This commit is contained in:
Bob Mottram 2018-04-20 13:18:49 +01:00
commit 07e91fa26c
13 changed files with 182 additions and 296 deletions

View File

@ -32,7 +32,7 @@ Using cursor keys, space bar and Enter key select *Administrator controls* and t
Select *Add/Remove Apps* then *pleroma*. You will then be asked for a domain name and if you are using FreeDNS also the code for the domain which can be found under *Dynamic DNS* on the FreeDNS site (the random string from "/quick cron example/" which appears after /update.php?/ and before />>/). For more details on obtaining a domain and making it accessible via dynamic DNS see the [[./faq.html][FAQ]]. Typically the domain name you use will be a subdomain, such as /pleroma.mydomainname.net/. It will need to be a domain which you have bought somewhere and own and not one of the FreeDNS subdomains, otherwise you won't be able to get a SSL/TLS certificate for it.
* Initial setup
The first thing you'll need to do is register a new account. You can set your profile details and profile image by selecting the small settings icon to the right of your name.
The first thing you'll need to do is to obtain your login details. From the *administrator control panel* select *security settings* then *passwords* then *pleroma*. This gives the password you will need to log in, together with the username you gave during installation of the Freedombone system.
Once you have done that then you can disable further registrations from the *Administrator control panel* by going to *App Settings* then *pleroma* then *Disable new account registrations*. This may take a while because the app gets recompiled afterwards.

View File

@ -655,11 +655,11 @@ function install_gogs {
echo $'No Tor installation found. Gogs onion site cannot be configured.'
exit 877367
fi
if ! grep -q "hidden_service_gogs" /etc/tor/torrc; then
if ! grep -q "hidden_service_gogs" $ONION_SERVICES_FILE; then
{ echo 'HiddenServiceDir /var/lib/tor/hidden_service_gogs/';
echo 'HiddenServiceVersion 3';
echo "HiddenServicePort 80 127.0.0.1:${GIT_ONION_PORT}";
echo "HiddenServicePort 9418 127.0.0.1:9418"; } >> /etc/tor/torrc
echo "HiddenServicePort 9418 127.0.0.1:9418"; } >> $ONION_SERVICES_FILE
echo $'Added onion site for Gogs'
fi

View File

@ -656,12 +656,12 @@ function install_keyserver {
chown debian-sks: $sksconf_file
if ! grep -q "hidden_service_sks" /etc/tor/torrc; then
if ! grep -q "hidden_service_sks" $ONION_SERVICES_FILE; then
{ echo 'HiddenServiceDir /var/lib/tor/hidden_service_sks/';
echo 'HiddenServiceVersion 3';
echo "HiddenServicePort 11370 127.0.0.1:11370";
echo "HiddenServicePort 11373 127.0.0.1:11371";
echo "HiddenServicePort 11372 127.0.0.1:11372"; } >> /etc/tor/torrc
echo "HiddenServicePort 11372 127.0.0.1:11372"; } >> $ONION_SERVICES_FILE
echo $'Added onion site for sks'
fi

View File

@ -702,7 +702,7 @@ function install_home_server {
#MATRIX_ONION_HOSTNAME=$(add_onion_service matrix ${MATRIX_PORT} ${MATRIX_ONION_PORT})
add_onion_service matrix ${MATRIX_PORT} ${MATRIX_ONION_PORT}
echo "HiddenServicePort ${MATRIX_HTTP_PORT} 127.0.0.1:${MATRIX_FEDERATION_ONION_PORT}" >> /etc/tor/torrc
echo "HiddenServicePort ${MATRIX_HTTP_PORT} 127.0.0.1:${MATRIX_FEDERATION_ONION_PORT}" >> $ONION_SERVICES_FILE
systemctl restart tor
if [ ! "${MATRIX_PASSWORD}" ]; then

