diff --git a/doc/EN/app_pihole.org b/doc/EN/app_pihole.org new file mode 100644 index 00000000..24d79a09 --- /dev/null +++ b/doc/EN/app_pihole.org @@ -0,0 +1,69 @@ +#+TITLE: +#+AUTHOR: Bob Mottram +#+EMAIL: bob@freedombone.net +#+KEYWORDS: freedombone, pi-hole, ad blocker +#+DESCRIPTION: How to block ads on your network +#+OPTIONS: ^:nil toc:nil +#+HTML_HEAD: + +#+BEGIN_CENTER +[[file:images/logo.png]] +#+END_CENTER + +#+BEGIN_EXPORT html +
+

PI-Hole: The Black Hole for Web Adverts

+
+#+END_EXPORT + +Idiots who have an inflated sense of self-entitlement will tell you that it's /your moral duty/ to view their mind-numbingly tedious corporate ads on their web site or YouTube channel, or else their kids will starve and the sky will fall because their revenue stream will dry up. But that's bullshit. There is nothing intrinsic or morally mandatory about adverts propping up the livelihoods of netizens, and indeed a web not primarily based on advertising money might have been a much better and more interesting place by now, with a lot less spying. + +Not only are web ads annoying, but they can consume a lot of bandwidth, be a privacy problem in terms of allowing companies to track your browsing habits and also any badly written scripts they contain may introduce exploitable security holes. Also if you're poor then adverts often make you want things that you can't have. + +You can block ads for any devices connected to your local network by installing the *pihole* app from *Add/Remove Apps* on the administrator control panel. This may help to improve overall performance of your devices by not wasting time downloading unwanted images or scripts. + +Also don't expect perfection. Though many ads may be blocked by this system some will still get through. It's a constant cat and mouse game between advertisers and blockers. + +* Set a static IP address + +Ensure that your system has a static local IP address (typically 192.168..) using the option on the control panel. You will also need to know the IP address of your internet router, which is usually *192.168.1.1* or *192.168.1.254*. + +When that's done select *About this system* from the control panel and see the IPv4 address. You can use this as a DNS address in two ways: + +* On each client system within your local network + +#+begin_src bash +sudo chattr -i /etc/resolv.conf +sudo nano /etc/resolv.conf +#+end_src + +Comment out any existing entries with a # character and add: + +#+begin_src bash +nameserver [IPv4 address from the About screen] +#+end_src + +Normally /resolv.conf/ will be overwritten every time your reboot, but you can prevent this with: + +#+begin_src bash +sudo chattr +i /etc/resolv.conf +#+end_src + +* On your internet router +If you can access the settings on your local internet router then this is the simplest way to provide ad blocking for all devices which connect to it. Unfortunately some router models don't let you edit the DNS settings and if that's the case you might want to consider getting a different router. + +Edit the DNS settings and add the IPv4 address which you got from the control panel About screen. Exactly how you do this will just depend upon your particular router model. You may also need to set the same address twice, because two addresses are conventional. + +** LibreCMC +On a router running LibreCMC from the *Network* menu select *DHCP and DNS*. Enter the static IP address of your Freedombone system within *DNS Forwardings*, then at the bottom of the page click on *Save & Apply*. Any devices which connect to your router will now have ad blocking. + +* Configuring block lists +You can configure the block lists which the system uses by going to the *administrator control panel*, selecting *App Settings* then choosing *pihole*. You can also add any extra domain names to the whitelist if they're being wrongly blocked or to the blacklist if they're not blocked by the current lists. + + + +#+BEGIN_EXPORT html +
+Return to the home page +
