Create warning emails from daily tests

This commit is contained in:
Bob Mottram 2017-06-30 16:00:08 +01:00
parent 9aebefe0aa
commit d855ff6942
5 changed files with 444 additions and 7 deletions

View File

@ -17,7 +17,7 @@
#+end_quote #+end_quote
#+BEGIN_CENTER #+BEGIN_CENTER
[[file:images/beaglebone_logo.jpg]] [[./release3.html][New version 3 (Stretch)]]
#+END_CENTER #+END_CENTER
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home. So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.

68
doc/EN/release3.org Normal file
View File

@ -0,0 +1,68 @@
#+TITLE:
#+AUTHOR: Bob Mottram
#+EMAIL: bob@freedombone.net
#+KEYWORDS: freedombone
#+DESCRIPTION: Version 3
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]
#+END_CENTER
#+BEGIN_EXPORT html
<center>
<h1>Version 3: Building an internet run by the users, for the users</h1>
</center>
#+END_EXPORT
The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without unnecessary or unwelcome intermediaries.
Freedombone version 3 is based on Debian 9 (Stretch). It was released in July 2017 and includes:
* Faster initial setup
* More [[./apps.html][installable apps]] than the previous release, including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb
* Automated [[https://github.com/hardenedlinux/STIG-4-Debian][security tests]]
* Improved XMPP configuration to support all of the XEPs needed by the [[https://conversations.im][Conversations]] app
* Improved account and domain blocking controls for GNU Social and PostActiv for a better federated network experience
* Uses [[https://en.wikipedia.org/wiki/EdDSA][elliptic curve]] based GPG keys by default for better performance on low power single board computers
* Pre-downloaded repos distributed within images for faster and more autonomous app installs
* Installation
The simplest way to install is from a pre-made disk image. Images can be [[https://freedombone.net/downloads/v3][downloaded here]]. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
#+BEGIN_SRC bash
dd bs=1M if=myimagefile.img of=/dev/sdX conv=fdatasync
#+END_SRC
And wait. It will take a while to copy over. When that's done plug the microSD or USB drive into the target hardware which you want to use as a server and power on. If you're using an old laptop or netbook as the server then you will need to set the BIOS to boot from USB.
As the system boots for the first time the login is:
#+BEGIN_SRC bash
username: fbone
password: freedombone
#+END_SRC
If you're installing from a microSD card on a single board computer without a screen and keyboard attached then you can ssh into it with:
#+BEGIN_SRC bash
ssh fbone@freedombone.local -p 2222
#+END_SRC
Using the initial password "freedombone". If you have trouble accessing the server then make sure you have Avahi installed and [[https://en.wikipedia.org/wiki/Multicast_DNS][mDNS]] enabled.
You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
* Upgrading from a previous install
To upgrade from the Debian Jessie version first create a master keydrive. Go to the *Administrator control panel* and select *Backup and restore* then *Backup GPG key to USB (master keydrive)*. Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting *Backup data to USB drive* and using another LUKS encrypted USB drive.
Follow the installation infstructions for the new Freedombone version, as described in the previous section. When the new system starts installing it will ask if you want to restore your GPG keys. Select *yes* and plug in your master keydrive.
When the initial setup is complete go to the *Administrator control panel* and select *Backup and restore* then *Restore data from USB drive* followed by *all*. Insert the backup USB drive which you made previously. This will restore the base system, including any emails.
You can now go to *Add/Remove apps* on the *Administrator control panel* and add the apps you want. Once they're installed you can recover their content and settings from *Backup and Restore*.

View File

@ -79,9 +79,16 @@ function randomize_cron {
function schedule_stig_tests { function schedule_stig_tests {
echo '#!/bin/bash' > /etc/cron.daily/stig_tests echo '#!/bin/bash' > /etc/cron.daily/stig_tests
echo "ADMIN_EMAIL_ADDRESS=${MY_USERNAME}@\${HOSTNAME}" >> /etc/cron.daily/stig_tests
echo "pkill ${PROJECT_NAME}-tests" >> /etc/cron.daily/stig_tests echo "pkill ${PROJECT_NAME}-tests" >> /etc/cron.daily/stig_tests
echo 'rm -rf /tmp/*' >> /etc/cron.daily/stig_tests echo 'rm -rf /tmp/*' >> /etc/cron.daily/stig_tests
echo "${PROJECT_NAME}-tests --stig yes" >> /etc/cron.daily/stig_tests echo "${PROJECT_NAME}-tests --stig yes 2> /tmp/daily-stig-tests" >> /etc/cron.daily/stig_tests
echo 'if [ ! "$?" = "0" ]; then' >> /etc/cron.daily/stig_tests
echo " echo \"\$(cat /tmp/daily-stig-tests)\" | mail -s \"${PROJECT_NAME} STIG test failures\" \$ADMIN_EMAIL_ADDRESS" >> /etc/cron.daily/stig_tests
echo 'fi' >> /etc/cron.daily/stig_tests
echo 'if [ -f /tmp/daily-stig-tests ]; then' >> /etc/cron.daily/stig_tests
echo ' rm /tmp/daily-stig-tests' >> /etc/cron.daily/stig_tests
echo 'fi' >> /etc/cron.daily/stig_tests
chmod +x /etc/cron.daily/stig_tests chmod +x /etc/cron.daily/stig_tests
} }

