brRP^x-1_;~oJEl*JR3sx4C&gi&80&v
ze;g&)IK=XQvG>+-bu`U_FbM<*?hxGFg9L)h!QI`RgS!TTySpFs;4VReySoSX5ZnUU
zljnJ5_wM`d-hJGSKUuIZ|-sp{^Tsp+X<5)rSp12e92_^d~hWu=SM^61fy
z?Z?GLspYST^BMx=DhiButS>)I$LOcy*fS??@5Q1CF2K77`};3(Igi0nVHFI`;}@;N
zz6gifELGc|hP~Z0BxaA&(5(WsM6;%r3LS&QF_AJCIBl)YOEDi_K8IofLOA6Vzy5-X
z?YKDV`MS!mTTm#STG@Z%=(VQbjQbx0;6DmY@Co`o)b~homv-2(=tM4T-?aP(0Z<=<
z0h9krjc7Z=Qy{^oVFq#OHoom*>Ey4!$FqF2GL=JKi=r+qeOpM$GOvx=mk9Bg5IYk&
z%RUSlmE#ahMG|G3{^469X&P}|Y#aX^zQ7{h#HBgv=MbD)XSb!
z_|uum=eGpNA-zU5OSWA95`bH>#|{z9BN%cPfb?0e(Rtnn$T@(&q$9SzVIQoc@U|@2
zg2Y!2yiet`cK1AH^^kY47dOAnYFEN!KqG|@CfmF;Q@8{KTU%G-tq)J)uS*k?fs+Ok
z^e(5)QdKW1C$v1E1>dJ}*>!Jc(n)j5$GH7Va{le;{*AyU7JPny7vWed)7HZ4M^uHp
zKQg7%R{}$(0~dtWjr#0(b%EO
zyanHKbJHHUq|?@Kkk4e!-b|f8i%0u6tx0u#6e$J`?D1Vnky`a7!SN=YV#GS^4Z9OW_r^Z_g8GA{{Vymvi0^k!li&&1d+XvOzO&YD
zE61yhy(>=4{GIj^o(5F})3HUpYhz&XXYr0>i&M8K-!(m9#XEIAJ8pvDu7mb=;nSbe
zq5j9T9~q3j5-8^4i3`JSC?(3s`K8d0C1aJvyb?$woY$sRYWz<`7eXshwTT<}Exo30
z@=t`JiRNNc!}xQ<70-PWw^1#&RX=W;-hW=cPbTTMEoL-hGog!oC#yMPJfMQZo>rUG
z9|b|8o6ttS6Vn_aA5g+!535ZQk1F_2h5U=0HgxI7I3B~)0NhdHOtawA`GjZgI;SPE?L
zm>=KV!8aoZ<~Ltk&`-Yqf?8>|Uy8L~0by;FW`JQEt4ks8jB&*r^%a(&+x0ONT+AO+
zM#b+ICdE=wCi8@4ZXU{w)}fmpJF-Ya6PBsf#_P&di_Jq;oKrd{yVGTaI)O%NAx~s<
zhSvX-VzziE^!`dKH<0<8_y?25K3bmI|gk1z-ARuR5mmbG7c>0p?L3HM9MP#~t#G8^Kre{PxP!HlAj`S3Be!DLi=x-AVhe
z3U0k5d6|KXsd;)oTu8iZZ9ZGwX^>bPbO@deObV%d?=mmB%G!Dw9NcAs_|VWV7z+4*
z)D&9KzeVHDGnI}QdL>!NXGHW1iqgGAmxj{Ip2z=PSV9xI+-63^
z5BqX3E^q-y@}{sIcaK1G7?cJw{Sk2m@*2Y~nr(bSrI
zO{w!W_jc1nvyJ;{0IE++o;F?UziO8U02>&%XKJywq*kxJ^M%IkW0(UexH+(OT(NV-h5r0UBsGJzyfF&a>h@atJO*Cl%#
zY6oXfYu*{DTk@@ikB3*m4BJVCxEu|X@F{&W9LKKkDP7Qe)V|rJH0>VLbBmh)gFcTmqxgDwObm>Xp&JT+53i>m@>qd8
zwLC?|sJbiMAx9jh-)M8UVsnk;B4~N;3$C6)#aAA;X^Cq%$>T1t-voE>k_J@(-?mm1
zz*hLIOUoKp5|cmkzRj%9yEkDH3E4NUp9K-VleP6VIJ?&7YB-|6IlD91^!7cPV4)g(
zhK-W6Ty=6lmWQE779x7?QPI{5j4{#6x{u#mH1tIi-$nE0SJCBwL^~@bo_vrisz$lJ
zYl!76aMqIgNHaOFz*afpzow822@$jVh72yS&%Gk`9CYR8&LNR+4mn6G>f?6S|
zx5fDk1Pj+EVH-HZnj69Q*6y5*N#9N7=YH>&-*1VvILq*hRl$aFX(injD3O?1n239B
z+?O$-a&TsU#V04q@ifenA1Qw**Zn12BJXfTWX8GD#16r8%uT9=+XXb`c8OWd5?vGh
zJxM`y#Rmr~%l^9prsBAjeFB>buZWw7VaO+cn=K;ZA~T+gK*}t?dcb7U6xyn-omD<2i?Cyl)skIPNvk8>*)
zy;`*F5wasCHzzs095$XDC)9U&{F)9R#R0$01MC*>t-^$XQk|dEQ+1Gw>k5iet2VM(
zH+cH5sr17~)S(q}{1-P|5|7^P@RUwRs*<{D)jPOsil#3M>d7~A0Gb6yc@L`dm2)la
z_i{QrZN4hea^5s}KZ1)LW;o9XtiHo|mK;Gh#QN`i?^JZK=kUXOG4%C2_e`WnfyoEa
z)&!gTfk9{u1{>TuQSA9)ITyP|y2R7<#NEW)mDrPJT0b|^xomIst5&CjR=)}UxVuV;
zeOb+pzFLpyJnF~WpTK?aQ7L{H@bhk>(Vz5>zo*$Ws5`%m5PAR31^lhwDX$nju9H<9tJp&9P*v-;pNQ^DHh0)soAw++q3KvIFg^xgeh*y
z5nbkv5wfCXMN*nJjkH=Uc)94@9M+`(l`YwrJlyMHg16|s-B7s8Z4!0%F9}jbrKG?ME7`mo`p7p
zT#8>kU-*%85%-Oamos>Qg)X{8a?`HfAveoN_>0d2nMYiMaoua%&a{1I@G;WmHkI2jVtYz9$q=h4dr8
z4^08*M`U|bYm?$L2^2sgHmF}x87r9L>LtPW9Bhu?(52W-#nBs5KTWZ`jj*ylyLZ^h
zzpoxO^=&6(+8H*Aq^`j@1vWe4o}i?YAHActYjK|7WP|UMd}rmwxcI0jGP-JK~IiU`F`g0F`
zoax=97k3l)<70_|s&Apam9;ysg}W1XoBAT*&R6O+Mb>XBJi%WQ-#~Fwo;>*~wL?4{
z25Rh5Je7fNj2+KEx^S)p$LSVtA4~KJ-@o6a-BiE-{tB2RcZrUR6ZJy7v9x(|9DQ?6
zEJSk^0Bzq*9MAIzRZOHgfJqi(Gy-Q@Ny1j~&P!za3elYjuPDDXjXAde+mR+g{Z$gc
zfP3Vp&hSOjhE>v%O*1u~^V{Vga_Ar%r)!~&*`x0^1e*2p1^nQ#S|%^GhHqvd)A-q;q~T&BHf3U07V(AstWv7MGHS@GF?l4I?v!tZ3-h|shh~u5!**HY
zGW;9-h#BDtl}
zMZMQs!)E{1-Qe{|euV4?BxZit_-yTAxWYGdDKrOr!C%&XiO&^&aV>ig$1OeWJSx2M
z>f%~xsPyG6WE$i~?>e7ApPoDAQLsJ1Z%C^o<`?15+Z?i&NGPzEn!EC$4N>GIJ~3qBpy0va3Y+6*F&RQqBwA}=YZm(ZR3{svJ3L@efT}{
zLzzw^2Yw%lRpCgZI(S|?zc7&`L6hE9U}KAxBZadU!=zz-C6cA6D=h&R^ke1hAyJGhEa*qd574;qZym#!DiFUux-
zU#l%61rJuo#)3D1RdhN#CQ-G7&5FStSRx{v#XF<8JQm@k8Ib
zZrUmCeNai)3FZg}Yi`qSRMgIT<9|UVzM%5^P=My&^NOC!1(zsc3iR;#Ds}F(yA2jB
ziG;&g5Dj<|;=VKo`J)Ex5^TFMj6HpcD(#e@fW*A}N$hnmAptgb3EeFE{w<3}s*sTx
zHHw?1uuJ?o7yCN(u&aK%GvOKc)<VEMv8$}jRsfZ>Q`+TWtzm+Fz_
z^uGE}lJ4UzLY63HZMw+kw!d)xZLs6?KeTzxTWldoznW3m3jW_`Gc0w;J*>)ue{6ctef`#r_4tFn~vizsGYIlU}ad>o?wIoHpP6gwS1BAR*_%?
zEIoQGTE%<_gvok*bMFKYtjTiaRwZNe3YwmTTy4B=`VbwzU+~>dnt6ZsQ&)QY4=A1s6_nbv>T~^QLD0a4$gK
z&J%nk@7x4K?8nUX;K{Rqr9e04j70SCljS<%+hn0%O_&0dI$;DWI(?X^&`)(pbec#^
zCM?JM4uwFof*3*EvL78v>i`~z-@p_JkJv5NHv$&Ls&}^B8h?y1_gc28(2vD;RfQ>)
zBtpP1JSB`^>pT2fNTl!!#aD{@_{tv$S97TL1q}-n76o<97VT<7_<=M8^D5f;?F3#d
zH*ZtY2*y-gX;)**E<|Rge||a^pVvItIz%W0YNW(CjM0lyyt6?i-@*zwucwru6~-~x
zR)SLIPlH&f*o&{niW!RN(A}&2+lGN(w&$CMXd(f4?SUJRKfNG4SFYc7vvBkBk4sfI
zZRU%+2v8l;fPfiK{x*s{3c*J-BYya>B~@eN%z`PnFDfqDP6=?~<#q2~FTZJ`Cs1m-@d%L=2P~B`
z%qdPoc&NQDomT>b)BxaUHGD9qs`Wo8>ZmrA0hL#Z8fC0g=9$3%&Z4w+(im2;VbS|H
zbZK<5-O}a=Dy+)sfqx>oe@*JGOWs4
zfeB++|5=fL)z2St{x6jFPmcYsIw
zJfj#Y`M?q9=Dc#DS^tXoUi2$SqUudNX-pm*n33744-!bsDx&bsM2U$X!$<8+mb=ct
zz*v4z7|(eqf3s;U|Br*RX(VRc`@U|tP#oBwLODZT#W)>PaGMzgK2x(Dw>NSQKJ;g?
zu17Jbq@1!SWy(vr*_%5bxA%A
zXVz=t_KTU<`)YX2tzRGLyP`Gq;N05KLu0k`txVFj_aT#F9LV9@jQIBX5fgvk9er()
z>928`2r_Ur=EmTHMx`je$fW1a)kxjz9`M
zctn#IOuT(1_E`7Mi9N;Tm*$U6&ENp67`I+~2V#S>L~LU37?nx84Ii#jQ^MP1VjnVW
zc;|&yPC%y@?c7zEeSGPQ
zx_bIwP^0rIxH7N@YrI58r$JsKHlkv1{68Qc9PgcUn^T|jJcG{)y4rN-ze{pF_
zr`~#CY(+imWD_91T_Hi^8OV&xN=wAu484n*%O4UoBPIeB=GsTXe0`gtxmXV%y12#s
zoYS)ew0ABj(>_>$wj$~yp@hv`55I&SeXchKO;r04=0UQ5g<&Rzy8}-cb-sNi)$_KAc9hCaVBi
z4@0dxTW~DDx)l=$t7@~t?k+V(5eO>;IEH?|XYQJHP}E?=5&*&%D=lzWuZrgV6)R-(+i4VPs^_Nq`6+3~FXK<}bGojNFvc5Mr^k>0#g-Bw45O?GU
zF={2X=G!;%Z1M%&GH%jxqA8>tU*16Dmra1lRWemma%h|Q(%&?Z*@)H-HxUY3g(%s8
zUxXUx{WQ8=FZGK)M#0!BXD3%Mw@N!D?a_^>B$d!`H2s3gFI&+c;(BU>EUL3hh&0~c
zQtNGk=UhSNhL4$s8TlYw)gsX@vWs^HWoPf#FU^2+DbYzBo`GscimQdv0*1wZFRrtN
za!xVL9@P{R{U!VM)x0}>=>gh~ukrUOiP0rQ9q2)79FX)>rX*o;^CdW}U&Sx64MpAN
z>$=fPt{PB8?#>k;fQFE=AVB<>xW%4W(h7gN5Z%#vzT`hd~
zR&%aM5Cy0lRl!lV_5d^nv8S)&xvDzsU4GR@*Xv5~WAie~P0d`l4|Or|<8=FIjhcY;
zsP%F0rU5-#7y%Lb`u2h(Vo-VBhZuOG;qZTwm4?uBG)lw#6;
zLAgGU8df^EyTG|9wYWUpMc}jsL2A9uFrGqX8EIke1lScG~a@s_^^gYYmvip>?C=(~7VV^%JC!pGn;G
zdisW?ay2`ch|-P~CjGFlIKM8j&){V>2pOd0UT07FMSRORpl}TV2rLmMMcx0M%m8#k
zzsYU_#w+HniNy*Fqmvhj?pK`tU2&Ko9X@ztC!v2N%$_Nr36vGsQ|
z6o4u)Obukfh#N;TAO#H5g+|zJZ?aRqWdzPjX5seSI(5U&ov8FKlc5v72Kjj}3jyX=
zE4NofXi`gIHR|-R8{$MJq3gUofVUSwTM-W=7xX%|rRYE^kr~#}
zuQ!tt#efr}3SS!(X@JOdd~?(vdX>=zXJM-Zf*lkE#S-6mfx$r>erDqEs}HIf%e4OF
zaouIxj1Y~Od~WlB7qjGV>7AS>fJD&_EW*SWQr!%*g1_%Pj$81~S|u-F_y~=1SiE$&
zO}2q)oBGr5r7VM!hhmdNbyk_k_x6F53;?GP0je#$bzSkjEY?yML@-OH`0@O#WNY;O
z0!G&6a(&uA;uq8IJ|Xs
zQM^x6wfUWAB44M2d{ipY01LP7G)J6MD`j#{k}H`|UL9yPiD8fs4~DNaKtQLtVkHF^Y?1O3R;)r(swn^qi&|h^NW5!M5
zYwW@*bkg2Zz{mjRyd1dClIGvR2^j}
zU!nPSft99Yy~Ap|#t}DZ2jdQLgf%+-199u&HDo~anVe`UL2YF9%&i;6?dE@pIOz;0
zXHe5t%eR49?KEcjnc4}a=Ao6J94h*VE*Nq#1Q``x2cTIB&QLTwyyCVxZyOjGqPWe3
zkUdGmRcv?T@-NtWOW^N<;%McDpKFDLeon-20=E+pXLInQ$)eOAEafLCJ(50QUEDJZ
ziaYQ-Psg|QMl7lg?e~3#aEaKHDZlmu2iy2rNtE~bQt8Bdx`sxJS0~HWbfG
z`@;u>qNgfm*OFY)Wr%kjL-)*~L|fR4_Rh0v>U@q(?G)EW;)ofXofj!%>x=1q<67cH
zOkA!$8};#9bfDk}(a!uUXTV}_H=?#Y+(8zm0flSmyV&4#Imk?++SVlzj|C%O1-N9~
z7Sy~rtR9kuQEC{ZKtj<5r1dLX6O&E{acKvqnh@9Io9Sylo$9vNp2$rT*2V_nXg7(b
z2t1)JMApW(<1F3WROxHpKle(;T?B_%nhDl!`8lM-1ExW)%
z4uvZ~S|^!0|B)fkW*7F29Qel^?
zM5Rq}2RT2hvOgQ=n^m^{cv$te$`ithUgu7=
z2k1Gdkr}C}sVNVE!Qe6@dPoiiYekWQ!KHO*AO0vovb=B*`u=UMnlR+YYK6MgepJeg
z>L<+=(L-m8#Bx({ESFi;u=JJ_}GimDLFK@HL
z3cl8(0GsmwOd4h>9Vy`nm=m#_LIlQ*y
z9)#mRmo2Go9L-LmqIU
zv24~P@^e-G`ra0I!N1}YQHH@~qXb&8V?=H~ZA+B*BmaD4AS(v|nN0rE-Tb|KIm&lm
z6O0s^b*Vkn>?UeaOnoi{if3qV9ndc*`hJBYttib(w9oWQQ47s_C)k2T=4{3dB1q-N
z@3q(6^HZ$i=
z+jhI6>X?H+WDEX+Qp>y6Em#;&-So>yML&WG>OTz9QeSpn1wV6?hbPELp4RRS8S@+T
zdwbS+1ce}d0GM0F{oDoVgUT-|VA%M!)d99OFs)F(poqa=C5o?|Y2zBeIJ;$yA=78o
z;^F(YaiNoFG2iXn_J7jz99V>4hjHXYgKR5jy|2B&H<1HUI3z@9P|3*^7n-&P*L2?i
z4{HF?U`ks!d-Ij{nGx0%aWOU+hVS+>tMi&i2^#SoREZ34>ee6hNPLZ5hnj{#3BJTO
zDYbJQ*wJAo+Eaa0>eH3Oi>1fQ;QY8_=77#P9zmeUD^qn0!ecKH47kVRQcOe~dwsH|
z-Ax&{7Z*ytim}wjs;);)!8t)!Pc;_EV#2O_FuRz^`**Nzq%X1c_x{;vy$n?a3?m-N
z-A3s<8R~c`2Ur2~sTb8W;WX?=@#$6Nb6nQd)Po#W^gajR?Hw~uAw$ogX+&fjf}+-1wH?Wk(U-z0K5bO?nK}W6
zjXuVqVZ_3?t;fxBf+c_goK#+;*viy0;OzG*?Jd#qY-8RYmQ!UfO6z(FX3ts*(7pYv
zANabS7!$p?@0eFGTjzLgV?;cz24T5F#r~!#gDU))fOF@A#Bh?Uj@~b*#kM*rT#(T)
zGPT9n<OQc@lnsU
zgcV@^GD|wXsx^y>A+R>`37@gWBRSHXl5}-Z+ZV>m|BO9qy+H$zE@Mu?qM-Lq1rqHtqz@?M>Ee|M91>go3QPDP5kOO@HS2~NlVINQZ0`9Wl@+LvsoSxy>Q
z_o+{q@SE)nsf~I#xmfJ&>*He0nhQYX2>d7gh;Af@vPH{zS<(AG}P!_}gX_d}<2$xL=
zm#5!cd>~xTAzXZaH`EDf=nm4*e^vRLUVMJ*B?qFHtKWM0ZGcIL>K=Zpjt`=`1BmMW
ztIGdIFMo8Y|F!D=R^`7s=KnMr|KYF~tc*l{eUKq)hCSNjWALoO^7g|2M%m~Ba4<@mdL%Md+PrS
ziqNsjN$?YceA@6U4d}VH7tT&&0lG(P9g_QK9R>R#`*Yl*>R(VJo1w#yyZY*#>xCmn
zN2-&g#!>l|y%L~PN<1^OY1gcdCACLAaKy$ZvqNWh{dkl5T>XLDDXSs)-04S%DCr@{+PVpZ6b4a2`K*_7ly@p=)K?rP=ZCD$n@3Jnq8eGPcX
zc}Vk9&%ol{!Ygb?(o;%eM5>*z4@(_@CqQAD$Q731
zxo|_J*FYjW<3T$w^_GzPs&w6dTjcGFzntUeN6XQl)%U80ZsqYmPe$=J!W@1`l!O}35cYSM<1On9#}*_RJgP{I69?%|!f
zk9~Z6(Q`S2?{fN?&UX_k^
z|^1bNnlo26kME8XO8;zGT0*rf?ls1l;B7*`UJU7hJTCc0;x1?OGaa{_Soaj}lGvnJ
zrxebv6{bpL+Ue)4f^od&s^Q1Ss+^OJs3zBeK!5R~&Yh&vI*Z&FZT30V#oL
z_)_`l4xOrMkQJ7KCslP(%>LUNIF*9Qdy+MW%!=F_R_&>~OVfFyaUG4Q?j*%is>u|E
z>S_b6B!lKphe+yFdrFTq78bLzaZRK~A_E2=nfk2=xN>LY34~Mi&NMwthw)OB-a68A
ziO$)&k{Fe!4zp^BX+)^nYi_Kf))i_5g~TYmg8F=t6R@aM7B1zL&pIu
z^;(>--iy+vaQZ8&(r6yTJv_7Rybs~E{V3MzHSWpQ$LP4^Ba~szHB1#8x@x3^M+^|=
zm7VsYWQ{iH%NRE?74K8P0!iVys4>vmR38zk?S{rsvm0s32>2#^Kq%NW{sqMw&Dx7e
zPN?eosfzc&1%G3BKTn8T5+
zGdc;W5b-AVKr@}flPnQ)LaaqnLT+-xDb~zr_qD7(IiJXANeWDOU39^*yvFyaVhuR?xt+qY$X7#Q;eWmF^@<$orR8}S1NE2`MceBzok}1?8pQ-bk?tTiM#g*Zw
zy3Jt&>V=CmYap+S+K^(KCL$b^nO7fu&=7zAqUY_G=~J?Yh;(l$V4D*{qg3kr@V3^0
z9htJ8f+K-AfuJC&>r_^qBb{JjtXs*8Q5=aG$7=V|gpLV^MqkN}lP^9m`rWXa-X~u!
zPw_{yK1$z=V@6^`Z2ntHqZ@<|Zhdkgt~_-X^HuGQdse6ume7i?aiyE`QT7s;Tf;4Yr
z`TM-I_O}Y@u0T1jK2I53mrFZ*z*PBV5$SPRt@35o=`oRk+)|Kc!-|aA*kjUDDHpYZ
zs*{PHv_QtUo+$MMI>>_v>H$Qjrmn{h###VE7sY#U>SJDJ^Rf&ml*=+|XMr#P@??QN
zY^YVNEE}>^R}dlagM4yfZ!GJQUjNK7;!F*{hmOn()ZE{5Da7PJ+^9@{G^GJkubtVya=|kr-ez=5p@wyUetEa)zxE>>OdHI
z7Un?LdkXc>hcV7@sogpjf>M7)VpVbx5NJQ4|18)qNb82t7H`_p1eFY
zX<2+;dRWovdVrP85xj?}5Aet_`YJj3DzQ{qVjoK5hRAdJK0vHg=&2MFi%#alPD6{v
z9J=D9hMtau#wyEt^D|r?!}DKyG~fc|oCOv>2qz
zu}ob%8EyBJlJJ5IqF
zGqdkHY7(U9LyYQ|-=omtEYPW{{eG`mlU6})r7p`l0)I?iK^=!$;g^};Er(h-8Lh&f
zb{zABZ2U74q?y(?!#La+wrFy_iFLB)5;#o{zd}84?PGP>hsit8ZKB3|rB`Wr3v?yAbQ>
z=@2dtB7G|2g8E$rZ@x(mOw#@d#Zjf~I63Jvt*1!MMZNLGNSnA1fVxMvs@18g>F%t8
zix?(HmfgxFmK6R#vej4dZDX+U0(4lCTqqkfrFF)4!LZ|b|0T!OFjap+S_2@Cv=%^5$5+Q
zKHvYS)K}^epqXWj4#aDD*3qgijR+lnk!@1%t$L3(;rfMG8Zv53UFk;8f
z+SU9oQT=Oe{UfT%f4}f*Ooh=8EcWZ|@>GuKMnSAula!t}MB2fK4+<~_Wj`~IZx@r<
zFpbIk;Ce-BIf%i#7R&ZEizyrmslp*W5{^@@wt1Baf{dhdgNl7I)s?adbP{^v^3#vs
zZ|C)!%e7Z-yseMRX&VU;4JOki$`4{sP&t!jNX%UQI|R@jTC&7SU-4qWUE~p)hTrJ(
z;KAaaU>RxcSV($xs6*>#nbwHkZSVkIM&y{{*yEJna=#O7i+~u1Lzt$@>V@`hJ4oFBFp@=Le?p%
zH?3%z*^|froD{i4O}cL6eP3%XTVtpmnTR$GuFeAD3HR1hb65t6cq|GaM#?cO*7c16
z%Qx2VEJm=n^Jk-)^?Y#?S`N!PD0c8)UO0b24T}U~oA#D0acW$f3RKlo_bXWOV-xBe
zBxAjzX6Kg%-o3Qw=~gB==ZqlQ=#)RETn*lYX0os9SGs65W&59Nre7%T_u>rzP=WqN
z6{eF2hqBUfUo=hNIW_`#Y4~?KV#yd4~_AQ
z+5?TKZSi+rZ@Ez8I3D9)@;MFEQ!<~?w$yEcR+Y_qN^@sjB7}7gPew4SUa={Sqlqyd
zGXk4xX1Iv>3UE;i*ixYBo@|CLMk48ZzRyHPGTo|EDYJrRIfjV_E4ti)#)T=|u`)pU
z;p$U8)hLxmZcrU=XYaHoH=OiqsiHoA^a@@Xf}eA(*QJNB>tEh0`UnsXqUU~0*CGNg
z2uf-sPl6bXsdG7~w{N>H3*mr`zo6O~{Kgr_*{dSc>NfQ^bt=5+pmo?!Y-~FWJL~;O
zzIap!(7ZW{rYJ9^9tDT~f+{d_b*4tFA?7XOx$!|6$!W04~~(Ks%A_
zM#{^q8Oi0eCx2}M#FZv9BJ(QB7q#O^e;rqn$MWn>kC&R~k#1k}pMq`<$cR=Qj9RYR
zlit`*U#wD)?lX<$31yiqDDs$BQnYZc!e_8G3pH@bs*tOz73XC#SQmYXK(5~0r3Y?|Q(dR#$_tf3!SW=3W24RugRNIfG4G;egcHVr!n8MWqp
zIco~6h=AqG<$4Mjc)Fq^iSp^NUubn){do91;kc~6k_9~$Nav=|!~
zFI#D~&8O3J&ERT#4u4J0J&{|>)Q?YakJzE{rfm~IVo>$7c42aLGFELPLv$3&r3?4N
zTI<>Al?1xLmrdG}MoCrl_%ZWmlQCjrA@dRTGGm1nbr%%a$*kzOTM|C_uNxLaOy6mK
zT=n2#7Wv{e8{D9Uz#JI>m=+(a-`r&WxYE>+7=Z$EP9NOZ6tpq?{)gD*u30Hd=19dI
zIYfQIkkLL^uK5Ku!vOOdHv!3@&}Kr*Fc$80^5dEJZst%I~hze^?_A=x9Ek$PklVI9Zlh
zrRe6hr&s!HG=YxKS}WPbX?{VqG_k@q)2LVbny~h5cMw~NZOdWotG{d15vVkEj8gDc=-?)aXAguan(U_rR-e_oaR#tfXgU5j`d_U4mEbxM^t)yclTNeB;
zD^yuQDl(03+)Gg3FvVva2qeZq&wXqHg{IwczVbJ3Gsl(GY7
zIELCwU$2ck_}aD(Oq!K7G|K{V*~eHb##0_Uoo*Z37~pFyV2rW$g`GNAsC||yYLMz=
z1DETG^R0Ui+BF+H<2$gc9=oJvmLmRA4uO>0OgqA=sm*#uS{j{8k_O!Nc!!S`H3`!^
zjr;Qjk{QU}H4;2-7FEsfwl5hI)?%)^CfCkwjIN}x0OIpvi5&6i_U~1&dnNhOkD#&y
zq9UvG{7TeqtP7PwUAwakO~cCGsW5lwy}sdd6iA>9GL&fZ$QD|sE$p^?>@`UI|YWi&?0;J(M`MQagGaf_P}Ibf0NIXb!wO}0e(JePj0fF$&6PIsN&~PU20X`?o@y+pJabIkfQ2KzJd!f~?+C$=d7SK>eqb&`P4w=Gyq1DJa
z%{5ww*2qb!igoLfTVWYo^Mk`~MRAawg0u2FHl;I{24;iE5U^QoVsw^cCekWOl$@wT
z|B?NG3prsK#dclGZT3)yOEkHvQ1iKga`HHJ`joGHWj=q#>!HqoZZxx;YjiqMu#|FI
ze=ylwrwOEC^A1JrHoNg%jP446wk@WPYvGNs6ppKtmTGji8qx%m1ul;jj1y*Vf;21g
z?Nl`77lJ(=N%cFTkRU6nrA@jKk>-|D&fo~x$)dP?D&(-*-JI;?&;XFzObAc>yGnb9
zN|eNf@q`C?-F2-d{rZsw+?twJnk5FTOU{BAC44P;ljCUhRj)}*bEu^?&Ch38&~U(
zOs*&Mk`!@SKNFNb**7&vkCEi@+5TpbZzVN8{LpmM@man8v{E2(|H^DPa}&I3FJ54?
zv=j(W`Xmg(z%_AV0ogW_^xG)@p_Us-F5~?cL)hQnGE48WTsrJ
z-~+Qm5v}Cm5#}hY9Ee5O!`6}PMl10LHdg)V*@mgobhyEi2A+pcHYE51E3&+67|}_O
z&BysC%hz6_uJlX`EDb90WUo}DPACwoHCq;M)jjI5PUyv-7Yosc*g#>}{GcvWE
zDoMfij!Tw+1l`P~JszDkH++<;(+b-{u>-bS>qX&(TZl##jEdpMz8Wk{H|gmC7C7l9
zMnSr##9S(NU(mHooTPNO55)&HJ6Cjh*Hx+GSA{O!bk0lbhjS#tWUiFhT22~SCd?<&
z2h^A#9eRnL(ezf)7(+m*R1pyOS`p&ul{_jT7kNz`w+|rxEveFA=3=~aY18yeY%Vh7
z%((>_$+>iUp7qGt`jD|1oAz{~*x^J_*NVKX8**A{?Jek}PeC2Qp*!|f|I;%5G4yrT
zv@Z2qrn4{j#ED2wG}3z`HnR?H*KzzRvo~_sM#h}zj{}qSd61I^H}@5{#tqymIC0Zo
zfPf5If_=z-j_v}#4o}Q)btBJ=fg%itM(<-Er%Pbxu&`@t-SnQtFLpz<)!R9KNYkNi4F&8QYF$OOkw9Wd(P*Q+A#GIpQMy_|(F
zXH|~lNMhcWh-Vh^(HN$@$cBZ2Dg3a)$?=cmy^`n-E;ng%}-D+J2
z{)HEFu3Ta30K~wp-1*qJg
zHp36;f}rw{=B9#xA;!Q#=8;Pu@sxY_v0H%w{4dtK2u7HBrk9Hkv{y>P-{dBB?-%
z($Onmnr}}HyZlxI@T4hymA}7{ZjJ$Nj}V#?42@Jr_yt&A+@~BE*S@?9Bpq~dR%P)4Fr<`p^BUl{;eJSGy^6SL0dt^a0EnbYU!z?#G3
zI!Z!_brpWtR&bF>V9kjCf?`Y9nEI+8q#4c;Tdj9~Yf#*QE=!NW7e9fwf9uus)7sn^
zB=9c(ro@xqWVWitNzbVl5wLNU8vO1%yCo82bQCZv?)6mQxAjxU{x|mC11gH8YZUDn
z1{|V*f|3SFk`X}=
zkTkv;J?Gu;yX*e{TX((xzPsLAue+yvy1IJrT|3q8s_JU(uYQY+GfuL4>q)j7A5EPY
zY}LwM?g?fsaz8MNJ3ldzMzQ|LY|rkL+^r;&iy2cr^TDk>+!IBkN28B?p?a+H>xTI(
z9CTyox_xK#FQ|BBO`>7S)yHbg($W87SIybbyIZ#!rm9|TN|^A)Fe#KB%mVG>&dD+8
z`VxN;@_@F26KF7JxMfXIo}0y#31;4r35m{cp2SeX;<=M82lvBIyk%tatclr2`nKPM
zfMFZIAkGVmr<~x8Uyvzx!Dcbe_w0jj3lTq)iXYypm-*lLlNJ_FB!01U9MJPy%#Td$
zJ@k&vP*C-x=z6VoNUzjR(v|Oiu)Wzzc1a{E-*
z{;_K|aByjPS4W7|nst)%2QM!{Wn|ItwT-PQ%KXi>i)NnU*zn1+r_;h~5e2grPAfn2
z!!L(RakXm?Js5tocY9jpmR4>P)bEOE02RSPiQ7S1Guf|+2QM1(((cU;T{Q2RLj}n5
zbrmcxjFnoP@#`j%qPD=W+V_!#UT$_qaBUvOi8BHHXtm~E=fcb(pQo#lKOLb2w7NpL
z(Y;6TnC0+lNv8Qvz4s5s&Z*R_-g}|Pb(@c^M96j=zf`nxH;F%8FXhA~E3^7%Pm0$&
zf}ZaGHt=nY+U!8pw_^Oc*;CHTrB$1!EUaJmU`wS`22A48X;nyO-5RzoG|Cj69g59K
zt~IWc9B1wC@(*6!8hZ9LZ@cBgkxiq`%G0M+yY6+>=(n3J2VMNkv4jcCY%caXj;N+w
zi(?jS#n{@p_kX&SrexL2i5VIF;wWg5n9Zt~|Hhkh@B-pR&7z^jr*|)o8n$JRIX{0P
z{MJ8~>yFKOCGJ}hyIQX9ZKP6x`@U*rRr1-#iT4&$8&lKeHwf20KFX_4FA8zLX!r1%
z(!|Yc=_0-kzo5On%cBb|zo6?4e`WuEDwk-Op7yZ0(b
z6}`udKBmeb^Zl>0)c3pHg^{x8k;Dr!+CU9;>+#proVZY{F;bX%xOkyKje6s)3
z;pg{{QI`7y!(jWAvlkmOtd`a^UQJ27dVg|VsQ+MytPQv&v4b@3_?g<$Z5_
zJ1%?_;%tz+Vj66@`~N5ZKgJWzHssh7b&ctKtrwaH!4Od2miJGd)_9~APepvPZK@MG
zO1Hjkv2F39*x9nR0OEf*l1_AWZ%JvBF6hm-9=L7&Mm*#4Xo6Sp=O&ZTALO#y^wWm=
zY!^;Gdp`BGJGMVq$Ze3jz^q0Y*Sr?jE~zYTaUEMEdf6GQ$NYI_
z{(QeBl0}jFc{QEkn&2uGGvgQoAxH-O*j083c3VpnMYn^S+al7OA
zjQH%2*!fCt-`Ei^=V1LWIQ~ghzQHlJ>i*WBNv*KzYaito^@seQC4J{lqGs|;^}QpB
zciRh=VdH&ZZO#h!@Z%d8#{5I3Cve}6)Yi&`yxF`HUMK}V1wYgZ001Bf@JH1!cX)Y*@r3_
ztsi7DALa^}a(kC5@c7=2EZ*9YCqSq-()_J3H(zOs`~8Mj_I1VW2j{?>imNC0)92}1
zza|<<%F=EyB99f-Vf1gYh&W|NwNHy~MJbhww(wu^r`#2K(=sJQ84QixTCulj*q`eG
znlN2|LEys-v0G^aM~(R1leM?3tH+*VyOM(NEL+uZGTS
z(QroJ(>i6GbYHP}|Ft(Xm|?8(WT5qv!_ECwnoo2ye)|6OXY1TSENtxq@8$|ko(ldg
z@GOlI4I7@RF0|XRl=}sHoRyRVe$Pr*vZL^!ks~r*yW$f#`w3Ns;a?DawdKH1lV-S~
z+2?nzCn+>(l4kxs^~$j+Etq0SoJVVieUgv$^SLj$44E3W{^|H{$;vOCUgiBKi6(J9
zC$M?+o+?ZKLeFK=|H--EjlZYj(ne*1FSg(&H~7Z5N&P?TqO0C~Rjxnc`0RTSvv0zn
z7xm)s2H)rasec1pto*86SL*m|30(9V^a}d_z{USoPHSKNyGAM5D9gP{C-~
zSkA!)eDLb$nlDw8oL@#
zd-A`ayI}tOh=tI*yP1?HTQTh!R(hUH$%;o$G8q_lOUb{WA&t@7yGn|e
zeM>)M1yrp;Gr)BJ*@n)950~>;1{l0OupEI`OztSb*O4tl=WKaT3R%Wm5NJ1N>ua*Q
z+vc__%uApn4JX$J(xaoCo1ZcZ#KSc+f+v*|KQI_XnVvjo3U`*~P%@sb5@SVRK^=)g
zW&W_AeHH$X0_AO1ab~9$E_4g8Mibx&i8H=Ki&c8Zu}sda@=>D-wHckoR{Bq)^)32N
z36wq6XL0-Bb0+87d1pP0g6sO)o4kf9IY-?kXC^5n=Zz#d&Xxq2B5~0nu&E3LNPquEgJp|kgE;3hc>0ng%zdvO7vO#mP
zU>{@HI-Gh4d2^)l$?Lg{cV?ENXUO(>gEGqVdACm=%VrH7^~=?h?iYW%D3mvNcK17l
zYfFvo7j#nN&1%l}!x;_n&?1WCY6EzILYDdh1%h@TEdngRzb}ShgG5+`<&SDy%t5O)o-!*tj5L
z3x#MiKbEh+Nyi33VtVS#&bFiQo>D>}M2F6;kjT*OMIyg$nteG*IQdwBz+TwuP_Nf|iB5%&^`WjX
zl*ZJagF26QGr1Hac~vpI1rZ0AU5xKf;S;hJ`5Ub&c{WRP*o
zyR*8|nx=6&x3V9dE#&ryGGv%zjMUfUG@@y;p$mEE7jLM5<@wY>=;B8Dhc^0a*j=P8
zj0tbNk1%ayy>%9GtuP?|;axP1uqKPp51RFenD8W9QKduL2DN8ORxppUx@TN@quTEw
zn)eqde&cYfxX;Y?H548Dk-5u5Nm5aE+V&mo0hz%@o-iqyT=g~eCx$uBjee2mWJ7XZ
zKi0z1{%AJ~nAmTPB$3#n*aLc9q8ue&Jb>lzm==)y#7$WbN_HiAl|*hehDn;f#n2pc
zKUVpCm4B95KTb4Z984+Hck9Gjm)e))nw{nP#pkbaf@1$B0U
z&AqUuZw)nq-LPwjz4cSM(cIV8j6c`n(U&gdC&YSES|eY~x$P@f^9?ZbKE3@KH|VOYEuljN)lE{t~&wn_<#XiV^V~Cf8
zX}Ow7mR(gKLNwmi$J*Ff?>%@`=|h{C+hnF!Aqn=*veyEAKVE3)nnT_ZTBV@C`_T2d
z30DeBODrm$eHF=-&U^cM-(HS{2vcNe1?oL?_~Ku=EjZEm)r0`aQc2Rl_nby4`ExbR
ztl^PTq|2X+9jqCdFXHAe+PB|-5Dd{49=zb7sUshKzR|liO3Cobx8~Zbi@f2k6R1HX
znu)L9^?-sPhcv?Kb2>WRVV492`c}S>>A;)mahU1B#l_4{az78pjZ~(h-hFK3Aw8)q
zHJ_$^d5r|2f?lph##Ue_TUp-|y_!=iT{Yuf?yxE^D&9YEmLN1g8oy9ay8WrFFn2iJ
z%sYOe*=k^&(b=k>y&4wdnl;lSmAI0QELk$ty!eP?|E)<>El6+zV+RF&KVyZ>-I+)5
z--Lw@L^JW7V%&`oPj>vOs_syt9R6I^l}kEa?wKBkb-b*rzqc2yPjAghrnUqh{~sEC
zaf#m$7bC;Q>2n2~$~yZl+PfTk)TLy93kz)>NpgJa9)I}I$e~?^>KB%L30DhA{nFJ9
zF(rtwty`5cWrw=WcVu^3!|V|O+BuJs*!vWeG!B56a*EEqb74him&VJAOS;9H(ZTw(
ztOejtG9dZId21uK3--;A7p@Q9(yq5Dw3xfEXPMf&NB$GxGW#NGjJ&
zuXQ0#M6pfOTC69Qme9uMCit2;mC){DTTTV_bs=bHWro-k&ug
zi0vLoYq~JyyMC-fO~nh_EoMHCx%gVGjecrEpF8Ni8Md3voFsFH(g7&3kc&7lnTl+w
ztXO33NW84r?sxP?@k9B?usw!t*S68x$Q39ZPC5bMP~7p8)OsTr@#At*+HHp)f;SI!
zNr(xZa-t707J76?lHOuGt%o(hx3WwY*wHWtwWLSB#4`{Uqo1@y1)~ClpM0dqnmEud
z)Z9>OM4=0lGtnF~
zZgQh9Zhr!9d4D!Dza4ESf+MXMyV?n4XQG1lt?qI#~rz#;0!-Hwz
z7qZ5WEjQPc7B3?7VsjHNfihp)jdICH#}a79!w*a`2^jE*9+-Qw!mwRS;^IrVT$tNz
z&9K^n+fftziGq~T>{oi3-8rPt0;AsfIap45jj~(9x9K*5C-dvrfAm@VPhT|?F(6D)
z#$QTZG%;r}*D)(Il`0Zo;5ljh$tXfpNHW^$`rU6zZY=xd@0z`5#_`f!&X-G8Gro`(
zDIS~J<;Rq&|AgPO6$6FKXq=HZmv_)>BWg|={CpD$bN*9OJ>afxuLoYVZzQxoq2-8k
zm)22u&aS93$dWl=9k6~S*^mx=Wroh}fYYF@2NX7NEKB=gsW1b={m!`}gJd^ut=q-L
z`leS$-4ye~+&Hpw%x4^+6Y&_%)?0)~^PD$CR^^C7$q$tgEv#~Mg0^9IFH|&_h+$mn
z4qh%ld`sq;Z^9W#j25dD2SVgR%Fif;hYRLb&!pBqKV4|CvRDt#Z86iUECk*iu&`l#
zVYLQmDo~~cS+T^b`RdR}>(dLZ;6sW)Xx`G2xv$L}ib0-+7|9Dy=^N?qC>;z@qhqf?
z{en_n@;6HDUTy+HZp>`~&?r0;GLw*G541m7@6&XL(t=TpPS%d)xW7W>nK)YCX%fB
zV%wj>I*~YsquC3)V3Fw*_S~+YD{=7W#im`S`WNSMaeDEk&!T)H0*0^aKOh;>U7PgH
zFuPlJ_Ju&;eF`iVOG?Kn#LIHVmL8c%W=%v|xLnUEc!`Kw(?uA&Az3f;@Tx!mD8+lv
zPtiFeyy6h49*FTMZ_B(&T)0`v1o35ibVj+0_LI8@Pl$!i**4}FuW_U^
zC(5n`NV|Nvn=jGTh(=krY=mJ%I2c6YeWPGmTCPbmdoxFw4rX7SM8%{}jdhi5sECUK
zBCePUE*e9^oU;Y1#I+1n1wnRkId}FNW_CgP&FEYAH7g(olwlX+$rEpyo7G6GPH)j#lT^q3OQfX@!<}4(fKfp_Gpx}1q$+{qWM}O~d(q5SEYLfFf_ahg{&$E$jaPCLT&?b`xb+eI7KpV!
zmbHF57T>MrWpQZYIbBzME3=3jA
z5xQLUB}uww`zNPksRrs)n492;LykUS`mC1IaXS-r_{MJIR0GFs(QZPh%)(>~hUya$JX_Ipl`ipT%M|=Ka(_LHOwYoGW_gj*N4@i3EWV
z*MwF7yDI-TYWvtp?UL6c6_jU$&5@uyxLdes(m4vVuz9MTn>d%6?3~#5Z^^Ng4{Uo64(ppmU|IMyvv%+r6X-A!6d-=M{?~&^$r#MBT)|p~S
zOJ}j5Jo>Vum-Kz?8&=vpr6rK6pB3-sI3O=v{Q_Z89_0iv(->F=n%>Wf&a@rWNnB80
zt$O8OM(8a37*3CjRZl9qd3cKE>lfCeO}B%?(iPRCc!bs!c>R!|JJa38Nvqra30l+v
z(RxGS-eCr$iNrDgDBV#ldso*3@$&L*0`+cZr0;Z(o9Sq{e2;E1Zfv56r}zuq)#7;U
zs{Pb=LHHZJFntdBX5VkH>XEijUN$og$4BRIez$v^IGR%1edvDacNuBnOA-MS0aZ3b
z$%xkqDVK4=kso^==gSos+pl&Z3Y}xH9_~Hpa&5gCixuJS6ZbtiR51pHMVv+Ma
zdjxqk%+TEMQPf!dvZA3ZmJK?XHp9B9l##!m@GP6m_kh#=o*{g*^0IwCT~syL#J(1VrxPh;#*%
zk}&$z!M>yKHe6oZwlE00p;IXHu!7CyYQquv9}%c`Bl6b_>8;HKFWgI7k#9_3(iB@a
zS&8grTC;!_exOM-i3-H^1y^i3D!l`Y8`SsNQ&>)~^s;%sw=kS{=~Tu5TeObNnx%$yaZg6h@=B
zYJ9TwdT5SuB2%AdJPk$)9E>u3ROnu;D`mg=Gc}(6JSU{??tp2ofb9cR*AuP?;|W{l3R&L4k~gjLI)&Am=^+PvVe_sf}M
ziuLZnP2()IHC_E)XEl4W_j58kv{Je`(mK26X(abV=hS{iV&3mrVQ9>Xp7Ks}B(P2J
z;BEr0;^>dB2xu9rbi^2lN!qo6SoACBYJ{Pz5yn5HPo27NvOnbgfqM6E&
z?5zSy^?oUqT!<5LtRy<8+HObM*HVg2&`~=F1-k2*v}i_?b|~c0``Kn|(0L$mkLlCI
z`XhqRBiL)-sTjg%Cx*jxna$5>MLD4M=SGJ{S@_h$BR)^X<>y@Dz-+H|$+yzwK0X^}
z`Dn(A4^~u8&Swc_yMKzgD6J;)933g%DgSh-#e>XdW;gez1X@>i
z+unoWgMKoFY^z|5RVN~+IZI8`(b&b^eEp`R2wRkb{j5bZN8$gt`w^lbC@Z5C!FAANg6Sl%8U&@#rg~4
zy|33@yZ7aV-f5Sx$L=}L7nTHMLuk__3`Rsm*{WTUMdi!c#~+y9zAquNroKP(U2vDq
z43id$aQ#cN?|p((B3pGEO82xtX$tGxebH9?8&X=Y*WJna!qeH5fY2&D`to^RRD;*g
z=RM7DKiUcuo|@ocyIVCMNVs!Ov
zNoPPEEM(}@DnpWxmsybGh26M~hIlCfv#3+yEf%J!4iTL$6TZE_AUI^__^ETpduo#D
zn^aA{2gv8;-6=(9+oXkPGk)Xp!3s6%pdxclK4<)L#gi1N%i3NLJ9|~PEbON#JDs)z
z@$#OcT*MRw^^!8%%C;k#+UuM_k_OR=4^nucgBh%nE&}FyP_&%j6*E)5
zn3tKx9PuA7p}O~BWWt_S<%(V5)5)@hEbpFHV$+2tAsRWi<}mN`tdBI+3(uRA1m~?C
z%?)B7MD$JGLl4d%pe&vbt|_j
zy0dCeAMP^MMNb@eKbt=qBW1iU5dIKq;^P>Z(mAYOZjdA(MelslDbJL_UHYOA+6{p+
zVOH0k!Jz#V_X#27@6#g%n3~=;8bdks-7HwvLTQ1CMgm=A;EsvcFDUg6X@p03T$JY>
zf*6R7l#$B6ckX~*f$4M(8?75U_Cz8!=M|z6m784uOqLb<10^M9
zSiPsY7@v9wDfhZ^(e;@jXkx|LE8^qb9;sJ^6vhg%NHSev%ZS@|;t#)gF1!w7p>y~$
zE`H#VgJX&t%PFK=VFr`rZAlLWGl|uDO-L7|F6M6aGXiy**(eernx(lvSbqh1-nDiA
zWxhlnMgu#ugdXJK6jaz^y4d|g&o2p?K4ST9dNikRhhfh`Ql`jtstwuqSZ=eT`Cnf_USy}|n^dHx%7*i7+
zP{q+Gq0Ewm4N5hp1jPxAJCcVVOLMm~(-2D(m$ze9f_NjMRgYGho#S%^lRb70ebcC=
zbuo???q=xWP1qeAP|voA$kgBr8!ri%qrGApXImWZsPC4qzryF5B0PQDOmgHekxX`}
z)CpdzD-KS=XBAK1XtkYy*i7{_t2GJQajvfFZjn5dK1CnWWEZ7{;_pg5w)7alnloey
zb84rCtEEfNv^Vj7rK=D>z}gm|KRYs!&66v-!aGq
zusZB}o?m3fuHdi|CUw{)oVZkpj=1{FPt@zK<)PewbOZF{36azD%6bkuRw8S!N85;I
zH{4k#SO4sUJH+4^(+o644|R-aB13R6q3V8
zMyf+e_!s2B$>xtW2!Y@
z;dl#ei_@;CB8gRo#Ch6|6@i_wRXe`Gq<$dzs$nBY!5`en{2i
z_XHw}L!U&GqQb}k*Elc!cJB{m8hqx}*UKs|Py
zRZ<|D<_Y5I&%_{aJhzTB|Jizcj%#e2Gb6Deon!1iZ4dn~X=KYub*Jo|W_uYN2{g?hFyiO#*J1@=w
zmXRW8FkeI#+r1plpB9a{|L|tlhxC(AY4zT}SHrMm7mlh)I3Bk@#4J&LLnrz&H{#T7
z`NpJuZLSi%dcmU933v4T5;G%(^b-uk$H(zgyZ5tQ}i|3?2WKU&OLX+z9Jzk(X{*R
z$CF2A5tXCdO3Isu<_%BlDvwI!`yu8})1t{1B#$$=qxXrKMwv0dMFQ}S)
ziS~c}$=`UAj;Dqx-_{{%AUi_yj1`)LHu!QB`YV@a(s6fZ2Iv{#dm(MteCvQ->WsWT
z+C#fJ$Kab%f%V)~QFp1vbDtioY0VgVvNCxSc%xX1{Cl*}!i>CJBGq%)7GdPUdA*}H
zXDzd&xSvOc>FbUwh+*{t8Y5XX55&b1``Ogy(j+UB!;0b%u9?0me<4DH97#0I7lGf<8*aeHZ%^J0#(Y3Xo>j_!ZH{E%44IUAcSlHF3D-!Hi
zFd~(&2Nf3N;@eXYBIu2)C
zcwa8$sL?c;L&%q()`PtxJRDw|7e_jpr3uH`>grdgRH%nnJPUYTsd)c&n(>P3>yeqIJGCpH