+#+END_EXPORT diff --git a/doc/EN/apps.org b/doc/EN/apps.org index 5a335003..429ecda6 100644 --- a/doc/EN/apps.org +++ b/doc/EN/apps.org @@ -71,6 +71,7 @@ The popular VoIP and text chat system. Say goodbye to old-fashioned telephony co * PI-Hole The black hole for web adverts. Block adverts at the domain name level within your local network. It can significantly reduce bandwidth, speed up page load times and protect your systems from being tracked by spyware. +[[./app_pihole.html][How to use it]] * PostActiv An alternative federated social networking system compatible with GNU Social. It includes some optimisations and fixes currently not available within the main GNU Social project. diff --git a/doc/EN/usage.org b/doc/EN/usage.org index e0a5fed1..7859d6a7 100644 --- a/doc/EN/usage.org +++ b/doc/EN/usage.org @@ -32,7 +32,7 @@ | [[./app_rss.html][RSS Reader]] | | [[./app_gogs.html][Git Projects]] | | [[Adding or removing users]] | -| [[Blocking Ads]] | +| [[./app_pihole.html][Blocking Ads]] | * Readme After the system has installed a README file will be generated which contains passwords and some brief advice on using the installed systems. You can read this with the following commands: @@ -115,54 +115,3 @@ control #+END_SRC [[file:images/controlpanel/control_panel_manage_users.jpg]] - -* Blocking Ads -Everyone except for advertisers hates adverts. Not only are they annoying, but they can consume a lot of bandwidth, be a privacy problem in terms of allowing companies to track your browsing habits and also any badly written scripts they contain may introduce exploitable security holes. Also if you're poor then adverts often make you want things that you can't have. - -You can block ads for any devices connected to your local network by installing the *pihole* app from *Add/Remove Apps* on the administrator control panel. This may help to improve overall performance of your devices by not wasting time downloading unwanted images or scripts. - -Also don't expect perfection. Though many ads may be blocked by this system some will still get through. It's a constant cat and mouse game between advertisers and blockers. - -** Set a static IP address - -Ensure that your system has a static local IP address (typically 192.168..) using the option on the control panel. You will also need to know the IP address of your internet router, which is usually *192.168.1.1* or *192.168.1.254*. - -When that's done select *About this system* from the control panel and see the IPv4 address. You can use this as a DNS address in two ways: - -** On each client system within your local network - -#+begin_src bash -sudo chattr -i /etc/resolv.conf -sudo nano /etc/resolv.conf -#+end_src - -Comment out any existing entries with a # character and add: - -#+begin_src bash -nameserver [IPv4 address from the About screen] -#+end_src - -Normally /resolv.conf/ will be overwritten every time your reboot, but you can prevent this with: - -#+begin_src bash -sudo chattr +i /etc/resolv.conf -#+end_src - -** On your internet router -If you can access the settings on your local internet router then this is the simplest way to provide ad blocking for all devices which connect to it. Unfortunately some router models don't let you edit the DNS settings and if that's the case you might want to consider getting a different router. - -Edit the DNS settings and add the IPv4 address which you got from the control panel About screen. Exactly how you do this will just depend upon your particular router model. You may also need to set the same address twice, because two addresses are conventional. - -*** LibreCMC -On a router running LibreCMC from the *Network* menu select *DHCP and DNS*. Enter the static IP address of your Freedombone system within *DNS Forwardings*, then at the bottom of the page click on *Save & Apply*. Any devices which connect to your router will now have ad blocking. - -** Configuring block lists -You can configure the block lists which the system uses by going to the *administrator control panel*, selecting *App Settings* then choosing *pihole*. You can also add any extra domain names to the whitelist if they're being wrongly blocked or to the blacklist if they're not blocked by the current lists. - - - -#+BEGIN_EXPORT html -
-Return to the home page -
-#+END_EXPORT diff --git a/website/EN/app_pihole.html b/website/EN/app_pihole.html new file mode 100644 index 00000000..148c696e --- /dev/null +++ b/website/EN/app_pihole.html @@ -0,0 +1,370 @@ + + + + + + + + + + + + + + + + + +
+ +
+
+
+ +
+

logo.png +

+
+
+ +
+

PI-Hole: The Black Hole for Web Adverts

+
+ +

+Idiots who have an inflated sense of self-entitlement will tell you that it's your moral duty to view their mind-numbingly tedious corporate ads on their web site or YouTube channel, or else their kids will starve and the sky will fall because their revenue stream will dry up. But that's bullshit. There is nothing intrinsic or morally mandatory about adverts propping up the livelihoods of netizens, and indeed a web not primarily based on advertising money might have been a much better and more interesting place by now, with a lot less spying. +

