free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Image width

This commit is contained in:
Bob Mottram 2017-10-05 15:09:17 +01:00
parent ce70b72090
commit 59ef8ff65d
3 changed files with 127 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/EN/mesh.org
View File

@ -268,7 +268,7 @@ To allow mobile devices to connect to the mesh you will need a second wifi adapt
On a typical Android device go to *Settings* then *Security* and ensure that *Unknown sources* is enabled. Also within *Wifi* from the *Settings* screen select the mesh hotspot. The password is "/freedombone/". Open a non-Tor browser and navigate to the IP address showing in the hotspot name. You can then download and install mesh apps.
#+ATTR_HTML: width="200px"
#+ATTR_HTML: :width 300
#+BEGIN_CENTER
[[file:images/mesh_mobileapps.jpg]]
#+END_CENTER

32
website/EN/app_vpn.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2017-09-27 Wed 17:58 -->
<!-- 2017-10-05 Thu 14:51 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title>
@ -266,9 +266,9 @@ Using a Tor browser is another way to get around censorship, but there might be
On Freedombone the VPN is wrapped within a TLS layer of encryption, making it difficult for any deep packet inspection systems to know whether you are using a VPN or not. Since there is lots of TLS traffic on the internet your connection looks like any other TLS connection to a server, and this may help to avoid being censored. It's probably not possible for your local ISP to block TLS traffic without immediately generating a lot of irate customers, and stopping any kind of commercial activity.
</p>
<div id="outline-container-org778c839" class="outline-2">
<h2 id="org778c839">Installation</h2>
<div class="outline-text-2" id="text-org778c839">
<div id="outline-container-orgb96ecdd" class="outline-2">
<h2 id="orgb96ecdd">Installation</h2>
<div class="outline-text-2" id="text-orgb96ecdd">
<p>
ssh into the system with:
</p>
@ -288,9 +288,9 @@ Only use ports 443 or 80 for VPN as an <i>absolute last resort</i>, since doing
</div>
</div>
<div id="outline-container-org2cfcc49" class="outline-2">
<h2 id="org2cfcc49">Usage</h2>
<div class="outline-text-2" id="text-org2cfcc49">
<div id="outline-container-orgc55576d" class="outline-2">
<h2 id="orgc55576d">Usage</h2>
<div class="outline-text-2" id="text-orgc55576d">
<p>
When the installation is complete you can download your VPN keys and configuration files onto your local machine.
</p>
@ -306,7 +306,7 @@ You will need to ensure that the <i>openvpn</i> and <i>stunnel</i> packages are
</p>
<div class="org-src-container">
<pre class="src src-bash">sudp pacman -S openvpn stunnel4
<pre class="src src-bash">sudo pacman -S openvpn stunnel4
</pre>
</div>
@ -335,9 +335,9 @@ You should see a series of messages with "<i>Initialization Sequence Completed</
</div>
</div>
<div id="outline-container-orgc7282cd" class="outline-2">
<h2 id="orgc7282cd">Changing port number</h2>
<div class="outline-text-2" id="text-orgc7282cd">
<div id="outline-container-org8a983c5" class="outline-2">
<h2 id="org8a983c5">Changing port number</h2>
<div class="outline-text-2" id="text-org8a983c5">
<p>
Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
</p>
@ -348,16 +348,16 @@ Avoiding censorship can be a cat and mouse game, and so if the port you're using
</div>
<p>
Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#org2cfcc49">Usage</a> section above.
Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#orgc55576d">Usage</a> section above.
</p>
</div>
</div>
<div id="outline-container-orgbe4ddea" class="outline-2">
<h2 id="orgbe4ddea">Generating new keys</h2>
<div class="outline-text-2" id="text-orgbe4ddea">
<div id="outline-container-orgc802140" class="outline-2">
<h2 id="orgc802140">Generating new keys</h2>
<div class="outline-text-2" id="text-orgc802140">
<p>
It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#org2cfcc49">Usage</a> section above.
It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#orgc55576d">Usage</a> section above.