View File

@ -608,7 +608,7 @@ function remove_xmpp {
function_check remove_onion_service
remove_onion_service xmpp 5222 5223 5269
sed -i '/HiddenServiceVersion 2/d' /etc/tor/torrc
sed -i '/HiddenServiceVersion 2/d' $ONION_SERVICES_FILE
apt-mark -q unhold prosody
apt-get -yq remove --purge prosody
@ -1079,11 +1079,11 @@ function install_xmpp {
echo $'No Tor installation found. xmpp onion site cannot be configured.'
exit 877367
fi
if ! grep -q "hidden_service_xmpp" /etc/tor/torrc; then
if ! grep -q "hidden_service_xmpp" $ONION_SERVICES_FILE; then
{ echo 'HiddenServiceDir /var/lib/tor/hidden_service_xmpp/';
echo 'HiddenServiceVersion 2';
echo "HiddenServicePort 5222 127.0.0.1:5222";
echo "HiddenServicePort 5269 127.0.0.1:5269"; } >> /etc/tor/torrc
echo "HiddenServicePort 5269 127.0.0.1:5269"; } >> $ONION_SERVICES_FILE
echo $'Added onion site for xmpp chat'
fi

View File

@ -224,12 +224,12 @@ function email_create_template {
function create_email_onion_address {
email_hostname='/var/lib/tor/hidden_service_email/hostname'
if ! grep -q "hidden_service_email" /etc/tor/torrc; then
if ! grep -q "hidden_service_email" $ONION_SERVICES_FILE; then
{ echo 'HiddenServiceDir /var/lib/tor/hidden_service_email/';
echo 'HiddenServiceVersion 3';
echo 'HiddenServicePort 25 127.0.0.1:25';
echo 'HiddenServicePort 587 127.0.0.1:587';
echo 'HiddenServicePort 465 127.0.0.1:465'; } >> /etc/tor/torrc
echo 'HiddenServicePort 465 127.0.0.1:465'; } >> $ONION_SERVICES_FILE
function_check onion_update
onion_update
@ -320,26 +320,9 @@ function configure_email_onion {
echo " hosts_avoid_tls = *";
echo " socks_proxy = 127.0.0.1 port=9050"; } > /etc/exim4/conf.d/transport/050_exim4-config_onion_relay
if ! grep -q "AutomapHostsOnResolve" /etc/tor/torrc; then
echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc
else
sed -i 's|#AutomapHostsOnResolve.*|AutomapHostsOnResolve 1|g' /etc/tor/torrc
sed -i 's|AutomapHostsOnResolve.*|AutomapHostsOnResolve 1|g' /etc/tor/torrc
fi
if ! grep -q "DNSPort " /etc/tor/torrc; then
echo 'DNSPort 5300' >> /etc/tor/torrc
else
sed -i 's|#DNSPort .*|DNSPort 5300|g' /etc/tor/torrc
sed -i 's|DNSPort .*|DNSPort 5300|g' /etc/tor/torrc
fi
if ! grep -q "DNSListenAddress" /etc/tor/torrc; then
echo 'DNSListenAddress 127.0.0.1' >> /etc/tor/torrc
else
sed -i 's|#DNSListenAddress.*|DNSListenAddress 127.0.0.1|g' /etc/tor/torrc
sed -i 's|DNSListenAddress.*|DNSListenAddress 127.0.0.1|g' /etc/tor/torrc
fi
{ echo 'DNSPort 5300';
echo 'DNSListenAddress 127.0.0.1';
echo 'AutomapHostsOnResolve 1'; } > /etc/torrc.d/dns
update-exim4.conf.template -r
update-exim4.conf

View File

@ -362,19 +362,6 @@ function show_tahoelafs {
echo ''
}
function show_ip_addresses {
echo $'IP/DNS addresses'
echo '================'
echo ''
echo -n "IPv4: $(get_ipv4_address)/$(get_external_ipv4_address)"
ipv6_address="$(get_ipv6_address)"
if [ ${#ipv6_address} -gt 0 ]; then
echo " IPv6: ${ipv6_address}"
fi
echo ''
echo ''
}
function show_ssh_public_key {
echo $'SSH Public Keys'
echo '==============='
@ -391,7 +378,6 @@ function show_about {
#clear
#echo "==== ${PROJECT_NAME} version ${VERSION} ($DEBIAN_VERSION) ===="
#echo ''
#show_ip_addresses
#show_ssh_public_key
show_domains
#show_users