z^D6jTw+5pouKMU>Z?`yq6Zq>k?QPz$yD5g&?`GJ9ldp8gNU}JD8Aj%_nZ8TP2`e60
zbq^HZTKO1%Ijl*b){Ndz>)0)iANnE+@6~2HUl|uisiLqXb5(87$$)%cv
zOf=6HJHP%wlJ-|tIp)H?^Q6g!%?jF!)AD=&R2Hm9rN
zi5E*HJl+!xh}LIa`)~qmt4BE@l$Id<7hlhbU1&trWX+>S{>{Wy2j+=kH83uHIKWq{
zSX-+RnFo
z+V>6N1qbf*m<0N>s!5+?qe}M7+~C_4BPY-_4q7!!pZ)aZf8wZ`6x|YREyp7|S0le~
z<@9QTmsQ4|TJ%=6FEE~Xl}E2K+N;7xoGeW{z=Jr49dC
zE6e@nyGJXxzC8K%ba?JyI_}43mF$8($Kf-QwX!^iocQZ5SlwRd`UoiWJHys|T&mhH
zxr=&}pY7pYx#n5pXA(U@8uUx*3BJh1#1^h{w8r97phF?Gk1V`Y
zrr1}_05$A$?|>s|&|5{|&{c2ICaTiuKu$^BrG;Rmgira^3I6E$ijlv+RX-tk*IJfm
zvL{wGz83xzUB%X_a!=>?-Tcul6^Tbd7YTBOXEdTl@yEn?=g<
z7fj8d9rUd3vaD2KXdd%HIVKX+V7EvneW>3c5M1YG3F|dsh1`Ef^$IFZwb@_^>)N6RhR9
z^+(`oY8W~q-sd--9X%gC-^fk({%`^iwk%gtj(7a0=-m2Taxz=JPxhHEyebPlX-s~C
zU$3d0F?YPe8Wf?KTOT5GHN$CY{
za0bP9F}s_+3kQo99uzIyE@DfIbC$~>RCJ;0GZsn%J
zBMxNkr?C9A{PojC3y~>jWf8{l8dL1@QsLDRXHJMHBH5<3jj98`ztg^q5^0aTk5qioO&Sedx4~MZsS+j<0
zNX<@R506Ct3-vUhEWfwTv8_43sk5IHk)Ix|oNaI9wECp{-AawauweE#0xlHRHF8p6??Um_&Dd)!R>k(QTGg7SyCv^$35W^Z&xVn!s;h!M6Km2%^|i&6BMEMZl5u
zujIZkX9|BmAe;iBYWyJYzaK6BZ^PFgrg})
z2r42(K@bT6DQH3vDgo^NWnt73h9G(eB;)`gBYDOlVT3~?0Rms?(?n~ckkJsNFT7Os
z3mW@@0khRWSRwEg@-lMJ=28U_3%9{GnCfif21=HV%i11Hc0rQyFxi`k1$zt;2ljZR
z5gy(S#MJoyf|lXD{0yAu$qJ%LL&zHb&M#=kNt1}xz{B9BkCj-WA(Fn~;a(ZpK4eKL
z&7{v0#vT?YFaLrH%G#F6_%baj=nN`?zqc}gU>F0FgHDunf(gLuhgpa?&)exlY}IlN
zzKl9PP}UHM)mW<9H1R*Ss>x~s&@5$;7e9Dn(p=dAmGl)mpixk^`~#qz3t+(EE8x9~
z3;@3k-sl90Fd5H|!`H4FUHt`7)&ht|a&Q(AtFpIg0^9$Bexzs`YTz3h&Y4ivisL{L{jFP4#M<0($|wNn`a
zFv(afCa5Q<2!kRB6RCG~;Fs$+h*(t<7%TRs@5r8VM&Jfn7$&>I4LFzK--Y~FB>(*1
z&Bo$KmtY(|7l)tCuxr@cSj#7pJ&Q2e_+^-^0g5L{kD(-xg$Ab(s4-9s96n?gCgLlw
z8CVgO58$&-t`9=sCOq8Xc?~uJbFTd7>y}c+XE(soIJv3^M&K>&{wx%cY@&?G!q@#E
z|3%q&O#s?@ksN62fW`o(m63fL@D)U#1aG3z2cW=fHtsuk5)Ply*Wm_O|IfPgxC$sS
zeh)SQ_xxGcus-GZ46-gfij{r%3knMCwegh5Cz@2%XZ!quM&G5QfC`ao%p0`;&3hT-
zkR700SNpt)+VfSr{WjmIiY52B|DO`=J#N6mV_(Vmx&|`7stQPix^7ie*#XwElY?Yy
zLKpGJuyXQL>sntE19Y?r=Z{gwQg1fXgOeqgyiCT5XX|HT?mPr<=2T{c!h>>fhu5>L
z&_A&Hm*B4;;~yItqmaq?k}>L)-7H)I8DC+9uZ2wj#zL$ZYzb6ptlk9}_g)2x8w`vf
zVj*x1O!*3fTZVz20dttumm&WGX`)1!jH(sDld(*f$LHOr`C}sSb*l#6x^I*|jpm
z^AC!FrB}ZoU@3SaR*vdXfENJ_^Tj{^b6KfusSKFsstw>e+?Njz8F^yJrz80Rm9H?OVwDhvI-);YMJ~O&>BEIe@6oaCjWwNU{%@*u$WWi
z9UBcG){Y?Hqrn#e+^+-IidyN6A08hEwl}jjfKNeRR2A)v$d}Z-yGTlH6Ag=B)=ES
zZ;J!K|7>M9u`1b`qFAvEvU3#>V%s%Pn~=AF587=4CeVvjT_%e)jIJ6&(#BNt0;=C@
z0<_YoQ)ss=6o{#!A8>we<2XJ8ixJK?!Q5Y_5>5oNr3Y07zG`YJ&4k28+7_%ej>AJ~8PDS*ebF1;RrKk(-z
z0I2sf@DTYKz7#*=uqV*`25;aV*r5Zqqisk2+N;REN_I)v@okgX@rK*IsD5>5sjLly
z8umO0s-l$ND)V;@L7{3VCQUeld}Gy<6bE<}3M$=I;7wgCGCur*y4Z18DNOd-R#j*U
zWHe4D2bJRU$pvIg%)^^NZD`?s6Dn&|g1pPHT1vgwmSB2%01=S*+Y+ePs4He{3#7`^
z<6pL6no&fY_r^ntXF-QIOdM(m(Z+f_!;pPH!(%C;e^q|X4h_PKe^wg80B6}dq%wrh
zpvrdnAy7+GJmwbJn-x$@`8V+YprIZmRmQbgSgnH8AP)i&JNpMF
zsDA#Vm8xJsafdLev{mX#;g~Y=Nnr5A?E@7QsNkt9g^Wc4ZPTPz8T*s)`>-`dH0Bze0^tYF
z3-EWl6Yjxd(su4)GFoi04fSMt*{An%%DjmtH7>-18l4iraQnfeLOT!1F6r!^oG=3-LP%yuApV$SPJIcO}b_9fyAaC^S*AmCMfxU5(5b*2coS
zLt@nGw5kqH^F4=2>7ihcfQo1Xh&1?m8zz5P4^LqK!?sW=to$?7u=cmvWaEkCn~We8
z#KnMPZI~u}FCK}ND<1$JOdR;%G~b;w8GSfx)$CdjutL|;^@{AvLztLbtJv$Hrg;T!
z@`c+Zl~Q*cP*h(1hO@1^L>xB4r{MwpOYkrmlkHM9{<|yy(+5l%ZDpH$oEZFSc?(1K
zuG(1I@$AJhV?hj;?WM63B3y^bE@;D?2qhZ933$xdFX-h`h9SMu_8gN>`hTQ854C*@B6h8H*~ZV(q
zMcgU9b`>}o;Hx(W@W4dH;aKbmDqKMBd{Rd5P{Y3?`PZ|(>NMAS=07PwNa4fzcTr{J
zrG}|Ad|5wEy(HyaPzVyl*(VDTd2KcO+FxpgbEYIGfOa01q`#eFNB*p8b=wJ2m8E|L3F)6NbOy
z$qpi;Ur-u|AF--?BrN_}el`#`jGJ}CR>=|1;Op{tJYY+p*drTlVwfH>M6Eoi>sC?*
zn6L5A>Ovs{K~Uor1mN~kdC+eXC}pnIp}*xil_vJoQxuD*jBPJvB!qfXrswfom~408
zM{yujJmyW*!SA{6=#^E4Qog`#i2SS}dH`q#m|c(@_(NSOLB3PSVXC2GF)47E#Ev^C
zE+8Wgo&W*{u7~JQg_Xz3)dN!O%Z7YqA8y2nRph6I?!gN`4r%rQD?QQ?IxKhl6?o*e
z%Q(%P2Sb0Xhw`8Uyar5Nr#Ds+mkgmlNC*hbGo*bv?$0H0atyc+)If$@i{c2eDst%J
zb(|cA{G&-OcOwnIbZ6z+DT5ks;tL9nGUWYijI#5UXpU9RWd~Ibpzcu_HTDE%;+s>6
zL26Q2^?N}Pu(lH9QtG9(v_Fzr#VXiNHDO>-`ZhPRYf1UeoqRZj=)0b=SwZwT;8HiX
zYQNFp3La86#$1T(M$e$M-*z$owemMd9*!c+5yF4K|Gh_}q7Li=DnRV-S{}Mg2^2TF
zFo?<+3*8bY>ot_!9K=*yB;rA!2NPX}Fa;oF4uBl
z{miY(RnUb{J7_{oo^~Nd=1`{1!KmI0$OMVkn}!wG1c_xBgvH
zOp4q&2O>@|bp4fF#>NLQ2rDCd*aW}4RE_>PBr-`U!)FYCruwQODe=)8-z95
z*dv?IiXCBW(8K8lZ@3r87Z0~-VfvA0H2{lGRz3u7eKR_T06?*0RfxY05ZGX^Nj{O<
zaKn23>;u5eG+Dr{-BrU%lW?r}1~BxpUhLi+vFC<~-15Bm{#>j{1MvPHF!AgT9zKmd
zQpO%irTeQZh+6@cX|yl|X<^bp0DrxgjHi%YvUl(mSy*9!R!d6-z#er4Ee!w>ma9nK
zi0ZQMc*FKX4c_czLu}BNr^-ncLtxym^x)pm9ekO&;SwtmXhx6+K=Z+0Qxk&1u}aza
z(J?BJdBCMV=s{hX4;Y7_)g1!~^!1@Y9BrbXFmd?$hV9Q4wrve{$86=WzM-C&lf;W}
z_r%C@89;k>mWV_H57cix>h1uN+8I613L#KLPq@<;zz^;HE$D`MD)y!PUM0`$q9>S2w->Jh^yiNy-~b}*;{g!!7Z4!`k~uX-Id>T->Tc@cY!p0p
zwhhJ|5vTkx@)o%
zmrN}eb=~N!05M8M@8a%87O*+YKA=VIKK5gvju7kfAPz0>`3%e9A6Csv)ol=svr*Ax
z;$GR1r^eR}EcQ?ZJHSA(2?Fx%h6oTnhFm%TIOLse4^W2wg8~=~D5a+yJnRV`Ry{Eg
z#F+{1FxdePfavB76Y6XVAh|FdImxwyx739XFd>CUIxkkPX>tyfRY)X?@Wkt5n8FBF+z+IS!u7#B87qbYa`!*&(jV@TG5KlM^i&$Y`iA}j
zDg+i<5lxM5aAZeO&;Gjw@vgHXBTzUa2UXHR>2u%Q!Z7BC;UA0*xWZ*0dVf@ilT+gz
z*~EtBDjv@4xMJep0R{a9IRgz9286Fb5RIvFBG-<1sBlwU%o^$6p(A`zaABxE8GQXQ
zJ9JnUm>H(+LYNrbkhWAd>brwV$4o0+)SJIKM0F75WDMqdGa&jG#6L!9g!YdU5s{4m
z%YU>WLTRE`#w=hW#9r>ZV*t3bn;QIoQ1{+pO=Vr9coIVB5PI(j$bizMh(KsUlsYyL
zfgoKHnu>xVp$JGXiu9_81w=|fX#o*LdXW|(AgF*esnRlc2WQ@y-}`>|KKHrb?~i-Q
zc}@;HCu^;}_G){reRlc}RgiYD;MXpf3{%y{lMRCBbUIuBw<+!7)s>u7;6EpTl0qP-
zgg%4>PyR2!LvoSFeY(hmeiZBi&^MMIV1$z75~T>kU=nSQ-mxdhFeERDoc53Lmf3DV
zn-%39Smy{}tQs&7Cl(6irz46fs*EN}kH-Wq$(13+b%k`&D;&laJK3(?p
z{U#8TpvLW2yL%}LwT1-1ShM@KKv5@?2@A;*J{Fs{ryCbG-!mMeMk#yhji4StC7J@%
z5h*5iTecgr-iu($9`L;W%zh$9f_@%mSodHPrOOkG?1Dgd&=3YTpn__Eud7D=@YFGi
zEl50SPbMpxJ(OS)thDjaC6}9+EQIHhztjVx9Igm~&@tj65F$YG_g~`Qmq1Vb=srf>
z6?0hzUO=3@U$_j+j`K_R)SlojLdSOF>7i=p#OBMv!Z}{3O;xPFJ8`Jrl$)u!bNv?3W9*p410xi(V%D>$Iq($6XsvniBL2*1#&@+bh=&&
z4|OH)jZ)*$2VFeiz1@G*=0+XIt`ykGQgR<;CbqyFM2@Pc%ZEYW$^emo+)2UFYJ`c2
z(b9MPo1p*69lZ+363SjI8GYkXB1E3FnNUwb^8$0c2y$ZqGIN2ME;FWA7J1GDlVQ3QTeUV^rKtrU_aUF6v{0Z
zH9|80J_J0p2MUH(LAfqBl1H8YliyG(covYZgFYpUoCd-G01z60HW@ckuv8;yr+C^e
zSpI{;*L{h0@!ZF?Mt8|yN2R0&fe{F9&IL{x!hx+gVsh
znq^;MO#TQ+$h9*ZDg&l~s;#%B;2gMJEVy+))rRn&JUZwJ;E@;P^(G1TPMAtlYQNp0
z7?ibfwukK8;mjc4_+`{+CTFGH5~f!}*c0me7wC<(LyqxqzS@Sh#{
zn`u@$BwSfRBbaZFot~3|GE~o1fZn9rhbU~$)Ed>1^G@&Y>-4#(Zxh~|$%g}iS#*II
z!_)7OK$rf2bn@fW{+Hl|NM@BtAd`PUY)>zWL72$<{8V#%tq(`oBjHNOUrgM-AL;Ov
z+1oTh7X#QP5@FQ9>d-g8X$kI7L1~p@IC+y*g#WK*wg2S}pM|=ez~tf<{~N
z9}rmxgBqIJLqazpGe7|f0$k;M=}gyZ@2W;XJB~o`-fFP*c=T)-mpTHEBaobos7x$r
zoJfQm4PI{px_>AUc=1eJb;{tTw?(D34W&Mr!;@;z7=vFxAZFF*TB=N5uO$7HVp}P`k(PXHovadkc3z#TpHy{KEbYgu`M0+X!;2
z**LYFL_r+kO?ZlHt>@o>sTe#P-jFj*a6hn{lvr?SxN1~QN_F8*
zxl<7sR4`<*Jrh1e1l&#~@4_LVxb8wVoZoSksRg6BBB<2p63D;;p#3N?frcN@U%B($
zBmX){q0E$I_Nai$$%nQmNaGzKh^r{jTAUM^GJ&8
z7R3!zHXo>U;Lf3oZdFkMns9)r1c1%}r6L;muJGvDu1ndyU>t!L*ruVe9Tbe6GN4T{
zd1;t>V|S5v^;S=6Q0n>Mm(Jm-z%A_o!*&S|Pp6OoU)F%8OWgx@7lwYb=nuf9QBwfA
zz+Hg6IZ_Z{v)Hff6~q$sjxG{D12bOU|J@y85d1?FsCl`2YVaeyuLhEb76>E|4NDCHv|pa=u0y3e9(6QsTB&8C#c+g=
z@D#5t9AOM2^{{gS0QmLVB>gy%Y^X-Uy`+qtS}Y%d2p9D_0I(PB+##oe$J`pwU@_>f
z-$Hps;Oz=99gh}b~Yk=q|2JI5>&A;GN-$_BQ
zMbJoFT=iH78q{JSApdYLc*oXrP7Jb0kpz9@o=qkBeJZcMb18TBRm$e>;i9r!vVtx-
zk3p?nJvjKQQBl8%paLOZdcTx}%i}*U0!rJpw-yR;)tf~fxM%3$aWD`vxj}%;zmWW0kXZ!rS53Jg
zffTgys1(%Z5F`&{0NZn43c~US#B{4&xt*g2SOb9OOQTU-ZuKboSR~M7tv?{45Ogj&
zm%Pu3YkaI`Yj(yP49Ez>JYW^z7_f+&$zV?O_vkcyMgtd7UHO27!|RgV6@nLWhw`8f
zjV(8}CAN9U!2reb%&rkAAp;le4u<=?=f*4y-H59NbbL1}Ib2S9>}rYu_(O>oTq@Bd92o0eg_24rBPhiMZ%fqui2-Ed2q5=lf-RN-
zzQAFR1BOlZqU=hNaN=eJ5}X9er)A01c{1QjzR1&TnWZ#%T%kpl36i7zz^fTfJ
zkX;;YDKOc=GkEbvs;N}Yq9PzrdLGxxzW_6o59mj_Ap9gRqd3fVT!4@}|5CgnQYpy;
zz7GZi&^P-i+2+uJ@?n$FMF0vA4xw}$VZ!zTj=*rs>@g_8Jz9q_RnJi|#Bq@BfX{kf
z?8v+A6W&|s$u!yq*C1ieDgMBgA14K4fa0l*`-6J+!4Pcqp%no6RQO=ALA%t2;H~}I
z6a~UW$CdrmUS3@BL-Lm@0_3;h?VN4pIT*>yj4)v#Gp4Y$v#Rgps7ql5&qhF!y-C1(
z%&UE&Hv&=D<54zPB=T|-
zFV6cjep|w$z;+2t>nxs(;;JdDXUrU_w~y`j;yI6GR#Vc|#@-7m6q|v?C?gg_2YgUX
zwZ$E*iU8CD9=RkNH3A*!HzABIdjO>n!&L*z`MBy+B3yK~XInZz;sCxw$*2opj{a!|
z?Nwm0;P8|?=|P*umE`w=I7?tqE1MkvmAgiVQmM5l49$L?cTgC0l36S_I1YUM$_@&H~xZd
zZU&&c^?B5K!Q9i3`#q0@(J+)B>4$*?@s_!A
Yo%s0GCRVPdpeBDJGmh;XVnYTa-)=
zBGe|s<$i&OjZPeZ2Z7phIY%#gIjnI4j~G>R*iR{`x~n!OHtJ6@(Y7Toa;1_KDnG#S
zuwDqE7s7*wvEx8&l&njIz88k8sw^d8!U+B9)F?U`^8617Cm`^`pWyFw{HD8D&PVka
zZH>O-(&Q(>Kq+vIiRGlTfPBZ}WWWKcG)hAtvOK@!z7GYZ1<^?|Flm7M>A2FN=5(wm
z;S(Drb*L8-0}znEo`H?p1M<7QIv8|=64R}NDZm{Qp;8`d-h0`&$Kr&cBH)J^&Qn1!
z0AVx>g;;^NUx#}hoF`ME+=TjJC5Hlm@L(4Q-RwV28EPDXfKg;8Q|Y%iOPyHq>foo;
z-5;>FxLrkA2R5!^cQ(arFOKkDEr8IAt_C(04OWGT;lV=2%1kPBKzI=zE(kKKqQKad
zvs6!v*vfNU8@sri`fvn-paPdZ08XGR>BIy9;K|JvcZ7FBpfdYf!CyRaKu~vLOU>&!4yy%?yts$Y=R}v<-X;wu
z@Ng1OSppSTmIHIYcoYT9JhWf|3smaL3~bKWOz#ucg2i^iv+##I8@$eC`-un
z29e``oTkqYOqVt?&po(}1ZpXVZoiO1_!jK64AXM7?eH53-
zLkijlqpg6QI{Q)V4c@F@N4-r-)F2dvdM}n5u2_1&C1QIotzTF70{K^-AZUZ#8z`rE3yhF)I7#Oqz6jHrF@8kC8IZkHkQqV<}2-4s_A@K%)
zlR74*Kp<0x8o;6KQY|T=pDI`fJzA!!#6c~lCdPa5F#&SxS0`SMgO!_7Sf1`RoO;R>
z6@{~EZ!RcN02GEGNa-SMs*NH>32zsJ?hS0jOdaz7ncCH@P%!x#$0qMW-D
zSsbLmFAp=z{szB=gy9CX_v)+fD-S)vRpx$QP#{DBJs^;Qla
z_6duG#7dHL<32yG{<+!#?H7Qd02PC6<#Z0x>X-V7m+Q6`fcCuH{aaf|8t;K1%CV|^
z!id^9b*{UwklJf&Rs~Gl!^T}R@sBCg@LVk=oWlaheQq_F!i^z1q#SPW;}o9z{RJK*
zgmt%-U-N*uuY1YF{Gaf_Bt&ZyLgO_WylQsrHE>fwkA#E43NaHVTx0cK{pOg-b!ia2
zfg{CSA6-obrj^jo(cugVl|OI_wSIk6#sfRVwhw@J@eHT9m*j^2VoV+tHU&a+hnk)?
zt4>d?(!%BKl5to<=$Q9@M{^^wJujrgLtty1MxUnhGaDAzYFx>
z`!K@!Uy#k3fodEajrjjxAk*M!enF=0pUw`}FTiMN;4qp$H&6%rry~``#Fg|MQC8Hw
z(_dNkHBGHxe17~f2DbGAcj+R-v-6gk{k)xjdfY0jeKqk0W}Z8?+tID?e(_=PFtFR^
z*Tk@MO?aC(Sz$Wb*C}jO!`93wXcQbT@D`rfi)RX=qbPGKB2KY+c`-P3M|vdU+w~T^
zn&bm|7nOylwrJKdDM^YnsnCE0`-?7}>?~}jBX36ySA1p^#8dFOQli56ESO6->f5}Y
zLRC6zXsGt|WW{vDfMP@_U4uzI`HG8tcmALxCSWGDH_xEPILJ`9<}~8*8kXjw^9Q@~
z6Z$lF=Wo1^jp#f<=J$lync02NWG93qk!8gZ5gdaIl0{#3>e>ab-8s|ah$Adzl
zCNq$fMyZ9$fn&T8v^Tnh@>|_+baQ0ni4O8PkWN1k-c^}CX}?=9zTpe(*Q_)?O2lMU
zx9|Z6-S`&IhR`gXp`!8hE=l+1*?9-a-5Kq2(`GT607l0&ML*Wdh;-%i&TQ82ku2qE|Z;-|yIBtNG1)OEXYT!PZB5K&&E9S$A*(}j`5BV_Pd**P$_y@B1HOLpnIL^
zcD{|j1MzAVt;=XI^lj#?Cm&9a(vGqYpj^)!`$`^i?p;CJiW{PozcTB!lrd*2X`8_L{O!(roEIMX;iWdiihDX~C^x!qczneZuP1D}DY
z5VsopNUKSri5RPsx%vknbdi)$gBXpvN^gb79m|#`=$^*d$TFZkkoUoBvq}6m<>@b_
z_$BRsAhz&H`BBQwXTBhf-y=DoknadH@0Uu!eRGfha~!|;1Gwh#pPcwNR#Djsxb|;s?Koie0pF=ZAUq1jL`Tw25rWpw)1wv4
zvy+bAt(h%r$Zu1L{;ia{b^AXKt!Ia`d^gx&g*8hw`m!u#J~VwEk>+oDdWdW8AnZPZL4TUA$O|zAvrQmGi#zsMW}g%N{fGdwE0LK#Ny1Q^zJwE-
zA;*a$`C@`Nqven2{(N%Jbb8jFR=E16U_@wZS_pGtTbux=xQ!b5_t|GVyvJfVzk{xW
z!-IMf3UX>GoV7bA{KThMB*heS#jT8Gb~3y|oV#{rv+Hr{J0eZ?=;-hpXU`%ZIx&YD
zlswkTF~NklbVCw)<@AOk0@EZG`O}wBJ0kPc|C6;S>Z`A#@A{I)bb>&%JR{if76v${
zF+KO`=Gh<`Vqqmqvn)$K#+qx$>^)R+#E9P$F-q6>Xs{EV-Oy@1vtO0$*6{mJxa^HX
z6)0zM8bt?~vdGn&@4r1_ho*x^SeC)g+z&mbf@oqm=PvnvwmKuHF+H2*J0K_fN@M4O
z2)8I|-l*E$GMY(WfSE2&I$EonM0mDC$HOanaykJpGqy!__rBY(Rm
zfam41$0bqXHN`vnKDA5oM+S*3B2rHWd(9D(oz0l*2EHyGmZ;MdhpAt9o(nM%FMB
z7!l=!wbB@xSrKmG$t#9*g}jEUd~tsCFysSh1dA9i7y*~AK!wZ19Xb&ZTp?zkO*gE}
z2@jte2*Zx`nWY3GE}-(Y1*1#XVrUwspA~{R>a}w>CTK-bMX5#=dd{|*#PcUZCOjYX
z%37E_TdF&v)%`4iV%8QgIgsDqLBK`%2pMV=Lk+N&ISJNpSS}NnkG~`W`TwWxXzXl-
zOx)xOLZlic8Qh!(QzX&3tp+g(5jQdBo>}^p6B>3xh}K||xX86I6F--BcqpA;Q-|%N
zbqks|pNY#l^=+b;rsH*9ugiH{yM%aOTrQsm)nSVz2ZusSr7MmLuumd7B=c&1r;~Q(
zaozZuIpWgJTdvIHkD8WtJ5g@?Nv1#ss(w8tKgcOw>)FA6$>53lXxWzQj(daorVcX87pPZ#$DWM9rsLi>%sywh4WZ_tHuK
zbW?Q?Qe5LMu9#gAO%t90?fXtE+{V2%pz%Yl@x$>K7DfIOEJxXC@i?Ghe3)f@S=Hv_
z+Erk3S)oKsmG?zxgl<
zzYZ&CdRm&)HU^DaKR%f0wOg9a)C%&*<2<~5wPW^**QA?NVM4MP=|=}2%hh@p-n_6E
z*u2ByRZAQ`4I>t}imOXtH{p!qun$}&DbR%*4vx!rK6|`pHPq%Cr1=ys$ye5r-Fvv?
zzsADwq+65=JM!vI(8=q?|9$C4H#BnDrJV5_w
z4)79_s=RapKNx=v?}(*4Q8jRh_(e=bF;*a8F7a^gq*bIef2oa2ZfwroIeLciy}-D4
z?x!^4!!D-az@`;-7Ar^oAzBG5Y@D;XmI^U2p_6$7_}iyvv?W~!m;G0=Lh2CrVOsNg
zofW1m>6vlp&tj$9upx8dRE*R@Y~niRroKnqp)zdGnKXzqGH6oSU{EkIZ6U^=(WHPm
zyX%Ir&(>-gneXgeMsSAoihSC&J_3T^VKncaIF1j*aVT?&^~
z*O?T})aWTNJcH?{0NM#2qnxy^xGQG$K3Wz9!6CkFqQ3*B*m(jJe4sS-9er571`Ay6
zZUNTwcii`0kD!fijm3kVISxd#Aet1flRp(iuYTl@&>tIc_
zf`{*apfX~y2Asa00Txj(UZ-T8wYT))wKDn4(ohlnU}oUpm`q;K8F06YknhHl=6x%p
zdu>01yyx66oc>%uj}?hcqhsC
z!}4UF1{t&fQ62yob+Y?_soNI!A@g)`r^KcmhhbBGy4^Jry79@ktsmT=)vZy`yyNzf
z?}$gNHFC@{%{NnE9X=|(JD0<)9REH31Tf#x>5jf_abU*~@aEeIZnq5dJ>zcK6zjxe
z%B4vj&Qn7d<%al9o)H(W7P@X_bV0~>9hj77(ekWXUNJO#)};?we#A!5ys(gA(-bf4
zbk+kK3FU-jr?-Dq9#)#5$99Sc#A}})Z!wH=zql^D_XQf!Im5Q%Y#cJxHV$?=({I=L
zvS};H2ysd7%0mzM#9v%|L9*r?){}CnrH@0oBr49-UzJqUKAw~*pN6>VC{W{=5V>$N
zuSG$0Ya8cuF~##@ipxZhWCEJn%fi?N}6rnHbNqo6bZ!$d4B
zn=Odf{i$xmEgX0G`K;a>1wn}j*6?YK_Rxs-m>)-;o$xwNC1vW9uaR+Fmygz)kL$qR
za%sE^>GkxvBR<)G!YexA#orOekjAqGx!N~_B8iqw*h|MWy0yJL2U2?96#sa0_)(An
z&e@gY-qHG#Yd0d7szSb{Sac$?pvT&Jo+ORh=kB
zf!X%2fgCRLeEdXat(~IYafzX(X31;tAf2+nNiKDkFrS=|kH+`w&__>5V4Tb#d0|8UaWwMCUZD+zO&@KjXsl9
z9wp@4i7^*u&o%W!c(}HzvzE|WxYi`i_w}%k6N(qr*^GN0E
z3WkchQ|~pHT`Mcz;SDjmAUd6O-3k-LQTVRJZfZD9i4{*erp;gaaJ^-=a8~Fh_od+b
zz8^6`G|%6a7)@cFxOr$*%Y3s=G73sQmVRS<-RiTindH+!KBK3Z_vzlV<6)=RvD-g1
zdv^P;=59Uurn`*p4xUKK+Pm}Q@XvkoGe35+o=k6OTC~mo>*G7RXYT*!$9}m9gI{z-
zpMLm%{$ow>Sg`q3%6itf{W(@lXcKWc>=qxXloMy6X
zc$m2IS#jm?_^Jzjjk4F@^!2vA$%M6kBh_`b{hV)c=te0^X9PB*Sc-DW
z=C^I|j-ykaKIt%VZip61N#?pFdMKV4D%gpvwH
zZ?T;`#v**nkRGhbH;&i}JvOFnj?(#(pLRHFAl>>sud`|7ptC<@6IHD&T6Q>TFSWvg
zxrBeAYxbnmvWWptA;Z(wz);U3nl5fJ)-WkH>)YWp_vhB`>V*#*Yrd>ucFg%@76Ui~&
zc2OtH%q{(G$%SCv!f!uSr665MJ3D%sW0yKuK0IR;pozQ~UkN<8Ws`H?h<(ay^m?i>
zExnR+!jYrxY?^HrQsN^a-F{BE%5P$q`~Z;9G9-k?lE%-QCp>cDq7h>meB?Oj^n4-y9QJN162_`3YVr
zc8VMjSNP9n4rH=n&lI0O-qJ5TNN?+R8fVrWi{2w*Gy*aHw8$XC+NhQpF@DV)`|!T?
zb`>~H9>35`8d+N1Xe+J>k@&jn?ki16g3T9r>P<22irba8k*Q@BBWXbm-(Jc=!X7^z
z%&LIT8W?xqOLN|StGH_FLSf!*660TMn#$f3(3CGv*BfCF68q8+5E(x(RjBy!Kas
zzK=F=l~MM$zf^Ntq1M?|?{5qdCOn^)VjjY;lpk+8oit-}Lq_4J{1+7**RC>sQThz$
z8}T$p5159skVr-j!&k=RhO-Z9FI=PPi>;1Q;&)cF`IdV>V{yD$ULa(ixvwK2cGXrN
zqE_+T%y##2`hbL+lRWW7ya#U~|CVfy_~GTDq=`)$t35qUv{_F03P<(97{h|P$BI@p4i(gp|{ZcV(&5(
z%Oj*bS44w1KnH)dw`um%>af|Zy4ppN
zqSvB9Iz``lrpL=tUnsZ@t_SLL#oc;a`zi-UHyh>Wn$8v^?e3+XlCjzCqI2i&8ofwH
z$rA$IE9i!b$;gG$fZKtKDi{1V7H)}1UsY#K=W(XaYu0*^Nb9cI1Zjq(w
z?JE8&1euVm-|vO2byHG~-8drZR`@{(FXLBlrHg9j3wve%wA8OhmX9V#E0@MPrn2gT
zg@S#cCzY_U9Anb3N5=RtTSXu7GHXj%6Pv^}0T;5n%EG7Bi#L{D3lnQP*oF{_-;xSHA7hW(-1wDp
z%^x%c`0|;g9^AEnE6fueZkE7FI{{A$#X2%dKU3>`z58ge8X}3o9Y$
zl8I1Zn%$a+f0Pz{XEowA_*tshdE*fV3SH@d)Ef3%@XW3Fm19YLBR`L$psIZfl;^8d
zxt8V{jFY|n!SiQc@0n9bR>$RTk1l9AVnlJ2mktFaoY|PC%J+ov3gXRWSh1%*-16*6
zt&#PSqw+z+YJ2-Sd0XM-!C?;^liEk#(mvHdNCn`~NXpG1FyZjg5&xW32>FMgx5y~i|WeZ4C-2roiIL9gp`unrgy
zbz09To9n&GG-w}gY&jLzF&e7n&bn;#@+-5*7;RAo-%6+0YD0rlv{0?fE9Pp^X`~ij
z6z}l07k`!ZVV=M|tD#bLC398gEsoZ}FNNeF3Gb2g4c?VYvUuIcn@7_|jgO3C4M0)7
z+u5Su+fQeuDWXg8E8PcOI?Dp7jxv#+E#@~1yu^{XiP&wt02;e7EYq-0=ysv8q#FTG
zX0WE%wdi~+-pqk3BuiZzHb_r@*Qd=}+_%WEiIgld6U}PfUyIHnrZjPi?6`c@{M1f2
zb?<79m0%~Ib|sUUs`ixG6^KZ0$g*S(Sv;v(`0J)`=83wPv$wTP5l)JSHaCwMza4DV
z*7HmfyB#6Uk>HPb9&!B-2t5n)NY+MY%KW{lW;b=I)lC*eV$p_}MLt^vL~BaaVd-aR
z%MH<*$UYzZr=%lO%$wS)y8JPj;dk4m^qm@@eiudfXjIJ{odZb2!VuK(p&RqCxzdl21^abD^3~f0#-2bF23ndDJ}s<4?U@F&377N{1{8Y
z2xjTf$=T|14AIx~oWad8_4Q^9Uqy|fs`y8kGZZdSh$niDz#%73@*C7p?K$073d=Ef
z)#4^T{iw)5cdmY77+x^27lZ7*R*1~6luwg&ef2^=^5p;n-boRSIb4sdCEoOfK(mh-
zoJv#qph)kfC{f9l#(MEa&ucg7!t7TPThJvYL6*tBWLS@%Vc>1e5tD0Sq3HCTPvwG%
z`dFfUXUIcu`PU;RGpII26|smr7G-i!xS=LNDpd05kxvVut5T;2Iq1qdw@8OSFw8t$
zZ(rm6zAs;=^i3t#Z2^@FNAAt52~w^a_pG?{&q@{>#d+qPInBrl!7&GdBv4YUqgwWw
z`vjkvYAbuWwQ3pX8Gd&?I2@L6_avhG_S9C`iEQFSu{gWc_Ib5*g@Sb`-OJYAd=?bs
zCOo%1Xp)^@CJ#;1n{5B`cK9_`RKOLX4MX+@Pt7uxP$AZyb1f>xcyMRZszn`~nLlsy
zquWzN->}XKLs7U^>4b`=NBR;5nXUWaVTbnBVRX&t%d?coZ>oDB53KpptoS?eaNe0y
zQC@wuCl>`PtqmY*;TmytC*>KvK@#6GfyFa91PbBn&~+|<$AL6mD3aSqCyIYx85J1dRD
zcPVv8H>QGLGVR}V_}&awRDo86H28J(l(WB4=@{pp^oqg|k5K#8D(mZMfU*3nu3CwMKAAp1Do;207CrQMqVaymidqKpeaw5hUFNMJ_p9$E
zNa8Ow{l&i`yIB~VVLk1r8{RHI*c6c(E1Vnfc&6SMgzUYK33%k~az7!VDUJ#;$Se}Q
zd5J)0n#Zv&v_@QDz4f4ohI0EmAWRJ~sLboTUexu_rZ8yObG0tG1~c*#j61+GWADe-
z_DT8(#x2@VO?WVpgD(Ji^5VDJB@MwG9>>D1H?Q}Pg~Ms2%#DdB9ZQ47Qq7HgtQ8tV
zIm|^@!UHQWsej{-(uz%>RlNCLl+tV?qa1>TKmx-W9_5HLKclm%SklsNO;9WoUHfLI
ztJ_plyd=P6O#cQjK8!D~1TlUJy??KXU}n}`xkrvjp6Yz3Wzvbj!VUcn
zSBs;aGKjStY;v~ztSz25%TN$ODkyAQYa{QSj|7uo5+dAE5cLV!6m^m3qzY}AojU+H
z4wyA6jlZNJ913Zx$qM$>pnUe-Z<*e`*S5u(up}e;$z1n;+AQj;q4U`{=)bsI=d({x
z%jE98rY+8}B^kO;=4>@t2Y3Isn*W26f5HBr(oIKX4ceRZ&!*1<`@ZrF3DzAV5e
zzibdSs@A1SbjM~uKWcS@`r*ov6LPZCZx$Ir1*JEFS--dLaD&nrAmwDWIJm~Oy_ACH
z={>FHf`liCa9eJk>&-`)o%r%w6|-EM%Du7>^nuAZtx}K^1M%ug@s6Vb)<6$qfS}Rq
zV|HcMk6@CBWS{Lq&=@!mWr$=ECwB^j<0b
zZ{*oldtikGmLw}@DjZrvwRclyi$b@0KdYG)nkn*$m$@I+Izq~L7eeuvv?3w;^2)^<
zOXyHa(cTyvE^W(*qR3)3G~qLGhg!(}bqu~q@)11QTU;g{S}@s)X_obkk!~u-33%X}
zoCimxOFJsRzB;#Fs+rXd65GE~v)gVUU7dhP8bc6k#49mGTnr8Hp|ZY!dFx@&P(ehf
zpmb43rKz>3At)L1S{9_Y4N%LMXKi`?^UCF^9gpP8uLBq&PwV&P2}=X;M>GmRrWs@o
ze;v)yZle02G}x8TlElo-C2Z0nFGyFQ%EycxIi?nQ@@u_hw7eInN(tQ@41yf9LlzU{
z`4k16kiZtw13GSwX;fuct0Kp^w3(tychle914Zi}htuNMo(dx)LWvRY-&WBkVH~;0
zNI*%eZ>AG8R3vtAMC}r+bS>lE-L{|VBHXI8CYAD;5(3PZ`Q&8fK_82@%)scw&TFf*P`Z66t7fbLj0KPVlhRIB1aT$)KK}L#CE;yC!O%{
zZCf5@o(QGzF}}NDwDq$-nTQc0rVJ+lgjvxt(@UOpdQYWh#RF^Ebn_x|1leR)ti;Gv
z5IWL|6_n0&R5MgF3d5w)4nv;T`~l%wtP`;3dl!aKI-qO~!LH{%qQ=6iVsM5w%zbb|
z(QcRqEP@kS_He%@A$XZsoY#ttl?d(2Z;+2YZUbnWRy$T(@@-q@#%cWsW+x=5+J*5E
zWsjyQMl;#=PN}h^m_5Tp@>gOr1;&TI?>(=5+;ucfDGE#PBNFb&#dDXH6QSbV3#=aC
z*-dKYpw@z-3jF?MRrF^*>C4=M~9PCT?f@Rpak
zsGY%1shv~_Z*sOljw@P@C|;Dw3yuhaXuP{t29m2v^q6ubW>_e(RWS-&Wx2NJKP|&%
zWEu12mn(4g>bBHQ^W_tc&|`oG{dt=&Gweqtuw(STY2q!unSo>Ko5#ywI`QR>79)u(UK~u(PFu5+P6;Mc!Gg^byOkcF?8
zf}+NbUO)3?VzYP|mQM~-rV!1f)jOrpbF*)V-G8lDF||!H3l>0G{yL|COu|hz6fSXNS(W{fIu1+
z*h$x>GFe|i=k=p6eK+)pt+L1SnYp-lBP62?tT3N}F407dDjN7$PHXdP)9eX09EY0y
zh-NC7jbLPCdJ80`xXd@!mHvu&i#yPYtdmq{Q)#vp@Tc7ux{*EQ?g%PS>IB&%QCDP@
zVlU4XHz=jaVItW>1>1PmLB|GbK`BQo;R#-a+b>GgbSk4dVkcC;lk9-=pv$M?UhaefU5l|`*Z*rzqm}StYW#(z+
zsU%3Md?t!X1<>`qT)~Yv|nVC
zafgJ+-;@~b^uj1q3|Qas-4eX!L}r;~eic
zUVycMaNV_Wb|WrJ<{i<$R;<#%;B;WUD)r3dQW)D^3JE0#@|sXte&
z!l)}&rI?A)u=!K#2@rMs>zty_<}Dg8&_wKnjdj9-`c3z04vE$=OuFP
zA-mqSSh5dZO4M}dU>jWGM+h5t+H+k!(J%=HU4mDBLAvj$l$lnF#98y
z+49=(umJIIM|qX#dYy<+e-XdWWkJbKpHL1jWC&Q^r?p|ip5nU%p)wt}p_N=|hZ#D&
zy-d0a&&<)Pd(}xQO)XW)O&dt#&^vW&c!ww#`Im0j0y~p8%YNsRD$beK=+Sv(Vvm_Z
zMD`@LKu%cOvO3dr4L_SA>T{GqKP>d9nk$7}ZNFE?LGzgSYTo69lp{P!@lK-a4DGlh
z&CKNMQrqqccWt7kVp5`cR{sSIQ^RHTc)HGO+scefU&qCiUg?OH@5Z+`^!HbbUx!WC
ze|#8%e+QN91q=B(A$1TPL$;7Zw_@JjySaYb;A&KLe0s!%c>m=DR{!-dS4e41gJ{Wk
z-aV71&TuZvfJaiWtM5e^E}VkQ$R@I77_L<~p5UqK<_N(ANXGESy}eAvEXK$m&EzoQ
z$1q>;FxW$Qh}FU=us1~E*V@6-}y*Y|p!
z-tPJ5AI7(y6rYzVh)Llf(#M-VOc8y3+L1}p-{Rif_W>j%LR{L6berrTvQ~^jTAVlD
zKlA6iCFb?9Q9_+fkWIQzKq_~bh@E!iqjFmOvC;4gQLh%2C)a3StoU~yciu_wqcQM_
zSDKNhd;CN(03R7?!9HlV
z_cZ%xfQtjGS(`~aM2p@)oL^unWHdbJo`|cse9YUhFYy!XFYJ{@3H26Fb9kF=&eI=P
zd8Nhq*I~K-+j!ys2&Aba3_0liSxjtpCN!9JIyX
zG56PToBa0gui0;trh7vB)E7f;zRJ4vo$#LC^c_xJeYaWD{d<2k5z~Ki>PomR{AyZ}
zzGK+)K7E_oG-JAVFE>eL_5YG4IG}!)Q};5Ju77k0G#zy4A5EZ-#=3O6Fls-A_Wtvg
zbSr@{%YXurd>RjmVTrh9>b!ZYuR(9R?l=k`gj~(xL_vE5AHqMsZEsXKFLKtdQ)sjLvPWq~x^!_yE!>fda7Wseb
zZYG^!e^*)f(M#b{omKF=;=%+Yp0OBXo*~H?9M;LG+z`RucrQ(C!s&$tc#LM7-K7Wz
zvBbXc$S%J;VtYlK=R^MaVk`IQnAn3Kl4+p+_R%y~OJIq8^RN=Oc>NNOsw8&Mv!y#U
zf#t|WDLqy}V*J$#$T@%;)koAgq*O3^hJBVWR4Q9@9sH0Kh-z&+e*MjY=xCG6%4c47
z!`9QdvPd!}v^5+%ZD94t01=^AIPh5|%eU>QsBRdf*dsep)%QGNEZ)r%z!G_GTrhRt
z>i6mX9oZTeuHRRGwEZ4^gxmPp$9ES$;%Inj<5;`ZS`@FyH~Mkm^VfbBv#69Ko>f&=
z*~)42^v4(%Ob%LEPCx7m<~KSjbWIlg+Y+eoxG;TGLNf;$msAc{WJC&vi1hSs~?B_KO8K
zPsR}e$bgoZM-CJFyNalFTR8=xOC0(0HMCq*KH|U}7p#@RpOdZOR(dviQ8PQA7jd$w
zci>*eE2Pu=Q)`yRaAA_6o7Z!e)uxCOmzkbnbUG!&j-(l`%W~a{;1nsl{{h0V3V$U7
z2@E}Y|Ag`McALWa^ih~*#!&x&5*EnFX=7ek!DBD5hDYv`Z!h5WtnUKAs<8De25&V>
zNKKD%Y1V+L{W$L#@Q68(0}^D)qVMGV$@ZOyIRauJ-g)n*y`)$`-{~B@1n*ajzSsCfhvIYG+8uM0Oau*QDHfS2d5^iW~;hR
zn=Z(*!No_83x_<9cf;vlF2REt
zLih=KZO5>uabsnwJ1>Y8Hx{&m%y
zfE&K0yH(Ye$#hAfiui2soc7UY(?Fqs6!`oWVYQG{l_QBhcfK)GTZOXBuSPG@tj<~#*$^a;ACVjE3NSES&5JNUGAgj
z_FTB?t`!&i^?Awh^phlxtDwP@r0j~K0YN-8{HY>i1W~}XOcH3Q@BiTKzoVMk!oE>7
z2?Ro@VgeX?m0lE(q8NHrLJJ58p-DhciXc@IniT0(q=X)t6e*(gE-C_oqM`zdAR>aG
zAPW1;xc7U;y?5OAk8g}K&T_d(MzUsk%I|42Yx>Fw{4Ukk%}d@#w&^a|BHBdFrVVb-
zajavSagCZ{ebRJf96*wZ*RLH#l7H9cpk;hiPTJ
zZ+|hq0A$fAIq5I*0lgiTqrKmMC3+Qeq{>TFx49_BA{sNKe00p4jjGVpey_>3!JA?F
zl_O`eEe&M!QH~-sHIK1waN1wkD#cu)xKa~@c^T^Q!ZB7Z8m+=9vPV^DQzoBRrZf9`
z_ZY6m5t*d01Td+%j_e?F8N+`P7hg`VS%vU^%E;kn1!}^Vx`=i5o-vL{&_R@nJ~u;K
z_+uAeH~p&X_nLy)W)~B}g!rED&fRXrAZNlayId|>)_G?UWuxCkweOy7YHu!mu5zi%
zry!o93-{vSi3vZd@9qqh$y#ofo2M*EUP-^NVIG)Q`*UR9lmkyp*1
z6*})ECwm-mTVOt2HdfGnMOXKLLA>-1XR&beY^>e-Jp{K{*Okx!$Q7*XsHe&Y?WUze
z=o^BfHAH{wMx?WstlIb%%zltai
zMv4eyHryPW`YvpLhAIki=N}ngg`69Hi=yg5j=>YtICVBTP-n1@I0n-p%1>V!U9lr;
zz?y#C6Xxir=R__92srljJC+#OS|P;q&2L4YVQRO~Q(;473Oyw>ySN%U&`qx)TzS-6
zbD@qszC5zmU|A4|(=R&0o6c57_QyhZU>=#iH?AwO$frS>uXA%>NiK5JZfX~po^$vT
zsozJftSnE}$o?M*L;=T^&2aCiBLuiYYZH#3t7Ux8L11pDnI09r9a%D
zP+qBDm!|)q1OHAHknF(o=S?A*{(&%J!$vJA_L&gxqphD}Yj1u9*U8&G>f
zy!_OVgenw&MLOc;ACwTnvQD<+t@HP#me1mr!NZ*MQse59eXq!$L>IBz&1o`_Tm=$L
z5tks*R2@PcA7{grhT+!A@+p0j#TP(4D)qUNZ(27v0`M&Kt0wfb-KO+gMDzEvpzq#Swr`HwW9!y!@7e}?HY8@G^Yz3BFzx?*n$?g=k{>hgG%}w4(L4cNyHfvl(9Qa_Toa7#!zHFbX|Kpei{lr-W-*#p1)4G
zquPhE|AafXm1m44$&Zyi!*eH`tQ+8Y;`ArOt%20ZA=)IaD!zRh*15>(3w=TOIC%Q)
zXn#L_T1GC*&{JJ)+$1n(Ci4!Ly@)%GBGXf&CSYp+UuQL6dvYYMY-+f*{l)EfBRAau
zbtDkM6R`;=Prr02Wo%K!G-sXEgBU1&dPFaC?UM}QM`Zqr%3QPdj%z{Rk@j|?c*-vw(+338pe_(ClpCnlmAw4zR(mwY5G`7Cq
z;&%P2aCCZB@r5slfVO&Ij8Uy%7yrz5G;%zi?v-
z*=+Y37$ipt(J4P<4)^wqwHBQCDHuP+d#SuR=?R*j%z{c`l0%H0iq(&G_tZYwTNGCn
z0&i^xru_%7)CV?bnMmT&oCD94&j%f8QG(B1?Jg(<@pEM|Z8WF?kim
zHI+~KvD2S$UHzb={ERi_){Jn4rIc*Wi6h7@yLk3Rntv38D|>ID|3?Mo
z@P%xzcAryuVr!0L`kM0XqC96`UfgpOS2mpRl$e_|I)XATPzqB0Xv)A^_{%&
zg_i^#Jz+bh!1I=m;bKGhTl$rEi-%xX%KVG7g}{0)+9Q0RjzG_3V2ib-$7&368`mj
zj--kH=b8*z7bd4YrOkLSDtn3nQ@>97ZZ2?^AzT3apr>b$PrzdrG+kz<+=
zUrwDns=|#)fs62yhoDZ%bfLcTO#1(VD+*A(Ea@g+z?6Q!ypYbRiAVDqJW|WXuQ{?^
z##OZwm^Ek|8s&h8OkJsoRa1(U%!(Dxq@>fGWRc%)I&-)}3_qBd+x=bC{B2j$?fpjZ
zXz%>jw5ZNE0{=h)+rj5P{|BFo{xA1Wg7z~&`?Svud*|0d`>$y2w}AHDLHlF>&wl=u
z{eKz%|2Dq=W&VB;ZA403O9%NwYJWw)aWs$2NyOVTOLp2BD`%Qq);&Fy*$}qCKY7*c
zQTb`^h}WVnX}0b!&^kJLYe<
zo-H1x2ZFKXRpGik6MUtN7N#ke61Xl>e;n>;0
zWb-RG)TRPSM;4NIaiZd<*^|4QgJ8@|Fz#Hrym!!Mrj>)X$Ez+PiiW3fufKB@wU(}u