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2017-06-27 Tue 13:17 --> <!-- 2017-06-30 Fri 10:02 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -255,12 +255,10 @@ for the JavaScript code in this tag.
</blockquote> </blockquote>
<div class="org-center"> <div class="org-center">
<p>
<div class="figure"> <a href="./release3.html">New version 3 (Stretch)</a>
<p><img src="images/beaglebone_logo.jpg" alt="beaglebone_logo.jpg" />
</p> </p>
</div> </div>
</div>
<p> <p>
So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home. So you want to run your own internet services? Email, chat, VoIP, web sites, file synchronisation, wikis, blogs, social networks, media hosting, backups. Freedombone enables you to do all of that in a self-hosted way, where you keep control of your data and it resides in your own home.

364
website/EN/release3.html Normal file
View File

@ -0,0 +1,364 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2017-06-30 Fri 13:57 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
<meta name="generator" content="Org mode" />
<meta name="author" content="Bob Mottram" />
<meta name="description" content="Version 3"
/>
<meta name="keywords" content="freedombone" />
<style type="text/css">
<!--/*--><![CDATA[/*><!--*/
.title { text-align: center;
margin-bottom: .2em; }
.subtitle { text-align: center;
font-size: medium;
font-weight: bold;
margin-top:0; }
.todo { font-family: monospace; color: red; }
.done { font-family: monospace; color: green; }
.priority { font-family: monospace; color: orange; }
.tag { background-color: #eee; font-family: monospace;
padding: 2px; font-size: 80%; font-weight: normal; }
.timestamp { color: #bebebe; }
.timestamp-kwd { color: #5f9ea0; }
.org-right { margin-left: auto; margin-right: 0px; text-align: right; }
.org-left { margin-left: 0px; margin-right: auto; text-align: left; }
.org-center { margin-left: auto; margin-right: auto; text-align: center; }
.underline { text-decoration: underline; }
#postamble p, #preamble p { font-size: 90%; margin: .2em; }
p.verse { margin-left: 3%; }
pre {
border: 1px solid #ccc;
box-shadow: 3px 3px 3px #eee;
padding: 8pt;
font-family: monospace;
overflow: auto;
margin: 1.2em;
}
pre.src {
position: relative;
overflow: visible;
padding-top: 1.2em;
}
pre.src:before {
display: none;
position: absolute;
background-color: white;
top: -10px;
right: 10px;
padding: 3px;
border: 1px solid black;
}
pre.src:hover:before { display: inline;}
/* Languages per Org manual */
pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-fortran:before { content: 'Fortran'; }
pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-haskell:before { content: 'Haskell'; }
pre.src-hledger:before { content: 'hledger'; }
pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-lua:before { content: 'Lua'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; }
caption.t-above { caption-side: top; }
caption.t-bottom { caption-side: bottom; }
td, th { vertical-align:top; }
th.org-right { text-align: center; }
th.org-left { text-align: center; }
th.org-center { text-align: center; }
td.org-right { text-align: right; }
td.org-left { text-align: left; }
td.org-center { text-align: center; }
dt { font-weight: bold; }
.footpara { display: inline; }
.footdef { margin-bottom: 1em; }
.figure { padding: 1em; }
.figure p { text-align: center; }
.inlinetask {
padding: 10px;
border: 2px solid gray;
margin: 10px;
background: #ffffcc;
}
#org-div-home-and-up
{ text-align: right; font-size: 70%; white-space: nowrap; }
textarea { overflow-x: auto; }
.linenr { font-size: smaller }
.code-highlighted { background-color: #ffff00; }
.org-info-js_info-navigation { border-style: none; }
#org-info-js_console-label
{ font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
JavaScript code in this tag.
Copyright (C) 2012-2017 Free Software Foundation, Inc.
The JavaScript code in this tag is free software: you can
redistribute it and/or modify it under the terms of the GNU
General Public License (GNU GPL) as published by the Free Software
Foundation, either version 3 of the License, or (at your option)
any later version. The code is distributed WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU GPL for more details.
As additional permission under GNU GPL version 3 section 7, you
may distribute non-source (e.g., minimized or compacted) forms of
that code without the copy of the GNU GPL normally required by
section 4, provided you include this license notice and a URL
through which recipients can access the Corresponding Source.
@licend The above is the entire license notice
for the JavaScript code in this tag.
*/
<!--/*--><![CDATA[/*><!--*/
function CodeHighlightOn(elem, id)
{
var target = document.getElementById(id);
if(null != target) {
elem.cacheClassElem = elem.className;
elem.cacheClassTarget = target.className;
target.className = "code-highlighted";
elem.className = "code-highlighted";
}
}
function CodeHighlightOff(elem, id)
{
var target = document.getElementById(id);
if(elem.cacheClassElem)
elem.className = elem.cacheClassElem;
if(elem.cacheClassTarget)
target.className = elem.cacheClassTarget;
}
/*]]>*///-->
</script>
</head>
<body>
<div id="preamble" class="status">
<a name="top" id="top"></a>
</div>
<div id="content">