View File

@ -92,8 +92,10 @@ function turn_logging_off {
function turn_off_rsys_logging {
if ! grep -q '/var/log/auth.log' /etc/rsyslog.conf; then
if ! grep -q '/var/log/kern.log' /etc/rsyslog.conf; then
return
fi
fi
sed -i 's|mail,news.none.*|mail,news.none /dev/null|g' /etc/rsyslog.conf
sed -i 's|auth,authpriv.\*.*|auth,authpriv.\* /dev/null|g' /etc/rsyslog.conf
sed -i 's|mail.info.*|mail.info /dev/null|g' /etc/rsyslog.conf
@ -102,6 +104,7 @@ function turn_off_rsys_logging {
sed -i 's|daemon.\*.*|daemon.\* /dev/null|g' /etc/rsyslog.conf
sed -i 's|mail.\*.*|mail.\* /dev/null|g' /etc/rsyslog.conf
sed -i 's|user.\*.*|user.\* /dev/null|g' /etc/rsyslog.conf
sed -i 's|kern.\*.*|kern.\* /dev/null|g' /etc/rsyslog.conf
sed -i 's|news.none;mail.none.*|news.none;mail.none /dev/null|g' /etc/rsyslog.conf
sed -i 's|\*.\*;auth,authpriv.none.*|\*.\*;auth,authpriv.none /dev/null|g' /etc/rsyslog.conf
sed -i 's|#cron.\*|cron.\*|g' /etc/rsyslog.conf
@ -114,6 +117,10 @@ function turn_off_rsys_logging {
$REMOVE_FILES_COMMAND /var/log/daemon.*
$REMOVE_FILES_COMMAND /var/log/user.*
$REMOVE_FILES_COMMAND /var/log/messages*
$REMOVE_FILES_COMMAND /var/log/syslog*
$REMOVE_FILES_COMMAND /var/log/alternatives*
$REMOVE_FILES_COMMAND /var/log/faillog
$REMOVE_FILES_COMMAND /var/log/kern.log*
}
function turn_on_rsys_logging {
@ -128,6 +135,7 @@ function turn_on_rsys_logging {
sed -i 's|daemon.\*.*|daemon.\* -/var/log/daemon.log|g' /etc/rsyslog.conf
sed -i 's|mail.\*.*|mail.\* -/var/log/mail.log|g' /etc/rsyslog.conf
sed -i 's|user.\*.*|user.\* -/var/log/user.log|g' /etc/rsyslog.conf
sed -i 's|kern.\*.*|kern.\* -/var/log/kern.log|g' /etc/rsyslog.conf
sed -i 's|news.none;mail.none.*|news.none;mail.none -/var/log/debug|g' /etc/rsyslog.conf
sed -i 's|\*.\*;auth,authpriv.none.*|\*.\*;auth,authpriv.none -/var/log/syslog|g' /etc/rsyslog.conf
sed -i 's|#cron.\*|cron.\*|g' /etc/rsyslog.conf
@ -150,8 +158,7 @@ if [[ "$1" == "on" || "$1" == "On" || "$1" == "ON" ]]; then
touch /var/log/tor/notices.log
chown debian-tor:adm /var/log/tor/notices.log
fi
sed -i 's|#Log notice file.*|Log notice file /var/log/tor/notices.log|g' /etc/tor/torrc
sed -i 's|Log notice file.*|Log notice file /var/log/tor/notices.log|g' /etc/tor/torrc
echo 'Log notice file /var/log/tor/notices.log' > /etc/torrc.d/logging
fi
if [ -f /etc/php/7.0/fpm/php-fpm.conf ]; then
sed -i 's|error_log =.*|error_log = /var/log/php-fpm.log|g' /etc/php/7.0/fpm/php-fpm.conf
@ -193,12 +200,12 @@ if [[ "$1" == "on" || "$1" == "On" || "$1" == "ON" ]]; then
fi
fi
turn_on_rsys_logging
turn_on_postgresql_logging
else
turn_logging_off
if [ -d /etc/tor ]; then
sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
echo 'Log notice file /dev/null' > /etc/torrc.d/logging
rm /var/log/tor/*
fi
if [ -d /var/log/radicale ]; then
@ -250,6 +257,7 @@ else
fi
fi
turn_off_rsys_logging
turn_off_postgresql_logging
fi
if [ -d /etc/exim4 ]; then
@ -295,5 +303,8 @@ fi
if [ -d /etc/matrix ]; then
systemctl restart matrix
fi
if [ -d /etc/postgresql ]; then
systemctl restart postgresql
fi
exit 0

View File

@ -95,6 +95,7 @@ if [ -d "$PROJECT_DIR" ]; then
fi
#rebuild_exim_with_socks
torrc_migrate
nodejs_upgrade
apt-get -yq -t stretch-backports install certbot
email_install_tls

