diff --git a/code-of-conduct.md b/code-of-conduct.md index 07f32b60..016e04f2 100644 --- a/code-of-conduct.md +++ b/code-of-conduct.md @@ -32,4 +32,4 @@ While this code of conduct should be adhered to by participants, we recognize th Serious or persistent offenders will be kicked from chat rooms and any of their subsequent patches will be unlikely to be upstreamed. In this context "serious" means that someone is causing others to feel unsafe or be unable to contribute, for whatever reason. -This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG/OpenPGP if you can, or XMPP with OTR/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response. +This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response. diff --git a/doc/EN/app_gnusocial.org b/doc/EN/app_gnusocial.org index 7cf1fefa..3e355064 100644 --- a/doc/EN/app_gnusocial.org +++ b/doc/EN/app_gnusocial.org @@ -20,7 +20,7 @@ GNU Social is typically referred to as a microblogging system, although with a m You can host your own GNU Social instance and then "/remote follow/" other users who may also be doing the same. With a federated structure this type of system is hard to censor or ban. Unlike Twitter, there are no bribed adverts pushed into your stream, and any trends happening are likely to be real rather than being manipulated by some opaque algorithm. -You should regard anything posted to GNU Social as being /public communication/ visible to anyone on the internet. There is a direct messaging capability between users but it's not particularly secure, so for one-to-one messages stick to better methods, such as XMPP with OTR/OMEMO or Tox. +You should regard anything posted to GNU Social as being /public communication/ visible to anyone on the internet. There is a direct messaging capability between users but it's not particularly secure, so for one-to-one messages stick to better methods, such as XMPP with OpenPGP/OMEMO or Tox. Some general advice about life in the fediverse [[./fediverse.html][can be found here]]. diff --git a/doc/EN/backups.org b/doc/EN/backups.org index 078dcd29..640fb201 100644 --- a/doc/EN/backups.org +++ b/doc/EN/backups.org @@ -68,7 +68,7 @@ Enter the LUKS password for the USB drive. When the restore is complete you can * Distributed/remote backups Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised. -Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the *adduser * command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OTR. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you. +Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the *adduser * command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OpenPGP/OMEMO. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you. #+BEGIN_SRC bash ssh username@domainname -p 2222 diff --git a/doc/EN/codeofconduct.org b/doc/EN/codeofconduct.org index 95e96f48..68397380 100644 --- a/doc/EN/codeofconduct.org +++ b/doc/EN/codeofconduct.org @@ -46,4 +46,4 @@ While this code of conduct should be adhered to by participants, we recognize th Serious or persistent offenders will be kicked from chat rooms and any of their subsequent patches will be unlikely to be upstreamed. In this context "serious" means that someone is causing others to feel unsafe or be unable to contribute, for whatever reason. -This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG/OpenPGP if you can, or XMPP with OTR/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response. +This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response. diff --git a/doc/EN/support.org b/doc/EN/support.org index 002884ff..a8f8a514 100644 --- a/doc/EN/support.org +++ b/doc/EN/support.org @@ -24,7 +24,7 @@ This site can also be accessed via a Tor browser at *http://yjxlc3imv7obva4grjae *PGP/GPG Fingerprint:* 9ABB82C00ABF39F82680487DCC2536191FA7C33F -*XMPP:* bob@freedombone.net with OMEMO or OTR +*XMPP:* bob@freedombone.net with OMEMO or OpenPGP *Matrix:* #fbone:matrix.freedombone.net diff --git a/src/freedombone-addsipuser b/src/freedombone-addsipuser deleted file mode 100755 index c8969d59..00000000 --- a/src/freedombone-addsipuser +++ /dev/null @@ -1,169 +0,0 @@ -#!