znWHahOKcp|fuK&+hKKom&VGMq@
zXf<)%v<%(;{rNQqmx!(=>Fh&YkMx@fLw|aS9Ck(=UCll{-)E^XkQIQPo!^dTb!FPb
zZ-HERNY|m@>Klj9H$fRq29GM%F=nWOAw?a%X5Mx`M@R_^rw1XWbPRK60A=*
zs|m|XZhrZuByF!A+_`AM82B8P-%e9vJ^
z@UwhU+Z2M*^YP_g5&C>v?wXXcpA{>w5?C12qQP+@73p%fyx#E`=PDWc!%q7c54R+5
zh9^N+3gIWl_QMC>ef3EuO1}Q+OgwpgBY{(rGort#WkB^SM5sTS=M=-(92#-Hj{zzu
zmGYbP3!Cenpi?O!vtg0WAK=wzro1b3xPcO2N{^Sda
znbNUDG6{+rdMe%M%UWlO<$!*<%Pv`>zuQ1^zqiVyHR#%R;=&GniOU}vaZ@2JU1!x7Xs78K5KZ@rZo4Le5gr%rPF0u=%D3PA|_ApcluS
z^uMxZgd4gD71wbKxfLZPjj&1tR`YZe9CRrsWw#G&O#Op@A3eau+MCoY{yo`$mE
zwb#q=k@uXm#QmxIp@x>epK
znS2gny8etYux$ZL=eFJav+9>;Mc_m{Wc6h{mdCLc)9#XNPr=8(Bsql
z`4{4p<$vN=<+h!c``I$wGFcwV7Y%%6oyWnxO}@jQj=O#JY+ix)`d%cgNq|6}CnJtG
znscb@x_8mv_x{C}NKWTj?H5nJ^R}hvX3q0vA1FQN=%MzjNnigLu=D<06W9(#5&VfG
zL(O?(nzy*PESh<2gGlOPcBXWUjk>csTo+UJVMdXi>_TUAN(K*(nEO|0Dn`o^l~W(M
zKUcUl$Bf66Ej6C_6Y^T&J6p@J&mNw9PhViA
z2Q%P5g%OUP9ckyEow8Fj4rF1+o%bJq8%lTvVccNM4J4ylwkmw6!D
z1zCB5b`@Uje&o#hp-iD#t)7qjtDCyO*1Mr!c3hi{pkj&aU1d}je+imkZj-8Ie~!4s)ZA>zlNlq6jRKfKzTl|w*8Sm&Hst6{QKGiM`!M%
z(5amcXXfOkCD!6|Zy!07hB^iIL4T8%3m4q-i<|F$k*PIgXV6S_`v>xE=#hK$%ckSy
zACLV55vGTZ`EPAA<%u!v2>pg+MEpL2I_7Y8{b4JkgP?ARzM2`~=FKOesRk!6CH|B-
zCcxmZty%um<9Z&#ogo7Ai$tO)kRno$`Uz^-^geaBVJ!T7+Jm*0
zy9&vP3y_1p?-PDXPfXo}B2)Q&j&YZqd?Qo)^@CiG+kxma?p2?w3i6dJQ;YKsii47R
z&Mli?Zq+Re3Y}74zR0OrUpF`~a#45f#2I1IQc1@*Eu7t`;qv7@$B@8$wzS8!pZy~o
zu|A3=c{VxVm9`(^6VIk_FIzQ~bcGOTxLCbB!%`wi*kcF}xs{-IQ$5%>tUN;7D+zMO
z=zcMoowwZWD8F089kUM^U5X?w^#$H4|DYG!<3~Q(?niVE@U=DGyS(tG^+8km8QsBS
z>|J8)6Blobe&mnhjuhB7NIu%5%zch;SJ$k-V=EeWJV>+Vt&Y&xWYXAk%?s2QA=)gc
zf^8Ev$Au$VOwEW)Wi}4~^X3YvlN@H<#{}-MKO6|TInvS2IA$Jjy3}0d@)-PpqfdG)
zq7U7qeX;XLb7Bie@W=S$WcWvu!}5CJ7kZ%|@7zLvctOx{>sQz8Y5ykwm?el?Fe2z^
z@h62RMco41`O8Pw8+Er6n4Wga>P&o?^*?sOBiy|+Ae292MS%}y7Jzig_J>7qAux>yz=q@{%>AHUEf}Tdg9wJkqdf~Y9KMe(ho|&zii}-kOAM%v%`U
z=R3}ot8=Wd
z!{!9U^TDvDvM~?DwlmkciPCoZL7z4PizlmAn>WSxf9ptAOkG-Uxl$h%@ZCS(Fs`3*
zE@7B>Q!}-kK9IeO5dC4ZW#kCtn(bJ>s)hiB`v<>^59bfuA09GeWxb
z{-4PmKl8--wr1Fw6+38W3-;Ts1;T|N_k;$A1ch^+jnMySIws2K`fCT@3X|bv%p9B&
zeL2AGWwgb3{g6l6&gaY16|G60QqLENcj?ScZ__1S_Nq^drMG=QG9g%!re-`oX6P7u
zaHVVqC8tK|gnoNA3C;y_UY#^SK37Olk5Cc0*Lv-#!9Dn;
ztoxqQw@?YF<4}~%UI5F;I8(u}C<*O$83R@FA=#?wc3fGl@-9dOC>&QOH8`+A5QOqJ}vcop(fD@U7{%o=Qkqrd+Iw5}?;~
zEjOO*H=g{OK&Y4mjh;lxAQ*<*o*`s-A->Y|q>PNCi$!tt<0|~hwOge`N*^fb
zyE?9(L`eh@3mXcR^76mfqL!+}?X_<+6dN^2u5R
zhyglNLhjwwOPq6rnDO~r_jPYa>aL}fgka@HJ1_s%v{zrwecYPZ+>A=(dpH=db{77d
zmt7kwL>eRV4s1*Zc%h%^xnS{wEso{ZJK%jv~g$Cse1!7X_qZq$+468x8
zI#H6N9~+O1)r|2Ys)^9YmG!Mq(*s^&tGUrDXbC>1NGyB-&GRY{b=0zq-)R()Ss9ScaFM__ys%~ql3!jz
zE61D7Bq?aLBdEY~70>;N!nss29j81VYJqTd#*)e6Y4e#|r}rJ5i&lM_cLeFY(oaZ?
zs**SReJfbkJ(c|Ou8qC(L%;dNXg|x_Ctj;Zuyg8uhseBF%f*%{
zJ|d7b?s+uXq%10Ko6>azs22vXAGgR_KKwgC8MF2K*J;z=0CZ!hLf%3nZyrqv>~F~}
zJKFmB=jexh5@)t9e}XVaxS$Nl1=8Zqan*m~@zeP`e0L-
z5sMJSeb-$?U2vaJ`)_;tD7vBV$3Ick!ILM?LClb2MjNt-Rhv}pwg!l`#?dGF$6r=K
z_!mUJh%y$ehGo2zk$p#|4eV?06xTSYcn+wt8eUcgl@ZEJkTM3Y!{6Mb=HJ!cTvknE
zM0$YuenjNs9iZHww{{htf7o!Y9-Z$sPwTurL_z`?mKb56U2#p6XUZ!YQb!v
zgmmx1YZV^iGF+#$KS@u~Cn>&yU;lr){`c+wzpIc0G?0Io-m8e>Lj7D6V?4PIoc(+4
zL_h_KF2m#;8mXsvm6fCn>mo7?fK-0j)Z^g?w5p1i7jekd9vq;S<*&~dCO2E2?5=Bp
z;eXylsF(>(@g!IaQ~g{EeOW(%T$hjQndQ19xk^;4|7f4uhg-z5*R&M?&AOlh?1MQ!
zwZLkS1&^RmttEM37=2Ogrcl;aK-KPvB?SR
zf|N@!fU~91WVX45C%l8C5fZ+9%Bv_xXU=kJw3b$+tIJJx!GRpIO3_J+$roOl3<#nM
zX5tm4A6K}>@ii%aufoU84a0h~7t~+RSUV3`c<m!xwme2=scKs`irB*rMdl&uVNzM6182+7Dmm_sEE
zDI%LG=nwi;!CbeKDh2BHO$|?iKJ|Prl>=MfpD(S9G2?Y3;-yg^QZUG^vN!(LR7YBN
ze+i!|{q9vX$h+LT08rVuewwI)AcAr5DaNysjT+HZGgy}|sDOjSIX6AXZ-NBp-^HkZ
z%SUAkxt&Ql0t+hn(u#O5O&EriQMV64#N;2>h=Vobs&hB%iPDO;DQ#8W7OVFG-uh4e
zPqtgy5u`i&;Owx6h2C}25L@V
z4BmMw;=MKFv$W@wG3UoBtW}34*x1oa%`Bi$QBb^A>Syw|oRS=4e`di2m6BCjKTUX}
zXdN7@X^^E(By!9M&j1dwW*AX*;iB3WFEx)f_|~N0zb8p{%vfBNZ1ulF$4alwHb(6S
z#a!+B{?_1><5t+hH578>rKBnx)FGzON737U7Y>AeAV*YEwRUkAU?H
zw38drj(Dyqrp*e&JV6(vPSsyc2-X)t>ch$zrlK+Nuc8a_gtr*zy%es21#7St=|4dR
zvgOB2NIBV7z;=@`?M)k=@yvQb>KGNwTNhVhNvOw3qY;D(-%BJ>k`E|zcVq)KnEJ0*
z&~bU{8I+?E#*?s098v+bib(=>l2AVhI2x=E=r@N#GL#c-5>Bz86TB4tOoQ~n;wf&1
zGO&awIS6lX6VwZ<5SKY-h>F%km3*S|?eVM@NsbxS_?MExR9|GQqE!l+QqG5&w=m=b
zs|O^(-S_J>_zR~}imeMKUR6w3W9U`*GqCZ^SWx<*Nj5?Iyb!g&xj<=DP9S+t#<1*-
zC_(o^G`|_gv~YA5Tq58-2e|2+p*!yQnG9B)4D7-a6oOFAffuF_8AepOUQaz4{$o=P
zR(5$3o=hbKvl_&}4T=BWLcE4X1fi0K`6%_ito@KWZ8wP|y@|j8yaK3B1A?Cuz?h%!i;saDWNB0TwSo0u
zS=NruXq7^-lCkrORy10tz;!*m@;hc6G0CCc23wOaF6qNCY>z0w2(Y@w7*kih6(@s-
z8Gw8sZ=t{mI1Ci)mQTJkorhu1{mPz2-Vx*zR3I4OvIS+rL8AF@KgyVq7(a_~gf|Ll
zu<#0#Kxjm#R6~HWeYwVC(Enbe;0fyXcnrg%=okuR+KXe=g*pk4jn$w(hJ*&VV=Y|H
z0q|ySlC|xRen-M0Zx!;X2qsqf*#CWxr}X)%V!x@04D5RlMo<7dSu?1Uc*6T94yKX+
z2_4t>x0)m6^cvgo_q3y97$zyJfYAC3#eQp^8hRQ@aUx`D1x{MgQVRGw7$tZ}y^pJ>
zFIZSL``?m!fm+G-7cV4&StVFwT0Ny%P)Vu%lQ=I;i43-?zzSU|)lw3jFNsRJh00fr
zRY`%1x*gRt_4WRcmn7MavM?PLsPpodDA%Uys#^+IOb4??$6#-|PfIF-+mQNvl$%l6
zC}f-~kIE1)ETcKGsIrCT1ONk)3aki0@r4&qG9UqTd4a7{^d<7Y`_GsS564K_lS?NOf)F
z=;n4p1zuRu4;eR7ld$8+pbGqYLp5)XNf*kXF~yQVS-Y&sfYBGpXq8m7{yRV9kTQ=n
zZyAp&!@$(=AGAO$SikcI3@>12I!Kv^s5nievD2txy?`E-WUy6_lj6Wh1F8njn7trW
z*d`W{WbD;?lM|NeQ*N2P04hwFS;w%bf$nCWPaJzpmY5ko*f`RlZw7z-3|!Q`-%t_+CPp-2
zX9c#T&#UMM%HF|{A1T?9&CBSfc`2YCP-RfNkgB+jxuwZS<3qpE8+3vi9h?ElP)1f?
zlL0{A$J1eLuLc%cpzQAh@Vc+Z7}5{)`oc{MRu~XIb)3tb3Qv%7Q5I-ug$0$0063aq
z6rTkb!Nhk_>auxV`M(o*!E;Z+y)@{0qlmveq=I2VAA4-UDiJ`N0Kf_Ua}qIZ{qbZ<
zg%2_gh6vUdy_$_mppk`wC)DE!yruy3fC1#1n%n?}JHhK@Zr36}uw&y{O~I*Cb1Q6B
z0h5-ha2;}jGzzINQVuGn`mUw8+x6DMioTLNjyh9c!J30+wpSJXjcP!S82BuMS#@G+
zCM|=M6M{4-v6%M#gz-g;MRs
zQovmNq>S^IGW2F9M3Yn?6B7a3X611CNMc)h%Eh|L{G^Mtz#(_ZIf0JhTaDjGdoxJR
z?HfXz4|BfJL;5)5;$l!uekWdvBhGlkA_m|OGqJr!LJN|M%Eqe9Z=E#q@hI3}CkG^K
zKT}huv@bJsjBY`r%7~v$MVtBh%EG#Bnm8ihl0fWXTz=*Whz|#gCnWb7f#(@V!70T$S>C*D6sC%P-wi4B=Yy6I1
z;v8f8j2Ox*bpjhGfhWF$txr}cpTh>pw4YCKfX9{7K_O5&Iy(5@-%mg}!0#uNgcY?d
zHeLMtvE))*M)TAb!Ef>J1HZvH&vNjx(OX+Mm0J9$mkgYKGypXZN#VKB>=PYo>j5vq
z%1v%zUU%!y?H1hlCMdReM5s&ZI!;SqZ(a2Kkf5x<*~8o;B_>}c97C_m>@4*B2y+qeetVN2W@+E9sQnm=B?PL5^}ab>@B%K$
zEshNst^0o24n=Xyfj$@y<
zS@0BrVR)L_@vP_M+O@Ar6;p!RiwU&=w5ou
z>u`~~(tIup)W&`eD6A_geCiJ7FqJ!mWqE*a&M7!!fZ`m5uNl#kHqddErT&=#7E0Eyc*2@-1Eo3==LP7dA0IdhltdBF
zTuSd*5Y!bMgs6Tg;(F7?o)`QyCv0d(*{0+3r_kTst-{*a57N14c_#?FQM!%ooZzlBV#;26q79)x!_{Dr
zoSc>sR4EhND1(&qK;fRjQMTCxgQ(}>yihM!=efQoV5i)ls<7#y-sYPL_}QhqqeX9a
z!+ziV{+Tf+)FgDpFaI_ZPc|KqdB10m`H%iP%mpp}u;2F^YRvC>*FBqB@mFmy=kKcZ
z)~bw|zjD9l4HkXioBZmBN1Q!`tL|XyqUD1|eDzOPBRl*oe6{v%kl(S3j8T^if8v8z
z{7%czt)g*t*)}oR{mwmBCklsJH*zGkFZL|DeKZ(HovqlukD+6{R#$g}F{zlR9?_Kx
zk<3-#JIae?yxGVuy#4a+pw(tS3bIKDAZv#q^KsGPd!JJ{T>R5!baI6b;i=R2zW78e
zA_RwfR;{Y{`fT8rAGjVgmicULlx)itcfFs*+*6N#pZrW-#988-f1WisHTZjMOV~K<
z@tL}9I$y=aD(Unshu*ukKQg2s4Ix;L-#mxP9Ok&0*1%&LRqGF|HxK7je?|J6=FxuvSJM>Yz=Ku3ehqKU^wA)o2HfgPCf`(=9{oP$b
z13X`qZ|(XhzpI94amcsDcpjJNSvux+T4Y>F0RgVrbCa-Vr?(%M%eIVjDh@o6j9cXv
z4m;|91|R-q2V(P^EhHy#RchZuHCS$`fGg*gjNX(2XPfB|^;~$Oy|@X!
z=FCuy8FOC^b9y(dWp>|rL+#y0{*_6(wU@Pr3nDq3alZ$jdlr6e^F28J8x?2d)Gti&
z;rO>Ba;S|;2&N$VdmXN;JcyUNR}&|=Hk++e5?^Z5;G|ajqM6pEm936bjf1$3PfnS2
zrFUi?#d;S!jU64k&~Psj;q*)RW5?>tipPN5D(ohS
zISJnTl8DWjVXZjOBh@g^N$a$-MpG0B-MZKr73RJMolO}xwEgp(&Dnvp)tbjd$?+2{
zJsRWVCsN?*<~u6L8>sFH+Jqadth-F66x5|ca>{&im>T_M^r)s2-Z@fD*4JUBGB|pQ
zjd^d6t6F5GIpx@(Qo0~D`hc@;mlSQWJA^&_q{9MdSQcxlt2atYOIW$~q}03H7FMA^
zs6kGuFppDNW3XMd>0QW41?kqhz8M8r8*|@`JbKd#`Ku=LR%3iiOJTLt_%*Ka0NUTZ
z%aY?dg^jnhL}MGQINQujW>td3i3Jjmn8GTT@P)D6;fa<7^l|3t5A@G~9Sgza#+GxN?M+VH
zYFzyyIc|I&KbswQR!L?7^fz}Z+r*J|F=-{#9bMK4t7?R`A(-csS?O>yDq3H?H)X8Q4)GRS_~jF}`;o%tJ32+v
zTQVkH=d7e#O~)IK>UEibKDK16spl+rjL%u&I+?Q?O|*-dOMW{78m=7f!vBFhycIl?
z9FF5Ie10Dd4ShrtABrk+QW@|~z4R~b&h>{xn8bORN&W+|D??WbVj7QLqsa}JiDj$l
z1ThEb3lN+1g38s*oLVd4&_~F;ZURHO0ZZlA1{YNTf!>o2{7@rtwQ%1~7
zv=^&fvIde=gDa>?#N`!E$?H@|>z>ZMZ(&Mp5-1$)k6eABsLc#ZKEL=ZgU5}#Gr$(Zz|4OsXAdBXLW3KI(i-YK
zL1qbGd$zpF#N(LrbG!wmdjAw^b*XNlZZxp0k+Y3PyjGJbWs|)5PyY?5mS7zlH|7+e
z(}pBh
zKM-uIYmhfvglF0AXMScm~
zm_sraT$4F`{F~qi3;=P)I-@i5M(RtT3=m8C)-kn{uK@BTf*mSYUp_U_T0HDDIMH+RSG&6zf1Bsy7H+88n@n`9u!W4RRa2Il_pzNNYk?sL2
zmZl=ksFLn|E;fCYDM+EbDMD>%CcK?C+^A;&Ls`IIhqZ3NjU0Dr@JmBrR@e?u6kX|d
z<^cnlCFVUe@>G4RB=Gc%>jD0vB9KaZIU$dfWZb(<0P+HKl(q!tc4j8P<5_9WRv_b?
zunK7%*zsGO8qufL!Xmxj3^Z^>Sqt*!-AC}07r
ziuxKfb1b>f0KZ|v24su@ke=1?BT3@oz$yRk1LvZGg;W41C+8JSmwo40L5F=0Q*)CWOg9og
zKM5$$G8HO1HJxkeqRvtib-{_VQQtm#hgFk|1Nv=aWCZ>@0Tux@2ZB^{f7lwnEXeA_
zE4^qiGmw^gTPoWl%Jza@_Maf++hP2pL}#R{HPH7*p-(Nnfo3%TEz<)Aq}4QbR@#6Z
zz+Kj~o5RB2J!`{#{S(*J{G+}_DM|yy?_0pcgB{1CghnNP1tE=0%wZK$SFY4_H+@DL
z)`m<^@A??GieVs!F|>uCfiCGgF%EFY_jS+u)$TPQ&z9Ezdo->}o9sPukP!D-s#|ow
z1IAHPhEKGj=@nZgo)^S8`
zVd1b?hEhx5YBG?mfTe*0RrE$Tc~~>RBhX~~7rZPMz__FHu5E(;p|T9IXvh;e1}bA#|V0`ulDmCZQZjL
zD2@q={Nxh0h5Dflhb
z-23EMhkuwn2JRhLF^S++)=S;!J9&J>=}cJO+@gF;4Ta9c-4a
ztkJyM1!I#}G5~O@fXgUuVq!wfV+s==BXXb0HHmtY_F}8exBvTe$+xHn1A59Si3xX7
z;8x0VR(QLfK)J~KyuMd|r7qy%E6Pm3TmnVb+0Mk!gCGKE5!DHrMFG`Y-oUC$%3S$CIlXXu6#^T3xrX9t-bv&(K|ncvlUSG6j4
zx#p0h2AIxv##?a7!~pRuZ8Ea$L)TD;@gvf0ji2?^y#R9x0B>$+2s_L!`D~n{xql7Q
zThd3}8#uQ!bAX_jI9853R<7l+7X)HSorLA9hV$lT+d2-08{GTvY{riL?t}N*4?F#a
zLha$t{G?%<(tk-n>#Y&I{a)uc-arRygL`wg+(kRs4D?{!%MaLEGHv_yWW4X&_|(n<
z=f*FmEP@G_*Ftl1YfOumtSc(VX?(cvkSlkmG4zD!M)C8TekS@4m&P~uHNU!YRzBUA
zFqL!AGW4-537x0uMm^kCiIQ`z)NNGhaR`VJbtH6pGON@+9q-HCE06$hM9Hcp0FJtzp#xfeMxN_h0k!m+1hwc=H>h^DVZ)
zQ~MVnKp`XAkT>YNZa`&h-D-fOnYWBIrY*H+nE
zp7Zs+3Ac;L>#3G<*z)Lcy(H3Ey`Rmj=+ZQ!v3dOq&~}(2vpIov|3+CCLEpDz?M106
zvD5*2F(4yZ_r^=_IEaQZu@=PL88TBvYy=L3*erp
z0x@wC_bvdak@!HzDbTus^Dky(cN$|5;lh65z{7yr)5nbgGiG^o9+^G~qC3`s?{&IZ
zfXv=XHVq!UHj7E`D$19t<-|__4`_UR`~~obXs?WYs+Y=_B;VSmj#||Kkvzw_YXs22
zvenqwbV@3_#@HmgfwRywoyx={y=*iJT|11wF~u9cW_PxH!yop(1#NbG-@fAzY@qsf
zMNAF=WAWn0xWAr;GBdD4(EBvE3}``)JpuC_&dCu%>~4iQ}%}Sg2Il1v(f-Ol~T~J*JMQM7#ROGpA?*JNwj52pewFQ$xuD
zTW&|$`PM3B*I?>Gp@`T`t06$3AF~Pzg@%r8*kEZckC+1XzhE0VPjfez`#`YW2FT*X
zTeoPBimJd{Ag`D6KT5QJK{FeAv%n7weFTV*x%k(ArrAH*QDZVCHA-k;<%*?yeZ1rA
zm)xh8^BdCbG!_6%qD4Taw7AjSU&b9o+dHN-
zX)>{rvdm!$$Sb=bEKG6xrJlfF``f0Za^)dskEmsr+Kurpr{o)@{N>S)Tld+*=J+r5
z-B_moeF#_x#2Tb)DrB%T@<8SY-LP#Cn9(Fp1#pKT6NI1Lu6b;1V7p_J?IBkEsXWL@
zlLn1{KmS<$3mfBVX1d`(@c$~h1hz7ht1EGtZmGU_(c6u;}VBKx{d
zkMq2Db-`|4lo`D*&mHwZ#^FHcKpwchSO?(%5GvO&fusPbdw|9RkbVH}5RQN^CEL&b
zNpdmxk^RWP;sEWz=^zEvdl)DL+P>;PGwlSF8~9lcViGkV_hnsa`a#ORdVq;pS8MP}
zYw7Hbj@dfq`)4}7VvlsJ1k|MFO|6Vy@Df5kR_u2yyM#tynQez0-Wlqmr5jvBHV2-q
zeiSqJhOd_K^rqiRXRGltvUyOwsL;itRfI#XIY!vZkbbdi%RIcogZ$x4xps4AH@Pa=
zqwqyrZN_PKWPw_>*!*;bzr+ln%VEFom2){6;|s7d>h&Rd3J>IKzo(R*-6RF
z5>jK_0RApWE)C62&6^Yh3<(q4W|Boe7$@jXlU{ao@f7N
z3$p3EYQIxBX|z9{N-8f)i;It!46i__nGa$Cx}a^3}I|*Cwh5Ze$%x
zi{{B;vGA|9WJ_+KC2_Qvn-AN9nrszi%EpzlMqO?%)UN8G2{>Z
z_}@H1*QZ39UkWT?UW*P$CI)0?ikVn3eM~@R&3^*fe49y|-AUc|)O|aFxIZDJdwY6b
zmnR#2?&|SW2;NZnV$SzNvxVC3+Sguw9j88GhaEMaFq65$az?*z;6s_nMZR0S97Go#X!)>WRhKFS-O+m
zY2qR~BP64D=Sr>k4!QX!pF+W-TFLi%KQu13#qF!4_tRaUUGd(CG>#ir{^4{~ulyOc
z>UduT#_;!o5$(VO68AavhtUI*Cmd=6j8s^B)k3#+)QJk<2~{-aD9IQG&=^_^+#lfk
zRDtxs$EruT90~|7mu0iR>s2ad{?u7eMivP!sn*f;>P&HI24LU;
zh(*^EVhk+zpw_QE8HTlMo>}*Bg_|_q4RP3~nHlRiEYKwo@s)}lay8F0}6Bg)J@#Kolr
zJ;cB3G%09nDV5uU%|C2yKj)154fb?jPpiBCHT263tYd5<6H-h8M+Ny@bzw^k{VuE;
zM4+^^hm8+WOUNUl($_3|{6tUKxLCVY8%On0-RP2pxM?#mZnV4$h@h2CfdBil^9hK8
z^tx}p3YAhw7XrcN_&KJZ>;sg2^71=A%w=qf9kUz^rxcRedQG6DazA@`Be~SUMKbn*
zZC;$ESraLKKSbx5f4a0JepT``Z$RK?Unk!zRE1&L3JJz@g-8yJ9LV
zQ~dUe`hO{iUzD{xy$88Vk5~Q^hSO;eWBL9{zxrI6b7iI5`)qNG9|S!SO7`%{e!6d^
zpO>ERbE1VU(NGXJ`|-k!jEJ1TB6WjA%ykFU6A4HO*HS5IS@#|XGiD_HIhMK
zq&g8Vln5
z1?Ij+(uvk8^ntj?zekiwgUnG788?!}LH^T}mI$?6xlhBNyt;Mq)m&oszy&EOT(ME?
zHUk;QEdt#9^z<6$85zyO88Of@EyA3X21#{$pi+C%n_6^e<$=28df-_eb5;S#NU8B(
zGviKYp?gdrIiNBC$OuU3SXm%eY2q!c94-|AJQs0k0iR$U*rJ8jPNnKwC+E@|FYl|(
zM$44dQ|%f6Gl$x>!Qw+%B#R_Nu9&GvnsHk_Zm`+e>@yZILDd
zCmu(pRkBM}W??-iSs`gocb{3`vW-zr*ir;V1`42|5Gas!eT1)qB*eeTb?bs?5avbM
zX}peV7o$|>M3%HmN<$itBarJ#~
z@WGdtjZWQRKfb)Y+b(O@>^hvx^}qgU`0tyIPCeJSVml+{A%>%G#%ug-TAakMG7bk?(t*D%fgFI
z)4e{W-Q3XebB#ayD30B$d0&Q;A-tD{E~@A4urS5zi9B|Oys`Zxv!*AZytm&I8qx)e
z@sj?(di(NlDBHLHu{D+$SyHky+0wKSGInLF?2=?jo+gjV8e{BBmdY+YJ;IQkEJczv
z5|xlqJdu5$?2NtNd3(O^d;I?R9mnr@|9Ryw(^2NWuk*UD^ZcCW`T1Noy}H-;)7!l)
z&B4>3by!(BE1ZoFIB$O%!`){;!%x~AQgC8p`Py8gDDyS?Z|0TF}=$ma$NEi_hct|+o9kml3^(}mOI@{afxO#?@ccMSZ-|kuEiWz5}lCw
zt5icqD+8(CA)6Zl{9dbKIRWxK%IV1T-VbkouwE?)7#vg$w|sD9=k}>(W@E;Z91j_d
zh4tNS+z)iIOshz5)R(Gii~+Dax6rE>Dz`(#YT|~kc*Z3Z#pU_1U2Bk8GMRpT`Qm*4
zQcX=*+wSDyOI<(Sa4oN$J7BE){;|<53CD*&48Gn;#+A^_^c0+rid;hf*u4Isk;qxq
zK@#qkd700|Q2wFT$71yDH1S1R(5h*z{lO%xi#)Kv-P
zVOC^Ul+1TZ{k6|khU{!^?VRgWJt0?GumctNN^za9$CCXSMVNlHFrYDcrO!hR@&h{U
zytapBxE9YqOnr->xE>iOW$GJ3y*SSw+7PY$Ueb9M+UWS8N=
za|62{Z;hga|FYY5e#;_}#T$Ut-pqDUOqB7y6Mwv#A;uPM8^ghpCmUz2%2
zNa3`dpJ`}=&@)xDZAbR+g!x}v0qHV^V@bO+n?~BYzCsxg8_(7%ix#G)mn+%gN-lzAyaAYli;4z@bx)n~#
z$M$h8NGoq*owPUqJn)cVeB;!*gd8%+ew^88ca}CtYmRqGD&Num^|;!v$u4C=W1Tx@
z)?97+MX73c+}-hFomVoox%-#6V}IurTiv(JAwvBP$#bcu+x@m)cbnf
z*5+hiVgHWshqaEb?Le3Req%SizS}F3WM1^=TZ!yjQ0UJwHJyCZigaMc)x@sg%GZPp
zdx`joIlmP8Q%B#Q5uKER(s&!r7aro^pQh
zDdSnCo9L&d52A~Y?XVJqUJ2h|Dj$>bkC1(bs+Ip}K+_Tq%rVy4IwAMNwio^D6I1cy
zo}|SLI_K?5`seb@tQ2rd00*GA@C8bOv5iS=m+2q1LNxsy{S-BAJXKBNr!@FtAYFuyFV8!`tEZHi>
zNbB!8D{1QfKIb@wum1Y6_$$6a2Yn;z#%ageo-f6gnPX-j3vFHH%H!nsmu@I~eWf==
zBdB}&5>vu>zsoDeXu84*NoV#WL0UiFom;fZzuC<0c3Xd~VJ(r$V_0$ehmVlhgVIkA
zB&|ht%hak$x2)b51qGcs8*W1X1Xs4-+Lza1#wRoJo$mc?cI}me)E~Jad!miCy`6?qXHoa_i_e=p_#ixVeYOxs&SNz^%
zS;KvQqg-@M7R7>DIR>lCv!}1CC9fvLAMMHO{xjIBSZs@Fy!cf}VoO2&-J9Ez@RX!Q
zosf>MaN&&$ZX5G8N`HhcZUy}G7kiIV`^EZlWtmGIv!=Ttyb-%>w~&goaLTnHeTAN=
z>K9$7(0N_WFoCl54h&|2Ya
zcmc21-5;OXLhE`$_tm(p<<}RCViG=G$rg2ix+^=_5m^~E3HvBV3x!|obp4oGRt8=%f9KMKR*K9@
zdan5Dbpvlx5nkO6?WUg&r&;*_$Y(X|iDS5~?6A!hXCvA0*0uEJ9c#uslqr3d-q5$*
zf0(@ne2w{B(
zCLa~TH($EDER$M*OB;3AJ`_8(IWM!6sjeAaqw48%`P*!N^+Z{aQ^@`A`ChaS9AgIZ
zm>_oZ?G{q)hvFxF|6rqA^kFb%jxk#
zMukjLU+Ye3!m<4``N^hsGfE2el_7%Owni_Z9>1!1E)+wI%frHdjyrVqXL=>|*faH=sJOCiS&7O-}f5X0T}
zog4Rk#2o%$;uLEnvxa(igW1YQw!e8@+>X7iBc)Y49&dRUz1ikHz7_i5q?K+rHdnXq
zud6!`*HMakLA}fPKkMMB4F0wUuU&aqUPLk94i7H>=`-nx8@|$9KDRNa^inqIxx8fM
zZt9AB)EQG@Tkc=VF(c0p8yepru#2z0M=jSetc2;{u6ql3FojOX2G=wFU!y!tm2o?S
zs?a-QG9B4J*(`Uub=}ZvyR_!7_G>E-D~#2s={vbuEC9fk7enjWmR5ZouIcSFF5$ez
zS>EqKUljc=bUCzp&Z#F@;eC{|+VJM^$xm;R{OW@1$)k_k-i1&K%x;RWeUe`6`Pb$*
z2d}Z9dN6-pJtoUUPvOiyK<7Aes3GZ_dO=9~;l&S)Wd_k(;=WuT=ZrVWicHv>Sz75H
z0z-|-M$*Fu8C{njbEHb;mriZWyr=PxysX9W?K-4w1YM1OXN(ux`KN*TTg#MXXRhf^
zVNN9V3Dy~%exTz`%IB$tzh$B)vgYwO7wmj?Rp!|)m2&5B8w;tYja)IxareDjTJK`m
z@oCT9IBtL6KK1q8tEycrn&sc8vHqJEW~y$)9f=6wMh{PPivcBYUYpC
z#$cD}`&eVLWmqhm8O^>82I_KtsH`y?Wxej*V;+76y>vGyI}bTSiss7%Y$zxMa6uQE>AlXY)2e3$tk=Wm^2G9d
z0tsrgWa05$*&zvj)6`=#Be!&a1s~>I2|g&5F<7!Mmh%4XiDG(6!GhZBn#IiGG}tos*As>L9#h58cE^st7cs_M9C}qR&KlJ4%Dy0{RxuzjusD3M
ztg19;uD(t!N5V8W8uR^Enu`3N?eNVs-~w@
z(6|1(R-F!J^VuMUTcf*By53dy7v-amP;9|(RPSMnLaOD|y$mu&^`n&ZwYy=`_Vt?6
z^cd9IWo@#>gLkF3)Z|uCn&*=ZZ1In89XN{OioA7ePK>VZ7K&4|aZ8qwNNg?D%F9S&
z+VF92-4}n4^}%q-TgH^dqN8m0avQT+4jt`LaIbEvGGvYT`R`mr#-VmIFX^Ln*E
z>0?3lTJ5_tQ%OqaZdkY1xDa1gEg58}h1BEidBsXsJM}A^R~p(0l2MGUf1j&Ux8S*x
zY1JwIPuJu??r4;%`Q{^@gC>Sn-xM%;;&!=D9xDF9bdBHck6gB;elEpS!MX!E2RmKs
zRqz3&b)q?P8P&2D!Sxj;#|}#StlU-7XyV3yba
z@5Q#&P8230vukDf74wi^xSWNLig)0J6LK_}V8?+Z+REuyG1n6htN!)rYrkQMoL>Qb
zff{+ztwJet$9Xf#NABatU7qZSPYxQJsf=i^KM8ky52pO^d3vhqemFndpV|AekX?IZ
ze&27De~Zfl2EE}|bU%d)Y40=snBE%g?CnZZhcf^{;eR6#p3D2>H%bA>)`4tmZnEZm
zqBwKt&%t*N*P6b8rydDco`MTN;VC>Cq(>XkcU@M74EY1<{S57Hn{~!Am7yxmSqytJ
z%DOI!ZljrA2jAA!aM{AFeX!_tT~8%THqwS0`1ifAj2gXL>~BdQ#n0%W@rH#p9yTmA
z6Oaz>uJ-&wIj(H2<&zzC(k3Hq$ks-zLpbYW03*kk=!!J(Zv9T1h6$n*~IT59gQ5m}7X#Epcj9$-F}uOvlXPxoaFg6hO^2D4VSc%&!^
ziRdb8Q0?vUgO5tOe3Q%AEH=mC90%O|2JK5v!npVvrt0+-$pKffkjMUwQgKeGnW3Nq
zekg*F;Ua5wK<<-pXE>oI;Okuu;{zr2FLz3_7S(^KGwz;VFdF?|c{x$^<$f#X&oAEl
z&JJ2u@)O=1*4;3CN?G#>p;i+*
zmlDH}$2{t8Czqb2>Xdgfl2_loy3yEAXJ~IR7Jn{LANDwfC>*H?C<8&*Vu4?@Sc(MWmSd@M(yT8a%h;(G346(=^MrNa%O$
zETxn36W5AUy}&$1N8~Wx?C?LvCUG-}ZJOJg!ZWV4x*&GopdhABE^m8KN@GaV(YDtk
ze(?p{Y>H4#K;3W*<52STU!2hy#{ynVJP$T2;x|!}9b659C-cA;=5t-ltAk)Ya5iqu
z`LC)mZ`4f#TYsZI2R{9cx=#VJhI4X(O*SDJ>GuK0f^+G7Y<0TR#H4oIJ*`MK2XW5T
zzckUgQMO&53EZ3ULw0r+c5msZX>Wmi9QTGbE~sYA8zTW7T3L;t+E6C5C@Wk^w~m7t
z=bgdAogtiYfpJ~1S*t2fF-QFc3pTlcZ~a&3D~$3tM^KMqvpB4}r!#Qs3Tw9{jNXZ8
zNp?vc{M+R2)NfS$3Q8y_yV_-0YQLjycg>Eldcao1=7U3?8bdNWx80NSS4k~&`0-^*
z)9#!}*EJ05E8^!Y4~lf&@=iQ$zDn+WF0M1hx{&Hvtl&g;KsT6uG&q$jJxi_GZM;Uh
zH<@EPOa5r;B3EyRSxrYYdjIujtDd{X{>VFSbtYQu(jh%w=C8g-52J)|lf4RC>3gYA
zgD0c0-Dx=M<~NE6Y36TK&2QBEz@LF5_45LWLyE@9ECrVNETrsDZTg%kIIMKUfbD2I
zcOOYmyNyKW62?@1$bcoKSvaD$$#K%P%VgM&R#dfVYvTG(0t+VC*(F54pZ#UW5aaEj
zObjopggk2lMGAP@KzBh}USZ(`PUy9XvTIVZoX}h8KQ#|d;okL|S)eoQDAU0t;^*`?
zP6t-TEK6S3H$(Fe%XatX+I9fBr(Z
zp|3r6?_0pPfc0jTB1S%1F{7}v#j54y->9p*5VoY(uuDMako}n<{DQcs-FSJm#IU9vL?+3@n-QCMKgC@`f~b2Q417BgagGz$2p+&TygCG3s9
zkpn)7rir=v$OyZ1HW*zLscPRrNANN($|gI^UBU20iPmXEtfjoUeX6<4TT!!~QrN^p
z>&&|Rs`rIgS$?~${f)7`n3o}JZZd6xH>btnCr@zH#Q-Dw-;o82LQQRirsv~h~`
zSZ?W(PsG>rv7+hN5l7zTNCAb_~LU4_|6m{hGe2Tfmg!M0qGP{ifqi
z{}GO%kkhEDZN3uL^3vPWvHW^gE@HldA6fXj!gA?(8s+SR44-|-54nHk%fp?Gt>v{B
z-WOrD9#jtq*xp%>Kf`X+7@d#u@_TEba;EWmcn#yGfCeG2)5qM8AHSaceZFHby&m`X
zS;l{vK?qyoUt)i;DH$5N`nZSKk7flVmYeU0cye?|u;Lf{i#|@3c}KM`pshwqhABhQ$t}S3kzJl}?Q5*m-tag4*H!6(hGt;vZe||V
zg)^@*>@+Y}YfZ{wT!q?L*BriUNyvFksR7PRrG|4#DDX42Is+{ldb`9{Xa=mZeIfAD
zS%(`zy$qq*qeuLOXU-*&nd9lkZ{>D82-w-8%@5WS73B}rbcznGD2=e&yR7A2?%g@H
zE<02L;+6k;5jEovhgqVc%fSVw>h*buJG{
zmeaJ`g&nAisstj3ke^6=?g;`(jJ}U8E)U96V-m8Lpc%VI%0_rP`#^XjoVumHPDSpF
z0NvdwDBS^*q(F<1)R2@Td_%k4#&9Cm6Q3qJF&V~wNq<-jBhN)dOUN+vu>ekFr)MyR
z4l6L05k{Om4;({b_8r29RyZq%9xu?)P-!$7GS?2%qg8Wb97mUeTlYd`7
zW6L)C2xaX_P?QiYpo^2?49XTi88vJ7uVx5ma_{TZ!{@+k1s-<~P^tb)*di_M`y5Ny
z$kgasVyulwpqY)SMm)twl&@KlFkXUjnM#QX2OCTlLbM_QOM&;(ZRX3cVVc?NEdQ&a
z0bJG37txY0wO%MID?0)zj9Wg*)yPbxWbP3WuE0qpv4RgO>0y-1)4I?66_;03vqL
zspUqPjm2EtI=MPa`v$b9^CwCaNLl?Ow$3w3q2(SU=u!_?b2m{PWWKoDnAx@A0>Ca%
z2CfkZ3jWoQ0Lfs)GO5ju(#7g&81BbHv;a2qzrGLQmicDi^fc_FT_;LY@hL55d*;5B
zO*Z2@?_JVt!>{Ycfm4_x!yY0ng=zq48!Qi>&AzuH&VVAM(Te}_=HXMXE*Pu}f~}?D
z8;F^}h8V}UR_2k5k)#)BdGcuvzyC2y$wGvB%Dls?aB2Ewhs&To4f9+#t>lBek
zvJwrjh#qVMAb^2v0e)T;X6BXuje4GHra%N%zGa&!5>Vh9lzRGzVYssK-=Ay}lICW(
z+WTFWggT6yaLsO#_7f2zb7Yq|38|n;tthsjS}oun)*_6&=kmyUUSSW}rMGY`*qD`G
zZ(ws$wmWNk3VM*;H{ixsfK>~O8k}zLMXqOzlGSO@yTLh7@vvrWD^_`36)xpjC0^3$~*#pxkvnGC39J>QB8_Ma
z;VKY;UHqKzU1M%9dxb@4jspUQy(B>boY^t|nTgZ4)f`>U1C&TpPGJ;@K_l+XUax-z
z=wi-%Z=&-+0y-To%4_v
zNu+pXOvL0y&9GxcG_K}>an_K&H5i5zYz3Keb~
zBz>3SyztBKQb2PE^qYKlm<1@Se`qrZTQbwcB*=4009YhXzQa?NZ2j!V1bQa~JE^Im
z2}HCAH3DGya}8ix!2*IPitJufgfc<~9gY4%0nJ=$H-~%)(d`(xJk9=iCDZ)*^W21_
zkCvHs_lUUi4f0rRMCp={%W{A`{>y7j0B2|^2~dg<7zpjTH?eZT8PEYinC}Qfk;)fr
zY%e>sKg+$oQ@Z@25s-AqIOPJ{d}&1920JRxFh1A%5u@5EaHziPMowd@DWywF5q~v%
zq3;Q1_-q@9=xrlx7OvU%}`q032h
zzDruLr(z~WAR`|G-HL<)JMfL@cTpdUL9Elwda6DP(S0dISzBW7fI1cUh^AO9R`ghW
zrdia@rskTSxrn$W--x$DQ?t5pOM1%adbUUvbUlj5V4P*r4)oo)JZgB`oVyl$G{OR-
zs{#_Iz3i~bk|pwWc?AhxbB0O9W|u&^Wnf-+Y6F8+?Hj|Yq|K}eO%dx&zI~`iHMOdM
zg+l*!%UcMI<08^?Oz{Q>qGI%H!Vq#Bfc^Vq>o5TE!{q3HUhv#CH34SuHwI!
zCqbcx$koDn_DUI$x9J%wDq$y5wUJDt-L`2U;;C1v3n{->MN*z$kTS+poeC@TktSV6
zTos5!%o)S>$f(E_CeI+c_J-n+g}%$!KqDRLKAd1%rsV)=-%Vd}0U69r^jOjwS3CD$
z@H(tZL0w~*-lu6sT(ohHJA$G0obDWra}oEMrbrpY`w=%p*0jdJ?np6&BE#Sc6wTff
zves3XKU^|v}6k|qTbZo3=Xr`>{SsxKiZ~@ek!DA
zZyTbO0l@`vZ?E9~=_~i#1PF|WtDjt6$=a<`fD`yh0GFFBXhNBD~ZT{Vn
zGhlXPNv2e*rkxzCNh4DQL*GW+6WSK-Q%2iU(;5Kt(Wyex3_OZ42??O3BcBicfl%1w
zbOOZhskw5cpc+!PV|R?c=XEq6B0zx+b_OH@*w&iBig!hXu4-9guyzW=lZU
zX@tZ?*3+|zaUPm|$_&OP8RqvhwKDYESVQ~R;xn9i>8>*AA(Dh6$yX^!ftotW)u7Bm
z5EgizaxI8oHnk~WbT85}TB)CiQ6ym;s5M<SwSxHAe-eeADhkn(^9
ztOD&wUQuJn9moK;fT(7f6UvL2sIz27hKHI`2Fgx@F3@!%y5LZqHLfuOb8JG|ls|yU
zGC`mI{_^W&Clpv%w5G+1Y`u6_o1
z@uPDJ3$T`1Zsbh%`B9b*lW?L`p^;zOm4(bfYj4r455WcCJMFlOP
z8kYySM-(v-0SIO^`V5@$9s{4U&Z?fDXW5pF2(zOyEu*BZ0Y?EFagD2OM#yjgqcG!}
z5>Kh^qI!|3ZdFS{vlP{|=VPf94|}TMcW^;BsBRhNsX)%nclgEUVtX?kQP>hl%Is!D-gqnJ1
zbxm4ETS+Cxv=M>cF@cz@JQWGIMYPw5R-bZ}YTS~FxJEI3Bp%i(C;|60=O2rccO1^o
z)OhWU!iENEFo-p{b#lx);)sO<7|BOMliU>5n98#;ibC4GL{;s6Byv3qP4FH^-&o?%
zpAhUM#T`>hU7q7wXf3(FKxh-)c
zJV%^v3nLz44D2==!m@7F^5v@n1Y*^)Zo-L3W|fv67D
z0Y&cwyYh#DI2gtu&#rAccpdBHWf+x$p*ZLDngJKQH3ckVxt@fzY&*@oHhY`V8Y?^
zJ*?{4nY>reCK^D}STpt|rWN$A(NRKkc-j65DP_%>3k=!9Tjix;_F
z0Gv{Ot1?<*LU4m2PN=bu70eZPuoVCuo%KBsq=8$44MBj^xVXozC&#ia)ArfFXy`Bh
zq+;$?BPW_}83kOCkakBT%?u;&CZOGpQ4}I9*^agnVLPN!!1J|-R;PxhqsEYpM^KRz
zk&9bm&~5_?g!#T;QBa`*qkHdw3AP4Mp2~vye{agIkyPI}B_r(RWw1Jcx&eVZYqnD)
zJj}HKcnf^zvfBh~bfUmbQ;!jW?nvc~xk>x6r>PWDUg$S1`Y{j=qn|PY)s!1SrWpkO
z?qECKQzpp^U08K4@J*TKG?4cmH`B?xs1%lCYuN4^BMR=Wj8gkWGJiyCN6)UH0(_zV+BH#Hy)2Da9of|tCIoP7%5fGN+k?z=sK#hW>I
zQ!-As)xdLBh(H4rb5E&r*|C*`5s!rV7tb3x3u	@v`ofX2HbjRkUNC3ffC#OrX1%
zd{0XRjFX$XV@PFiCBUC{?v7?w;?!w@`Q_#0bd)$
zDj+74SL9;bEi*0%t0_)cghT`((CB1q*>*ftJ1gY;sdrYpm57miNW>fdXCz(UAS(HG
z(zJVB#{|<#=U{bnd@!K^enqzbh+D>7jmFioVNog*KQp9l|Iud^hiEORcOJ%4L5%Rm
zFl|zF&2${9Mg-dBvTp#zgtXg;xm^Da1dzS775;Oz(IJdu@y|)?+7=}B)b54jx1lQjq|1-1%7&c)!bGAUNR8^m&U7s?!RapR>uz>ym`kpem9era=ATIN~(3EfET;snJ
zBI*m}8PK&SE9@vGq(s@#n*-3n#ifXw=h)6HU#`aYP*suO{nQO&t(zb$S`K`~-?1kr
zCXH!_N5D;y`;^PTHHuIL606T9*0Z#u?Gvj7n(CQF)^x%E61sz$p6P?DtZNNBogF26
z#BhO&3|reDtJ+UGrke5=!A&sHLU%@lrl4LiB19l%MUlwVnly=t&}zZXxk>riA%R{M
zwEbMJn#es4*w&^*x;&dG*0^H&Asqc{iR*~G8S)iKR}#{ZDZp{PHVDhri7x=?8cD>R
zQKqcoJP{ZLwJQ9FF^m@xF4=Ka=u^9mKHM%9wu4~re2XxrAmV@%JT&Jb>{a9G+$E5*
zC}0L+djTXY3$ni9!m7e7SlK(1CqbKOmY35086P80szT!S-p6-M;QMdpJB;CbN&9O*
zKujEM7c}DXP=aG0Ii~J$G!AfVGdvYYjBgg`yvMP9Q$Zj!!JQs+L(iP4)%ICK(HxTt
zpXh>2ef9+dI5~i&97_-)}0!+J2%H9wgwrl21Y2&`1Y|%Pb;i7$Cu~_PAEOrhb5#ItU0`UT|3T_yOIh7cK
z%ASJ+ONN$FQk$wdy+@VN>SVNaRd8NhmN9{ow^YOSLo<|@q!$ux;Rpg3&?93L)DA$x
zNS=eh>$|rIdLg64r%4yJYX*mud=mTU;yf0Xb&nB}E6VSgtE?*dCiIz-gGj9U)ny
zCr^$OH*5ng!<*ROsG{>9N-LmAMF%HI)`eeA+{UT1b-Y_%sM#GpGQYz<`mTgzE4C7M
z$@k#oeUsql`$TWc4R1v~RJ>8q8Tcd3V2Wh)da$-B??n@VS@x&hsgiE)P5Ui%O}qXD
zDU08zK@6HmR~4jQQ12p0`&_iY;HyP!)@;(9U`#)KF#TYsiFO|IPOB8B+z!)zL;C0w
zY)e?e_v2;H^QbL4D|2eXf3Ql3^k`Wm-6dHbIBM`TKw+BMz_Re4<}2aMYvxKXl5Ph)
zVDwPBsCqPyG(F?MP?Gn+{@9XSzMo6dz}*&hUv}fl61OVULc<1LRX3UD=E^NoC%;}o
zc3x{K3VCEuoN84jwdKHT`Dj$azoB%*Nr88e#W
Date: Fri, 13 Apr 2018 20:59:37 +0100
Subject: [PATCH 098/133] re-enable git-ssb setup with paths