View File

@ -31,6 +31,47 @@ TOR_MAX_TRAFFIC_PER_MONTH_GB=10
USE_V2_ONION_ADDRESS=
HIDDEN_SERVICE_PATH='/var/lib/tor/hidden_service_'
ONION_SERVICES_FILE=/etc/torrc.d/${PROJECT_NAME}
function torrc_migrate {
if [ -f $ONION_SERVICES_FILE ]; then
if grep -q "#%include /etc/torrc.d" /etc/tor/torrc; then
sed -i 's|#%include /etc/torrc.d|%include /etc/torrc.d|g' /etc/tor/torrc
systemctl restart tor
fi
return
fi
systemctl stop tor
mkdir /etc/torrc.d
grep "HiddenServiceDir\\|HiddenServiceVersion\\|HiddenServicePort" /etc/tor/torrc | grep -v "#HiddenServiceDir" >> $ONION_SERVICES_FILE
if ! grep "HiddenServiceVersion" $ONION_SERVICES_FILE; then
systemctl restart tor
return
fi
if grep -q "#%include /etc/torrc.d" /etc/tor/torrc; then
sed -i 's|#%include /etc/torrc.d|%include /etc/torrc.d|g' /etc/tor/torrc
else
echo "%include /etc/torrc.d" >> /etc/tor/torrc
fi
{ echo 'DNSPort 5300';
echo 'DNSListenAddress 127.0.0.1';
echo 'AutomapHostsOnResolve 1'; } > /etc/torrc.d/dns
sed -i '/DNSPort 5300/d' /etc/tor/torrc
sed -i '/DNSListenAddress 127.0.0./d' /etc/tor/torrc
sed -i '/AutomapHostsOnResolve 1/d' /etc/tor/torrc
sed -i '/HiddenServiceDir/d' /etc/tor/torrc
sed -i '/HiddenServiceVersion/d' /etc/tor/torrc
sed -i '/HiddenServicePort/d' /etc/tor/torrc
systemctl restart tor
}
function add_email_hostname {
extra_email_hostname="$1"
@ -80,17 +121,17 @@ function remove_onion_service {
nick="$3"
if [ ${#nick} -gt 0 ]; then
sed -i "/stealth ${nick}/d" /etc/tor/torrc
sed -i "/stealth ${nick}/d" $ONION_SERVICES_FILE
fi
sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
sed -i "/hidden_service_${onion_service_name}/,+1 d" $ONION_SERVICES_FILE
sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" $ONION_SERVICES_FILE
sed -i "/127.0.0.1:${onion_service_port_to}/d" $ONION_SERVICES_FILE
if [ "$3" ]; then
sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
sed -i "/127.0.0.1:${3}/d" $ONION_SERVICES_FILE
if [ "$4" ]; then
sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
sed -i "/127.0.0.1:${4}/d" $ONION_SERVICES_FILE
if [ "$5" ]; then
sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
sed -i "/127.0.0.1:${5}/d" $ONION_SERVICES_FILE
fi
fi
fi
@ -123,16 +164,16 @@ function add_onion_service {
USE_V2_ONION_ADDRESS=
exit 877367
fi
if ! grep -q "hidden_service_${onion_service_name}" /etc/tor/torrc; then
echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}${onion_service_name}/" >> /etc/tor/torrc
if ! grep -q "hidden_service_${onion_service_name}" $ONION_SERVICES_FILE; then
echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}${onion_service_name}/" >> $ONION_SERVICES_FILE
if [ ! $USE_V2_ONION_ADDRESS ]; then
echo 'HiddenServiceVersion 3' >> /etc/tor/torrc
echo 'HiddenServiceVersion 3' >> $ONION_SERVICES_FILE
else
echo 'HiddenServiceVersion 2' >> /etc/tor/torrc
echo 'HiddenServiceVersion 2' >> $ONION_SERVICES_FILE
fi
echo "HiddenServicePort ${onion_service_port_from} 127.0.0.1:${onion_service_port_to}" >> /etc/tor/torrc
echo "HiddenServicePort ${onion_service_port_from} 127.0.0.1:${onion_service_port_to}" >> $ONION_SERVICES_FILE
if [ ${#onion_stealth_name} -gt 0 ]; then