/bin/bash -# -# .---. . . -# | | | -# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. -# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' -# ' ' --' --' -' - -' ' ' -' -' -' ' - --' -# -# Freedom in the Cloud -# - -# Adds a SIP phone user to the system - -# License -# ======= -# -# Copyright (C) 2015-2016 Bob Mottram -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -PROJECT_NAME='freedombone' - -export TEXTDOMAIN=${PROJECT_NAME}-addsipuser -export TEXTDOMAINDIR="/usr/share/locale" - -MY_USERNAME= -EXTENSION= -PASSWORD= -CONFIG_FILE=/etc/sipwitch.conf -USER_EXISTS="no" - -function show_help { - echo '' - echo $"${PROJECT_NAME}-addsipuser -u [username] -e [extension] -p [password]" - echo '' - exit 0 -} - -function sip_user_exists { - IFS='' - while read line; do - if [[ "$line" == *"" ]]; then - USER_EXISTS="yes" - return - fi - done < $CONFIG_FILE -} - -function update_sip_user { - USER_FOUND= - NEW_CONFIG_FILE="${CONFIG_FILE}.new" - if [ -f $NEW_CONFIG_FILE ]; then - rm -f $NEW_CONFIG_FILE - fi - touch $NEW_CONFIG_FILE - IFS='' - while read line; do - if [ ! $USER_FOUND ]; then - if [[ "$line" == *"" ]]; then - USER_FOUND="yes" - fi - else - if [[ "$line" == *""* ]]; then - line=" $EXTENSION" - fi - if [[ "$line" == *""* ]]; then - line=" $PASSWORD" - fi - if [[ "$line" == *""* ]]; then - line=" $MY_USERNAME $EXTENSION" - USER_FOUND= - fi - fi - echo $line >> $NEW_CONFIG_FILE - done < $CONFIG_FILE - mv $NEW_CONFIG_FILE $CONFIG_FILE -} - -function add_sip_user { - NEW_CONFIG_FILE="${CONFIG_FILE}.new" - if [ -f $NEW_CONFIG_FILE ]; then - rm -f $NEW_CONFIG_FILE - fi - touch $NEW_CONFIG_FILE - IFS='' - while read line; do - if [[ "$line" == *'' ]]; then - echo " " >> $NEW_CONFIG_FILE - echo " $EXTENSION" >> $NEW_CONFIG_FILE - echo " $PASSWORD" >> $NEW_CONFIG_FILE - echo " $MY_USERNAME $EXTENSION" >> $NEW_CONFIG_FILE - echo ' ' >> $NEW_CONFIG_FILE - fi - echo $line >> $NEW_CONFIG_FILE - done < $CONFIG_FILE - mv $NEW_CONFIG_FILE $CONFIG_FILE - chmod 600 /etc/shadow - chmod 600 /etc/gshadow - usermod -aG sipwitch $MY_USERNAME - chmod 0000 /etc/shadow - chmod 0000 /etc/gshadow -} - -while [[ $# > 1 ]] -do - key="$1" - - case $key in - -h|--help) - show_help - ;; - -u|--user) - shift - MY_USERNAME="$1" - ;; - -e|--extension) - shift - EXTENSION="$1" - ;; - -p|--password) - shift - PASSWORD="$1" - ;; - *) - # unknown option - ;; - esac - shift -done - -if ! [[ $MY_USERNAME && $EXTENSION && $PASSWORD ]]; then - show_help -fi - -if [ ! -f $CONFIG_FILE ]; then - echo $"SIP configuration file not found" - exit 1 -fi - -# the user must already exist on the system -if [ ! -d /home/$MY_USERNAME ]; then - echo $"User $MY_USERNAME not found" - exit 2 -fi - -sip_user_exists - -if [[ $USER_EXISTS == "yes" ]]; then - update_sip_user - echo $"SIP user $MY_USERNAME amended" -else - add_sip_user - echo $"SIP user $MY_USERNAME added" -fi - -systemctl restart sipwitch - -exit 0 diff --git a/src/freedombone-app-mumble b/src/freedombone-app-mumble index 71a1b5fd..bac8ebae 100755 --- a/src/freedombone-app-mumble +++ b/src/freedombone-app-mumble @@ -185,11 +185,6 @@ function restore_remote_mumble { rm -rf $temp_restore_dir exit 7823 fi - if [ -d $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup ]; then - cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf - else - cp -f $temp_restore_dir/sipwitch.conf /etc/sipwitch.conf - fi if [ ! "$?" = "0" ]; then rm -rf $temp_restore_dir exit 7823 diff --git a/src/freedombone-app-sip b/src/freedombone-app-sip deleted file mode 100755 index 8b3711a7..00000000 --- a/src/freedombone-app-sip +++ /dev/null @@ -1,497 +0,0 @@ -#!/bin/bash -# -# .