+ +

+Not only are web ads annoying, but they can consume a lot of bandwidth, be a privacy problem in terms of allowing companies to track your browsing habits and also any badly written scripts they contain may introduce exploitable security holes. Also if you're poor then adverts often make you want things that you can't have. +

+ +

+You can block ads for any devices connected to your local network by installing the pihole app from Add/Remove Apps on the administrator control panel. This may help to improve overall performance of your devices by not wasting time downloading unwanted images or scripts. +

+ +

+Also don't expect perfection. Though many ads may be blocked by this system some will still get through. It's a constant cat and mouse game between advertisers and blockers. +

+ +
+

Set a static IP address

+
+

+Ensure that your system has a static local IP address (typically 192.168..) using the option on the control panel. You will also need to know the IP address of your internet router, which is usually 192.168.1.1 or 192.168.1.254. +

+ +

+When that's done select About this system from the control panel and see the IPv4 address. You can use this as a DNS address in two ways: +

+
+
+ +
+

On each client system within your local network

+
+
+
sudo chattr -i /etc/resolv.conf
+sudo nano /etc/resolv.conf
+
+
+ +

+Comment out any existing entries with a # character and add: +

+ +
+
nameserver [IPv4 address from the About screen]
+
+
+ +

+Normally resolv.conf will be overwritten every time your reboot, but you can prevent this with: +

+ +
+
sudo chattr +i /etc/resolv.conf
+
+
+
+
+ +
+

On your internet router

+
+

+If you can access the settings on your local internet router then this is the simplest way to provide ad blocking for all devices which connect to it. Unfortunately some router models don't let you edit the DNS settings and if that's the case you might want to consider getting a different router. +

+ +

+Edit the DNS settings and add the IPv4 address which you got from the control panel About screen. Exactly how you do this will just depend upon your particular router model. You may also need to set the same address twice, because two addresses are conventional. +

+
+ +
+

LibreCMC

+
+

+On a router running LibreCMC from the Network menu select DHCP and DNS. Enter the static IP address of your Freedombone system within DNS Forwardings, then at the bottom of the page click on Save & Apply. Any devices which connect to your router will now have ad blocking. +

+
+
+
+ +
+

Configuring block lists

+
+

+You can configure the block lists which the system uses by going to the administrator control panel, selecting App Settings then choosing pihole. You can also add any extra domain names to the whitelist if they're being wrongly blocked or to the blacklist if they're not blocked by the current lists. +

+ + + +
+Return to the home page +
+
+
+
+
+ + + +
+Back to top | E-mail me +
+
+ + diff --git a/website/EN/apps.html b/website/EN/apps.html index 99cedb11..204f9c6c 100644 --- a/website/EN/apps.html +++ b/website/EN/apps.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + @@ -257,9 +257,9 @@ The base install of the system just contains an email server and Mutt client, bu -
-

DLNA

-
+
+

DLNA

+

Enables you to use the system as a music server which any DLNA compatible devices can connect to within your home network.

@@ -269,45 +269,45 @@ Enables you to use the system as a music server which any DLNA compatible device

-
-

Dokuwiki

-
+
+

Dokuwiki

+

A databaseless wiki system.

-
-

Emacs

-
+
+

Emacs

+

If you use the Mutt client to read your email then this will set it up to use emacs for composing new mail.

-
-

Etherpad

-
+
+

Etherpad

+

Collaborate on creating documents in real time. Maybe you're planning a holiday with other family members or creating documentation for a Free Software project along with other volunteers. Etherpad is hard to beat for simplicity and speed. Only users of the system will be able to access it.