echo "HiddenServiceAuthorizeClient stealth ${onion_stealth_name}" >> /etc/tor/torrc
echo "HiddenServiceAuthorizeClient stealth ${onion_stealth_name}" >> $ONION_SERVICES_FILE
fi
fi
@ -287,44 +328,16 @@ function install_tor {
# For torify
apt-get -yq install torsocks
# turn off logging
sed -i 's|#Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
sed -i 's|Log notice file.*|Log notice file /dev/null|g' /etc/tor/torrc
# Restrict traffic
sed -i "s|#AccountingMax.*|AccountingMax $TOR_MAX_TRAFFIC_PER_MONTH_GB GBytes|g" /etc/tor/torrc
sed -i "s|AccountingMax.*|AccountingMax $TOR_MAX_TRAFFIC_PER_MONTH_GB GBytes|g" /etc/tor/torrc
mark_completed "${FUNCNAME[0]}"
}
function resolve_dns_via_tor {
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
if [ ! -d /etc/torrc.d ]; then
mkdir /etc/torrc.d
fi
if [[ $(is_completed "${FUNCNAME[0]}") == "1" ]]; then
return
fi
if [ ! -f /etc/tor/torrc ]; then
echo $'tor was not installed'
exit 52952
sed -i 's|#%include /etc/torrc.d|%include /etc/torrc.d|g' /etc/tor/torrc
if ! grep -q '%include /etc/torrc.d' /etc/tor/torrc; then
echo '%include /etc/torrc.d' >> /etc/tor/torrc
fi
# resolve DNS via tor
if ! grep -q 'DNSPort 53' /etc/tor/torrc; then
{ echo 'DNSPort 53';
echo 'AutomapHostsOnResolve 1';
echo 'AutomapHostsSuffixes .exit,.onion'; } >> /etc/tor/torrc
onion_update
fi
# don't change resolv.conf
sed -i 's|, domain-name-servers||g' /etc/dhcp/dhclient.conf
# point resolv.conf to tor
resolvconf=/etc/resolvconf/resolv.conf.d/head
echo 'nameserver 127.0.0.1:53' > $resolvconf
resolvconf -u
echo 'Log notice file /dev/null' > /etc/torrc.d/logging
echo "AccountingMax $TOR_MAX_TRAFFIC_PER_MONTH_GB GBytes" > /etc/torrc.d/maxtraffic
mark_completed "${FUNCNAME[0]}"
}
@ -465,24 +478,14 @@ function tor_add_bridge {
apt-get -yq install obfs4proxy
if grep -q "ClientTransportPlugin" /etc/tor/torrc; then
sed -i 's|#ClientTransportPlugin|ClientTransportPlugin|g' /etc/tor/torrc
sed -i 's|# ClientTransportPlugin|ClientTransportPlugin|g' /etc/tor/torrc
sed -i 's|ClientTransportPlugin.*|ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed|g' /etc/tor/torrc
if [ ! -f /etc/torrc.d/bridges ]; then
{ echo 'ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed';
echo 'UseBridges 1';
echo "Bridge $bridge_type ${bridge_ip_address}:${bridge_port} ${bridge_key}"; } > /etc/torrc.d/bridges
else
echo 'ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed' >> /etc/tor/torrc
if ! grep -q "Bridge $bridge_type ${bridge_ip_address}:${bridge_port} ${bridge_key}" /etc/torrc.d/bridges; then
echo "Bridge $bridge_type ${bridge_ip_address}:${bridge_port} ${bridge_key}" >> /etc/torrc.d/bridges
fi
if grep -q "UseBridges" /etc/tor/torrc; then
sed -i 's|#UseBridges|UseBridges|g' /etc/tor/torrc
sed -i 's|# UseBridges|UseBridges|g' /etc/tor/torrc
sed -i 's|UseBridges.*|UseBridges 1|g' /etc/tor/torrc
else
echo 'UseBridges 1' >> /etc/tor/torrc
fi
bridge_str="Bridge $bridge_type ${bridge_ip_address}:${bridge_port} ${bridge_key}"
if ! grep -q "${bridge_str}" /etc/tor/torrc; then
sed -i "/UseBridges/a ${bridge_str}" >> /etc/tor/torrc
fi
systemctl restart tor
@ -495,24 +498,19 @@ function tor_remove_bridge {
if [[ "$bridge_ip_address" == *"."* ]]; then