---. . . -# | | | -# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. -# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' -# ' ' --' --' -' - -' ' ' -' -' -' ' - --' -# -# Freedom in the Cloud -# -# SIP functions -# -# License -# ======= -# -# Copyright (C) 2014-2016 Bob Mottram -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -VARIANTS='' - -IN_DEFAULT_INSTALL=0 -SHOW_ON_ABOUT=0 - -SIP_SERVER_PASSWORD= -SIP_PORT=5060 -SIP_TLS_PORT=5061 - -TURN_PORT=3478 -TURN_TLS_PORT=5349 -TURN_NONCE= - -sip_variables=(ONION_ONLY - MY_USERNAME - SIP_PORT - SIP_TLS_PORT - SIP_SERVER_PASSWORD - TURN_PORT - TURN_TLS_PORT - TURN_NONCE) - -function logging_on_sip { - echo -n '' -} - -function logging_off_sip { - echo -n '' -} - -function remove_user_sip { - remove_username="$1" - ${PROJECT_NAME}-rmsipuser ${remove_username} - - ${PROJECT_NAME}-pass -u $remove_username --rmapp sip - - # remove user from SIP TURN/STUN - if [ -f /etc/turnserver/turnusers.txt ]; then - sed -i "/${remove_username}:/d" /etc/turnserver/turnusers.txt - fi -} - -function add_user_sip { - new_username="$1" - new_user_password="$2" - - ${PROJECT_NAME}-pass -u $new_username -a sip -p "$new_user_password" - - SIP_EXTENSION=$(${PROJECT_NAME}-sipfreeext) - ${PROJECT_NAME}-addsipuser -u $new_username -e $SIP_EXTENSION -p "$new_user_password" - if [ ! "$?" = "0" ]; then - echo '1' - return - fi - - # add user to the sipwitch group - if [ -f /etc/sipwitch.conf ]; then - chmod 600 /etc/shadow - chmod 600 /etc/gshadow - usermod -aG sipwitch $new_username - chmod 0000 /etc/shadow - chmod 0000 /etc/gshadow - fi - - # add user for SIP STUN/TURN - if [ -d /etc/turnserver ]; then - if grep -q "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE; then - read_config_param "DEFAULT_DOMAIN_NAME" - echo "${new_username}:${new_user_password}:${DEFAULT_DOMAIN_NAME}:authorized" >> /etc/turnserver/turnusers.txt - fi - fi - - echo '0' -} - -function install_interactive_sip { - echo -n '' - APP_INSTALLED=1 -} - -function change_password_sip { - curr_username="$1" - new_user_password="$2" - - #${PROJECT_NAME}-pass -u "$curr_username" -a sip -p "$new_user_password" -} - -function reconfigure_sip { - echo -n '' -} - -function upgrade_sip { - # remove the original sipwitch daemon if it exists - if [ -f /etc/init.d/sipwitch ]; then - rm -f /etc/init.d/sipwitch - fi -} - -function backup_local_sip { - if [ -f /etc/sipwitch.conf ]; then - echo $"Backing up SIP settings" - temp_backup_dir=/root/tempsipbackup - if [ ! -d $temp_backup_dir ]; then - mkdir -p $temp_backup_dir - fi - cp -f /etc/sipwitch.conf $temp_backup_dir - backup_directory_to_usb $temp_backup_dir sip - echo $"SIP settings backup complete" - fi -} - -function restore_local_sip { - if [ -d $USB_MOUNT/backup/sip ]; then - echo $"Restoring SIP settings" - temp_restore_dir=/root/tempsip - function_check restore_directory_from_usb - restore_directory_from_usb $temp_restore_dir sip - if [ -d $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup ]; then - cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf - else - cp -f $temp_restore_dir/sipwitch.conf /etc/sipwitch.conf - fi - if [ ! "$?" = "0" ]; then - rm -rf $temp_restore_dir - function_check set_user_permissions - set_user_permissions - backup_unmount_drive - exit 3679 - fi - rm -rf $temp_restore_dir - systemctl restart sipwitch - echo $"Restore of SIP settings complete" - fi -} - -function backup_remote_sip { - if [ -f /etc/sipwitch.conf ]; then - echo $"Backing up SIP settings" - temp_backup_dir=/root/tempsipbackup - if [ ! -d $temp_backup_dir ]; then - mkdir -p $temp_backup_dir - fi - cp -f /etc/sipwitch.conf $temp_backup_dir - backup_directory_to_friend $temp_backup_dir sip - echo $"Backup SIP settings complete" - fi -} - -function restore_remote_sip { - temp_restore_dir=/root/tempsip - function_check restore_directory_from_friend - restore_directory_from_friend $temp_restore_dir sip - if [ -d $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup ]; then - cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf - else - cp -f $temp_restore_dir/sipwitch.conf /etc/sipwitch.conf - fi - if [ ! "$?" = "0" ]; then - rm -rf $temp_restore_dir - function_check set_user_permissions - set_user_permissions - backup_unmount_drive - exit 3679 - fi - rm -rf $temp_restore_dir - systemctl restart sipwitch -} - -function remove_sip { - firewall_remove ${TURN_PORT} - firewall_remove ${TURN_TLS_PORT} tcp - firewall_remove ${SIP_PORT} - firewall_remove ${SIP_TLS_PORT} - - function_check remove_onion_service - remove_onion_service sip ${SIP_PORT} - - apt-get -yq remove --purge sipwitch - apt-get -yq remove --purge turnserver - if [ -f /etc/sipwitch.conf ]; then - rm /etc/sipwitch.conf - fi - if [ -d /etc/turnserver ]; then - rm -rf /etc/turnserver - fi - remove_completion_param install_sip - remove_completion_param configure_firewall_for_turn - remove_completion_param configure_firewall_for_sip4 -} - -function configure_firewall_for_turn { - if [[ $ONION_ONLY != "no" ]]; then - return - fi - firewall_add TURN ${TURN_PORT} - firewall_add "TURN TLS" ${TURN_TLS_PORT} tcp -} - - -function configure_firewall_for_sip4 { - if [[ $ONION_ONLY != "no" ]]; then - return - fi - firewall_add SIP ${SIP_PORT} - firewall_add "SIP TLS" ${SIP_TLS_PORT} -} - -function update_sipwitch_daemon { - if [ ! -f /etc/init.d/sipwitch ]; then - return - fi - - systemctl stop sipwitch - - # remove the original sipwitch daemon if it exists - if [ -f /etc/init.d/sipwitch ]; then - rm -f /etc/init.d/sipwitch - fi - - # daemon - echo '[Unit]' > /etc/systemd/system/sipwitch.service - echo 'Description=GNU SIP Witch, a SIP telephony service daemon.' >> /etc/systemd/system/sipwitch.service - echo 'After=network.target' >> /etc/systemd/system/sipwitch.service - echo '' >> /etc/systemd/system/sipwitch.service - echo '[Service]' >> /etc/systemd/system/sipwitch.service - echo 'Type=simple' >> /etc/systemd/system/sipwitch.service - echo 'Group=sipwitch' >> /etc/systemd/system/sipwitch.service - echo 'PIDFile=/var/run/sipwitch/pidfile' >> /etc/systemd/system/sipwitch.service - echo 'EnvironmentFile=-/etc/conf.d/sipwitch' >> /etc/systemd/system/sipwitch.service - echo 'EnvironmentFile=-/etc/sipwitch.conf' >> /etc/systemd/system/sipwitch.service - echo 'EnvironmentFile=-/etc/default/sipwitch' >> /etc/systemd/system/sipwitch.service - echo 'ExecStartPre=-/bin/rm -f /var/run/sipwitch/control' >> /etc/systemd/system/sipwitch.service - echo "ExecStart=/usr/sbin/sipw -f \$OPTIONS -P$SIP_PORT" >> /etc/systemd/system/sipwitch.service - echo 'Restart=always' >> /etc/systemd/system/sipwitch.service - echo 'NotifyAccess=main' >> /etc/systemd/system/sipwitch.service - echo '' >> /etc/systemd/system/sipwitch.service - echo '[Install]' >> /etc/systemd/system/sipwitch.service - echo 'WantedBy=multi-user.target' >> /etc/systemd/system/sipwitch.service - - systemctl enable sipwitch - systemctl daemon-reload - systemctl start sipwitch -} - -function install_sip_main { - if [[ $(app_is_installed sip_main) == "1" ]]; then - return - fi - - apt-get -yq install sipwitch - - if [ -f $IMAGE_PASSWORD_FILE ]; then - SIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)" - else - if [ ! $SIP_SERVER_PASSWORD ]; then - SIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})" - fi - fi - - echo '' > /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - - echo "" >> /etc/sipwitch.conf - echo '201' >> /etc/sipwitch.conf - echo "$SIP_SERVER_PASSWORD" >> /etc/sipwitch.conf - echo "$MY_USERNAME 201" >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo " $DEFAULT_DOMAIN_NAME" >> /etc/sipwitch.conf - echo ' 200' >> /etc/sipwitch.conf - echo ' 2' >> /etc/sipwitch.conf - echo ' *' >> /etc/sipwitch.conf - echo ' false' >> /etc/sipwitch.conf - echo ' system' >> /etc/sipwitch.conf - echo ' anonymous' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo ' ' >> /etc/sipwitch.conf - echo ' 4' >> /etc/sipwitch.conf - echo ' ' >> /etc/sipwitch.conf - echo ' 4' >> /etc/sipwitch.conf - echo ' ' >> /etc/sipwitch.conf - echo ' 6' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo ' 200' >> /etc/sipwitch.conf - echo ' 100' >> /etc/sipwitch.conf - echo ' 77' >> /etc/sipwitch.conf - echo ' 200' >> /etc/sipwitch.conf - echo ' ' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - echo '' >> /etc/sipwitch.conf - - sed -i 's|#PLUGINS=|PLUGINS=|g' /etc/default/sipwitch - sed -i 's|PLUGINS=.