---
 src/freedombone-app-scuttlebot | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/src/freedombone-app-scuttlebot b/src/freedombone-app-scuttlebot
index 13563747..ceee82b5 100755
--- a/src/freedombone-app-scuttlebot
+++ b/src/freedombone-app-scuttlebot
@@ -259,14 +259,15 @@ function git_ssb_script {
 
 function scuttlebot_git_setup {
     if [[ "$1" == "mesh" ]]; then
-        if [ ! -d "$rootdir/root/.npm-global/lib/node_modules/git-ssb-web/highlight" ]; then
-            mkdir "$rootdir/root/.npm-global/lib/node_modules/git-ssb-web/highlight"
+
+        if [ ! -d "$rootdir/root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight" ]; then
+            mkdir "$rootdir/root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight"
         fi
-        if [ ! -f "$rootdir/root/.npm-global/highlight.js/styles/foundation.css" ]; then
+        if [ ! -f "$rootdir/root/.npm-global/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp "$rootdir/root/.npm-global/lib/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/lib/node_modules/git-ssb-web/highlight/foundation.css"
+        cp "$rootdir/root/.npm-global/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css" "$rootdir/root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css"
 
         git_ssb_nginx_site=$rootdir/etc/nginx/sites-available/git_ssb
         { echo 'server {';
@@ -284,14 +285,14 @@ function scuttlebot_git_setup {
             exit 7357225
         fi
 