bridge_str="Bridge $bridge_type ${bridge_ip_address}"
else
if grep -q " ${bridge_ip_address}" /etc/tor/torrc; then
if grep -q " ${bridge_ip_address}" /etc/torrc.d/bridges; then
bridge_str=" ${bridge_ip_address}"
else
return
fi
fi
if grep -q "${bridge_str}" /etc/tor/torrc; then
sed -i "/${bridge_str}/d" /etc/tor/torrc
if grep -q "${bridge_str}" /etc/torrc.d/bridges; then
sed -i "/${bridge_str}/d" /etc/torrc.d/bridges
fi
# If there are no bridges remaining then remove UseBridges
if ! grep -q "Bridge " /etc/tor/torrc; then
if ! grep -q "#UseBridges" /etc/tor/torrc; then
sed -i 's|UseBridges|#UseBridges|g' /etc/tor/torrc
fi
if ! grep -q "#ClientTransportPlugin" /etc/tor/torrc; then
sed -i 's|ClientTransportPlugin|#ClientTransportPlugin|g' /etc/tor/torrc
fi
# If there are no bridges remaining then remove the file
if ! grep -q "Bridge " /etc/torrc.d/bridges; then
rm /etc/torrc.d/bridges
fi
systemctl restart tor
@ -521,6 +519,8 @@ function tor_remove_bridge {
function tor_create_bridge_relay {
read_config_param 'TOR_BRIDGE_PORT'
read_config_param 'TOR_BRIDGE_NICKNAME'
read_config_param 'MY_EMAIL_ADDRESS'
if [ ! "$TOR_BRIDGE_PORT" ]; then
return
fi
@ -533,47 +533,25 @@ function tor_create_bridge_relay {
apt-get -yq install obfs4proxy
sed -i 's|#BridgeRelay.*|BridgeRelay 1|g' /etc/tor/torrc
sed -i 's|BridgeRelay.*|BridgeRelay 1|g' /etc/tor/torrc
sed -i 's|#ServerTransportPlugin.*|ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy|g' /etc/tor/torrc
sed -i 's|ServerTransportPlugin.*|ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy|g' /etc/tor/torrc
{ echo 'BridgeRelay 1';
echo 'ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy';
echo "ExtORPort $TOR_BRIDGE_PORT";
echo "ContactInfo $MY_EMAIL_ADDRESS";
echo "Nickname $TOR_BRIDGE_NICKNAME"; } > /etc/torrc.d/bridgerelay
if ! grep -q 'ExtORPort ' /etc/tor/torrc; then
echo "ExtORPort $TOR_BRIDGE_PORT" >> /etc/tor/torrc
else
sed -i "s|#ExtORPort .*|ExtORPort $TOR_BRIDGE_PORT|g" /etc/tor/torrc
sed -i "s|ExtORPort .*|ExtORPort $TOR_BRIDGE_PORT|g" /etc/tor/torrc
fi
read_config_param 'MY_EMAIL_ADDRESS'
sed -i "s|#ContactInfo.*|ContactInfo $MY_EMAIL_ADDRESS|g" /etc/tor/torrc
if [ "$TOR_BRIDGE_NICKNAME" ]; then
sed -i "s|#Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
sed -i "s|Nickname.*|Nickname $TOR_BRIDGE_NICKNAME|g" /etc/tor/torrc
fi
firewall_add tor_bridge "$TOR_BRIDGE_PORT" tcp
systemctl restart tor
}
function tor_remove_bridge_relay {
if ! grep -q '#BridgeRelay ' /etc/tor/torrc; then
sed -i 's|BridgeRelay |#BridgeRelay |g' /etc/tor/torrc
fi
if ! grep -q '#ServerTransportPlugin ' /etc/tor/torrc; then
sed -i 's|ServerTransportPlugin |#ServerTransportPlugin |g' /etc/tor/torrc
fi
if ! grep -q '#ExtORPort ' /etc/tor/torrc; then
sed -i 's|ExtORPort |#ExtORPort |g' /etc/tor/torrc
fi
if ! grep -q '#ContactInfo ' /etc/tor/torrc; then
sed -i "s|ContactInfo |#ContactInfo |g" /etc/tor/torrc
fi
if ! grep -q '#Nickname ' /etc/tor/torrc; then
sed -i "s|Nickname |#Nickname |g" /etc/tor/torrc
if [ -f /etc/torrc.d/bridgerelay ]; then
rm /etc/torrc.d/bridgerelay
fi
read_config_param 'TOR_BRIDGE_PORT'
firewall_remove "$TOR_BRIDGE_PORT" tcp
systemctl restart tor
}