*|PLUGINS="zeroconf subscriber forward"|g' /etc/default/sipwitch - groupadd sipwitch - chmod 600 /etc/shadow - chmod 600 /etc/gshadow - usermod -aG sipwitch $MY_USERNAME - chmod 0000 /etc/shadow - chmod 0000 /etc/gshadow - - SIP_ONION_HOSTNAME=$(add_onion_service sip ${SIP_PORT} ${SIP_PORT}) - - ${PROJECT_NAME}-pass -u $MY_USERNAME -a sip -p "$SIP_SERVER_PASSWORD" - - function_check configure_firewall_for_sip4 - configure_firewall_for_sip4 - install_completed sip_main -} - -function install_sip_turn { - if [[ $(app_is_installed sip_turn) == "1" ]]; then - return - fi - - apt-get -yq install turnserver - - # create a nonce if needed - if [ ! $TURN_NONCE ]; then - TURN_NONCE="$(create_password 30)" - fi - - function_check create_site_certificate - create_site_certificate $DEFAULT_DOMAIN_NAME 'yes' - - echo '##' > /etc/turnserver/turnserver.conf - echo '# TurnServer configuration file.' >> /etc/turnserver/turnserver.conf - echo '#' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Public IPv4 address of any relayed address (if not set, no relay for IPv4).' >> /etc/turnserver/turnserver.conf - echo '## To have multiple address, separate addresses with a comma' >> /etc/turnserver/turnserver.conf - echo '## (i.e. listen_address = { "172.16.0.1", "172.17.0.1" }).' >> /etc/turnserver/turnserver.conf - echo "listen_address = { \"192.168.0.1\" }" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Public IPv6 address of any relayed address (if not set, no relay for IPv6).' >> /etc/turnserver/turnserver.conf - echo '## To have multiple address, separate address with a comma' >> /etc/turnserver/turnserver.conf - echo '## (i.e. listen_addressv6 = { "2001:db8:1::1", "2001:db8:2::1" }).' >> /etc/turnserver/turnserver.conf - echo "#listen_addressv6 = { \"2001:db8::1\" }" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## UDP listening port.' >> /etc/turnserver/turnserver.conf - echo "udp_port = $TURN_PORT" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## TCP listening port.' >> /etc/turnserver/turnserver.conf - echo "tcp_port = $TURN_PORT" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## TLS listening port.' >> /etc/turnserver/turnserver.conf - echo "tls_port = $TURN_TLS_PORT" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## TLS support.' >> /etc/turnserver/turnserver.conf - echo 'tls = true' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## DTLS support. It is an experimental feature and is not defined in TURN' >> /etc/turnserver/turnserver.conf - echo '## standard.' >> /etc/turnserver/turnserver.conf - echo 'dtls = false' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Maximum allocation port number.' >> /etc/turnserver/turnserver.conf - echo 'max_port = 65535' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Minimum allocation port number.' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo 'min_port = 49152' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## TURN-TCP support.' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo 'turn_tcp = true' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## TURN-TCP buffering mode:' >> /etc/turnserver/turnserver.conf - echo '## - true, use userspace buffering;' >> /etc/turnserver/turnserver.conf - echo '## - false, use kernel buffering.' >> /etc/turnserver/turnserver.conf - echo 'tcp_buffer_userspace = true' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## TURN-TCP maximum buffer size.' >> /etc/turnserver/turnserver.conf - echo 'tcp_buffer_size = 32768' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Daemon mode.' >> /etc/turnserver/turnserver.conf - echo 'daemon = true' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Unprivileged user.' >> /etc/turnserver/turnserver.conf - echo '## If you want to use this feature create a system user.' >> /etc/turnserver/turnserver.conf - echo '## On Linux: adduser --system --group turnserver' >> /etc/turnserver/turnserver.conf - echo 'unpriv_user = turnserver' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Realm value.' >> /etc/turnserver/turnserver.conf - echo "realm = \"$DEFAULT_DOMAIN_NAME\"" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Nonce key.' >> /etc/turnserver/turnserver.conf - echo "nonce_key = \"$TURN_NONCE\"" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Max relay per username.' >> /etc/turnserver/turnserver.conf - echo 'max_relay_per_username = 5' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Allocation lifetime.' >> /etc/turnserver/turnserver.conf - echo 'allocation_lifetime = 1800' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Allocation bandwidth limitation (in KBytes/s).' >> /etc/turnserver/turnserver.conf - echo '## 0 value means bandwidth quota disabled.' >> /etc/turnserver/turnserver.conf - echo 'bandwidth_per_allocation = 150' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Restricted user bandwidth (in KBytes/s).' >> /etc/turnserver/turnserver.conf - echo '## 0 value means bandwidth limitation disabled.' >> /etc/turnserver/turnserver.conf - echo 'restricted_bandwidth = 10' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Denied addresses.' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '# disallow relaying to localhost' >> /etc/turnserver/turnserver.conf - echo 'denied_address {' >> /etc/turnserver/turnserver.conf - echo ' address = "127.0.0.1"' >> /etc/turnserver/turnserver.conf - echo ' mask = "8"' >> /etc/turnserver/turnserver.conf - echo ' port = 0' >> /etc/turnserver/turnserver.conf - echo '}' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '# disallow relaying to ip6-localhost' >> /etc/turnserver/turnserver.conf - echo 'denied_address {' >> /etc/turnserver/turnserver.conf - echo ' address = "::1"' >> /etc/turnserver/turnserver.conf - echo ' mask = "128"' >> /etc/turnserver/turnserver.conf - echo ' port = 0' >> /etc/turnserver/turnserver.conf - echo '}' >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Certification Authority file.' >> /etc/turnserver/turnserver.conf - echo "ca_file = \"/etc/ssl/certs/ca-certificates.crt\"" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Server certificate file.' >> /etc/turnserver/turnserver.conf - if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem ]; then - echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem\"" >> /etc/turnserver/turnserver.conf - else - if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt ]; then - echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt\"" >> /etc/turnserver/turnserver.conf - fi - fi - echo '' >> /etc/turnserver/turnserver.conf - echo '## Private key file.' >> /etc/turnserver/turnserver.conf - echo "private_key_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.key\"" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Account method.' >> /etc/turnserver/turnserver.conf - echo "account_method = \"file\"" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## Account file (if account_method = file).' >> /etc/turnserver/turnserver.conf - echo "account_file = \"/etc/turnserver/turnusers.txt\"" >> /etc/turnserver/turnserver.conf - echo '' >> /etc/turnserver/turnserver.conf - echo '## mod_tmpuser.' >> /etc/turnserver/turnserver.conf - echo 'mod_tmpuser = false' >> /etc/turnserver/turnserver.conf - - echo "${MY_USERNAME}:password:${DEFAULT_DOMAIN_NAME}:authorized" > /etc/turnserver/turnusers.txt - - systemctl restart turnserver - - function_check configure_firewall_for_turn - configure_firewall_for_turn - install_completed sip_turn -} - -function install_sip { - install_sip_main - update_sipwitch_daemon - APP_INSTALLED=1 -} - -# NOTE: deliberately no exit 0 diff --git a/src/freedombone-controlpanel b/src/freedombone-controlpanel index 57be814c..aafd9c92 100755 --- a/src/freedombone-controlpanel +++ b/src/freedombone-controlpanel @@ -76,7 +76,6 @@ done COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt SELECTED_USERNAME= -SIP_CONFIGURATION_FILE=/etc/sipwitch.conf ADMIN_USER= UPGRADE_SCRIPT_NAME="${PROJECT_NAME}-upgrade" UPDATE_DATE_SCRIPT=/usr/bin/updatedate @@ -479,9 +478,6 @@ function show_users { echo '=====' echo '' echo -n -e "$(pad_string 'Name')" - if [[ $(app_is_installed sip) == "1" ]]; then - echo -n -e "$(pad_string 'SIP ext')" - fi echo -n -e "$(pad_string 'Data')" echo '' echo '----------------------------------' @@ -489,25 +485,6 @@ function show_users { USRNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $(is_valid_user "$USRNAME") == "1" ]]; then echo -n -e "$(pad_string ${USRNAME})" - # get the SIP extension - SIPEXT= - if [ -f $SIP_CONFIGURATION_FILE ]; then - while read ext; do - if [[ $ext == *"user id"* ]]; then - CURR_UID=$(echo "$ext" | awk -F '"' '{print $2}' | awk -F '"' '{print $1}') - fi - if [[ $ext == *"extension"* ]]; then - if [[ $CURR_UID == $USRNAME ]]; then - SIPEXT=$(echo "$ext" | awk -F '>' '{print $2}' | awk -F '<' '{print $1}') - fi - fi - done < $SIP_CONFIGURATION_FILE - fi - if [ $SIPEXT ]; then - echo -n -e "$(pad_string SIP:${SIPEXT})" - else - echo -n -e "$(pad_string '')" - fi # size of the home directory echo "$(du -s -h /home/${USRNAME} | awk -F ' ' '{print $1}')" diff --git a/src/freedombone-rmsipuser b/src/freedombone-rmsipuser deleted file mode 100755 index cb5d9d89..00000000 --- a/src/freedombone-rmsipuser +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/bash -# -# .