-        if [ ! -d /root/.npm-global/lib/node_modules/git-ssb-web/highlight ]; then
-            mkdir /root/.npm-global/lib/node_modules/git-ssb-web/highlight
+        if [ ! -d /root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then
+            mkdir /root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight
         fi
-        if [ ! -f /root/.npm-global/lib/node_modules/highlight.js/styles/foundation.css ]; then
+        if [ ! -f /root/.npm-global/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then
             echo $'Could not find foundation.css'
             exit 347687245
         fi
-        cp /root/.npm-global/lib/node_modules/highlight.js/styles/foundation.css /root/.npm-global/lib/node_modules/git-ssb-web/highlight/foundation.css
+        cp /root/.npm-global/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css /root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css
 
         git_ssb_nginx_site=/etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME}
         function_check nginx_http_redirect
@@ -313,7 +314,7 @@ function scuttlebot_git_setup {
     fi
 
     { echo '';
-      echo '  root /root/.npm-global/lib/node_modules/git-ssb-web;';
+      echo '  root /root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web;';
       echo '';
       echo '  location = / {';
       echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
@@ -339,7 +340,7 @@ function scuttlebot_git_setup {
           echo '  add_header X-Content-Type-Options nosniff;';
           echo '  add_header X-Frame-Options SAMEORIGIN;';
           echo '';
-          echo '  root /root/.npm-global/lib/node_modules/git-ssb-web;';
+          echo '  root /root/.npm-global/lib/node_modules/git-ssb/node_modules/git-ssb-web;';
           echo '';
           echo '  location = / {';
           echo "    proxy_pass http://localhost:${GIT_SSB_PORT};";
@@ -443,8 +444,8 @@ EOF
       echo '[Install]';
       echo 'WantedBy=multi-user.target'; } > "$rootdir/etc/systemd/system/scuttlebot.service"
 
-    #scuttlebot_git_setup mesh
-    #git_ssb_script mesh
+    scuttlebot_git_setup mesh
+    git_ssb_script mesh
 }
 
 function install_scuttlebot {

From c8a0e38f3ac36abf89921005ca52c00b0314911f Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 11:02:36 +0100
Subject: [PATCH 099/133] Check bmx7 was installed

---
 src/freedombone-image-mesh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/freedombone-image-mesh b/src/freedombone-image-mesh
index 79415cf5..5e30257b 100755
--- a/src/freedombone-image-mesh
+++ b/src/freedombone-image-mesh
@@ -1449,9 +1449,11 @@ if [ -f $MESH_INSTALL_SETUP ]; then
     systemctl disable bmx6
     echo $'BMX6 disabled' >> $INSTALL_LOG
 
-    systemctl stop bmx7
-    systemctl disable bmx7
-    echo $'BMX7 disabled' >> $INSTALL_LOG
+    if [ -d /etc/bmx7 ]; then
+        systemctl stop bmx7
+        systemctl disable bmx7
+        echo $'BMX7 disabled' >> $INSTALL_LOG
+    fi
 
     systemctl stop olsr2
     systemctl disable olsr2

From 4cad482b5f3cb3a9d0a7536f5c3216596cb9a70c Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 11:04:56 +0100
Subject: [PATCH 100/133] Check bmx7 was installed

---
 src/freedombone-mesh-batman | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/freedombone-mesh-batman b/src/freedombone-mesh-batman
index cce0bbf4..1b5ad086 100755
--- a/src/freedombone-mesh-batman
+++ b/src/freedombone-mesh-batman
@@ -60,7 +60,9 @@ function stop {
     fi
 
     systemctl stop bmx6
-    systemctl stop bmx7
+    if [ -d /etc/bmx7 ]; then
+        systemctl stop bmx7
+    fi
     systemctl stop olsr2
     systemctl stop babel
     systemctl disable bmx6

From ff31ff6961934151d927dc64a3bbb352eca229e9 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 13:23:34 +0100
Subject: [PATCH 101/133] Mitigate port scanning

---
 src/freedombone-utils-firewall | 27 +++++++++++++++++++++++++++
 src/freedombone-utils-setup    |  3 +++
 2 files changed, 30 insertions(+)

diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall
index bacc488d..fc1ff62f 100755
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -465,6 +465,33 @@ function firewall_add_range {
     fi
 }
 
+function firewall_handle_port_scans {
+    if [[ $(is_completed "${FUNCNAME[0]}") == "1" ]]; then
+        return
+    fi
+    # only works for high frequency port scanning
+
+    # flooding of RST packets, smurf attack Rejection
+    iptables -A INPUT -p tcp -m tcp --tcp-flags RST RST -m limit --limit 2/second --limit-burst 2 -j ACCEPT
+
+    # Protecting portscans
+    # Attacking IP will be locked for 24 hours (3600 x 24 = 86400 Seconds)
+    iptables -A INPUT -m recent --name portscan --rcheck --seconds 86400 -j DROP
+    iptables -A FORWARD -m recent --name portscan --rcheck --seconds 86400 -j DROP
+
+    # Remove attacking IP after 24 hours
+    iptables -A INPUT -m recent --name portscan --remove
+    iptables -A FORWARD -m recent --name portscan --remove
+
+    # These rules add scanners to the portscan list, and log the attempt.
+    iptables -A INPUT -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix "portscan:"
+    iptables -A INPUT -p tcp -m tcp --dport 139 -m recent --name portscan --set -j DROP
+
+    iptables -A FORWARD -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix "portscan:"
+    iptables -A FORWARD -p tcp -m tcp --dport 139 -m recent --name portscan --set -j DROP
+    save_firewall_settings
+    mark_completed "${FUNCNAME[0]}"
+}
 
 function firewall_remove {
     firewall_port=$1
diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 1836db2a..fd208d61 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -700,6 +700,9 @@ function setup_firewall {
     function_check configure_firewall_ping
     configure_firewall_ping
 
+    function_check firewall_handle_port_scans
+    firewall_handle_port_scans
+
     function_check firewall_drop_telnet
     firewall_drop_telnet
 

From 22a64f389c78aedc98a45c2ae69a04cac6051b17 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 14:16:40 +0100
Subject: [PATCH 102/133] Documentation for port scanning

---
 doc/EN/faq.org      |   3 +
 website/EN/faq.html | 599 ++++++++++++++++++++++++--------------------
 2 files changed, 330 insertions(+), 272 deletions(-)

diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index 41d08319..a0c25250 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -25,6 +25,7 @@
 | [[How is Tor integrated with Freedombone?]]                                                   |
 | [[Can I add a clearnet domain to an onion build?]]                                            |
 | [[Why use Github?]]                                                                           |
+| [[After using nmap or other scanning tool I can no longer log in]]                            |
 | [[Should I upload my GPG keys to keybase.io?]]                                                |
 | [[Keys and emails should not be stored on servers. Why do you do that?]]                      |
 | [[Why can't I access my .onion site with a Tor browser?]]                                     |
@@ -113,6 +114,8 @@ At present Github is useful just because of the sheer number of eyeballs and the
 The source code for this project is experimentally independently hosted, and it is expected that in future the main development will shift over to an independent site, maybe with mirrors on Github if it still exists in a viable form.
 
 Currently many of the repositories used for applications which are not yet packaged for Debian are on Github, and to provide some degree of resilliance against depending too much upon that copies of them also exist within disk images.
+* After using nmap or other scanning tool I can no longer log in
+This system tries to block port scanners. Any other system trying to scan for open ports will have their IP address added to a temporary block list for 24 hours.
 * Should I upload my GPG keys to keybase.io?
 It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the *private keys*, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
 
diff --git a/website/EN/faq.html b/website/EN/faq.html
index 923b752b..2eb4ca0d 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -3,26 +3,33 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
+
+
+
+
+
+
-
+
 
 
@@ -97,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -144,7 +236,6 @@ for the JavaScript code in this tag.
 
 

 

-

 
 

 
logo.png
@@ -162,152 +253,156 @@ for the JavaScript code in this tag.
 

 
 
-

+

 -+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
-
+
+
+
+
+

 
 
 


 
 
 
What applications are supported?What applications are supported?
 

 
 
I don't have a static IP address. Can I still install this system?I don't have a static IP address. Can I still install this system?
 

 
 
Why Freedombone and not FreedomBox?Why Freedombone and not FreedomBox?
 

 
 
Why not support building images for Raspberry Pi?Why not support building images for Raspberry Pi?
 

 
 
Why use Tor? I've heard it's used by bad peopleWhy use Tor? I've heard it's used by bad people
 

 
 
How is Tor integrated with Freedombone?How is Tor integrated with Freedombone?
 

 
 
Can I add a clearnet domain to an onion build?Can I add a clearnet domain to an onion build?
 

 
 
Why use Github?Why use Github?
 

 
 
Should I upload my GPG keys to keybase.io?After using nmap or other scanning tool I can no longer log in
 

 
 
Keys and emails should not be stored on servers. Why do you do that?Should I upload my GPG keys to keybase.io?
 

 
 
Why can't I access my .onion site with a Tor browser?Keys and emails should not be stored on servers. Why do you do that?
 

 
 
What is the best hardware to run this system on?Why can't I access my .onion site with a Tor browser?
 

 
 
Can I add more users to the system?What is the best hardware to run this system on?
 

 
 
Why not use Signal for mobile chat?Can I add more users to the system?
 

 
 
What is the most secure chat app to use on mobile?Why not use Signal for mobile chat?
 

 
 
How do I remove a user from the system?What is the most secure chat app to use on mobile?
 

 
 
Why is logging for web sites turned off by default?How do I remove a user from the system?
 

 
 
How do I reset the tripwire?Why is logging for web sites turned off by default?
 

 
 
Is metadata protected?How do I reset the tripwire?
 

 
 
How do I create email processing rules?Is metadata protected?
 

 
 
Why isn't dynamic DNS working?How do I create email processing rules?
 

 
 
How do I change my encryption settings?Why isn't dynamic DNS working?
 

 
 
How do I get a domain name?How do I change my encryption settings?
 

 
 
How do I get a "real" SSL/TLS/HTTPS certificate?How do I get a domain name?
 

 
 
How do I renew a Let's Encrypt certificate?How do I get a "real" SSL/TLS/HTTPS certificate?
 

 
 
I tried to renew a Let's Encrypt certificate and it failed. What should I do?How do I renew a Let's Encrypt certificate?
 

 
 
Why not use the services of $company instead? They took the Seppuku pledgeI tried to renew a Let's Encrypt certificate and it failed. What should I do?
 

 
 
Why does my email keep getting rejected as spam by Gmail/etc?Why not use the services of $company instead? They took the Seppuku pledge
 

 
 
Tor is censored/blocked in my area. What can I do?Why does my email keep getting rejected as spam by Gmail/etc?
 

 
 
I want to block a particular domain from getting its content into my social network sitesTor is censored/blocked in my area. What can I do?
 

 
 
The mesh system doesn't boot from USB driveI want to block a particular domain from getting its content into my social network sites
The mesh system doesn't boot from USB drive
 

 
 

 

 
-

-
What applications are supported?

-

+

+
What applications are supported?

+

 

 See here for the complete list of apps. In addition to those as part of the base install you get an email server.
 

 

 

-

-
I don't have a static IP address. Can I still install this system?

-

+

+
I don't have a static IP address. Can I still install this system?

+

 

 Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
 

@@ -317,68 +412,50 @@ The lack of a static IP address can be worked around by using a dynamic DNS serv
 

 

 

-

-
Why Freedombone and not FreedomBox?

-

+

+
Why Freedombone and not FreedomBox?

+

 

 When the project began in late 2013 the FreedomBox project seemed to be going nowhere, and was only designed to work with the DreamPlug hardware. There was some new hardware out - the Beaglebone Black - which could run Debian and was also a free hardware design so seemed more appropriate. Hence the name "Freedombone", being like FreedomBox but on a Beaglebone. There are some similarities and differences between the two projects:
 

 

 
-

-
Similarities

-

+

+
Similarities

+

 
    
-
  • Uses freedom-maker and vmdebootstrap to build debian images
-
    • 
-
  • Supports the use of Tor onion addresses to access websites
-
    • 
-
  • Typically runs on ARM single board computers
-
    • 
-
  • Both projects aim to increase independence and privacy for internet users
-
    • 
-
  • Both projects aim to make running your own server at home easy
-
    • 
-
  • Both projects include wiki, blog, VoIP and file sync
-
    • 
-
  • Both projects enable easy installation and removal of apps
-
    • 
-
  • Both are typically "bare metal" rather than running as VMs or containers
-
    • 
-
  • Both currently are hosted on Github
-
    • 
+
  • Uses freedom-maker and vmdebootstrap to build debian images
    • 
+
  • Supports the use of Tor onion addresses to access websites
    • 
+
  • Typically runs on ARM single board computers
    • 
+
  • Both projects aim to increase independence and privacy for internet users
    • 
+
  • Both projects aim to make running your own server at home easy
    • 
+
  • Both projects include wiki, blog, VoIP and file sync
    • 
+
  • Both projects enable easy installation and removal of apps
    • 
+
  • Both are typically "bare metal" rather than running as VMs or containers
    • 
+
  • Both currently are hosted on Github
    • 
 

 

 

-

-
Differences

-

+

+
Differences

+

 
    
-
  • FreedomBox is a Debian pure blend. Freedombone is not
-
    • 
-
  • Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
-
    • 
-
  • FreedomBox is aimed at consumers. Freedombone is aimed at slightly more technical people who don't have time to configure servers
-
    • 
-
  • Freedombone includes some software not yet in the official Debian repos
-
    • 
-
  • Freedombone includes an email server set up for use with GPG by default
-
    • 
-
  • Freedombone has encrypted backups capability
-
    • 
-
  • Freedombone implements the social key management idea which was described in a 2012 FreedomBox meetup
-
    • 
-
  • Freedombone implements recommendations from bettercrypto.org whereas FreedomBox sticks to Debian default crypto settings
-
    • 
-
  • Freedombone has a mesh network version. FreedomBox doesn't yet
-
    • 
+
  • FreedomBox is a Debian pure blend. Freedombone is not
    • 
+
  • Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
    • 
+
  • FreedomBox is aimed at consumers. Freedombone is aimed at slightly more technical people who don't have time to configure servers
    • 
+
  • Freedombone includes some software not yet in the official Debian repos
    • 
+
  • Freedombone includes an email server set up for use with GPG by default
    • 
+
  • Freedombone has encrypted backups capability
    • 
+
  • Freedombone implements the social key management idea which was described in a 2012 FreedomBox meetup
    • 
+
  • Freedombone implements recommendations from bettercrypto.org whereas FreedomBox sticks to Debian default crypto settings
    • 
+
  • Freedombone has a mesh network version. FreedomBox doesn't yet
    • 
 

 

 

 

-

-
Why not support building images for Raspberry Pi?

-

+

+
Why not support building images for Raspberry Pi?

+

 

 The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
 

@@ -388,9 +465,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
 

 

 

-

-
Why use Tor? I've heard it's used by bad people

-

+

+
Why use Tor? I've heard it's used by bad people

+

 

 Years ago Tor was usually depicted in the mainstream media as something scary inhabited by cyberterrorists and other bad cybers, but today to a large extent Tor is accepted as just another way of routing data in a network. Depending upon where you live there may still be some amount of fearmongering about Tor, but it now seems clear that the trajectory is towards general acceptance.
 

@@ -400,14 +477,10 @@ Tor and its onion addresses, previously called hidden addresses, have a few key
 

 
 
    
-
  • NAT traversal
-
    • 
-
  • Firewall traversal
-
    • 
-
  • Avoiding the domain name system (DNS), which is mostly centralized and not secure
-
    • 
-
  • Avoiding passive bulk surveillance in which governments try to find out who is communicating with who
-
    • 
+
  • NAT traversal
    • 
+
  • Firewall traversal
    • 
+
  • Avoiding the domain name system (DNS), which is mostly centralized and not secure
    • 
+
  • Avoiding passive bulk surveillance in which governments try to find out who is communicating with who
    • 
 

 
 

@@ -415,9 +488,9 @@ On the negative side it's a complex system which is not fully decentralized.
 

 

 

-

-
How is Tor integrated with Freedombone?

-

+

+
How is Tor integrated with Freedombone?

+

 

 Within this project Tor is used more to provide accessibility than the anonymity factor for which Tor is better known. The onion address system provides a way of being able to access sites even if you don't own a conventional domain name or don't have administrator access to your local internet router to be able to do port forwarding.
 

@@ -435,17 +508,17 @@ Even if you're running the "onion only" build, this only means that sites are ac
 

 

 

-

-
Can I add a clearnet domain to an onion build?

-

+

+
Can I add a clearnet domain to an onion build?

+

 

 You could if you manually edited the relevant nginx configuration files and installed some dynamic DNS system yourself. If you already have sysadmin knowledge then that's probably not too hard. But the builds created with the onion-addresses-only option aren't really intended to support access via clearnet domains.
 

 

 

-

-
Why use Github?

-

+

+
Why use Github?

+

 

 Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
 

@@ -463,21 +536,29 @@ Currently many of the repositories used for applications which are not yet packa
 

 

 

-

-
Should I upload my GPG keys to keybase.io?

-

+

+
After using nmap or other scanning tool I can no longer log in

+

+

+This system tries to block port scanners. Any other system trying to scan for open ports will have their IP address added to a temporary block list for 24 hours.
+

+

+

+

+
Should I upload my GPG keys to keybase.io?

+

 

 It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the private keys, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
 

 
 

-Saying something resembling /"only noobs will use crackable private key passphrases"/ isn't good enough. A passphrase should not be considered to be a substitute for a private key.
+Saying something resembling "only noobs will use crackable private key passphrases" isn't good enough. A passphrase should not be considered to be a substitute for a private key.
 

 

 

-

-
Keys and emails should not be stored on servers. Why do you do that?

-

+

+
Keys and emails should not be stored on servers. Why do you do that?

+

 

 Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
 

@@ -486,45 +567,45 @@ Ordinarily this is good advice. However, the threat model for a device in your h
 
 
 
-
+
 
-
+
 
 
 
-At home
-In a warehouse
+At home
+In a warehouse
 
 
 
 
-Accessible to a small number of people
-Accessible to possibly many random strangers
+Accessible to a small number of people
+Accessible to possibly many random strangers
 
 
 
-You control the environment
-You have no control over the warehouse
+You control the environment
+You have no control over the warehouse
 
 
 
-You know what gets plugged in to the box
-Anything could be plugged in to the box and you might not know
+You know what gets plugged in to the box
+Anything could be plugged in to the box and you might not know
 
 
 
-You know where your home is
-The warehouse could be anywhere in the world
+You know where your home is
+The warehouse could be anywhere in the world
 
 
 
-Normally requires a warrant to search
-Requires little or no justification to search
+Normally requires a warrant to search
+Requires little or no justification to search
 
 
 
-You know what jurisdiction your home is within
-You may have no idea what jurisdiction the warehouse is within
+You know what jurisdiction your home is within
+You may have no idea what jurisdiction the warehouse is within
 
 
 
@@ -535,9 +616,9 @@ In the home environment a box with a good firewall and no GUI components install
 

 

 
-

-
Why can't I access my .onion site with a Tor browser?

-

+

+
Why can't I access my .onion site with a Tor browser?

+

 

 Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select whitelist and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
 

@@ -547,9 +628,9 @@ Another factor to be aware of is that it can take a while for the onion address
 

 

 

-

-
What is the best hardware to run this system on?

-

+

+
What is the best hardware to run this system on?

+

 

 It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you UPS capability to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
 

@@ -559,15 +640,14 @@ It was originally designed to run on the Beaglebone Black, but that should be re
 

 

 

-

-
Can I add more users to the system?

-

+

+
Can I add more users to the system?

+

 

 Yes. Freedombone can support a small number of users, for a "friends and family" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
 

 
 

-
 
ssh username@mydomainname -p 2222
 

 

@@ -585,9 +665,9 @@ Another point is that Freedombone installations are not intended to support many
 

 

 

-

-
Why not use Signal for mobile chat?

-

+

+
Why not use Signal for mobile chat?

+

 

 Celebrities recommend Signal. It's Free Software so it must be good, right?
 

@@ -597,18 +677,12 @@ If you are currently using a proprietary chat app, something without any encrypt
 

 
 
    
-
  • It uses phone numbers. Phone numbers are used for Signal's initial verification, and they can of course be intercepted or faked. Plus it means that Open Whisper Systems keeps a list of phone numbers on its centralised server for its /"X has joined Signal"/ notification. Even if they're hashed, they're still unique identifiers and rainbow tables for the phone number system probably exist. Phone numbers are convenient for some users, but are also a non-trivial security risk. If you're using Signal then consider what it knows about who your contacts are, where that data is located and who else might have access to that. Consider what might happen if an adversary gets to know your mobile number.
-
    • 
-
  • It's based on a single server run by Open Whisper Systems. That's a single point of failure and ought to be a big red flag (of the sporting rather than the socialist variety) as a possible locus for concentrated nefariousness.
-
    • 
-
  • It requires the installation of Google Play. If you already have Google Play installed on a stock Android OS then this doesn't increase your security problems, but for other more secure Android variants it's a massive increase in attack surface. There is a separate apk available for download, but it won't receive updates and the hash shown on the site often doesn't match.
-
    • 
-
  • It depends entirely upon the Google message pushing system. That means that Google at least knows who Signal messages are being sent to and may be able to infer the rest via your (insecure) Android phone contact list or via timing correlation of alternating deliveries. Remember that for an adversary metadata in aggregate is much better than having the content of messages. At any time Google could decide that it doesn't want to support Signal, or in adverse circumstances they could be leaned upon by the usual agencies or government cronies.
-
    • 
-
  • Their privacy policy indicates that they will give whatever server data they have to third parties under some conditions. Of course this is always claimed to be for the very best of reasons - such as combating fraud - but once that sort of disclosure capability exists it may be abused without you ever knowing about it. Consider how difficult, or not, it may be for a government to reverse engineer a database of hashed telephone numbers.
-
    • 
-
  • Forking isn't really an option. A fork was tried, but Moxie got annoyed when it still used his server. At the same time the level of interest in federating the server is not detectable with our best intrumentation, and is suspected to be negative. That's a catch 22 which effectively means that independent implementations of Signal will always leave some users unable to communicate with each other.
-
    • 
+
  • It uses phone numbers. Phone numbers are used for Signal's initial verification, and they can of course be intercepted or faked. Plus it means that Open Whisper Systems keeps a list of phone numbers on its centralised server for its "X has joined Signal" notification. Even if they're hashed, they're still unique identifiers and rainbow tables for the phone number system probably exist. Phone numbers are convenient for some users, but are also a non-trivial security risk. If you're using Signal then consider what it knows about who your contacts are, where that data is located and who else might have access to that. Consider what might happen if an adversary gets to know your mobile number.
    • 
+
  • It's based on a single server run by Open Whisper Systems. That's a single point of failure and ought to be a big red flag (of the sporting rather than the socialist variety) as a possible locus for concentrated nefariousness.
    • 
+
  • It requires the installation of Google Play. If you already have Google Play installed on a stock Android OS then this doesn't increase your security problems, but for other more secure Android variants it's a massive increase in attack surface. There is a separate apk available for download, but it won't receive updates and the hash shown on the site often doesn't match.
    • 
+
  • It depends entirely upon the Google message pushing system. That means that Google at least knows who Signal messages are being sent to and may be able to infer the rest via your (insecure) Android phone contact list or via timing correlation of alternating deliveries. Remember that for an adversary metadata in aggregate is much better than having the content of messages. At any time Google could decide that it doesn't want to support Signal, or in adverse circumstances they could be leaned upon by the usual agencies or government cronies.
    • 
+
  • Their privacy policy indicates that they will give whatever server data they have to third parties under some conditions. Of course this is always claimed to be for the very best of reasons - such as combating fraud - but once that sort of disclosure capability exists it may be abused without you ever knowing about it. Consider how difficult, or not, it may be for a government to reverse engineer a database of hashed telephone numbers.
    • 
+
  • Forking isn't really an option. A fork was tried, but Moxie got annoyed when it still used his server. At the same time the level of interest in federating the server is not detectable with our best intrumentation, and is suspected to be negative. That's a catch 22 which effectively means that independent implementations of Signal will always leave some users unable to communicate with each other.
    • 
 

 
 

@@ -616,9 +690,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
 

 

 

-

-
What is the most secure chat app to use on mobile?

-

+

+
What is the most secure chat app to use on mobile?

+

 

 On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
 

@@ -628,19 +702,18 @@ The current safest way to chat is to use Conv
 

 
 

-There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
+There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
 

 

 

-

-
How do I remove a user from the system?

-

+

+
How do I remove a user from the system?

+

 

 To remove a user:
 

 
 

-
 
ssh username@mydomainname -p 2222
 

 

@@ -650,9 +723,9 @@ Select Administrator controls then Manage Users and then Delete
 

 

 

-

-
Why is logging for web sites turned off by default?

-

+

+
Why is logging for web sites turned off by default?

+

 

 If you're making profits out of the logs by running large server warehouses and then data mining what users click on - as is the business model of well known internet companies - then logging everything makes total sense. However, if you're running a home server then logging really only makes sense if you're trying to diagnose some specific problem with the system, and outside of that context logging everything becomes more of a liability than an asset.
 

@@ -666,15 +739,14 @@ On the Freedombone system web logs containing IP addresses are turned off by def
 

 

 

-

-
How do I reset the tripwire?

