#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone, turtl, notes, images, sharing
#+DESCRIPTION: How to use Ghost
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD:
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
Turtl
#+END_EXPORT
Turtl is a system for privately creating and sharing notes and images, similar to Evernote. It can be set up so that a small number of users on the server can share their notes in a convenient way. It doesn't have any web user interface, and you need to install native clients on mobile or laptop/desktop machines.
Since the data at rest is stored in PGP encrypted format this is a good system to use in cases where security really is a critical factor.
#+BEGIN_CENTER
[[file:images/turtl.jpg]]
#+END_CENTER
* Installation
Log into your system with:
#+begin_src bash
ssh myusername@mydomain -p 2222
#+end_src
Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
Select *Add/Remove Apps* then *turtl*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /notes.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
After the install has completed go to *Security settings* and select *Create a new Let's Encrypt certificate* and enter the domain name that you are using for Turtl. If you're using the "onion only" version of the system then you don't need to do this. If the certificate is obtained successfully then you will see a congratulations message.
* Initial setup
The most common use case will be with Android devices. The Android app isn't currently available within F-droid (see [[https://turtlapp.com/faq][the FAQ]] for details) but can be [[https://turtlapp.com/download/][downloaded from the Turtl site]].
Run the app then at the bottom of the screen select *advanced settings* and enter your turl domain name, then register a new account. The password can be anything you choose, but since the client side encryption depends upon having a good password make it a long random string generated by a password manager such as KeepassX.
You should then be able to log in and start using the app. You might also want to invite any other users of your Freedombone system to also sign up using the turtl domain name which you specified during installation.
* Locking it down
Once you have created accounts it's a good idea to turn off new turtl signups. This will prevent millions of random users on the interwebs from creating accounts on your system and killing your server, or possibly other nefarious security scenarios. Go to the *administrator control panel* and select *App Settings* then *turtl*. You will then be able to disable new user registrations and also set the data storage limit for users. If you need additional users later you can always temporarily re-enable signups later.