---. . . -# | | | -# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. -# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' -# ' ' --' --' -' - -' ' ' -' -' -' ' - --' -# -# Freedom in the Cloud -# - -# Removes a SIP phone user from the system - -# License -# ======= -# -# Copyright (C) 2015-2016 Bob Mottram -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -PROJECT_NAME='freedombone' - -export TEXTDOMAIN=${PROJECT_NAME}-rmsipuser -export TEXTDOMAINDIR="/usr/share/locale" - -MY_USERNAME=$1 -CONFIG_FILE=/etc/sipwitch.conf -USER_EXISTS="no" - -function show_help { - echo '' - echo $"${PROJECT_NAME}-rmsipuser [username]" - echo '' - exit 0 -} - -function sip_user_exists { - IFS='' - while read line; do - if [[ "$line" == *"" ]]; then - USER_EXISTS="yes" - return - fi - done < $CONFIG_FILE -} - -function remove_sip_user { - USER_FOUND= - NEW_CONFIG_FILE="${CONFIG_FILE}.new" - if [ -f $NEW_CONFIG_FILE ]; then - rm -f $NEW_CONFIG_FILE - fi - touch $NEW_CONFIG_FILE - IFS='' - while read line; do - if [ ! $USER_FOUND ]; then - if [[ "$line" == *"" ]]; then - USER_FOUND="yes" - fi - fi - if [ ! $USER_FOUND ]; then - echo "$line" >> $NEW_CONFIG_FILE - else - if [[ "$line" == *'' ]]; then - USER_FOUND= - fi - fi - done < $CONFIG_FILE - mv $NEW_CONFIG_FILE $CONFIG_FILE -} - -if [ ! $MY_USERNAME ]; then - show_help -fi - -if [ ! -f $CONFIG_FILE ]; then - echo $"SIP configuration file not found" - exit 1 -fi - -# the user must already exist on the system -if [ ! -d /home/$MY_USERNAME ]; then - echo $"User $MY_USERNAME not found" - exit 2 -fi - -sip_user_exists - -if [[ $USER_EXISTS != "yes" ]]; then - echo $'User not found within SIP configuration file' - exit 3 -fi - -systemctl stop sipwitch - -remove_sip_user - -systemctl start sipwitch - -echo $"SIP user $MY_USERNAME removed" -exit 0 diff --git a/src/freedombone-sipfreeext b/src/freedombone-sipfreeext deleted file mode 100755 index e771f36c..00000000 --- a/src/freedombone-sipfreeext +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/bash -# -# .---. . . -# | | | -# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. -# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' -# ' ' --' --' -' - -' ' ' -' -' -' ' - --' -# -# Freedom in the Cloud -# - -# Returns the next free SIP extension number - -# License -# ======= -# -# Copyright (C) 2015-2016 Bob Mottram -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -PROJECT_NAME='freedombone' - -export TEXTDOMAIN=${PROJECT_NAME}-sipfreeext -export TEXTDOMAINDIR="/usr/share/locale" - -CONFIG_FILE=/etc/sipwitch.conf - -maxnum=201 -while (( maxnum < 299 )); do - if ! grep -q "extension>$maxnum<" $CONFIG_FILE; then - break; - fi - maxnum=$((maxnum + 1)) -done -echo $maxnum -exit 0 diff --git a/src/freedombone-utils-upgrade b/src/freedombone-utils-upgrade index 2b0894fc..2da8a859 100755 --- a/src/freedombone-utils-upgrade +++ b/src/freedombone-utils-upgrade @@ -76,7 +76,6 @@ function upgrade_installation_from_previous_versions { sed -i 's|XMPP|xmpp|g' $COMPLETION_FILE sed -i 's|voip|mumble|g' $COMPLETION_FILE sed -i 's|VoIP|mumble|g' $COMPLETION_FILE - sed -i 's|SIP |sip |g' $COMPLETION_FILE sed -i 's|Blog|htmly|g' $COMPLETION_FILE sed -i 's|Hubzilla|hubzilla|g' $COMPLETION_FILE sed -i 's|Gogs|gogs|g' $COMPLETION_FILE diff --git a/website/EN/app_gnusocial.html b/website/EN/app_gnusocial.html index 89aeef9d..132c1442 100644 --- a/website/EN/app_gnusocial.html +++ b/website/EN/app_gnusocial.html @@ -3,10 +3,10 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + - + remote follow" other