-
-

Ghost

-
+
+

Ghost

+

Modern looking blogging system.

-
-

GNU Social

-
+
+

GNU Social

+

Federated social network. You can "remote follow" other users within the GNU Social federation.

@@ -317,9 +317,9 @@ Federated social network. You can "remote follow" other users within the

-
-

Gogs

-
+
+

Gogs

+

Lightweight git project hosting system. You can mirror projects from Github, or if Github turns evil then just host your own projects while retaining the familiar fork-and-pull workflow. If you can use Github then you can also use Gogs.

@@ -329,18 +329,18 @@ Lightweight git project hosting system. You can mirror projects from Github, or

-
-

HTMLy

-
+
+

HTMLy

+

Databaseless blogging system. Quite simple and with a markdown-like format.

-
-

Hubzilla

-
+
+

Hubzilla

+

Web publishing platform with social network like features and good privacy controls so that it's possible to specify who can see which content. Includes photo albums, calendar, wiki and file storage.

@@ -350,9 +350,9 @@ Web publishing platform with social network like features and good privacy contr

-
-

IRC Server (ngirc)

-
+
+

IRC Server (ngirc)

+

Run your own IRC chat channel which can be secured with a password and accessible via an onion address. A bouncer is included so that you can receive messages sent while you were offline. Works with Hexchat and other popular clients.

@@ -362,36 +362,36 @@ Run your own IRC chat channel which can be secured with a password and accessibl

-
-

Jitsi Meet

-
+
+

Jitsi Meet

+

Experimental WebRTC video conferencing system, similar to Google Hangouts. This may not be fully functional, but is hoped to be in the near future.

-
-

Lychee

-
+
+

Lychee

+

Make your photo albums available on the web.

-
-

Mailpile

-
+
+

Mailpile

+

Modern email client which supports GPG encryption.

-
-

Mumble

-
+
+

Mumble

+

The popular VoIP and text chat system. Say goodbye to old-fashioned telephony conferences with silly dial codes. Also works well on mobile.

@@ -401,36 +401,39 @@ The popular VoIP and text chat system. Say goodbye to old-fashioned telephony co

-
-

PI-Hole

-
+
+

PI-Hole

+

The black hole for web adverts. Block adverts at the domain name level within your local network. It can significantly reduce bandwidth, speed up page load times and protect your systems from being tracked by spyware.

-
-
-
-

PostActiv

-
+

+How to use it +

+
+
+
+

PostActiv

+

An alternative federated social networking system compatible with GNU Social. It includes some optimisations and fixes currently not available within the main GNU Social project.

-
-

Radicale

-
+
+

Radicale

+

Calendar system compatible with CalDAV and CardDAV. Manage your calendar events easily across all your devices.

-
-

tt-rss

-
+
+

tt-rss

+

Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via an onion address. Have "the right to read" without the Surveillance State knowing what you're reading. Also available with a user interface suitable for viewing on mobile devices via a browser such as OrFox.

@@ -440,9 +443,9 @@ Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via a

-
-

Syncthing

-
+
+

Syncthing

+

Possibly the best way to synchronise files across all of your devices. Once it has been set up it "just works" with no user intervention needed.

@@ -452,9 +455,9 @@ Possibly the best way to synchronise files across all of your devices. Once it h

-
-

Tox

-
+
+

Tox

+

Client and bootstrap node for the Tox chat/VoIP system.

@@ -464,18 +467,18 @@ Client and bootstrap node for the Tox chat/VoIP system.

-
-

Vim

-
+
+

Vim

+

If you use the Mutt client to read your email then this will set it up to use vim for composing new mail.