View File

@ -29,6 +29,26 @@
# Set this when calling backup and restore commands
USE_POSTGRESQL=
POSTGRESQL_PACKAGES='postgresql-9.6 postgresql-contrib-9.6 postgresql-client'
POSTGRESQL_VERSION=9.6
function turn_off_postgresql_logging {
if [ ! -f /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf ]; then
return
fi
sed -i 's|#log_destination|log_destination|g' /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf
sed -i "s|log_destination.*|log_destination = 'syslog'|g" /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf
if [ -d /var/log/postgresql ]; then
$REMOVE_FILES_COMMAND /var/log/postgresql/*
fi
}
function turn_on_postgresql_logging {
if [ ! -f /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf ]; then
return
fi
sed -i 's|log_destination|#log_destination|g' /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf
sed -i "s|log_destination.*|log_destination = 'stderr'|g" /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf
}
function store_original_postgresql_password {
if [ ! -f /root/.postgresqloriginal ]; then

View File

@ -903,9 +903,6 @@ function setup_utils {
function_check install_tor
install_tor
#function_check resolve_dns_via_tor
#resolve_dns_via_tor
function_check install_command_line_browser
install_command_line_browser

View File

@ -3,33 +3,26 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2018-04-14 Sat 22:26 -->
<title></title>
<!-- 2018-04-18 Wed 15:48 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>&lrm;</title>
<meta name="generator" content="Org mode" />
<meta name="generator" content="Org-mode" />
<meta name="author" content="Bob Mottram" />
<meta name="description" content="How to use Pleroma"
/>
<meta name="keywords" content="freedombone, pleroma" />
<style type="text/css">
<!--/*--><![CDATA[/*><!--*/
.title { text-align: center;
margin-bottom: .2em; }
.subtitle { text-align: center;
font-size: medium;
font-weight: bold;
margin-top:0; }
.title { text-align: center; }
.todo { font-family: monospace; color: red; }
.done { font-family: monospace; color: green; }
.priority { font-family: monospace; color: orange; }
.done { color: green; }
.tag { background-color: #eee; font-family: monospace;
padding: 2px; font-size: 80%; font-weight: normal; }
.timestamp { color: #bebebe; }
.timestamp-kwd { color: #5f9ea0; }
.org-right { margin-left: auto; margin-right: 0px; text-align: right; }
.org-left { margin-left: 0px; margin-right: auto; text-align: left; }
.org-center { margin-left: auto; margin-right: auto; text-align: center; }
.right { margin-left: auto; margin-right: 0px; text-align: right; }
.left { margin-left: 0px; margin-right: auto; text-align: left; }
.center { margin-left: auto; margin-right: auto; text-align: center; }
.underline { text-decoration: underline; }
#postamble p, #preamble p { font-size: 90%; margin: .2em; }
p.verse { margin-left: 3%; }
@ -56,111 +49,27 @@
border: 1px solid black;
}
pre.src:hover:before { display: inline;}
/* Languages per Org manual */
pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-sh:before { content: 'sh'; }
pre.src-bash:before { content: 'sh'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-fortran:before { content: 'Fortran'; }
pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-haskell:before { content: 'Haskell'; }
pre.src-hledger:before { content: 'hledger'; }
pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-lua:before { content: 'Lua'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
pre.src-java:before { content: 'Java'; }
pre.src-sql:before { content: 'SQL'; }
table { border-collapse:collapse; }
caption.t-above { caption-side: top; }
caption.t-bottom { caption-side: bottom; }
td, th { vertical-align:top; }
th.org-right { text-align: center; }
th.org-left { text-align: center; }
th.org-center { text-align: center; }
td.org-right { text-align: right; }
td.org-left { text-align: left; }
td.org-center { text-align: center; }
th.right { text-align: center; }
th.left { text-align: center; }
th.center { text-align: center; }
td.right { text-align: right; }
td.left { text-align: left; }
td.center { text-align: center; }