<div class="org-center">
<div class="figure">
<p><img src="images/logo.png" alt="logo.png" />
</p>
</div>
</div>
<center>
<h1>Version 3: Building an internet run by the users, for the users</h1>
</center>
<p>
The internet may still be mostly in the clutches of a few giant megacorporations and dubious governments with sketchy agendas, but it doesn't have to remain that way. With the third version of the Freedombone system there is now more scope than before to take back your privacy, have ownership of personal data and run your own online communities without unnecessary or unwelcome intermediaries.
</p>
<p>
Freedombone version 3 is based on Debian 9 (Stretch). It was released in July 2017 and includes:
</p>
<ul class="org-ul">
<li>Faster initial setup</li>
<li>More <a href="./apps.html">installable apps</a> than the previous release, including CryptPad, Koel, NextCloud, PostActiv, Friendica and Matrix/RiotWeb</li>
<li>Automated <a href="https://github.com/hardenedlinux/STIG-4-Debian">security tests</a></li>
<li>Improved XMPP configuration to support all of the XEPs needed by the <a href="https://conversations.im">Conversations</a> app</li>
<li>Improved account and domain blocking controls for GNU Social and PostActiv for a better federated network experience</li>
<li>Uses <a href="https://en.wikipedia.org/wiki/EdDSA">elliptic curve</a> based GPG keys by default for better performance on low power single board computers</li>
<li>Pre-downloaded repos distributed within images for faster and more autonomous app installs</li>
</ul>
<div id="outline-container-orgcc70622" class="outline-2">
<h2 id="orgcc70622">Installation</h2>
<div class="outline-text-2" id="text-orgcc70622">
<p>
The simplest way to install is from a pre-made disk image. Images can be <a href="https://freedombone.net/downloads/v3">downloaded here</a>. You will need to have previously obtained a domain name and have a dynamic DNS account somewhere.
</p>
<p>
Copy the image to a microSD card or USB thumb drive, replacing sdX with the identifier of the USB thumb drive. Don't include any numbers (so for example use sdc instead of sdc1).
</p>
<div class="org-src-container">
<pre><code class="src src-bash">dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
</code></pre>
</div>
<p>
And wait. It will take a while to copy over. When that's done plug the microSD or USB drive into the target hardware which you want to use as a server and power on. If you're using an old laptop or netbook as the server then you will need to set the BIOS to boot from USB.
</p>
<p>
As the system boots for the first time the login is:
</p>
<div class="org-src-container">
<pre><code class="src src-bash">username: fbone
password: freedombone
</code></pre>
</div>
<p>
If you're installing from a microSD card on a single board computer without a screen and keyboard attached then you can ssh into it with:
</p>
<div class="org-src-container">
<pre><code class="src src-bash">ssh fbone@freedombone.local -p 2222
</code></pre>
</div>
<p>
Using the initial password "freedombone". If you have trouble accessing the server then make sure you have Avahi installed and <a href="https://en.wikipedia.org/wiki/Multicast_DNS">mDNS</a> enabled.
</p>
<p>
You will then be shown a new randomly generated password. It's very important that you write this down somewhere or transfer it to a password manager before going further, because you'll need this to log in later.
</p>
</div>
</div>
<div id="outline-container-org48b12d2" class="outline-2">
<h2 id="org48b12d2">Upgrading from a previous install</h2>
<div class="outline-text-2" id="text-org48b12d2">
<p>
To upgrade from the Debian Jessie version first create a master keydrive. Go to the <b>Administrator control panel</b> and select <b>Backup and restore</b> then <b>Backup GPG key to USB (master keydrive)</b>. Insert a LUKS encrypted USB drive. When that is done Create a full backup by selecting <b>Backup data to USB drive</b> and using another LUKS encrypted USB drive.
</p>
<p>
Follow the installation infstructions for the new Freedombone version, as described in the previous section. When the new system starts installing it will ask if you want to restore your GPG keys. Select <b>yes</b> and plug in your master keydrive.
</p>
<p>
When the initial setup is complete go to the <b>Administrator control panel</b> and select <b>Backup and restore</b> then <b>Restore data from USB drive</b> followed by <b>all</b>. Insert the backup USB drive which you made previously. This will restore the base system, including any emails.
</p>
<p>
You can now go to <b>Add/Remove apps</b> on the <b>Administrator control panel</b> and add the apps you want. Once they're installed you can recover their content and settings from <b>Backup and Restore</b>.
</p>
</div>
</div>
</div>
<div id="postamble" class="status">
<style type="text/css">
.back-to-top {
position: fixed;
bottom: 2em;
right: 0px;
text-decoration: none;
color: #000000;
background-color: rgba(235, 235, 235, 0.80);
font-size: 12px;
padding: 1em;
display: none;
}
.back-to-top:hover {
background-color: rgba(135, 135, 135, 0.50);
}
</style>
<div class="back-to-top">
<a href="#top">Back to top</a> | <a href="mailto:bob@freedombone.net">E-mail me</a>
</div>
</div>
</body>
</html>