-
-

XMPP

-
+
+

XMPP

+

Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as client state notification to save battery power on your mobile devices, support for seamless roaming between networks and message carbons so that you can receive the same messages while being simultaneously logged in to your account on more than one device.

diff --git a/website/EN/usage.html b/website/EN/usage.html index db61a075..6b1449e5 100644 --- a/website/EN/usage.html +++ b/website/EN/usage.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + @@ -255,15 +255,15 @@ for the JavaScript code in this tag. -Readme +Readme -Improving ssh security +Improving ssh security -Administrating the system via an onion address (Tor) +Administrating the system via an onion address (Tor) @@ -315,18 +315,18 @@ for the JavaScript code in this tag. -Adding or removing users +Adding or removing users -Blocking Ads +Blocking Ads -
-

Readme

-
+
+

Readme

+

After the system has installed a README file will be generated which contains passwords and some brief advice on using the installed systems. You can read this with the following commands:

@@ -346,9 +346,9 @@ To exit you can either just close the terminal or use CTRL-x CTRL-c follo

-
-

Improving ssh security

-
+
+

Improving ssh security

+

To improve ssh security you can generate an ssh key pair on your system and then upload the public key to the Freedombone.

@@ -398,9 +398,9 @@ If you wish to only use ssh keys then log in to the Freedombone, become the root
-
-

Administrating the system via an onion address (Tor)

-
+
+

Administrating the system via an onion address (Tor)

+

You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:

@@ -442,9 +442,9 @@ Subsequently even if dynamic DNS isn't working you may still be able to administ

-
-

Adding or removing users

-
+
+

Adding or removing users

+

Log into the system with:

@@ -471,102 +471,6 @@ control
- -
-

Blocking Ads

-
-

-Everyone except for advertisers hates adverts. Not only are they annoying, but they can consume a lot of bandwidth, be a privacy problem in terms of allowing companies to track your browsing habits and also any badly written scripts they contain may introduce exploitable security holes. Also if you're poor then adverts often make you want things that you can't have. -

- -

-You can block ads for any devices connected to your local network by installing the pihole app from Add/Remove Apps on the administrator control panel. This may help to improve overall performance of your devices by not wasting time downloading unwanted images or scripts. -

- -

-Also don't expect perfection. Though many ads may be blocked by this system some will still get through. It's a constant cat and mouse game between advertisers and blockers. -

-
- -
-

Set a static IP address

-
-

-Ensure that your system has a static local IP address (typically 192.168..) using the option on the control panel. You will also need to know the IP address of your internet router, which is usually 192.168.1.1 or 192.168.1.254. -

- -

-When that's done select About this system from the control panel and see the IPv4 address. You can use this as a DNS address in two ways: -

-
-
- -
-

On each client system within your local network

-
-
-
sudo chattr -i /etc/resolv.conf
-sudo nano /etc/resolv.conf
-
-
- -

-Comment out any existing entries with a # character and add: -

- -
-
nameserver [IPv4 address from the About screen]
-
-
- -

-Normally resolv.conf will be overwritten every time your reboot, but you can prevent this with: -

- -
-
sudo chattr +i /etc/resolv.conf
-
-
-
-
- -
-

On your internet router

-
-

-If you can access the settings on your local internet router then this is the simplest way to provide ad blocking for all devices which connect to it. Unfortunately some router models don't let you edit the DNS settings and if that's the case you might want to consider getting a different router. -

- -

-Edit the DNS settings and add the IPv4 address which you got from the control panel About screen. Exactly how you do this will just depend upon your particular router model. You may also need to set the same address twice, because two addresses are conventional. -

-
- -
-

LibreCMC

-
-

-On a router running LibreCMC from the Network menu select DHCP and DNS. Enter the static IP address of your Freedombone system within DNS Forwardings, then at the bottom of the page click on Save & Apply. Any devices which connect to your router will now have ad blocking. -

-
-
-
- -
-

Configuring block lists

-
-

-You can configure the block lists which the system uses by going to the administrator control panel, selecting App Settings then choosing pihole. You can also add any extra domain names to the whitelist if they're being wrongly blocked or to the blacklist if they're not blocked by the current lists. -

- - - -
-Return to the home page -
-
-
-