-

+

+
How do I reset the tripwire?

+

 

 The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
 

 
 

-
 
ssh username@mydomain -p 2222
 

 

@@ -684,9 +756,9 @@ Select Administrator controls then "reset tripwire" using cursors and spa
 

 

 

-

-
Is metadata protected?

-

+

+
Is metadata protected?

+

 

 

 "We kill people based on metadata"
@@ -702,11 +774,10 @@ Even when using Freedombone metadata analysis by third parties is still possible
 

 

 

-

-
How do I create email processing rules?

-

+

+
How do I create email processing rules?

+

 

-
 
ssh username@domainname -p 2222
 

 

@@ -719,39 +790,39 @@ Select Administrator controls then Email Filtering Rules then you
 
 
 
-
+
 
-
+
 
 
 
-freedombone-addlist
-Adds a mailing list
+freedombone-addlist
+Adds a mailing list
 
 
 
-freedombone-rmlist
-Removes a mailing list
+freedombone-rmlist
+Removes a mailing list
 
 
 
-freedombone-addemail
-Transfers emails from an address to a given folder
+freedombone-addemail
+Transfers emails from an address to a given folder
 
 
 
-freedombone-rmemail
-Removes an email transferal rule
+freedombone-rmemail
+Removes an email transferal rule
 
 
 
-freedombone-ignore
-Ignores email from an address or with a subject line containing text
+freedombone-ignore
+Ignores email from an address or with a subject line containing text
 
 
 
-freedombone-unignore
-Removes an ignore rule
+freedombone-unignore
+Removes an ignore rule
 
 
 
@@ -761,15 +832,14 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
 

 

 

-

-
Why isn't dynamic DNS working?

-

+

+
Why isn't dynamic DNS working?

+

 

 If you run the command:
 

 
 

-
 
systemctl status inadyn
 

 

@@ -779,7 +849,6 @@ And see some error related to checking for changes in the IP address then you ca
 

 
 

-
 
https://check.torproject.org/
 https://www.whatsmydns.net/whats-my-ip-address.html
 https://www.privateinternetaccess.com/pages/whats-my-ip/
@@ -788,15 +857,14 @@ https://www.privateinternetaccess.com/pages/whats-my-ip/
 

 

 
-

-
How do I change my encryption settings?

-

+

+
How do I change my encryption settings?

+

 

 Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
 

 
 

-
 
ssh myusername@mydomain -p 2222
 

 

@@ -806,9 +874,9 @@ Select Administrator controls then select Security Settings. You w
 

 

 

-

-
How do I get a domain name?

-

+

+
How do I get a domain name?

+

 

 Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
 

@@ -818,7 +886,6 @@ Remove any existing nameservers for your domain (or select "custom" nameservers)
 

 
 

-
 
NS1.AFRAID.ORG
 NS2.AFRAID.ORG
 NS3.AFRAID.ORG
@@ -839,7 +906,6 @@ To route email to one of your freedns domains:
 

 
 

-
 
editor /etc/mailname
 

 

@@ -849,7 +915,6 @@ Add any extra domains which you own, then save and exit.
 

 
 

-
 
editor /etc/exim4/update-exim4.conf.conf
 

 

@@ -863,7 +928,6 @@ Save and exit, then restart exim.
 

 
 

-
 
update-exim4.conf.template -r
 update-exim4.conf
 service exim4 restart
@@ -876,15 +940,14 @@ You should now be able to send an email from postmaster@mynewdomainname a
 

 

 
-

-
How do I get a "real" SSL/TLS/HTTPS certificate?

-

+

+
How do I get a "real" SSL/TLS/HTTPS certificate?

+

 

 If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
 

 
 

-
 
ssh username@mydomainname -p 2222
 

 

@@ -898,9 +961,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
 

 

 

-

-
How do I renew a Let's Encrypt certificate?

-

+

+
How do I renew a Let's Encrypt certificate?

+

 

 Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
 

@@ -910,7 +973,6 @@ If you need to manually renew a certificate:
 

 
 

-
 
ssh username@mydomainname -p 2222
 

 

@@ -920,15 +982,14 @@ Select Administrator controls then Security settings then Renew
 

 

 

-

-
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

-

+

+
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

+

 

 Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
 

 
 

-
 
ssh username@mydomainname -p 2222
 

 

@@ -938,17 +999,17 @@ Select Administrator controls then Security settings then Creat
 

 

 

-

-
Why not use the services of $company instead? They took the Seppuku pledge

-

+

+
Why not use the services of $company instead? They took the Seppuku pledge

+

 

-That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
+That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
 

 

 

-

-
Why does my email keep getting rejected as spam by Gmail/etc?

-

+

+
Why does my email keep getting rejected as spam by Gmail/etc?

+

 

 Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
 

@@ -958,7 +1019,6 @@ Often ISPs will run their own SMTP mail server which you can use for proxying, t
 

 
 

-
 
ssh username@mydomainname -p 2222
 

 

@@ -980,9 +1040,9 @@ So the situation with email presently is pretty bad, and there's a clear selecti
 

 

 

-

-
Tor is censored/blocked in my area. What can I do?

-

+

+
Tor is censored/blocked in my area. What can I do?

+

 

 If you can find some details for an obfs4 Tor bridge (its IP address, port number and key or nickname) then you can set up the system to use it to connect to the Tor network. Unlike relay nodes the IP addresses for bridges are not public information and so can't be easily known and added to block lists by authoritarian regimes or over-zealous ISPs.
 

@@ -1007,9 +1067,9 @@ You can also set your system to act as a Tor bridge, although this is not recomm
 

 

 
-

-
I want to block a particular domain from getting its content into my social network sites

-

+

+
I want to block a particular domain from getting its content into my social network sites

+

 

 If you're being pestered by some domain which contains bad/illegal/harrassing content or irritating users you can block domains at the firewall level. Go to the administrator control panel and select domain blocking. You can then block, unblock and view the list of blocked domains.
 

@@ -1024,9 +1084,9 @@ Select Administrator controls then Domain blocking.
 

 

 
-

-
The mesh system doesn't boot from USB drive

-

+

+
The mesh system doesn't boot from USB drive

+

 

 If the system doesn't boot and reports an error which includes /dev/mapper/loop0p1 then reboot with Ctrl-Alt-Del and when you see the grub menu press e and manually change /dev/mapper/loop0p1 to /dev/sdb1, then press Ctrl-x. If that doesn't work then reboot and try /dev/sdc1 instead.
 

@@ -1036,14 +1096,9 @@ After the system has booted successfully the problem should resolve itself on su
 

 
 
-

-

-<center>
-Return to the <a href="index.html">home page</a>
-</center>
-

-
-

+

+Return to the home page
+

 
 
 

From aa86705e8088181c86a2306e96a487e67a87dbf6 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 15:13:16 +0100
Subject: [PATCH 103/133] Note about network restart on mesh

---
 doc/EN/faq.org      |   4 +
 website/EN/faq.html | 285 +++++++++++++++++++++++---------------------
 2 files changed, 153 insertions(+), 136 deletions(-)

diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index a0c25250..8e17ace2 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -49,6 +49,7 @@
 | [[Tor is censored/blocked in my area. What can I do?]]                                        |
 | [[I want to block a particular domain from getting its content into my social network sites]] |
 | [[The mesh system doesn't boot from USB drive]]                                               |
+| [[Mesh system doesn't connect to the network]]                                                |
 
 #+END_CENTER
 
@@ -363,3 +364,6 @@ Return to the home page
 
 #+attr_html: :width 10% :height 2% :align center
 [[file:fdl-1.3.txt][file:images/gfdl.png]]
+
+* Mesh system doesn't connect to the network
+Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the *network restart* icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
diff --git a/website/EN/faq.html b/website/EN/faq.html
index 2eb4ca0d..df883977 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -262,147 +262,151 @@ for the JavaScript code in this tag.
 
 
 
-What applications are supported?
+What applications are supported?
 
 
 
-I don't have a static IP address. Can I still install this system?
+I don't have a static IP address. Can I still install this system?
 
 
 
-Why Freedombone and not FreedomBox?
+Why Freedombone and not FreedomBox?
 
 
 
-Why not support building images for Raspberry Pi?
+Why not support building images for Raspberry Pi?
 
 
 
-Why use Tor? I've heard it's used by bad people
+Why use Tor? I've heard it's used by bad people
 
 
 
-How is Tor integrated with Freedombone?
+How is Tor integrated with Freedombone?
 
 
 
-Can I add a clearnet domain to an onion build?
+Can I add a clearnet domain to an onion build?
 
 
 
-Why use Github?
+Why use Github?
 
 
 
-After using nmap or other scanning tool I can no longer log in
+After using nmap or other scanning tool I can no longer log in
 
 
 
-Should I upload my GPG keys to keybase.io?
+Should I upload my GPG keys to keybase.io?
 
 
 
-Keys and emails should not be stored on servers. Why do you do that?
+Keys and emails should not be stored on servers. Why do you do that?
 
 
 
-Why can't I access my .onion site with a Tor browser?
+Why can't I access my .onion site with a Tor browser?
 
 
 
-What is the best hardware to run this system on?
+What is the best hardware to run this system on?
 
 
 
-Can I add more users to the system?
+Can I add more users to the system?
 
 
 
-Why not use Signal for mobile chat?
+Why not use Signal for mobile chat?
 
 
 
-What is the most secure chat app to use on mobile?
+What is the most secure chat app to use on mobile?
 
 
 
-How do I remove a user from the system?
+How do I remove a user from the system?
 
 
 
-Why is logging for web sites turned off by default?
+Why is logging for web sites turned off by default?
 
 
 
-How do I reset the tripwire?
+How do I reset the tripwire?
 
 
 
-Is metadata protected?
+Is metadata protected?
 
 
 
-How do I create email processing rules?
+How do I create email processing rules?
 
 
 
-Why isn't dynamic DNS working?
+Why isn't dynamic DNS working?
 
 
 
-How do I change my encryption settings?
+How do I change my encryption settings?
 
 
 
-How do I get a domain name?
+How do I get a domain name?
 
 
 
-How do I get a "real" SSL/TLS/HTTPS certificate?
+How do I get a "real" SSL/TLS/HTTPS certificate?
 
 
 
-How do I renew a Let's Encrypt certificate?
+How do I renew a Let's Encrypt certificate?
 
 
 
-I tried to renew a Let's Encrypt certificate and it failed. What should I do?
+I tried to renew a Let's Encrypt certificate and it failed. What should I do?
 
 
 
-Why not use the services of $company instead? They took the Seppuku pledge
+Why not use the services of $company instead? They took the Seppuku pledge
 
 
 
-Why does my email keep getting rejected as spam by Gmail/etc?
+Why does my email keep getting rejected as spam by Gmail/etc?
 
 
 
-Tor is censored/blocked in my area. What can I do?
+Tor is censored/blocked in my area. What can I do?
 
 
 
-I want to block a particular domain from getting its content into my social network sites
+I want to block a particular domain from getting its content into my social network sites
 
 
 
-The mesh system doesn't boot from USB drive
+The mesh system doesn't boot from USB drive
+
+
+
+Mesh system doesn't connect to the network
 
 
 
 

 
-

-
What applications are supported?

-

+

+
What applications are supported?

+

 

 See here for the complete list of apps. In addition to those as part of the base install you get an email server.
 

 

 

-

-
I don't have a static IP address. Can I still install this system?

-

+

+
I don't have a static IP address. Can I still install this system?

+

 

 Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
 

@@ -412,17 +416,17 @@ The lack of a static IP address can be worked around by using a dynamic DNS serv
 

 

 

-

-
Why Freedombone and not FreedomBox?

-

+

+
Why Freedombone and not FreedomBox?

+

 

 When the project began in late 2013 the FreedomBox project seemed to be going nowhere, and was only designed to work with the DreamPlug hardware. There was some new hardware out - the Beaglebone Black - which could run Debian and was also a free hardware design so seemed more appropriate. Hence the name "Freedombone", being like FreedomBox but on a Beaglebone. There are some similarities and differences between the two projects:
 

 

 
-

-
Similarities

-

+

+
Similarities

+

 
    
 
  • Uses freedom-maker and vmdebootstrap to build debian images
    • 
 
  • Supports the use of Tor onion addresses to access websites
    • 
@@ -436,9 +440,9 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
 

 

 

-

-
Differences

-

+

+
Differences

+

 
    
 
  • FreedomBox is a Debian pure blend. Freedombone is not
    • 
 
  • Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
    • 
@@ -453,9 +457,9 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
 

 

 

-

-
Why not support building images for Raspberry Pi?

-

+

+
Why not support building images for Raspberry Pi?

+

 

 The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
 

@@ -465,9 +469,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
 

 

 

-

-
Why use Tor? I've heard it's used by bad people

-

+

+
Why use Tor? I've heard it's used by bad people

+

 

 Years ago Tor was usually depicted in the mainstream media as something scary inhabited by cyberterrorists and other bad cybers, but today to a large extent Tor is accepted as just another way of routing data in a network. Depending upon where you live there may still be some amount of fearmongering about Tor, but it now seems clear that the trajectory is towards general acceptance.
 

@@ -488,9 +492,9 @@ On the negative side it's a complex system which is not fully decentralized.
 

 

 

-

-
How is Tor integrated with Freedombone?

-

+

+
How is Tor integrated with Freedombone?

+

 

 Within this project Tor is used more to provide accessibility than the anonymity factor for which Tor is better known. The onion address system provides a way of being able to access sites even if you don't own a conventional domain name or don't have administrator access to your local internet router to be able to do port forwarding.
 

@@ -508,17 +512,17 @@ Even if you're running the "onion only" build, this only means that sites are ac
 

 

 

-

-
Can I add a clearnet domain to an onion build?

-

+

+
Can I add a clearnet domain to an onion build?

+

 

 You could if you manually edited the relevant nginx configuration files and installed some dynamic DNS system yourself. If you already have sysadmin knowledge then that's probably not too hard. But the builds created with the onion-addresses-only option aren't really intended to support access via clearnet domains.
 

 

 

-

-
Why use Github?

-

+

+
Why use Github?

+

 

 Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
 

@@ -536,17 +540,17 @@ Currently many of the repositories used for applications which are not yet packa
 

 

 

-

-
After using nmap or other scanning tool I can no longer log in

-

+

+
After using nmap or other scanning tool I can no longer log in

+

 

 This system tries to block port scanners. Any other system trying to scan for open ports will have their IP address added to a temporary block list for 24 hours.
 

 

 

-

-
Should I upload my GPG keys to keybase.io?

-

+

+
Should I upload my GPG keys to keybase.io?

+

 

 It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the private keys, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
 

@@ -556,9 +560,9 @@ Saying something resembling "only noobs will use crackable private key passph
 

 

 

-

-
Keys and emails should not be stored on servers. Why do you do that?

-

+

+
Keys and emails should not be stored on servers. Why do you do that?

+

 

 Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
 

@@ -616,9 +620,9 @@ In the home environment a box with a good firewall and no GUI components install
 

 

 
-

-
Why can't I access my .onion site with a Tor browser?

-

+

+
Why can't I access my .onion site with a Tor browser?

+

 

 Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select whitelist and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
 

@@ -628,9 +632,9 @@ Another factor to be aware of is that it can take a while for the onion address
 

 

 

-

-
What is the best hardware to run this system on?

-

+

+
What is the best hardware to run this system on?

+

 

 It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you UPS capability to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
 

@@ -640,9 +644,9 @@ It was originally designed to run on the Beaglebone Black, but that should be re
 

 

 

-

-
Can I add more users to the system?

-

+

+
Can I add more users to the system?

+

 

 Yes. Freedombone can support a small number of users, for a "friends and family" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
 

@@ -665,9 +669,9 @@ Another point is that Freedombone installations are not intended to support many
 

 

 

-

-
Why not use Signal for mobile chat?

-

+

+
Why not use Signal for mobile chat?

+

 

 Celebrities recommend Signal. It's Free Software so it must be good, right?
 

@@ -690,9 +694,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
 

 

 

-

-
What is the most secure chat app to use on mobile?

-

+

+
What is the most secure chat app to use on mobile?

+

 

 On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
 

@@ -702,13 +706,13 @@ The current safest way to chat is to use Conv
 

 
 

-There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
+There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
 

 

 

-

-
How do I remove a user from the system?

-

+

+
How do I remove a user from the system?

+

 

 To remove a user:
 

@@ -723,9 +727,9 @@ Select Administrator controls then Manage Users and then Delete
 

 

 

-

-
Why is logging for web sites turned off by default?

-

+

+
Why is logging for web sites turned off by default?

+

 

 If you're making profits out of the logs by running large server warehouses and then data mining what users click on - as is the business model of well known internet companies - then logging everything makes total sense. However, if you're running a home server then logging really only makes sense if you're trying to diagnose some specific problem with the system, and outside of that context logging everything becomes more of a liability than an asset.
 

@@ -739,9 +743,9 @@ On the Freedombone system web logs containing IP addresses are turned off by def
 

 

 

-

-
How do I reset the tripwire?

-

+

+
How do I reset the tripwire?

+

 

 The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
 

@@ -756,9 +760,9 @@ Select Administrator controls then "reset tripwire" using cursors and spa
 

 

 

-

-
Is metadata protected?

-

+

+
Is metadata protected?

+

 

 

 "We kill people based on metadata"
@@ -774,9 +778,9 @@ Even when using Freedombone metadata analysis by third parties is still possible
 

 

 

-

-
How do I create email processing rules?

-

+

+
How do I create email processing rules?

+

 

 
ssh username@domainname -p 2222
 

@@ -832,9 +836,9 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
 

 

 

-

-
Why isn't dynamic DNS working?

-

+

+
Why isn't dynamic DNS working?

+

 

 If you run the command:
 

@@ -857,9 +861,9 @@ https://www.privateinternetaccess.com/pages/whats-my-ip/
 

 

 
-

-
How do I change my encryption settings?

-

+

+
How do I change my encryption settings?

+

 

 Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
 

@@ -874,9 +878,9 @@ Select Administrator controls then select Security Settings. You w
 

 

 

-

-
How do I get a domain name?

-

+

+
How do I get a domain name?

+

 

 Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
 

@@ -940,9 +944,9 @@ You should now be able to send an email from postmaster@mynewdomainname a
 

 

 
-

-
How do I get a "real" SSL/TLS/HTTPS certificate?

-

+

+
How do I get a "real" SSL/TLS/HTTPS certificate?

+

 

 If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
 

@@ -961,9 +965,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
 

 

 

-

-
How do I renew a Let's Encrypt certificate?

-

+

+
How do I renew a Let's Encrypt certificate?

+

 

 Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
 

@@ -982,9 +986,9 @@ Select Administrator controls then Security settings then Renew
 

 

 

-

-
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

-

+

+
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

+

 

 Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
 

@@ -999,17 +1003,17 @@ Select Administrator controls then Security settings then Creat
 

 

 

-

-
Why not use the services of $company instead? They took the Seppuku pledge

-

+

+
Why not use the services of $company instead? They took the Seppuku pledge

+

 

 That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
 

 

 

-

-
Why does my email keep getting rejected as spam by Gmail/etc?

-

+

+
Why does my email keep getting rejected as spam by Gmail/etc?

+

 

 Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
 

@@ -1040,9 +1044,9 @@ So the situation with email presently is pretty bad, and there's a clear selecti
 

 

 

-

-
Tor is censored/blocked in my area. What can I do?

-

+

+
Tor is censored/blocked in my area. What can I do?

+

 

 If you can find some details for an obfs4 Tor bridge (its IP address, port number and key or nickname) then you can set up the system to use it to connect to the Tor network. Unlike relay nodes the IP addresses for bridges are not public information and so can't be easily known and added to block lists by authoritarian regimes or over-zealous ISPs.
 

@@ -1067,9 +1071,9 @@ You can also set your system to act as a Tor bridge, although this is not recomm
 

 

 
-

-
I want to block a particular domain from getting its content into my social network sites

-

+

+
I want to block a particular domain from getting its content into my social network sites

+

 

 If you're being pestered by some domain which contains bad/illegal/harrassing content or irritating users you can block domains at the firewall level. Go to the administrator control panel and select domain blocking. You can then block, unblock and view the list of blocked domains.
 

@@ -1084,9 +1088,9 @@ Select Administrator controls then Domain blocking.
 

 

 
-

-
The mesh system doesn't boot from USB drive

-

+

+
The mesh system doesn't boot from USB drive

+

 

 If the system doesn't boot and reports an error which includes /dev/mapper/loop0p1 then reboot with Ctrl-Alt-Del and when you see the grub menu press e and manually change /dev/mapper/loop0p1 to /dev/sdb1, then press Ctrl-x. If that doesn't work then reboot and try /dev/sdc1 instead.
 

@@ -1108,6 +1112,15 @@ Return to the home page
 

 

 

+
+

+
Mesh system doesn't connect to the network

+

+

+Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the network restart icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
+

+

+

 

 

 

From 68dcef2a26ae6e5daefcb97a900f279c7a019b0c Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 15:14:58 +0100
Subject: [PATCH 104/133] faq footer

---
 doc/EN/faq.org      |  12 +-
 website/EN/faq.html | 296 ++++++++++++++++++++++----------------------
 2 files changed, 147 insertions(+), 161 deletions(-)

diff --git a/doc/EN/faq.org b/doc/EN/faq.org
index 8e17ace2..3835aaf2 100644
--- a/doc/EN/faq.org
+++ b/doc/EN/faq.org
@@ -354,16 +354,8 @@ If the system doesn't boot and reports an error which includes */dev/mapper/loop
 
 After the system has booted successfully the problem should resolve itself on subsequent reboots.
 
-
-#+BEGIN_EXPORT html
-

-Return to the home page
-

-#+END_EXPORT
-
+* Mesh system doesn't connect to the network
+Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the *network restart* icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
 
 #+attr_html: :width 10% :height 2% :align center
 [[file:fdl-1.3.txt][file:images/gfdl.png]]
-
-* Mesh system doesn't connect to the network
-Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the *network restart* icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
diff --git a/website/EN/faq.html b/website/EN/faq.html
index df883977..bcce05a3 100644
--- a/website/EN/faq.html
+++ b/website/EN/faq.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -262,151 +262,151 @@ for the JavaScript code in this tag.
 
 
 
-What applications are supported?
+What applications are supported?
 
 
 
-I don't have a static IP address. Can I still install this system?
+I don't have a static IP address. Can I still install this system?
 
 
 
-Why Freedombone and not FreedomBox?
+Why Freedombone and not FreedomBox?
 
 
 
-Why not support building images for Raspberry Pi?
+Why not support building images for Raspberry Pi?
 
 
 
-Why use Tor? I've heard it's used by bad people
+Why use Tor? I've heard it's used by bad people
 
 
 
-How is Tor integrated with Freedombone?
+How is Tor integrated with Freedombone?
 
 
 
-Can I add a clearnet domain to an onion build?
+Can I add a clearnet domain to an onion build?
 
 
 
-Why use Github?
+Why use Github?
 
 
 
-After using nmap or other scanning tool I can no longer log in
+After using nmap or other scanning tool I can no longer log in
 
 
 
-Should I upload my GPG keys to keybase.io?
+Should I upload my GPG keys to keybase.io?
 
 
 
-Keys and emails should not be stored on servers. Why do you do that?
+Keys and emails should not be stored on servers. Why do you do that?
 
 
 
-Why can't I access my .onion site with a Tor browser?
+Why can't I access my .onion site with a Tor browser?
 
 
 
-What is the best hardware to run this system on?
+What is the best hardware to run this system on?
 
 
 
-Can I add more users to the system?
+Can I add more users to the system?
 
 
 
-Why not use Signal for mobile chat?
+Why not use Signal for mobile chat?
 
 
 
-What is the most secure chat app to use on mobile?
+What is the most secure chat app to use on mobile?
 
 
 
-How do I remove a user from the system?
+How do I remove a user from the system?
 
 
 
-Why is logging for web sites turned off by default?
+Why is logging for web sites turned off by default?
 
 
 
-How do I reset the tripwire?
+How do I reset the tripwire?
 
 
 
-Is metadata protected?
+Is metadata protected?
 
 
 
-How do I create email processing rules?
+How do I create email processing rules?
 
 
 
-Why isn't dynamic DNS working?
+Why isn't dynamic DNS working?
 
 
 
-How do I change my encryption settings?
+How do I change my encryption settings?
 
 
 
-How do I get a domain name?
+How do I get a domain name?
 
 
 
-How do I get a "real" SSL/TLS/HTTPS certificate?
+How do I get a "real" SSL/TLS/HTTPS certificate?
 
 
 
-How do I renew a Let's Encrypt certificate?
+How do I renew a Let's Encrypt certificate?
 
 
 
-I tried to renew a Let's Encrypt certificate and it failed. What should I do?
+I tried to renew a Let's Encrypt certificate and it failed. What should I do?
 
 
 
-Why not use the services of $company instead? They took the Seppuku pledge
+Why not use the services of $company instead? They took the Seppuku pledge
 
 
 
-Why does my email keep getting rejected as spam by Gmail/etc?
+Why does my email keep getting rejected as spam by Gmail/etc?
 
 
 
-Tor is censored/blocked in my area. What can I do?
+Tor is censored/blocked in my area. What can I do?
 
 
 
-I want to block a particular domain from getting its content into my social network sites
+I want to block a particular domain from getting its content into my social network sites
 
 
 
-The mesh system doesn't boot from USB drive
+The mesh system doesn't boot from USB drive
 
 
 
-Mesh system doesn't connect to the network
+Mesh system doesn't connect to the network
 
 
 
 

 
-

-
What applications are supported?

-

+

+
What applications are supported?

+

 

 See here for the complete list of apps. In addition to those as part of the base install you get an email server.
 

 

 

-

-
I don't have a static IP address. Can I still install this system?

-

+

+
I don't have a static IP address. Can I still install this system?

+

 

 Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
 

@@ -416,17 +416,17 @@ The lack of a static IP address can be worked around by using a dynamic DNS serv
 

 

 

-

-
Why Freedombone and not FreedomBox?

-

+

+
Why Freedombone and not FreedomBox?

+

 

 When the project began in late 2013 the FreedomBox project seemed to be going nowhere, and was only designed to work with the DreamPlug hardware. There was some new hardware out - the Beaglebone Black - which could run Debian and was also a free hardware design so seemed more appropriate. Hence the name "Freedombone", being like FreedomBox but on a Beaglebone. There are some similarities and differences between the two projects:
 

 

 
-

-
Similarities

-

+

+
Similarities

+

 
    
 
  • Uses freedom-maker and vmdebootstrap to build debian images
    • 
 
  • Supports the use of Tor onion addresses to access websites
    • 
@@ -440,9 +440,9 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
 

 

 

-

-
Differences

-

+

+
Differences

+

 
    
 
  • FreedomBox is a Debian pure blend. Freedombone is not
    • 
 
  • Freedombone only supports Free Software. FreedomBox includes some closed binary boot blobs for certain ARM boards
    • 
@@ -457,9 +457,9 @@ When the project began in late 2013 the FreedomBox project seemed to be going no
 

 

 

-

-
Why not support building images for Raspberry Pi?

-

+

+
Why not support building images for Raspberry Pi?

+

 

 The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
 

@@ -469,9 +469,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
 

 

 

-

-
Why use Tor? I've heard it's used by bad people

-

+

+
Why use Tor? I've heard it's used by bad people

+

 

 Years ago Tor was usually depicted in the mainstream media as something scary inhabited by cyberterrorists and other bad cybers, but today to a large extent Tor is accepted as just another way of routing data in a network. Depending upon where you live there may still be some amount of fearmongering about Tor, but it now seems clear that the trajectory is towards general acceptance.
 

@@ -492,9 +492,9 @@ On the negative side it's a complex system which is not fully decentralized.
 

 

 

-

-
How is Tor integrated with Freedombone?

-

+

+
How is Tor integrated with Freedombone?

+

 

 Within this project Tor is used more to provide accessibility than the anonymity factor for which Tor is better known. The onion address system provides a way of being able to access sites even if you don't own a conventional domain name or don't have administrator access to your local internet router to be able to do port forwarding.
 

@@ -512,17 +512,17 @@ Even if you're running the "onion only" build, this only means that sites are ac
 

 

 

-

-
Can I add a clearnet domain to an onion build?

-

+

+
Can I add a clearnet domain to an onion build?

+

 

 You could if you manually edited the relevant nginx configuration files and installed some dynamic DNS system yourself. If you already have sysadmin knowledge then that's probably not too hard. But the builds created with the onion-addresses-only option aren't really intended to support access via clearnet domains.
 

 

 

-

-
Why use Github?

-

+

+
Why use Github?

+

 

 Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
 

@@ -540,17 +540,17 @@ Currently many of the repositories used for applications which are not yet packa
 

 

 

-

-
After using nmap or other scanning tool I can no longer log in

-

+

+
After using nmap or other scanning tool I can no longer log in

+

 

 This system tries to block port scanners. Any other system trying to scan for open ports will have their IP address added to a temporary block list for 24 hours.
 

 

 

-

-
Should I upload my GPG keys to keybase.io?

-

+

+
Should I upload my GPG keys to keybase.io?

+

 

 It's not recommended unless there exists some compelling reason for you to be on there. That site asks users to upload the private keys, and even if the keys are client side encrypted with a passphrase there's always the chance that there will be a data leak in future and letter agencies will then have a full time opportunity to crack the passphrases.
 

@@ -560,9 +560,9 @@ Saying something resembling "only noobs will use crackable private key passph
 

 

 

-

-
Keys and emails should not be stored on servers. Why do you do that?

-

+

+
Keys and emails should not be stored on servers. Why do you do that?

+

 

 Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
 

@@ -620,9 +620,9 @@ In the home environment a box with a good firewall and no GUI components install
 

 

 
-

-
Why can't I access my .onion site with a Tor browser?

-

+

+
Why can't I access my .onion site with a Tor browser?

+

 

 Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select whitelist and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
 

@@ -632,9 +632,9 @@ Another factor to be aware of is that it can take a while for the onion address
 

 

 

-

-
What is the best hardware to run this system on?

-

+

+
What is the best hardware to run this system on?

+

 

 It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you UPS capability to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
 

@@ -644,9 +644,9 @@ It was originally designed to run on the Beaglebone Black, but that should be re
 

 

 

-

-
Can I add more users to the system?

-

+

+
Can I add more users to the system?

+

 

 Yes. Freedombone can support a small number of users, for a "friends and family" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
 

@@ -669,9 +669,9 @@ Another point is that Freedombone installations are not intended to support many
 

 

 

-

-
Why not use Signal for mobile chat?

-

+

+
Why not use Signal for mobile chat?

+

 

 Celebrities recommend Signal. It's Free Software so it must be good, right?
 

@@ -694,9 +694,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
 

 

 

-

-
What is the most secure chat app to use on mobile?

-

+

+
What is the most secure chat app to use on mobile?

+

 

 On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
 

@@ -706,13 +706,13 @@ The current safest way to chat is to use Conv
 

 
 

-There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
+There are many other fashionable chat apps with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
 

 

 

-

-
How do I remove a user from the system?

-

+

+
How do I remove a user from the system?

+

 

 To remove a user:
 

@@ -727,9 +727,9 @@ Select Administrator controls then Manage Users and then Delete
 

 

 

-

-
Why is logging for web sites turned off by default?

-

+

+
Why is logging for web sites turned off by default?

+

 

 If you're making profits out of the logs by running large server warehouses and then data mining what users click on - as is the business model of well known internet companies - then logging everything makes total sense. However, if you're running a home server then logging really only makes sense if you're trying to diagnose some specific problem with the system, and outside of that context logging everything becomes more of a liability than an asset.
 

@@ -743,9 +743,9 @@ On the Freedombone system web logs containing IP addresses are turned off by def
 

 

 

-

-
How do I reset the tripwire?

-

+

+
How do I reset the tripwire?

+

 

 The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
 

@@ -760,9 +760,9 @@ Select Administrator controls then "reset tripwire" using cursors and spa
 

 

 

-

-
Is metadata protected?

-

+

+
Is metadata protected?

+

 

 

 "We kill people based on metadata"
@@ -778,9 +778,9 @@ Even when using Freedombone metadata analysis by third parties is still possible
 

 

 

-

-
How do I create email processing rules?

-

+

+
How do I create email processing rules?

+

 

 
ssh username@domainname -p 2222
 

@@ -836,9 +836,9 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
 

 

 

-

-
Why isn't dynamic DNS working?

-

+

+
Why isn't dynamic DNS working?

+

 

 If you run the command:
 

@@ -861,9 +861,9 @@ https://www.privateinternetaccess.com/pages/whats-my-ip/
 

 

 
-

-
How do I change my encryption settings?

-

+

+
How do I change my encryption settings?

+

 

 Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
 

@@ -878,9 +878,9 @@ Select Administrator controls then select Security Settings. You w
 

 

 

-

-
How do I get a domain name?

-

+

+
How do I get a domain name?

+

 

 Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
 

@@ -944,9 +944,9 @@ You should now be able to send an email from postmaster@mynewdomainname a
 

 

 
-

-
How do I get a "real" SSL/TLS/HTTPS certificate?

-

+

+
How do I get a "real" SSL/TLS/HTTPS certificate?

+

 

 If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
 

@@ -965,9 +965,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
 

 

 

-

-
How do I renew a Let's Encrypt certificate?

-

+

+
How do I renew a Let's Encrypt certificate?

+

 

 Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
 

@@ -986,9 +986,9 @@ Select Administrator controls then Security settings then Renew
 

 

 

-

-
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

-

+

+
I tried to renew a Let's Encrypt certificate and it failed. What should I do?

+

 

 Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
 

@@ -1003,17 +1003,17 @@ Select Administrator controls then Security settings then Creat
 

 

 

-

-
Why not use the services of $company instead? They took the Seppuku pledge

-

+

+
Why not use the services of $company instead? They took the Seppuku pledge

+

 

 That pledge is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "on our side". Post-nymwars and post-PRISM we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
 

 

 

-

-
Why does my email keep getting rejected as spam by Gmail/etc?

-

+

+
Why does my email keep getting rejected as spam by Gmail/etc?

+

 

 Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
 

@@ -1044,9 +1044,9 @@ So the situation with email presently is pretty bad, and there's a clear selecti
 

 

 

-

-
Tor is censored/blocked in my area. What can I do?

-

+

+
Tor is censored/blocked in my area. What can I do?

+

 

 If you can find some details for an obfs4 Tor bridge (its IP address, port number and key or nickname) then you can set up the system to use it to connect to the Tor network. Unlike relay nodes the IP addresses for bridges are not public information and so can't be easily known and added to block lists by authoritarian regimes or over-zealous ISPs.
 

@@ -1071,9 +1071,9 @@ You can also set your system to act as a Tor bridge, although this is not recomm
 

 

 
-

-
I want to block a particular domain from getting its content into my social network sites

-

+

+
I want to block a particular domain from getting its content into my social network sites

+

 

 If you're being pestered by some domain which contains bad/illegal/harrassing content or irritating users you can block domains at the firewall level. Go to the administrator control panel and select domain blocking. You can then block, unblock and view the list of blocked domains.
 

@@ -1088,9 +1088,9 @@ Select Administrator controls then Domain blocking.
 

 

 
-

-
The mesh system doesn't boot from USB drive

-

+

+
The mesh system doesn't boot from USB drive

+

 

 If the system doesn't boot and reports an error which includes /dev/mapper/loop0p1 then reboot with Ctrl-Alt-Del and when you see the grub menu press e and manually change /dev/mapper/loop0p1 to /dev/sdb1, then press Ctrl-x. If that doesn't work then reboot and try /dev/sdc1 instead.
 

@@ -1098,12 +1098,15 @@ If the system doesn't boot and reports an error which includes /dev/mapper/lo
 

 After the system has booted successfully the problem should resolve itself on subsequent reboots.
 