</p>
</div>
</div>

169
website/EN/mesh.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2017-10-05 Thu 13:13 -->
<!-- 2017-10-05 Thu 15:09 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title>
@ -274,13 +274,13 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#orge7e03ce">What the system can do</a></td>
<td class="org-left"><a href="#org5eda560">What the system can do</a></td>
<td class="org-left">-</td>
<td class="org-left"><a href="#orgc3dbd7e">Disk Images</a></td>
<td class="org-left"><a href="#org63f9e7b">Disk Images</a></td>
<td class="org-left">-</td>
<td class="org-left"><a href="#orgf01fd55">Building Disk Images</a></td>
<td class="org-left"><a href="#orgd4b86f7">Building Disk Images</a></td>
<td class="org-left">-</td>
<td class="org-left"><a href="#org1e57e4d">How to use it</a></td>
<td class="org-left"><a href="#orge37188c">How to use it</a></td>
</tr>
</tbody>
</table>
@ -324,9 +324,9 @@ The Freedombone mesh roughly follows MondoNet's ten social specifications:
<li><b>Evolvable</b>: The network should be built with future development in mind. The platform should be flexible enough to support technologies, protocols and modes of usage that have not yet been developed.</li>
</ul>
<div id="outline-container-orge7e03ce" class="outline-2">
<h2 id="orge7e03ce">What the system can do</h2>
<div class="outline-text-2" id="text-orge7e03ce">
<div id="outline-container-org5eda560" class="outline-2">
<h2 id="org5eda560">What the system can do</h2>
<div class="outline-text-2" id="text-org5eda560">
<ul class="org-ul">
<li>Discovery of other users on the network</li>
<li>Text based chat, one-to-one and in groups</li>
@ -350,13 +350,13 @@ This system should be quite scalable. Both qTox and IPFS are based upon distribu
</div>
</div>
<div id="outline-container-orgc3dbd7e" class="outline-2">
<h2 id="orgc3dbd7e">Disk Images</h2>
<div class="outline-text-2" id="text-orgc3dbd7e">
<div id="outline-container-org63f9e7b" class="outline-2">
<h2 id="org63f9e7b">Disk Images</h2>
<div class="outline-text-2" id="text-org63f9e7b">
</div>
<div id="outline-container-org48cf6b4" class="outline-3">
<h3 id="org48cf6b4">Writing many images quickly</h3>
<div class="outline-text-3" id="text-org48cf6b4">
<div id="outline-container-org9b83703" class="outline-3">
<h3 id="org9b83703">Writing many images quickly</h3>
<div class="outline-text-3" id="text-org9b83703">
<p>
There may be situations where you need to write the same disk image to multiple drives at the same time in order to maximize rate of deployment. In the instructions given below the <b>dd</b> command is used for writing to the target drive, but to write to multiple drives you can use a tool such as <a href="https://wiki.gnome.org/Apps/MultiWriter">GNOME MultiWriter</a>.
</p>
@ -384,9 +384,9 @@ The MultiWriter tool is also available within mesh client images, so that you ca
</p>
</div>
</div>
<div id="outline-container-orga4d8a06" class="outline-3">
<h3 id="orga4d8a06">Client images</h3>
<div class="outline-text-3" id="text-orga4d8a06">
<div id="outline-container-orgf6cd1c6" class="outline-3">
<h3 id="orgf6cd1c6">Client images</h3>
<div class="outline-text-3" id="text-orgf6cd1c6">
<div class="org-center">
<div class="figure">
@ -435,16 +435,16 @@ sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-n
</div>
</div>
<div id="outline-container-org990631a" class="outline-3">
<h3 id="org990631a">Router images</h3>
<div class="outline-text-3" id="text-org990631a">
<div id="outline-container-org7170054" class="outline-3">
<h3 id="org7170054">Router images</h3>
<div class="outline-text-3" id="text-org7170054">
<p>
Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
</p>
</div>
<div id="outline-container-orgf4481d1" class="outline-4">
<h4 id="orgf4481d1">Beaglebone Black</h4>
<div class="outline-text-4" id="text-orgf4481d1">
<div id="outline-container-orgd098fe1" class="outline-4">
<h4 id="orgd098fe1">Beaglebone Black</h4>
<div class="outline-text-4" id="text-orgd098fe1">
<div class="org-center">
<div class="figure">
@ -481,9 +481,9 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
</div>
</div>
<div id="outline-container-orgf01fd55" class="outline-2">
<h2 id="orgf01fd55">Building Disk Images</h2>
<div class="outline-text-2" id="text-orgf01fd55">
<div id="outline-container-orgd4b86f7" class="outline-2">
<h2 id="orgd4b86f7">Building Disk Images</h2>
<div class="outline-text-2" id="text-orgd4b86f7">
<p>
It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
</p>
@ -571,9 +571,9 @@ The resulting image can be copied to a microSD card, inserted into a Beaglebone
</div>
</div>
<div id="outline-container-org410f58b" class="outline-2">
<h2 id="org410f58b">Customisation</h2>
<div class="outline-text-2" id="text-org410f58b">
<div id="outline-container-org3b00cc8" class="outline-2">
<h2 id="org3b00cc8">Customisation</h2>
<div class="outline-text-2" id="text-org3b00cc8">
<p>
If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within <b>img/backgrounds</b> and to change the available avatars and desktop icons edit the images within <b>img/avatars</b>. Re-create disk images using the instructions shown previously.