dt { font-weight: bold; }
.footpara { display: inline; }
.footpara:nth-child(2) { display: inline; }
.footpara { display: block; }
.footdef { margin-bottom: 1em; }
.figure { padding: 1em; }
.figure p { text-align: center; }
@ -180,7 +89,6 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="freedombone.css" />
@ -189,7 +97,7 @@
@licstart The following is the entire license notice for the
JavaScript code in this tag.
Copyright (C) 2012-2017 Free Software Foundation, Inc.
Copyright (C) 2012-2013 Free Software Foundation, Inc.
The JavaScript code in this tag is free software: you can
redistribute it and/or modify it under the terms of the GNU
@ -236,6 +144,7 @@ for the JavaScript code in this tag.
<a name="top" id="top"></a>
</div>
<div id="content">
<h1 class="title"></h1>
<div class="figure">
<p><img src="images/logo.png" alt="logo.png" width="80%" height="10%" align="center" />
@ -262,14 +171,15 @@ Some general advice about life in the fediverse <a href="./fediverse.html">can b
</p>
</div>
<div id="outline-container-org0daf1b1" class="outline-2">
<h2 id="org0daf1b1">Installation</h2>
<div class="outline-text-2" id="text-org0daf1b1">
<div id="outline-container-sec-1" class="outline-2">
<h2 id="sec-1">Installation</h2>
<div class="outline-text-2" id="text-1">
<p>
Log into your system with:
</p>
<div class="org-src-container">
<pre class="src src-bash">ssh myusername@mydomain -p 2222
</pre>
</div>
@ -284,11 +194,11 @@ Select <b>Add/Remove Apps</b> then <b>pleroma</b>. You will then be asked for a
</div>
</div>
<div id="outline-container-org79fb756" class="outline-2">
<h2 id="org79fb756">Initial setup</h2>
<div class="outline-text-2" id="text-org79fb756">
<div id="outline-container-sec-2" class="outline-2">
<h2 id="sec-2">Initial setup</h2>
<div class="outline-text-2" id="text-2">
<p>
The first thing you'll need to do is register a new account. You can set your profile details and profile image by selecting the small settings icon to the right of your name.
The first thing you'll need to do is to obtain your login details. From the <b>administrator control panel</b> select <b>security settings</b> then <b>passwords</b> then <b>pleroma</b>. This gives the password you will need to log in, together with the username you gave during installation of the Freedombone system.
</p>
<p>
@ -297,9 +207,9 @@ Once you have done that then you can disable further registrations from the <b>A
</div>
</div>
<div id="outline-container-org260dfa9" class="outline-2">
<h2 id="org260dfa9">Mastodon user interface</h2>
<div class="outline-text-2" id="text-org260dfa9">
<div id="outline-container-sec-3" class="outline-2">
<h2 id="sec-3">Mastodon user interface</h2>
<div class="outline-text-2" id="text-3">
<p>
If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once you have registered an account navigate to <b>/yourpleromadomainname/web</b> and log in.
</p>
@ -312,9 +222,9 @@ If you prefer a Tweetdeck-style user interface, similar to Mastodon, then once y
</div>
</div>
<div id="outline-container-org2c42cb3" class="outline-2">
<h2 id="org2c42cb3">Mobile apps</h2>
<div class="outline-text-2" id="text-org2c42cb3">
<div id="outline-container-sec-4" class="outline-2">
<h2 id="sec-4">Mobile apps</h2>
<div class="outline-text-2" id="text-4">
<p>
It's also possible to use Mastodon apps together with Pleroma, such as Tusky, since it supports the Mastodon API. You may need to install <b>IcecatMobile</b> and set it as your default browser (under <b>Settings/Apps/Menu</b>) in order for the initial oauth registration process to work.
</p>
@ -327,9 +237,9 @@ It's also possible to use Mastodon apps together with Pleroma, such as Tusky, si
</div>
</div>
<div id="outline-container-org07c16bd" class="outline-2">
<h2 id="org07c16bd">Blocking controls</h2>
<div class="outline-text-2" id="text-org07c16bd">
<div id="outline-container-sec-5" class="outline-2">
<h2 id="sec-5">Blocking controls</h2>
<div class="outline-text-2" id="text-5">
<div class="figure">
<p><img src="images/controlpanel/control_panel_blocking.jpg" alt="control_panel_blocking.jpg" width="80%" align="center" />