+

+

 
-
-

-Return to the home page
-

-
+

+
Mesh system doesn't connect to the network

+

+

+Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the network restart icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
+

 
 
 

@@ -1112,15 +1115,6 @@ Return to the home page
 

 

 

-
-

-
Mesh system doesn't connect to the network

-

-

-Sometimes after boot the mesh system won't connect to other peers on the network. If this happens select the network restart icon and enter the password, which by default is just "freedombone". Wait for a few minutes to see if it connects.
-

-

-

 

 

 

From 765284d9e1304f6b5a2feaf716091eb4cd557ff0 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 18:27:02 +0100
Subject: [PATCH 105/133] Bump pleroma commit

---
 src/freedombone-app-pleroma | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/freedombone-app-pleroma b/src/freedombone-app-pleroma
index 645b4d9d..c41c8483 100755
--- a/src/freedombone-app-pleroma
+++ b/src/freedombone-app-pleroma
@@ -36,7 +36,7 @@ PLEROMA_CODE=
 PLEROMA_PORT=4000
 PLEROMA_ONION_PORT=8011
 PLEROMA_REPO="https://git.pleroma.social/pleroma/pleroma.git"
-PLEROMA_COMMIT='303289d7daac3a51f991bb8603f36628a5d944c1'
+PLEROMA_COMMIT='fef8daa454ab04ac2394e02efcc2b48c1fbad91c'
 PLEROMA_ADMIN_PASSWORD=
 PLEROMA_DIR=/etc/pleroma
 PLEROMA_SECRET_KEY=""

From 14b76b6708a6df060c3b5ec5cc83a6c5a0fb6907 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 19:42:35 +0100
Subject: [PATCH 106/133] Beginning of release documentation

---
 doc/EN/release31.org |  59 +++++++++++++++++++++++++++++++++++++++++++
 img/logo31.png       | Bin 0 -> 3335 bytes
 2 files changed, 59 insertions(+)
 create mode 100644 doc/EN/release31.org
 create mode 100644 img/logo31.png

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
new file mode 100644
index 00000000..367413bf
--- /dev/null
+++ b/doc/EN/release31.org
@@ -0,0 +1,59 @@
+#+TITLE:
+#+AUTHOR: Bob Mottram
+#+EMAIL: bob@freedombone.net
+#+KEYWORDS: freedombone
+#+DESCRIPTION: Version 3.1
+#+OPTIONS: ^:nil toc:nil
+#+HTML_HEAD: 
+
+#+attr_html: :width 100% :align center
+[[file:images/logo31.png]]
+
+Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
+
+ * [[./app_akaunting.html][Akaunting]]: Personal or small business accounts
+ * [[./app_bludit.html][Bludit]]: Painless markdown blogging
+ * [[./app_edith.html][Edith]]: The simplest possible note taking system
+ * [[./app_icecast.html][Icecast]]: Run your own internet radio station
+ * [[./app_peertube.html][PeerTube]]: Peer-to-peer video hosting system
+ * [[./app_pleroma.html][Pleroma]]: Ultra lightweight fediverse instance with Mastodon compatibility
+
+The mesh version now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
+
+* Installation
+
+The simplest way to install is from a pre-made disk image. Images can be [[https://freedombone.net/downloads/v31][downloaded here]]. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
+
+Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
+
+#+BEGIN_SRC bash
+unxz downloadedimagefile.img.xz
+dd bs=1M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync
+#+END_SRC
+
+And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as [[http://gparted.org][Gparted]]. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store.
+
+Plug the microSD or USB drive into the target hardware which you want to use as a server and power on. If you're using an old laptop or netbook as the server then you will need to set the BIOS to boot from USB.
+
+As the system boots for the first time the login is:
+
+#+BEGIN_SRC bash
+username: fbone
+password: freedombone
+#+END_SRC
+
+If you're installing from a microSD card on a single board computer without a screen and keyboard attached then you can ssh into it with:
+
+#+BEGIN_SRC bash
+ssh fbone@freedombone.local -p 2222
+#+END_SRC
+
+Using the initial password "freedombone". If you have trouble accessing the server then make sure you have Avahi installed and [[https://en.wikipedia.org/wiki/Multicast_DNS][mDNS]] enabled.
+
+You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
+
+More detailed installation instructions are linked from [[./index.html][the main site]].
+
+* Upgrading from a previous install
+
+To upgrade from version 3 just go to the *administrator control panel* and select *check for updates*.
diff --git a/img/logo31.png b/img/logo31.png
new file mode 100644
index 0000000000000000000000000000000000000000..12c1ca438356cb2901b4c9ae860d9b85ad563d54
GIT binary patch
literal 3335
zcmahLX*3&HH(hnCQ%2ipLsc-AR#hz#M5mODC9SRYaQ7P+CQc5=CvH8v9mD
zEzwY_VyoDf#L|jAQKCX8X_`;x$9K+rXU_TFJMX=F?!D)|yT2QE+15frR8ABC07$?s
z&FlbxJwOk4
zVFpfJc?2V-ZRL}McH9bWnZAuy{BeRX8?-@&dB#vXkGC*md*wMPEP8MsEQSN5l-=`2VPKyWFr@h$}baLr^tAJkUT84UNe7~Qh(0sdfDw+_mixlpsO
zT;KdKU}CBrh`i_Ryzm}1e61!H_n4{^3;L9vu|dD);rKbd1n3?UPVd37t+9#2NWzx2
zrnUqhvT_GbW|P0CQ{On^23Z@@sNw2Xgz6h_!zDkI`B1PN{t6ukPX~XHWe=b=t$2Pv
zapsNj&-92-E--$r0oi+lPfN!6&^N5VWRegCzvk+L*IwlvuS$R{$B&IKX_Qw5u0i}^
z6{Xq!Wjl48c_4MO@ytpJn*KDTyFZXzqzpO~o|Etmt;Z~^H?MTkf-_F-NZp)x4S~Z_
zwaGR2gXl4eYI_F&a%JYg60Xqrv+mM)2&(cHXxLXd;*c~Q?
z;7-_jAkD-jRp-(j`k~+)!q(bhPIjq*ya!9T_qd};u1msBZiBhJFo9(3mDm#lDnKkPf6H;XD}}P>6lm+Dmpf6#
z4fQ&7Kqo%Ys3=ipoZeg@N3*#Srcg4waegtA#j`&^pBLoyeQv63Ro?u{Qku)q!(DzQ
z4Ky`WTK%)2J+iPX{)}NQ^|6~m93(sxy;2`U?QTZJj3t=vga5G`@%pDi}
z+$dEz_lPqtj;L!!Pz?hd`3QUq&Y6JLiV@gv;xdq#{b_R!MJr||ht$1Po|l}62f6ee
z5AU7)g=5KLMNq&imu)zGsvXZT1F7ELN4a5eN*6vEY@9U^zU_qbKIv{EMT;`)@vU6^
z3{9<`*}1gcJ0B0Jo-wYf4Q~m(j6WsyH2hm$q~=(YK_!d#hjn<;@)4GMxjs(#{^R)jD8?$>5IBW+n0JrY
zc7Hs8H`h}wAp4-)h~w)&2upYI2DkZtK#pGZpbeN9+pVW{Fb^=F`@oHymGP$yyav!=
zHMIryvr^&HUT~LBC%=>{bJ*IBCY3CO^FPz-ZhVO40;y8rDy#SpH9_?iGccLvD#k#F
zDjaLNum2EW>nX|-%hi`Wc!eNl3R9j0>f7*1I)hzE47w9##Wa*5Q5!{tm2LXKCN
zQ*!l{BgeYbJ>XN_5?AWja&E0$(1DzIPWJh&X&9rk>bC`*c}xK(Fg^o`H!)I!k9#K$
zbHO0-&v8WuL?SPsR;&zvo?;~7jNu{=!ba|AAh{2aUztcT8F@ewTiyE5pa$cqYxAv;
zj>Df8)U`HG@WFGdu^HD?8>iJE#MzrnRi&4K5*oRqyHQV`BYzJcUT2ZRX@$d&>fh^>
z7*(};E}t(f!G+3%%GI)goM>%kXBKfBK|aRMATL0-q`cfiJm1|DI$?u_DSrUda}(i(>a-K
z1sMx{88R+v+~~Yry^%vQ2WHoIiyYKX9Y9^Fw4_7k)OssfwDjlai%?dK`RcTdiN=Uy
zTFsTM`sRPVskCs;>oP1Z5Ku$txU@$dUNyF3(yPW+M)r?b=Sn~-D$&{tFQfR54D4>X
zS;qDlcuMr*C%^EnGPSSlTx1y^L7*ri9QKJpi(0>>jKc!#-7a1rx|cfNVNP%|s)D62
zn&&*6RTweo)nuW%Z>%}bJZEY80DK=3tXT0Daq07I@cB{Hxi2cUan3%;AP`f1MsJHuS4sf1y6HZ&R^iV
zKl<}7b?J8Ua3rY#rPG@D!VMD^A;0NYR*I34xA;=?Z!m!!y;2`Ya6yg+%Sz0>3Kg_0RRv{
zp4A5`JgBeLBa-SUFKWpf6k^e2UV=eIWMQ0Yi~_tt!}Zn;mKVYO%tVYdf#F}2{}tH@
zI9t0o#X5VgiA_4$(Oa8bY@OM{YiTx-1gSmLj
z`!V1{I!;%(U(fvz#GkD)CuE5DYIu5!3PEnkvd4u&Da|
z&f?~}Fq&Erkc|=t=s*ESnrq7@SUZB0bNl~S%Kug4-@EEmYpkM#F8EK0vFK5ik$n%{ajpxE~
zY`bXA(Kq-Fr*`J9LG$+B(YRN&@Q^ywyTQ`}8*OtIf8p}=(YJin$MV}recP*SE%dAq
r0&j@Qovly|?-cu&`1~*GzW;Zr7>D1TGlKGIKag;9TeHgFJfr>tM|)8`

literal 0
HcmV?d00001


From 9c882a8fd48d2261c03036cec02924749de82221 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 19:51:39 +0100
Subject: [PATCH 107/133] bdsmail

---
 doc/EN/release31.org | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 367413bf..5d9375a8 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -12,6 +12,7 @@
 Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 
  * [[./app_akaunting.html][Akaunting]]: Personal or small business accounts
+ * [[./app_bdsmail.html][bdsmail]]: Avoid PGP complexity by using email over I2P
  * [[./app_bludit.html][Bludit]]: Painless markdown blogging
  * [[./app_edith.html][Edith]]: The simplest possible note taking system
  * [[./app_icecast.html][Icecast]]: Run your own internet radio station

From 2b140802cf3f49d2f0838d32411356448af57914 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 19:52:42 +0100
Subject: [PATCH 108/133] version number

---
 src/freedombone-client | 2 +-
 src/freedombone-vars   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/freedombone-client b/src/freedombone-client
index 1ebcd7f9..385e2f8f 100755
--- a/src/freedombone-client
+++ b/src/freedombone-client
@@ -40,7 +40,7 @@ ENABLE_MONKEYSPHERE=
 SETUP_CLIENT_APP_NAME=
 
 # Version number of this script
-VERSION="2.00"
+VERSION="3.1"
 
 # get the main project file, so that some values can be extracted
 MAIN_PROJECT_FILE=/usr/local/bin/${PROJECT_NAME}
diff --git a/src/freedombone-vars b/src/freedombone-vars
index 6e0f02e0..6165b3fd 100755
--- a/src/freedombone-vars
+++ b/src/freedombone-vars
@@ -50,7 +50,7 @@ PROJECT_REPO="https://github.com/bashrc/${PROJECT_NAME}"
 INSTALLING_ON_BBB="no"
 
 # Version number of this script
-VERSION="3.00"
+VERSION="3.1"
 
 # if yes then this minimises the number of descisions presented during install
 MINIMAL_INSTALL="yes"

From 9d169b3602cc8a2cadfd16b851a545ee468d693e Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 22:15:47 +0100
Subject: [PATCH 109/133] release document test

---
 doc/EN/index.org          |   2 +-
 doc/EN/release31.org      |   8 +-
 website/EN/release31.html | 363 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 370 insertions(+), 3 deletions(-)
 create mode 100644 website/EN/release31.html

diff --git a/doc/EN/index.org b/doc/EN/index.org
index 24058e04..1ef2e528 100644
--- a/doc/EN/index.org
+++ b/doc/EN/index.org
@@ -15,7 +15,7 @@ You can run Freedombone on an old laptop or a single board computer. See the [[.
 
 Check out the [[./apps.html][list of available apps]] and [[./faq.html][Frequently Asked Questions]] section. Recent developments are also described on [[https://blog.freedombone.net/tag/freedombone][the blog]].
 
-Disk images which can be cloned straight to USB or microSD drives are [[./downloads/current][available here]].
+Disk images which can be cloned straight to USB or microSD drives are [[./downloads/v31][available here]].
 
 If you find bugs, or want to add a new app to this system see the [[./devguide.html][Developers Guide]] and [[./codeofconduct.html][Code of Conduct]]. There is a Matrix chat room available at *#fbone:matrix.freedombone.net*.
 
diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 5d9375a8..4768fe0c 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -19,7 +19,11 @@ Newer and shinier than before, Freedombone release 3.1 rests upon the solid foun
  * [[./app_peertube.html][PeerTube]]: Peer-to-peer video hosting system
  * [[./app_pleroma.html][Pleroma]]: Ultra lightweight fediverse instance with Mastodon compatibility
 
-The mesh version now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
+The [[./mesh.html][mesh version]] now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
+
+With the monopolistic Silicon Valley technology companies facing unprecedented levels of criticism there has never been a better time to avoid all of that and host systems yourself.
+
+The future is decentralized.
 
 * Installation
 
@@ -53,7 +57,7 @@ Using the initial password "freedombone". If you have trouble accessing the serv
 
 You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
 
-More detailed installation instructions are linked from [[./index.html][the main site]].
+More detailed installation instructions are linked from [[./installmethods.html][the main site]].
 
 * Upgrading from a previous install
 
diff --git a/website/EN/release31.html b/website/EN/release31.html
new file mode 100644
index 00000000..39baf773
--- /dev/null
+++ b/website/EN/release31.html
@@ -0,0 +1,363 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

+
+

+

+
+

+
logo31.png
+

+

+
+

+Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
+

+
+
    
+
  • Akaunting: Personal or small business accounts
    • 
+
  • bdsmail: Avoid PGP complexity by using email over I2P
    • 
+
  • Bludit: Painless markdown blogging
    • 
+
  • Edith: The simplest possible note taking system
    • 
+
  • Icecast: Run your own internet radio station
    • 
+
  • PeerTube: Peer-to-peer video hosting system
    • 
+
  • Pleroma: Ultra lightweight fediverse instance with Mastodon compatibility
    • 
+

+
+

+The mesh version now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
+

+
+

+With the monopolistic Silicon Valley technology companies facing unprecedented levels of criticism there has never been a better time to avoid all of that and host systems yourself.
+

+
+

+The future is decentralized.
+

+
+

+
Installation

+

+

+The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
+

+
+

+Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
+

+
+

+
unxz downloadedimagefile.img.xz
+dd bs=1M if=downloadedimagefile.img of=/dev/sdX conv=fdatasync
+

+

+
+

+And wait. It will take a while to copy over. When that's done you might want to increase the partition size on the drive, using a tool such as Gparted. Whether you need to do that will depend upon how many apps you intend to install and how much data they will store.
+

+
+

+Plug the microSD or USB drive into the target hardware which you want to use as a server and power on. If you're using an old laptop or netbook as the server then you will need to set the BIOS to boot from USB.
+

+
+

+As the system boots for the first time the login is:
+

+
+

+
username: fbone
+password: freedombone
+

+

+
+

+If you're installing from a microSD card on a single board computer without a screen and keyboard attached then you can ssh into it with:
+

+
+

+
ssh fbone@freedombone.local -p 2222
+

+

+
+

+Using the initial password "freedombone". If you have trouble accessing the server then make sure you have Avahi installed and mDNS enabled.
+

+
+

+You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
+

+
+

+More detailed installation instructions are linked from the main site.
+

+

+

+
+

+
Upgrading from a previous install

+

+

+To upgrade from version 3 just go to the administrator control panel and select check for updates.
+

+

+

+

+

+
+
+
+

+Back to top | E-mail me
+

+

+
+

From f2e027effefd3211f88b269859b2cd3f2473c5a2 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 22:19:03 +0100
Subject: [PATCH 110/133] Heading size

---
 doc/EN/release31.org      |  2 +-
 website/EN/release31.html | 16 ++++++++--------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 4768fe0c..1a23de34 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -6,7 +6,7 @@
 #+OPTIONS: ^:nil toc:nil
 #+HTML_HEAD: 
 
-#+attr_html: :width 100% :align center
+#+attr_html: :width 80% :height 10% :align center
 [[file:images/logo31.png]]
 
 Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
diff --git a/website/EN/release31.html b/website/EN/release31.html
index 39baf773..581c7368 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -238,7 +238,7 @@ for the JavaScript code in this tag.
 

 
 

-
logo31.png
+
logo31.png
 

 

 
@@ -268,9 +268,9 @@ With the monopolistic Silicon Valley technology companies facing unprecedented l
 The future is decentralized.
 

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
 

@@ -326,9 +326,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From c5a93ce8ce1f5fcd331630582348b5a6f8f7f3f5 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sat, 14 Apr 2018 22:24:07 +0100
Subject: [PATCH 111/133] Number colour

---
 img/logo31.png | Bin 3335 -> 3362 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/img/logo31.png b/img/logo31.png
index 12c1ca438356cb2901b4c9ae860d9b85ad563d54..1503d2c39ba082e30cedf395a6129ef8af75e081 100644
GIT binary patch
delta 3213
zcmZ8jX*3(^)=sO3Y7M6-qNY}GP;E6iM?;KlRgAqg*H~1jxg;V)igT-GVy=qP;Lw&L
zrPNS0)fi$(C1yndr{n+t
zfhzbd18X#GZ7T4YbeK#xi@el3B^z_X;5X58BYdT$PJYe)18FBaeW11Ma@jLqlI
z=viG~?GN;ds@;les|gc~s0YvNA07+_1_VZlq|aT%0RZ~qZ)2jU;@ApFC=I+8$1!a0
zH*P!!DQ$!uiFXKk`j9of^+qM0hZ!M@yyCA!HrbB=RaU*p%RYLxqtyLOHZq!HIBm*X
zr&!HZgw3~xsQ+N!$T8H9SU1Jw>{#`2MA-j^B&#-g1{qLVHh-hCeX(gNBSNh(Wd;z=
z#g(jF@KDN~;~L`&OLXqg$bD@nZ#~8FoMraC)&~08->!8E^rDtc{Tg35#*%`9Z!}hN
zH;K~!ERZ7bT6heeAcpG?Fgb{Fq$q@2(xl6<=9B>cBXzXITG<{)O1Vc6jv18z!5u|h
z=&~?9*n@5kdKEaZ`K)Md^{*x!F`T1oamzK;i4y?*n%CvXiVFZ^6i5dE=t%*^@zP(O
zHc?0PUI1z1WsNb%6#xJNnb3IUVdPbOIF!=MD9Z%@YR}C5rr#Xv$!8y!a0#$^mj@Bb
z%5%=sOf(PayENY;XQ_vJ>gxH~_c1mr+^N(Htk=Nz9q9bveJa+W1u-L8B77bt*XkgcYQ?*p+()dh0<*|d=`4H
zr#!4yVkG*|QgO(h!C=}lXid1KAo-^^s^8o{aq_JTzV0?buVQv+33PamV#)g=o)lAv
z@R4`m9omnX@6pOFOGfB+q7s}+J?e^gYON?+cp)K`!ew=MXgkfIN$#q#)G1jeiY
zPFLJY(voy8H389yJlr=ve43-7=|nB;9ah@leTeEt9==Vd&Pa-oNo^T1V_yIise7)k
z6@_q+aIeteyeY#?wm6)dO|qfLkeU7iQn%{q4R#v@YJNf!p)S&homkU5QHOD5H%&Xe
ztLXR#jmir85vqg#o-tn?<|P4|2p0u^gcPWEmRO9$H_2IdnO(DjifLEpYBu#vh_Q_G
znYex87Mr7vQrTa`S8X^y|-Ge>kv6cGx(Z
zzHlAtVeux6%q&qY45$}flOV?}N;{yuD_1e89if#gXjqj*GD1VTTlEe!!mOmPqHrz-kwDiPitOQL(o?a)vA{(1f9b0o_wRT
z2>^ZWmpD&5?1J0xiVc8mD;&Ncc!XrBWtD=uc~DeX{FL3nXAKy#)L^l)_fUohj$ZOrVTr9pv5CS4#Zjf^$%d10u1R_LFb&
zyGP(=ZH;J^4GZ!;={fLsw#)LZFq3?)FZ4pVUlysJz9uQ7x%UKTV%|`Rv!>kkKkC!p
z4%XOnc(riCO^?i!0YU=ME?4_LXlzb5Id#2Z2?TyxZ0o%OluGIT3VgFbk`O$sDkyh&
zXTvh92&fMk+`=3PZj&7ZKg15^vMx(;X7uP?RZffG*~cZU;G{ffq%KqiPW4I|*#XI%
zA;g!RP>wcmXW-y8IT$?+tpksXL0CV@bKZ}2-dprPD=G^}TQxB|J*-U^cKjHC{Q{g@
zydL;N`T#V~Ny~FmLr<#SAn2{MSsEEFNLlML6}v={$2-E7?jBQ4E$w?+*9k6%RZ%rU
zfg{$iDgNdphwY@j`Deik{$!@&R1&tG<0;`tw!mRFwSs8O&#~jRYL}K4@F^vGV+*Pe
zew)c;eYMp+aA!&8vuWA(#-Zikjz&r9@mEBI*}5*p+A2Pyan|B7i%$)$kk2R9sIk7;
z$@lYMK7T#FO$mG7(0|jEl6;bHJ4n7&$8Sjl^f79fpNu^8;0KqZfr9rps@|ZV4j$k5
z0Pf**=wn<^%tCSG<$?k^bB$WMl(YZEnv^2!e}&13IwJ>t9SAhzJ&bYJWi%cQ3ux^2
zsZzyqPSs~QkX7aDLhUfQVa5RFnxC7)cVWoXd}d>VRg8c2u#y(jEfm6
ze~|ZY=Ig1vA&UX|k;@Mvq9%t>W^c(~3Lf;9@9LOC-Hym9L__>5nPFL=rqY0QMuvuV5*~z=c?Fdt
zpdpK=Y)!BV-rYV`a9Vl@j(RMXK2|4gSVY)RDlfLy%r_oIM#Do?>qzF}7x=4^IkBt+
zCg-e5@3P=j>&ea!vG-|uIHzMN57&n&F+CNErn}=2y+O`O@7p_w*NP)Ew?3%SE$Zp<
z0cFob$KOrb!KyR^U`i`dZq42E@He~i1m~Na?>Fe-e#WiNz;{tjv>zJK;B=x5nK@7r
zZlyMNkgEFPp*XVkTXBk-Z@*187yxO*E^K9swNBzkvq@fV%f7g_y89J7B9FE|*xvcM
z{)k^ARh0ZsZ96G-@oTXEt-5o^!}YIuVUsRc4nH0HSkCDcwH)W%uk1njsVrA8vEeZ*
z&8MlgDdf3JWmxz|hgX#P&D8HZM_O*KxBFKsc@G+&&wZfyDf_~5&ZsU2r!v{{1Zupp
z2EjCY%#MIoLK#b(
z&^!A(`MbgDefju0YN)NmI@1wy0Wy43?8GA_f;2%V0`2b#)Yc8cbXUD^P&KwzL;Tc=
zK$|OeUWMbn0QK&gLPAHiCbF{raOZEguX+98r@neHQ1sZW@Bp58^8NY%0Km%t03hv*
zPiJ^>X{*0dz<;gEuU!7v*xWsDtE0cBI5~OaUlW?ne*r(n?+L$X*}n;IebxCSPv%KY
zi3@V}6GKyYi9VKPd3W;o4I3_`4!;9(R>ke6wur&6<7>YedjjN}HMd3K0}(;s&UAD=`JxeDY@KH3?N
zKIwibIyz6rttco+_X;B)ueG>-G;Bw#Z;=U~%hH(snM5SRIf+D%HeasU!BTD9OhNAj
z?B~@Tun(dOe{_X$7Gf|OJ`2FDTtfA1l*B%)9LY|T)Xi+!`B7_mIN$wh`e4$x;5IzY
z{VErZVbs@E{TVj9okBLj+@T0~oHj=3x8tX3E!kZdZb%iv$RX=gJ}9``Boyqn75{vVA0BkLG1;{P)T06g(xbj#+5x~Q$NQvaqN{n>RuR&GL-
zckG4e>h2hPW&*(4FHhB*PEt)i`*MK`hcm|LwJo;Fif|xh@~+)wax^?|&1S-tvd-m)
o%bjvn
zNamC|A2x@W^Cl*vZ)@%6`(4-X@cwmQ*YjM@d)@c*KF@m>$i~VhJL088&lJR>J^}z@
zFW}}E9I^DZDcd+XG>FRa^lh_w-gfZXu-V?ZZ>?olRqtSY^w39?{I&~@{So~(wn4r+
zdVlL=v`6sO;C?LJ4CRG%JuB)Aj>Tr4A|10uoXZ{#Hg@C#R__d?lIKIK3Tq
zyf@b4;DiXn!TPss5Tf_EEyQ}fiQW{~DrHs)4*=W`{VTlU^g&0R!?nJ2Np4JfW=g2C
zpN(y!Kqc;E=MXWlKk}`1?Rwm*|0gLVHlpyAuKoA`k=7qs_O?=2oyF4P#uOBZ`CFre
z)(xNYLi9F6(j64@O(ek-TR!>*E}r*i)+HI@IYUh}{>MWWFL4@9U3mf{rf(IHg!XuD
zxsG)2MvF=pZHTD6w)EZ$TAO#6)$^TK>^aFg{TPN(X1r>Cr#KM?rYNJENcG4ue6T%c
zIEajcixPMQ)6>5)r_#3tZ%9Q?F|D3C5Rvm|ZO4W@6&1Ph7(64zqeak2Ydc;Q3yRmE=OwtgNu!XnL(h=uFR_?*cZ1S%R
z>IWz60Bb`EHB{AtQ2XFxwB(Pn7z~lcU7-Wv8Q?E6?0&SCHP8Py&b$fkg+B4w1;!uM
zAO|1tX^D7W`i9N-EE1ydk30kL+PnOdm5Gq$gwe4j&9cg%HAn!gyd)=}bf=ax52S83
zoLNal)1QaoyZVC2MJk{}k-3RK(fZ6cbru!Q+Hi)_j^wTJ_YgQNZHuC4sg(P5{l2Uf
zaZhM73A-t=h-PLYs&da|th_8Q7O;~;{~Q!m?p}JV5`V`L8n?rw5IhK5kEEE`ZpOW0aF!pSKyl=ox__nvez4Uzf${qd+v{SQ2^0q8MUA|iS664IJ~BWFUK|FKJ1
z7fM~37L%H?9plzp$O{umCf-Tiv7kc4((=z-*ZYzv2Tq}mZbq3iRm@1gT^A%bOQWI=
zGvoE=f;d`D6)=V3nT_*{SuCEz0s6ckzxP{XMT^Sj50>&=rat!aJ1L-_+TT}v4LTTT5?wbb(Sf`E4?$KBX3weaQDU)a6wBYYfslZSn^fkNJP4=6__Y`wNe{U(@v5+ck8f`SJVDYZoL?$mEV|kPrV1=K*j(v`1tip|elZeOp4|uH)$MAu?x$Y_f
z*%#$b99#b4tdem%XNd4T!S7jEpLf;(;K-H(o_t|@ewk&K-3
zhP%$5`d+5OVe2@VRFxV`#QdT>0u_HDN1Wg;#+8AgljFl}ecsk;8lmR%hEv{zZL~nNVSv&6
zHPA`TqjU~Ea70h{)GDPb{#(On%WcTX#(7Kjd`yZ-@nUuC&tafU-%{@grr-P=qY6BDeVJJ134!
ziAUgU?Gjh=#ByGZZ192H1WwNRttl9zqw>!M-TBZ$PEbN75@%|x4j=PL8sdUMV&CG6
z4v0iuK&@EgjeehGBx6nBB99`5A7&!CkB~o@NKt8dKr&my=Fos9~H>lPbVws={*=(y?R!k*I@go38uxeIxr}KGK?<$fY&1MBeH!JLY7kTYnepH(
zyg_c8LXKC<9}3pKOR)~U>^gH7_qZ}|KhNrroNwqcuB3U=D)eA#Yd-1a^TrCip=Ix*
zl5V}v>a77zqajbR+oECI3(7@KprVM$Fu}zae%?NI)JM;MF>*E%a2g>FUvkT|)ontv
zm45T~T22pjyFvEqT~Yz{0d>9H3*28s;SsS18IYrs*&k&bpU{?Vz+?+}Y&75bEx%Mm
zR9vg(F7ADVG`$#jgRbIFYZ4Ej4)YSO0pDbW&kUu579%iV8G_te+;(S!4*Cr}hwWMr
z(1f*W#BcRg9QxXJFZhW6@qt_f=ajgotplea>eO3+M1(=v1
zM^0)ieCm||LmvKmI;skF7z(hv4KVxEanT2JUMk6}SUXiDYRe&+eM?`aDRwG1tFU_He!P&SHma%A&
z`*=oS*sw>7h3dMw<}&?~rR59odt}+MWUEe`Oc_oKo%)#VDOrafxk4$r{F?v%++w4q
zOnZ(BF~~9&9cW!8aC_#jEK9TRSX-prOf2$$y*lNHlZjUg#GTf=0j+xxGR18^e}U`q
z-0-
zkXO}#a!=}e4SaGf7=TvBLaQ{C_xk*TK9U^?3^Tl7ZC|
z?$`G?1PNfP&IuVJewtoBBKZ=)^zp_GY*jsZQ}O9ZFf
zp2y_Q2w!b6r~dX9cH&m5?tybPeutf1u}pg?gL;fMZQHrQ@s}LF&2vsX?MA@MhKfc1@JXuB+Mu_zwnjNdO++s={ijnyo#n
zm#{ajblBj+v=z7SsRU@AfPL(h_;?YPT5BTgfzGHas!E;M9id}~MV4L@nq3797|xD2
zl%XV<)3Y&mTm@${sGtJ+O`dPb%b4Na;`~VUsYm;E@JdOD{`~{<_^5q;Psi0;Ts+@m
za_hw7XK^bbmGBl`*wZmn?G-O}>kPcI*dB)o;xH(>sgCSgW@yra;)tA75my1ZZe{-4!lE&v$t;mIueO?PEB{Kj1c;+nBq$C
zcl
Date: Sat, 14 Apr 2018 22:27:08 +0100
Subject: [PATCH 112/133] Remove pleroma logo

---
 doc/EN/app_pleroma.org      |   3 -
 website/EN/app_pleroma.html | 184 ++++++++++++++++++++++++++----------
 2 files changed, 134 insertions(+), 53 deletions(-)

diff --git a/doc/EN/app_pleroma.org b/doc/EN/app_pleroma.org
index e2202190..af6b1e9f 100644
--- a/doc/EN/app_pleroma.org
+++ b/doc/EN/app_pleroma.org
@@ -9,9 +9,6 @@
 #+attr_html: :width 80% :height 10% :align center
 [[file:images/logo.png]]
 
-#+attr_html: :width 80% :align center
-[[file:images/pleroma-logo.png]]
-
 #+BEGIN_QUOTE
 "/The way to keep giant companies from sterilizing the Internet is to make their sites irrelevant. If all the cool stuff happens elsewhere, people will follow. We did this with AOL and Prodigy, and we can do it again./" -- Maciej Cegłowski
 #+END_QUOTE
diff --git a/website/EN/app_pleroma.html b/website/EN/app_pleroma.html
index 554fc8a8..632408ae 100644
--- a/website/EN/app_pleroma.html
+++ b/website/EN/app_pleroma.html
@@ -3,26 +3,33 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
+
+
+
+
+
+
-
+
 
 
@@ -97,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -144,19 +236,12 @@ for the JavaScript code in this tag.
 
 

 

-

 
 

 
logo.png
 

 

 
-
-

-
pleroma-logo.png
-

-

-
 

 

 "The way to keep giant companies from sterilizing the Internet is to make their sites irrelevant. If all the cool stuff happens elsewhere, people will follow. We did this with AOL and Prodigy, and we can do it again." – Maciej Cegłowski
@@ -177,15 +262,14 @@ Some general advice about life in the fediverse can b
 

 

 
-

-
Installation

-

+

+
Installation

+

 

 Log into your system with:
 

 
 

-
 
ssh myusername@mydomain -p 2222
 

 

@@ -200,9 +284,9 @@ Select Add/Remove Apps then pleroma. You will then be asked for a
 

 

 
-

-
Initial setup

-

+

+
Initial setup

+

 

 The first thing you'll need to do is register a new account. You can set your profile details and profile image by selecting the small settings icon to the right of your name.
 

@@ -213,9 +297,9 @@ Once you have done that then you can disable further registrations from the A
 

 

 
-

-
Mastodon user interface

-

+

+
Mastodon user interface

+

 

 If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once you have registered an account navigate to /yourpleromadomainname/web and log in.
 

@@ -228,9 +312,9 @@ If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once y
 

 

 
-

-
Mobile apps

-

+

+
Mobile apps

+

 

 It's also possible to use Mastodon apps together with Pleroma, such as Tusky, since it supports the Mastodon API. You may need to install IcecatMobile and set it as your default browser (under Settings/Apps/Menu) in order for the initial oauth registration process to work.
 

@@ -243,9 +327,9 @@ It's also possible to use Mastodon apps together with Pleroma, such as Tusky, si
 

 

 
-

-
Blocking controls

-

+

+
Blocking controls

+

 
 

 
control_panel_blocking.jpg

From 28d044731b2e46b9871f972b889dc5d317df333b Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 10:22:23 +0100
Subject: [PATCH 113/133] Notes about onion email addresses

---
 doc/EN/usage_email.org      |  10 +
 website/EN/usage_email.html | 403 ++++++++++++++++++++++--------------
 2 files changed, 263 insertions(+), 150 deletions(-)

diff --git a/doc/EN/usage_email.org b/doc/EN/usage_email.org
index f032bc5f..b9de785b 100644
--- a/doc/EN/usage_email.org
+++ b/doc/EN/usage_email.org
@@ -35,6 +35,8 @@ From https://motherboard.vice.com/read/email-encryption-is-broken:
 #+BEGIN_QUOTE
 /The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor/
 #+END_QUOTE
+
+A way to avoid these pitfalls altogether is to use onion addresses (see the section below) or [[./app_bdsmail.html][I2P addresses]] for email. These are not so convenient because they use long random strings which aren't memorable as addresses, but they do give a strong assurance that whoever recieves the message is the intended recipient and that emails can't be read passively during their transport across the internet.
 * Add a password to your GPG key
 If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
 
@@ -219,5 +221,13 @@ ssh username@domainname -p 2222
 #+END_SRC
 
 Select /Administrator controls/ then *Email filtering rules* then *Block/Unblock and email address* or *Block/Unblock email with subject line*. Also see the manpage for *freedombone-ignore*.
+* Using onion email addresses
+By default this system comes with the ability to send and receive emails using onion addresses as the domain name. On the *user control panel* if you select *Show your email address* then you should find one ending with /dot onion/. You will also see a QR code for that address, which provides a simple way to transfer it to a mobile phone if necessary.
+
+If you want to give your onion email address to someone else securely then you can use the QR code to transfer it to a phone and copy and paste the address into an encrypted chat app, such as Conversations. Of course they will probably also need to be running Freedombone or some system capable of handling onion email addresses.
+
+When sending email from an onion address it's not strictly necessary to use GPG/PGP. Tor handles the transport security by itself. You can still use it though if you prefer to have an extra layer of message security. You can also still use onion email addresses even if your ISP blocks the typical email ports (25 and 465).
+
+If you don't make your onion email address public then it should be fairly resisent to spam, since spammers won't be able to randomly guess onion addresses (there are far too many), whereas it's a lot easier for them to do that with conventional domain names.
 * Using I2P for email transport
 For the most paranoid use cases it is also possible to use I2P as an email transport mechanism. This will of course require the people you're communicating with to have a similar setup in place. For details see the [[./app_bdsmail.html][bdsmail app]]. An advantage of this is that it's very unlikely that your email will get blocked. The disadvantage is that few others will be capable of receiving email this way, and it's only really usable via the Mutt email client.
diff --git a/website/EN/usage_email.html b/website/EN/usage_email.html
index d3216405..67bdfd5f 100644
--- a/website/EN/usage_email.html
+++ b/website/EN/usage_email.html
@@ -3,26 +3,33 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
+
+
+
+
+
+
-
+
 
 
@@ -97,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -144,7 +236,6 @@ for the JavaScript code in this tag.
 