</p>
@ -583,9 +583,9 @@ If you need particular <i>dconf</i> commands to alter desktop appearance or beha
</p>
</div>
</div>
<div id="outline-container-org1e57e4d" class="outline-2">
<h2 id="org1e57e4d">How to use it</h2>
<div class="outline-text-2" id="text-org1e57e4d">
<div id="outline-container-orge37188c" class="outline-2">
<h2 id="orge37188c">How to use it</h2>
<div class="outline-text-2" id="text-orge37188c">
<p>
When you first boot from the USB drive the system will create some encryption keys, assign a unique network address to the system and then reboot itself. When that's done you should see a prompt asking for a username. This username just makes it easy for others to initially find you on the mesh and will appear in the list of users.
</p>
@ -595,9 +595,9 @@ After a minute or two if you are within wifi range and there is at least one oth
</p>
</div>
<div id="outline-container-org11d6908" class="outline-3">
<h3 id="org11d6908">Boot trouble</h3>
<div class="outline-text-3" id="text-org11d6908">
<div id="outline-container-org2a93988" class="outline-3">
<h3 id="org2a93988">Boot trouble</h3>
<div class="outline-text-3" id="text-org2a93988">
<p>
If the system doesn't boot and reports an error which includes <b>/dev/mapper/loop0p1</b> then reboot with <b>Ctrl-Alt-Del</b> and when you see the grub menu press <b>e</b> and manually change <b>/dev/mapper/loop0p1</b> to <b>/dev/sdb1</b>, then press <b>Ctrl-x</b>. If that doesn't work then reboot and try <b>/dev/sdc1</b> instead.
</p>
@ -607,9 +607,9 @@ After the system has booted successfully the problem should resolve itself on su
</p>
</div>
</div>
<div id="outline-container-org17e82b1" class="outline-3">
<h3 id="org17e82b1">Set the Date</h3>
<div class="outline-text-3" id="text-org17e82b1">
<div id="outline-container-org3abb4d9" class="outline-3">
<h3 id="org3abb4d9">Set the Date</h3>
<div class="outline-text-3" id="text-org3abb4d9">
<p>
On the ordinary internet the date and time of your system would be set automatically via NTP. But this is not the internet and so you will need to manually ensure that your date and time settings are correct. You might need to periodically do this if your clock drifts. It's not essential that the time on your system be highly accurate, but if it drifts too far or goes back to epoch then things could become a little confusing in regard to the order of blog posts.
</p>
@ -619,9 +619,9 @@ On the ordinary internet the date and time of your system would be set automatic
</p>
</div>
</div>
<div id="outline-container-org55b78da" class="outline-3">
<h3 id="org55b78da">Check network status</h3>
<div class="outline-text-3" id="text-org55b78da">
<div id="outline-container-org2b820e7" class="outline-3">
<h3 id="org2b820e7">Check network status</h3>
<div class="outline-text-3" id="text-org2b820e7">
<p>
Unlike with ordinary wifi, on the mesh you don't get a signal strength icon and so it's not simple to see if you have a good connection.
</p>
@ -644,9 +644,9 @@ When you are finished close the window and then select the <i>Network Restart</i
</p>
</div>
</div>
<div id="outline-container-orgc3d9324" class="outline-3">
<h3 id="orgc3d9324">Connecting to the internet</h3>
<div class="outline-text-3" id="text-orgc3d9324">
<div id="outline-container-org3bf2ff9" class="outline-3">
<h3 id="org3bf2ff9">Connecting to the internet</h3>
<div class="outline-text-3" id="text-org3bf2ff9">
<p>
If you need to be able to access the internet from the mesh then connect one of the peers to an internet router using an ethernet cable, then reboot it. Other peers in the mesh, including any attached mobile devices, will then be able to access the internet using the ethernet attached peer as a gateway. <a href="https://en.wikipedia.org/wiki/Freifunk">Freifunk</a> works in a similar way.
</p>
@ -654,11 +654,62 @@ If you need to be able to access the internet from the mesh then connect one of
<p>
After connecting one peer to the internet you may need to reboot other peers in order to update their network configurations.
</p>
<p>
If for legal reasons you need to connect to the internet via a VPN then openvpn is preinstalled and you can run the command:
</p>
<div class="org-src-container">
<pre class="src src-bash">sudo openvpn myclient.ovpn
</pre>
</div>
<p>
Where <i>myclient.ovpn</i> comes from your VPN provider and with the password "<i>freedombone</i>".
</p>
</div>
</div>
<div id="outline-container-orgdceba0f" class="outline-3">
<h3 id="orgdceba0f">Mobile devices (phones, etc)</h3>
<div class="outline-text-3" id="text-orgdceba0f">
<div id="outline-container-org624d04c" class="outline-3">
<h3 id="org624d04c">Connecting two meshes over the internet via a VPN tunnel</h3>
<div class="outline-text-3" id="text-org624d04c">
<p>
Maybe the internet exists, but you don't care about getting any content from it and just want to use it as a way to connect mesh networks from different geographical locations together. VPN configuration, pem and stunnel files exist within the home directory. Edit the configuration with:
</p>
<div class="org-src-container">
<pre class="src src-bash">nano ~/client.ovpn
</pre>
</div>
<p>
Edit the IP address or domain for the mesh that you wish to connect to within the <i>route</i> command:
</p>
<div class="org-src-container">
<pre class="src src-bash">route [mesh IP or domain] 255.255.255.255 net_gateway
</pre>
</div>
<p>
Then you can connect to the other mesh with:
</p>
<div class="org-src-container">
<pre class="src src-bash"><span class="org-builtin">cd</span> /home/fbone
sudo stunnel stunnel-client.conf
sudo openvpn client.ovpn
</pre>
</div>
<p>
Using the password "<i>freedombone</i>". From a deep packet inspection point of view the traffic going over the internet will just look like any other TLS connection to a server.
</p>
</div>
</div>
<div id="outline-container-orgd9e5261" class="outline-3">
<h3 id="orgd9e5261">Mobile devices (phones, etc)</h3>
<div class="outline-text-3" id="text-orgd9e5261">
<p>
To allow mobile devices to connect to the mesh you will need a second wifi adapter connected to your laptop/netbook/SBC. Plug in a second wifi adapter then reboot the system. The second adaptor will then create a wifi hotspot which mobile devices can connect to. The hotspot name also contains its local IP address (eg. "<i>mesh-192.168.1.83</i>").
</p>
@ -680,9 +731,9 @@ On some android devices you may need to move the downloaded APK file from the <b
</p>
</div>
</div>
<div id="outline-container-org6f1f090" class="outline-3">
<h3 id="org6f1f090">Chat System</h3>
<div class="outline-text-3" id="text-org6f1f090">
<div id="outline-container-org20eff98" class="outline-3">
<h3 id="org20eff98">Chat System</h3>
<div class="outline-text-3" id="text-org20eff98">
<p>
Ensure that you're within wifi range of at least one other mesh peer (could be a router or client) and then you should see that the <i>Chat</i> and <i>Other Users</i> icons appear. Select the users icon and you should see a list of users on the mesh. Select the <i>Chat</i> icon and once you are connected you should see the status light turn green. If after a few minutes you don't get the green status light then try closing and re-opening the Tox chat application. Select the plus button to add a friend and then copy and paste in a Tox ID from the users list.
</p>
@ -741,9 +792,9 @@ At present video doesn't work reliably, but text and voice chat do work well.
</div>
</div>
<div id="outline-container-org8ac8f7d" class="outline-3">
<h3 id="org8ac8f7d">Social Network</h3>
<div class="outline-text-3" id="text-org8ac8f7d">
<div id="outline-container-orgfcc0537" class="outline-3">
<h3 id="orgfcc0537">Social Network</h3>
<div class="outline-text-3" id="text-orgfcc0537">
<p>
Patchwork is available as a social networking system for the mesh. Like all social network systems it has a stream of posts and you can follow or unfollow other users. You can also send private messages to other users with end-to-end encryption.
</p>
@ -778,9 +829,9 @@ The Secure Scuttlebutt protocol which Patchwork is based upon is intended to be
</div>
</div>
<div id="outline-container-org25fbdb4" class="outline-3">
<h3 id="org25fbdb4">Sharing Files</h3>
<div class="outline-text-3" id="text-org25fbdb4">
<div id="outline-container-orgc02ecf3" class="outline-3">
<h3 id="orgc02ecf3">Sharing Files</h3>
<div class="outline-text-3" id="text-orgc02ecf3">
<p>
You can make files publicly available on the network simply by dragging and dropping them into the <i>Public</i> folder on the desktop. To view the files belonging to another user select the desktop icon called <i>Visit a site</i> and enter the username or Tox ID of the other user.
</p>
@ -795,9 +846,9 @@ You can make files publicly available on the network simply by dragging and drop
</div>
</div>
<div id="outline-container-org00ad2c3" class="outline-3">
<h3 id="org00ad2c3">Blogging</h3>
<div class="outline-text-3" id="text-org00ad2c3">
<div id="outline-container-orgbcb6881" class="outline-3">
<h3 id="orgbcb6881">Blogging</h3>
<div class="outline-text-3" id="text-orgbcb6881">
<p>
To create a blog post select the <i>Blog</i> icon on the desktop and then use the up and down cursor keys, space bar and enter key to add a new entry. Edit the title of the entry and add your text. You can also include photos if you wish - just copy them to the <b>CreateBlog/content/images</b> directory and then link to them as shown.
</p>