 

 

-

 
 

 
logo.png
@@ -155,58 +246,58 @@ for the JavaScript code in this tag.
 
 
 
-
+
 
 
 
-Things to be aware of
+Things to be aware of
 
 
 
-A technical note about email transport security
+A technical note about email transport security
 
 
 
-Add a password to your GPG key
+Add a password to your GPG key
 
 
 
-Publishing your GPG public key
+Publishing your GPG public key
 
 
 
-Mutt email client
+Mutt email client
 
 
 
-Thunderbird/Icedove
+Thunderbird/Icedove
 
 
 
-Android apps
+Android apps
 
 
 
-Subscribing to mailing lists
+Subscribing to mailing lists
 
 
 
-Adding email addresses to a group/folder
+Adding email addresses to a group/folder
 
 
 
-Ignoring incoming emails
+Ignoring incoming emails
 
 
 
-Using I2P for email transport
+Using I2P for email transport
 
 
 
 
-

-
Things to be aware of

-

+

+
Things to be aware of

+

 

 Even though this system makes it easy to set up an email server, running your own email system is still not easy and this is mainly due to the huge amount of collatoral damage caused by spammers over a long period of time, which in turn is due to the inherent insecurity of email protocols which enabled spam to become a big problem. Email is still very popular though and most internet services require that you have an email address in order to register.
 

@@ -220,9 +311,9 @@ So if you want to use your own email address hosted on your own system you do ne
 

 

 

-

-
A technical note about email transport security

-

+

+
A technical note about email transport security

+

 

 Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are possible attacks against STARTTLS in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties.
 

@@ -236,23 +327,26 @@ From http
 The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor
 

 

+
+

+A way to avoid these pitfalls altogether is to use onion addresses (see the section below) or I2P addresses for email. These are not so convenient because they use long random strings which aren't memorable as addresses, but they do give a strong assurance that whoever recieves the message is the intended recipient and that emails can't be read passively during their transport across the internet.
+

 

 

-

-
Add a password to your GPG key

-

+

+
Add a password to your GPG key

+

 

 If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
 

 
 

-
 
ssh username@domainname -p 2222
 gpg --edit-key username@domain
 passwd
 save
 quit
-exit
+exit
 

 

 
@@ -262,25 +356,24 @@ Having a password on your GPG key will prevent someone from reading your email <
 

 

 
-

-
Publishing your GPG public key

-

+

+
Publishing your GPG public key

+

 

 If you havn't already then you should publish your GPG public key so that others can find it.
 

 
 

-
 
ssh username@domainname -p 2222
 gpg --send-keys username@domainname
-exit
+exit
 

 

 

 

-

-
Mutt email client

-

+

+
Mutt email client

+

 
 

 
mutt.jpeg
@@ -292,7 +385,6 @@ Mutt is a terminal based email client which comes already installed onto the Fre
 

 
 

-
 
ssh username@domainname -p 2222
 

 

@@ -313,124 +405,124 @@ Some useful keys to know are:
 
 
 
-
+
 
-
+
 
 
 
-"/"
-Search for text within headers
+"/"
+Search for text within headers
 
 
 
-*
-Move to the last message
+*
+Move to the last message
 
 
 
-TAB
-Move to the next unread message
+TAB
+Move to the next unread message
 
 
 
-d
-Delete a message
+d
+Delete a message
 
 
 
-u
-Undelete a mail which is pending deletion
+u
+Undelete a mail which is pending deletion
 
 
 
-$
-Delete all messages selected and check for new messages
+$
+Delete all messages selected and check for new messages
 
 
 
-a
-Add to the address book
+a
+Add to the address book
 
 
 
-m
-Send a new mail
+m
+Send a new mail
 
 
 
-ESC-m
-Mark all messages as having been read
+ESC-m
+Mark all messages as having been read
 
 
 
-S
-Mark a message as spam
+S
+Mark a message as spam
 
 
 
-H
-Mark a message as ham
+H
+Mark a message as ham
 
 
 
-CTRL-b
-Toggle side bar on/off
+CTRL-b
+Toggle side bar on/off
 
 
 
-CTRL-n
-Next mailbox (on side bar)
+CTRL-n
+Next mailbox (on side bar)
 
 
 
-CTRL-p
-Previous mailbox (on side bar)
+CTRL-p
+Previous mailbox (on side bar)
 
 
 
-CTRL-o
-Open mailbox (on side bar)
+CTRL-o
+Open mailbox (on side bar)
 
 
 
-r
-Reply to an email
+r
+Reply to an email
 
 
 
-L
-Reply to a mailing list email
+L
+Reply to a mailing list email
 
 
 
-]
-Expand or collapse all threads
+]
+Expand or collapse all threads
 
 
 
-[
-Expand of collapse the current thread
+[
+Expand of collapse the current thread
 
 
 
-CTRL-k
-Import a PGP/GPG public key
+CTRL-k
+Import a PGP/GPG public key
 
 
 
-v
-View current email in different formats, such as HTML
+v
+View current email in different formats, such as HTML
 
 
 
-CTRL-u
-View long URLs
+CTRL-u
+View long URLs
 
 
 
-q
-Quit
+q
+Quit
 
 
 
@@ -453,9 +545,9 @@ There is one irksome thing about email within mutt, and that's if you get sent a
 

 

 
-

-
Thunderbird/Icedove

-

+

+
Thunderbird/Icedove

+

 

 Another common way in which you may want to access email is via Thunderbird (also known as Icedove on Debian).  This may be especially useful if you're trying to convert former Windows users who may previously have been using some version of Outlook.
 

@@ -465,9 +557,9 @@ The following instructions should be carried out on the client machines (laptop,
 

 

 
-

-
Initial setup

-

+

+
Initial setup

+

 

 Install Thunderbird and Enigmail.  How you do this just depends upon your distro and software manager or "app store".
 

@@ -493,12 +585,9 @@ The settings should be as follows, substituting mydomainname.com for your
 

 
 
    
-
  • Incoming: IMAP, mydomainname.com, 993, SSL/TLS, Normal Password
-
    • 
-
  • Outgoing: SMTP, mydomainname.com, 465, SSL/TLS, Normal Password
-
    • 
-
  • Username: myusername
-
    • 
+
  • Incoming: IMAP, mydomainname.com, 993, SSL/TLS, Normal Password
    • 
+
  • Outgoing: SMTP, mydomainname.com, 465, SSL/TLS, Normal Password
    • 
+
  • Username: myusername
    • 
 

 
 

@@ -526,15 +615,14 @@ Select "yes" to change default settings.
 

 

 

-

-
Import your GPG keys

-

+

+
Import your GPG keys

+

 

 On the Freedombone export your GPG public and private keys.
 

 
 

-
 
ssh username@domainname -p 2222
 gpg --list-keys username@domainname
 gpg --output ~/public_key.gpg --armor --export KEY_ID
@@ -547,7 +635,6 @@ On your laptop or desktop you can import the keys with:
 

 
 

-
 
scp -P 2222 username@domain:/home/username/*.gpg ~/
 

 

@@ -569,7 +656,6 @@ Remove your exported key files, both on your laptop/desktop and also on the Free
 

 
 

-
 
shred -zu ~/public_key.gpg
 shred -zu ~/private_key.gpg
 

@@ -577,9 +663,9 @@ shred -zu ~/private_key.gpg
 

 

 
-

-
Using for the first time

-

+

+
Using for the first time

+

 

 Click on the Thunderbird menu, which looks like three horizontal bars on the right hand side.
 

@@ -614,9 +700,9 @@ Get into the habit of using email encryption and encourage others to do so.  Rem
 

 

 
-

-
Making folders visible

-

+

+
Making folders visible

+

 

 By default you won't be able to see any folders which you may have created earlier using the mailinglistrule script.  To make folders visible select:
 

@@ -632,23 +718,22 @@ Make sure that "show only subscribed folders" is not checked.  Then click
 

 

 
-

-
Android apps

-

+

+
Android apps

+

 

 Mobile devices have a reputation for being quite insecure, so it's recommended that you don't store emails or GPG keys on your phone. Instead install Mailpile and access your email via the webmail interface.
 

 

 

-

-
Subscribing to mailing lists

-

+

+
Subscribing to mailing lists

+

 

 To subscribe to a mailing list log in as your user (i.e. not the root user).
 

 
 

-
 
ssh username@domainname -p 2222
 

 

@@ -658,15 +743,14 @@ Select Administrator controls then Email filtering rules then A
 

 

 

-

-
Adding email addresses to a group/folder

-

+

+
Adding email addresses to a group/folder

+

 

 Similar to adding mailing list folders you can also add specified email addresses into a group/folder.
 

 
 

-
 
ssh username@domainname -p 2222
 

 

@@ -676,15 +760,14 @@ Select Administrator controls then Email filtering rules then A
 

 

 

-

-
Ignoring incoming emails

-

+

+
Ignoring incoming emails

+

 

 It is possible to ignore incoming emails if they are from a particular email address or if the subject line contains particular text.
 

 
 

-
 
ssh username@domainname -p 2222
 

 

@@ -694,9 +777,29 @@ Select Administrator controls then Email filtering rules then B
 

 

 

-

-
Using I2P for email transport

-

+

+
Using onion email addresses

+

+

+By default this system comes with the ability to send and receive emails using onion addresses as the domain name. On the user control panel if you select Show your email address then you should find one ending with dot onion. You will also see a QR code for that address, which provides a simple way to transfer it to a mobile phone if necessary.
+

+
+

+If you want to give your onion email address to someone else securely then you can use the QR code to transfer it to a phone and copy and paste the address into an encrypted chat app, such as Conversations. Of course they will probably also need to be running Freedombone or some system capable of handling onion email addresses.
+

+
+

+When sending email from an onion address it's not strictly necessary to use GPG/PGP. Tor handles the transport security by itself. You can still use it though if you prefer to have an extra layer of message security. You can also still use onion email addresses even if your ISP blocks the typical email ports (25 and 465).
+

+
+

+If you don't make your onion email address public then it should be fairly resisent to spam, since spammers won't be able to randomly guess onion addresses (there are far too many), whereas it's a lot easier for them to do that with conventional domain names.
+

+

+

+

+
Using I2P for email transport

+

 

 For the most paranoid use cases it is also possible to use I2P as an email transport mechanism. This will of course require the people you're communicating with to have a similar setup in place. For details see the bdsmail app. An advantage of this is that it's very unlikely that your email will get blocked. The disadvantage is that few others will be capable of receiving email this way, and it's only really usable via the Mutt email client.
 


From 81ecf85707590e0e970be6676afc3457d78904cc Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 10:26:39 +0100
Subject: [PATCH 114/133] Link to email

---
 doc/EN/release31.org      |  2 +-
 website/EN/release31.html | 16 ++++++++--------
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 1a23de34..88ee98ae 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -9,7 +9,7 @@
 #+attr_html: :width 80% :height 10% :align center
 [[file:images/logo31.png]]
 
-Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
+Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use [[./usage_email.html][email with onion and I2P addresses]]. New apps are:
 
  * [[./app_akaunting.html][Akaunting]]: Personal or small business accounts
  * [[./app_bdsmail.html][bdsmail]]: Avoid PGP complexity by using email over I2P
diff --git a/website/EN/release31.html b/website/EN/release31.html
index 581c7368..06018b03 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -243,7 +243,7 @@ for the JavaScript code in this tag.
 

 
 

-Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
+Newer and shinier than before, Freedombone release 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 

 
 
 
 

-The mesh version now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
+The mesh version now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
 

 
 

@@ -273,9 +273,9 @@ The future is decentralized.
 

 

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
 

@@ -331,9 +331,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From e429663435443ce49293c6ff1b456371dca2ffc2 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 12:10:55 +0100
Subject: [PATCH 126/133] Create directory if needed

---
 src/freedombone-utils-firewall | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall
index fc1ff62f..06d2f98e 100755
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -36,6 +36,9 @@ EXTERNAL_IPV4_ADDRESS=
 function save_firewall_settings {
     iptables-save > /etc/firewall.conf
     ip6tables-save > /etc/firewall6.conf
+    if [ ! -d /etc/network/if-up.d ]; then
+        mkdir /etc/network/if-up.d
+    fi
     printf '#!/bin/sh\n' > /etc/network/if-up.d/iptables
     printf 'iptables-restore < /etc/firewall.conf\n' >> /etc/network/if-up.d/iptables
     printf 'ip6tables-restore < /etc/firewall6.conf\n' >> /etc/network/if-up.d/iptables

From b061d326d3ec892c5fdffc6cd36e95470552d872 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 12:25:56 +0100
Subject: [PATCH 127/133] Mention onion only images

---
 doc/EN/release31.org      |  2 +-
 website/EN/release31.html | 22 +++++++++++-----------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 785906c4..79d2a70d 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -29,7 +29,7 @@ The future is decentralized.
 
 * Installation
 
-The simplest way to install is from a pre-made disk image. Images can be [[https://freedombone.net/downloads/v31][downloaded here]]. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
+The simplest way to install is from a pre-made disk image. Images can be [[https://freedombone.net/downloads/v31][downloaded here]]. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
 
 Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
 
diff --git a/website/EN/release31.html b/website/EN/release31.html
index b47a91e8..0435dcd0 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -242,9 +242,9 @@ for the JavaScript code in this tag.
 

 

 
-

-
Version 3.1

-

+

+
Version 3.1

+

 

 Newer and shinier than before, Freedombone 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 

@@ -273,11 +273,11 @@ The future is decentralized.
 

 

 
-

-
Installation

-

+

+
Installation

+

 

-The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
+The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
 

 
 

@@ -331,9 +331,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From acf91d5a314dcafc572f78480b62a35ecb24ee83 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 14:16:18 +0100
Subject: [PATCH 128/133] blurb

---
 doc/EN/release31.org      |  4 +++-
 website/EN/release31.html | 26 +++++++++++++++-----------
 2 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 79d2a70d..e31fb3cc 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -23,7 +23,9 @@ Newer and shinier than before, [[./index.html][Freedombone]] 3.1 rests upon the
 
 The [[./mesh.html][mesh version]] now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with [[https://libremesh.org][LibreMesh]]. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
 
-With the monopolistic Silicon Valley technology companies facing unprecedented levels of criticism there has never been a better time to avoid all of that and host systems yourself.
+According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
+
+So this is where we make our stand. If the internet falls then so too does freedom.
 
 The future is decentralized.
 
diff --git a/website/EN/release31.html b/website/EN/release31.html
index 0435dcd0..f991adfe 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -242,9 +242,9 @@ for the JavaScript code in this tag.
 

 

 
-

-
Version 3.1

-

+

+
Version 3.1

+

 

 Newer and shinier than before, Freedombone 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 

@@ -264,7 +264,11 @@ The mesh version now supports BMX6, OLSR2 and Babel ro
 

 
 

-With the monopolistic Silicon Valley technology companies facing unprecedented levels of criticism there has never been a better time to avoid all of that and host systems yourself.
+According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
+

+
+

+So this is where we make our stand. If the internet falls then so too does freedom.
 

 
 

@@ -273,9 +277,9 @@ The future is decentralized.
 

 

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
 

@@ -331,9 +335,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From ab354f84081a63544ed70306e3e25c42659f4371 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 16:31:10 +0100
Subject: [PATCH 129/133] Extra commands

---
 doc/EN/release31.org      |  2 ++
 website/EN/release31.html | 24 ++++++++++++++----------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index e31fb3cc..1e08a40e 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -23,6 +23,8 @@ Newer and shinier than before, [[./index.html][Freedombone]] 3.1 rests upon the
 
 The [[./mesh.html][mesh version]] now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with [[https://libremesh.org][LibreMesh]]. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
 
+There is a new [[./socialinstance.html][social instance]] image build option, if you want to be able to rapidly deploy fediverse instances, and a [[./devguide.html][template command]] for quickly adding new apps to the system which automates a lot of the boilerplate.
+
 According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
 
 So this is where we make our stand. If the internet falls then so too does freedom.
diff --git a/website/EN/release31.html b/website/EN/release31.html
index f991adfe..3435a637 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -242,9 +242,9 @@ for the JavaScript code in this tag.
 

 

 
-

-
Version 3.1

-

+

+
Version 3.1

+

 

 Newer and shinier than before, Freedombone 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 

@@ -263,6 +263,10 @@ Newer and shinier than before, Freedombone 3.1 rests
 The mesh version now supports BMX6, OLSR2 and Babel routing protocols on layer 3 and so is protocol compatible with LibreMesh. It also now runs on pure IPv6 and has built in video editor and CryptPad integration for networked collaboration even during times when the internet is not available.
 

 
+

+There is a new social instance image build option, if you want to be able to rapidly deploy fediverse instances, and a template command for quickly adding new apps to the system which automates a lot of the boilerplate.
+

+
 

 According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
 

@@ -277,9 +281,9 @@ The future is decentralized.
 

 

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
 

@@ -335,9 +339,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From 964c2c9c83f1777695ee79b5c574e103f7e9f53f Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 17:04:45 +0100
Subject: [PATCH 130/133] link

---
 doc/EN/release31.org      |  2 +-
 website/EN/release31.html | 22 +++++++++++-----------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 1e08a40e..9555a839 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -25,7 +25,7 @@ The [[./mesh.html][mesh version]] now supports BMX6, OLSR2 and Babel routing pro
 
 There is a new [[./socialinstance.html][social instance]] image build option, if you want to be able to rapidly deploy fediverse instances, and a [[./devguide.html][template command]] for quickly adding new apps to the system which automates a lot of the boilerplate.
 
-According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
+According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed [[https://www.wired.co.uk/article/open-letter-mark-zuckerberg-congress][public criticism]] as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley generally and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
 
 So this is where we make our stand. If the internet falls then so too does freedom.
 
diff --git a/website/EN/release31.html b/website/EN/release31.html
index 3435a637..67d62fe3 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -242,9 +242,9 @@ for the JavaScript code in this tag.
 

 

 
-

-
Version 3.1

-

+

+
Version 3.1

+

 

 Newer and shinier than before, Freedombone 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 

@@ -268,7 +268,7 @@ There is a new social instance image build o
 

 
 

-According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
+According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed public criticism as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley generally and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
 

 
 

@@ -281,9 +281,9 @@ The future is decentralized.
 

 

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
 

@@ -339,9 +339,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From ca581cf141c8a1d0a50b149725d2bf0883d0022b Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 17:07:10 +0100
Subject: [PATCH 131/133] Wording

---
 doc/EN/release31.org      |  2 +-
 website/EN/release31.html | 22 +++++++++++-----------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/doc/EN/release31.org b/doc/EN/release31.org
index 9555a839..9df3bad0 100644
--- a/doc/EN/release31.org
+++ b/doc/EN/release31.org
@@ -27,7 +27,7 @@ There is a new [[./socialinstance.html][social instance]] image build option, if
 
 According to some narratives the open web is dying with the silo companies comprising 80% of web traffic and what remains being pushed into an increasingly marginal corner. But at the same time these colonial occupiers have come under renewed [[https://www.wired.co.uk/article/open-letter-mark-zuckerberg-congress][public criticism]] as they continue to abuse their monopoly powers in ever more egregious ways. 2017 seemed to be a turning point in attitudes towards Silicon Valley generally and there is room for a new kind of movement to get started which is about reclaiming the internet for the common good.
 
-So this is where we make our stand. If the internet falls then so too does freedom.
+This is where we make our stand. If the internet falls then so too does freedom.
 
 The future is decentralized.
 
diff --git a/website/EN/release31.html b/website/EN/release31.html
index 67d62fe3..608226ba 100644
--- a/website/EN/release31.html
+++ b/website/EN/release31.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
+
 
 
 
@@ -242,9 +242,9 @@ for the JavaScript code in this tag.
 

 

 
-

-
Version 3.1

-

+

+
Version 3.1

+

 

 Newer and shinier than before, Freedombone 3.1 rests upon the solid foundation of Debian stable and delivers major new self-hosted apps, improved mesh networking and a new logo. It supports version 3 onion addresses and the ability to use email with onion and I2P addresses. New apps are:
 

@@ -272,7 +272,7 @@ According to some narratives the open web is dying with the silo companies compr
 

 
 

-So this is where we make our stand. If the internet falls then so too does freedom.
+This is where we make our stand. If the internet falls then so too does freedom.
 

 
 

@@ -281,9 +281,9 @@ The future is decentralized.
 

 

 
-

-
Installation

-

+

+
Installation

+

 

 The simplest way to install is from a pre-made disk image. Images can be downloaded here. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere. Or if you don't need clearnet domains and will be using Tor compatible browsers then you can use the "onion only" images where apps will be accessible via an onion address.
 

@@ -339,9 +339,9 @@ More detailed installation instructions are linked from 
-
Upgrading from a previous install

-

+

+
Upgrading from a previous install

+

 

 To upgrade from version 3 just go to the administrator control panel and select check for updates.
 


From c02e6b64799e1f6c0a65f85d1e191bc1d6b4bdc5 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 18:27:05 +0100
Subject: [PATCH 132/133] Switch image links to 3.1

---
 doc/EN/boards.org         |  8 ++++----
 doc/EN/mesh_images.org    | 22 ++++++++--------------
 doc/EN/socialinstance.org |  4 ++--
 3 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/doc/EN/boards.org b/doc/EN/boards.org
index 36c9c818..3d57109e 100644
--- a/doc/EN/boards.org
+++ b/doc/EN/boards.org
@@ -13,10 +13,10 @@
 
 The following ARM boards are supported by the build system. If your board isn't listed here then you may still be able to install Freedombone using [[./armbian.html][Armbian]].
 
- - [[./downloads/current/freedombone-current-beaglebone-armhf.img.xz][beaglebone]]
- - [[./downloads/current/freedombone-current-cubieboard2-armhf.img.xz][cubieboard2]]
- - [[./downloads/current/freedombone-current-cubietruck-armhf.img.xz][cubietruck]]
- - [[./downloads/current/freedombone-current-pcduino3-armhf.img.xz][pcduino3]]
+ - [[./downloads/v31/freedombone-beaglebone-armhf.img.xz][beaglebone]]
+ - [[./downloads/v31/freedombone-cubieboard2-armhf.img.xz][cubieboard2]]
+ - [[./downloads/v31/freedombone-cubietruck-armhf.img.xz][cubietruck]]
+ - [[./downloads/v31/freedombone-pcduino3-armhf.img.xz][pcduino3]]
  - a20-olinuxino-lime
  - a20-olinuxino-lime2
  - a20-olinuxino-micro
diff --git a/doc/EN/mesh_images.org b/doc/EN/mesh_images.org
index 41c5479e..64c16ad8 100644
--- a/doc/EN/mesh_images.org
+++ b/doc/EN/mesh_images.org
@@ -37,11 +37,9 @@ The MultiWriter tool is also available within mesh client images, so that you ca
 
 #+begin_src bash
 sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz
-wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-i386.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-i386.img.xz.sig
 gpg --verify freedombone-meshclient-i386.img.xz.sig
-sha256sum freedombone-meshclient-i386.img.xz
-49391230de6a4f1966db091813deb8f9d93c947677f5483baa52400d7fcba7d3
 unxz freedombone-meshclient-i386.img.xz
 sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
 sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync
@@ -53,11 +51,9 @@ If you're in an emergency and don't have Atheros wifi dongles then there is also
 
 #+begin_src bash
 sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz
-wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-insecure-i386.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-insecure-i386.img.xz.sig
 gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig
-sha256sum freedombone-meshclient-insecure-i386.img.xz
-c11783741e66df5072ffcbef8d9b04260a2298d84e33c72fefa4bb539d094810
 unxz freedombone-meshclient-insecure-i386.img.xz
 sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
 sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync
@@ -73,8 +69,8 @@ The above picture shows a Beaglebone Black with the image copied onto a microSD
 
 #+begin_src bash
 sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz
-wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-mesh_beaglebone-armhf.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-mesh_beaglebone-armhf.img.xz.sig
 gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
 sha256sum freedombone-mesh_beaglebone-armhf.img.xz
 ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2
@@ -93,11 +89,9 @@ First you will need to create an image. On a Debian based system (tested on Debi
 
 #+begin_src bash
 sudo apt-get -y install git wget build-essential
-wget https://freedombone.net/downloads/current/freedombone.tar.gz
-wget https://freedombone.net/downloads/current/freedombone.tar.gz.sig
+wget https://freedombone.net/downloads/v31/freedombone.tar.gz
+wget https://freedombone.net/downloads/v31/freedombone.tar.gz.sig
 gpg --verify freedombone.tar.gz.sig
-sha256sum freedombone.tar.gz
-afbb536564140aa28c6491d45b7474ced5a0b018539ffd3e96b13b242a41792e
 tar -xzvf freedombone.tar.gz
 cd freedombone
 git checkout stretch
diff --git a/doc/EN/socialinstance.org b/doc/EN/socialinstance.org
index 7106503e..a57dd44c 100644
--- a/doc/EN/socialinstance.org
+++ b/doc/EN/socialinstance.org
@@ -27,8 +27,8 @@ Substitute *sdX* with the device name for your USB drive.
 
 #+begin_src bash
 sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-pleroma-amd64.img.xz
-wget https://freedombone.net/downloads/current/freedombone-pleroma-amd64.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-pleroma-amd64.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-pleroma-amd64.img.xz.sig
 gpg --verify freedombone-pleroma-amd64.img.xz.sig
 unxz freedombone-pleroma-amd64.img.xz
 sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8

From 8161704e106728bec7e22d3211109faa06801081 Mon Sep 17 00:00:00 2001
From: Bob Mottram 
Date: Sun, 15 Apr 2018 18:27:48 +0100
Subject: [PATCH 133/133] Switch image links to 3.1

---
 website/EN/boards.html         | 185 ++++++++++++++++++--------
 website/EN/mesh_images.html    | 236 ++++++++++++++++++++++-----------
 website/EN/socialinstance.html | 220 ++++++++++++++++++++----------
 3 files changed, 440 insertions(+), 201 deletions(-)

diff --git a/website/EN/boards.html b/website/EN/boards.html
index c91cb867..efa4c7b3 100644
--- a/website/EN/boards.html
+++ b/website/EN/boards.html
@@ -3,26 +3,33 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
+
+
+
+
+
+
-
+
 
 
@@ -97,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -144,49 +236,36 @@ for the JavaScript code in this tag.
 
 

 

-

 
 

 
logo.png
 

 

 
-

-
Supported ARM boards

-

+

+
Supported ARM boards

+

 

 The following ARM boards are supported by the build system. If your board isn't listed here then you may still be able to install Freedombone using Armbian.
 

 
 
 
 

 The latest image builds can be found here.
 

 
-

-

-<center>
-Return to the <a href="index.html">home page</a>
-</center>
-

-
-

+

+Return to the home page
+

 

 

 

diff --git a/website/EN/mesh_images.html b/website/EN/mesh_images.html
index 6bdba301..7fdd8db9 100644
--- a/website/EN/mesh_images.html
+++ b/website/EN/mesh_images.html
@@ -3,26 +3,33 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
+
+
+
+
+
+
-
+
 
 
@@ -97,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -144,23 +236,23 @@ for the JavaScript code in this tag.
 
 

 

-

 
 

 
logo.png
 

 

 
-

-
Mesh Network: Images

+

+
Mesh Network: Images

 

 
-

-
Pre-built Disk Images

-

-

-
Writing many images quickly

-

+

+
Pre-built Disk Images

+

+

+

+
Writing many images quickly

+

 

 There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the dd command is used for writing to the target drive, but to write to multiple drives you can use a tool such as GNOME MultiWriter.
 

@@ -170,7 +262,6 @@ For example on Arch/Parabola:
 

 
 

-
 
sudo pacman -S gnome-multi-writer
 

 

@@ -180,7 +271,6 @@ Or on Debian based systems:
 

 
 

-
 
sudo apt-get install gnome-multi-writer
 

 

@@ -190,9 +280,9 @@ The MultiWriter tool is also available within mesh client images, so that you ca
 

 

 

-

-
Client images

-

+

+
Client images

+

 
 

 
mesh_netbook.jpg
@@ -204,16 +294,13 @@ The MultiWriter tool is also available within mesh client images, so that you ca
 

 
 

-
 
sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz
-wget https://freedombone.net/downloads/current/freedombone-meshclient-i386.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-i386.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-i386.img.xz.sig
 gpg --verify freedombone-meshclient-i386.img.xz.sig
-sha256sum freedombone-meshclient-i386.img.xz
-49391230de6a4f1966db091813deb8f9d93c947677f5483baa52400d7fcba7d3
 unxz freedombone-meshclient-i386.img.xz
-sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync
+sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=freedombone-meshclient-i386.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -226,31 +313,28 @@ If you're in an emergency and don't have Atheros wifi dongles then there is also
 

 
 

-
 
sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz
-wget https://freedombone.net/downloads/current/freedombone-meshclient-insecure-i386.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-insecure-i386.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-meshclient-insecure-i386.img.xz.sig
 gpg --verify freedombone-meshclient-insecure-i386.img.xz.sig
-sha256sum freedombone-meshclient-insecure-i386.img.xz
-c11783741e66df5072ffcbef8d9b04260a2298d84e33c72fefa4bb539d094810
 unxz freedombone-meshclient-insecure-i386.img.xz
-sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync
+sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=freedombone-meshclient-insecure-i386.img of=/dev/sdX conv=fdatasync
 

 

 

 

 
-

-
Router images

-

+

+
Router images

+

 

 Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
 

 

-

-
Beaglebone Black

-

+

+
Beaglebone Black

+

 
 

 
mesh_router.jpg
@@ -262,15 +346,14 @@ The above picture shows a Beaglebone Black with the image copied onto a microSD
 

 
 

-
 
sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz
-wget https://freedombone.net/downloads/current/freedombone-mesh_beaglebone-armhf.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-mesh_beaglebone-armhf.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-mesh_beaglebone-armhf.img.xz.sig
 gpg --verify freedombone-mesh_beaglebone-armhf.img.xz.sig
 sha256sum freedombone-mesh_beaglebone-armhf.img.xz
 ad8f22c0d46c98a80aa47b5809402971cf5cf26ebf587c59a667307b2386c3d2
 unxz freedombone-mesh_beaglebone-armhf.img.xz
-sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync
+sudo dd bs=1M if=freedombone-mesh_beaglebone-armhf.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -286,9 +369,9 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
 

 

 
-

-
Building Disk Images

-

+

+
Building Disk Images

+

 

 It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
 

@@ -298,15 +381,12 @@ First you will need to create an image. On a Debian based system (tested on Debi
 

 
 

-
 
sudo apt-get -y install git wget build-essential
-wget https://freedombone.net/downloads/current/freedombone.tar.gz
-wget https://freedombone.net/downloads/current/freedombone.tar.gz.sig
+wget https://freedombone.net/downloads/v31/freedombone.tar.gz
+wget https://freedombone.net/downloads/v31/freedombone.tar.gz.sig
 gpg --verify freedombone.tar.gz.sig
-sha256sum freedombone.tar.gz
-afbb536564140aa28c6491d45b7474ced5a0b018539ffd3e96b13b242a41792e
 tar -xzvf freedombone.tar.gz
-cd freedombone
+cd freedombone
 git checkout stretch
 sudo make install
 freedombone-image --setup debian
@@ -319,7 +399,6 @@ If you don't have Atheros or free software compatible wifi adapter then you can
 

 
 

-
 
freedombone-image -t i386 -v meshclient --insecure yes
 

 

@@ -333,7 +412,6 @@ List what drives are on your system with:
 

 
 

-
 
ls /dev/sd*
 

 

@@ -347,9 +425,8 @@ You can now copy the image to the USB thumb drive, replacing sdX with the
 

 
 

-
-
sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
+
sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -370,7 +447,6 @@ You can also use single board computers (SBCs) such as the BeagleBone Black to m
 

 
 

-
 
freedombone-image -t beaglebone -v mesh
 

 

diff --git a/website/EN/socialinstance.html b/website/EN/socialinstance.html
index 594817b4..99ea5dbf 100644
--- a/website/EN/socialinstance.html
+++ b/website/EN/socialinstance.html
@@ -3,26 +3,33 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 
 
-
-
-
-
-
-
+
+
+
+
+
+
-
+
 
 
@@ -97,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -144,31 +236,25 @@ for the JavaScript code in this tag.
 
 

 

-

 
 

 
logo.png
 

 

 
-

-
Social Instance

-

+

+
Social Instance

+

 

 A social instance image allows you to easily set up a fediverse server, which federates using the OStatus or ActivityPub protocol. You will need:
 

 
 
    
-
  • An old laptop, capable of booting from USB
-
    • 
-
  • A USB drive, preferably Sandisk and 16GB or larger
-
    • 
-
  • An ethernet patch cable
-
    • 
-
  • A domain name of your own
-
    • 
-
  • A dynamic DNS account
-
    • 
+
  • An old laptop, capable of booting from USB
    • 
+
  • A USB drive, preferably Sandisk and 16GB or larger
    • 
+
  • An ethernet patch cable
    • 
+
  • A domain name of your own
    • 
+
  • A dynamic DNS account
    • 
 

 
 

@@ -177,22 +263,21 @@ The installation process is the same as usual, with the only difference being th
 

 

 
-

-
Copy the image to the USB drive

-

+

+
Copy the image to the USB drive

+

 

 Substitute sdX with the device name for your USB drive.
 

 
 

-
 
sudo apt-get install xz-utils wget
-wget https://freedombone.net/downloads/current/freedombone-pleroma-amd64.img.xz
-wget https://freedombone.net/downloads/current/freedombone-pleroma-amd64.img.xz.sig
+wget https://freedombone.net/downloads/v31/freedombone-pleroma-amd64.img.xz
+wget https://freedombone.net/downloads/v31/freedombone-pleroma-amd64.img.xz.sig
 gpg --verify freedombone-pleroma-amd64.img.xz.sig
 unxz freedombone-pleroma-amd64.img.xz
-sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
-sudo dd bs=1M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync
+sudo dd if=/dev/zero of=/dev/sdX bs=1M count=8
+sudo dd bs=1M if=freedombone-pleroma-amd64.img of=/dev/sdX conv=fdatasync
 

 

 
@@ -202,9 +287,9 @@ Also note that if the laptop has a removable SSD drive it's possible to copy the
 

 

 
-

-
Connect the laptop to your internet router

-

+

+
Connect the laptop to your internet router

+

 

 Plug the USB drive into the laptop and connect it to your internet router with the ethernet cable.
 

@@ -217,9 +302,9 @@ Plug the USB drive into the laptop and connect it to your internet router with t
 

 

 
-

-
Boot the laptop from the USB drive

-

+

+
Boot the laptop from the USB drive

+

 

 You may need to alter the BIOS settings to get this to work reliably.
 

@@ -232,9 +317,9 @@ You may need to alter the BIOS settings to get this to work reliably.
 

 

 
-

-
Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop

-

+

+
Forward ports 80 (HTTP) and 443 (HTTPS) from your internet router to the laptop

+

 

 Log into your internet router using a non-Tor browser (usually it's on an address like 192.168.1.1 or 192.168.1.254). Often port forwarding settings are together with firewall settings.
 

@@ -247,11 +332,10 @@ Log into your internet router using a non-Tor browser (usually it's on an addres
 

 

 
-

-
From another machine ssh into the laptop

-

+

+
From another machine ssh into the laptop

+

 

-
 
ssh fbone@freedombone.local -p 2222
 

 

@@ -262,18 +346,18 @@ Or alternatively you can log in directly on the laptop. The initial username is
 

 

 
-

-
Follow the setup procedure

-

+

+
Follow the setup procedure

+

 

 Enter your user details, domain name and dynamic DNS settings.
 

 

 

 
-

-
When installation is complete

-

+

+
When installation is complete

+

 

 Navigate to your domain and register a new user.