-You should regard anything posted to GNU Social as being public communication visible to anyone on the internet. There is a direct messaging capability between users but it's not particularly secure, so for one-to-one messages stick to better methods, such as XMPP with OTR/OMEMO or Tox. +You should regard anything posted to GNU Social as being public communication visible to anyone on the internet. There is a direct messaging capability between users but it's not particularly secure, so for one-to-one messages stick to better methods, such as XMPP with OpenPGP/OMEMO or Tox.

@@ -274,16 +274,16 @@ Some general advice about life in the fediverse can b -

-

Installation

-
+
+

Installation

+

Log into your system with:

-
ssh myusername@mydomain -p 2222
-
+
ssh myusername@mydomain -p 2222
+

@@ -300,9 +300,9 @@ After the install has completed go to Security settings and select Cre

-
-

Initial setup

-
+
+

Initial setup

+

If you have just obtained a Lets Encrypt certificate as above then go to About on the administrator control panel and you should see your GNU Social domain listed there along with an onion address. You can then navigate to your site in a browser.

@@ -329,9 +329,9 @@ GNU Social has a clutter-free mobile user interface which can be accessed via a
-
-

Switching user interfaces

-
+
+

Switching user interfaces

+

A few web based user interfaces are available for GNU SOcial. They are selectable by going to the Administrator control panel and choosing App settings then gnusocial.

@@ -352,9 +352,9 @@ A few web based user interfaces are available for GNU SOcial. They are selectabl
-
-

Using with Emacs

-
+
+

Using with Emacs

+
@@ -368,7 +368,7 @@ If you are an Emacs user it's also possible to set up GNU Social mode as follows

-
mkdir ~/elisp
+
mkdir ~/elisp
 git clone https://github.com/bashrc/gnu-social-mode ~/elisp/gnu-social-mode
 echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
 echo "(require 'gnu-social-mode)" >> ~/.emacs
@@ -376,7 +376,7 @@ git clone https://github.com/bashrc/gnu-social-mode ~/elisp/gnu-social-mode
 echo "      gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs
 echo "    gnu-social-username \"yourusername\"" >> ~/.emacs
 echo "    gnu-social-password \"gnusocialpassword\")" >> ~/.emacs
-

+

@@ -384,8 +384,8 @@ And as a quick reference the main keys are:

-
M-x gnu-social
-
+
M-x gnu-social
+

@@ -535,9 +535,9 @@ Showing timelines:

-
-

Blocking controls

-
+
+

Blocking controls

+
diff --git a/website/EN/backups.html b/website/EN/backups.html index 9d22c1f4..7ca0b0cf 100644 --- a/website/EN/backups.html +++ b/website/EN/backups.html @@ -3,10 +3,10 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + - + -Backup keys +Backup keys -Backup to USB +Backup to USB -Restore from USB +Restore from USB -Distributed/remote backups +Distributed/remote backups -Restore from a friend +Restore from a friend
-
-

Backup keys

-
+
+

Backup keys

+

As part of the Freedombone installation the GPG key used to encrypt backups will have been added to the .gnupg keyring in your home directory. Ensure that you have a copy of all your keys by plugging in a LUKS encrypted USB drive and then running the commands:

@@ -303,9 +304,9 @@ A pro-tip for the best possible security is to create multiple USB drives contai

-
-

Backup to USB

-
+
+

Backup to USB

+

First and foremost - encrypt your USB drives! Even if you think you have "nothing to hide" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the Disk Utility application. Some instructions can be found here.

@@ -336,9 +337,9 @@ When the backup ends remove the USB drive and keep it somewhere safe. Even if it

-
-

Restore from USB

-
+
+

Restore from USB

+

Log into the system and become the root user:

@@ -361,15 +362,15 @@ Enter the LUKS password for the USB drive. When the restore is complete you can

-
-

Distributed/remote backups

-
+
+

Distributed/remote backups

+

Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.

-Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the adduser <username> command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OTR. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you. +Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the adduser <username> command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OpenPGP/OMEMO. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you.

@@ -386,12 +387,13 @@ You can then enter the usernames, domains and ssh logins for one or more remote

-
-

Restore from a friend

-
-
-

With a completely new Freedombone installation

-
+
+

Restore from a friend

+
+
+
+

With a completely new Freedombone installation

+

This is the ultimate disaster recovery scenario in which you are beginning completely from scratch with new hardware and a new Freedombone installation (configured with the same username and domain names). It is assumed that the old hardware was destroyed, but that you have the backup key stored on a USB thumb drive.

@@ -418,9 +420,9 @@ Finally select Restore from remote backup and enter the domain name of th

-
-

On an existing Freedombone installation

-
+
+

On an existing Freedombone installation

+

This is for more common situations in which maybe some data became corrupted and you want to restore it.

diff --git a/website/EN/codeofconduct.html b/website/EN/codeofconduct.html index 11d0d30b..146f9a90 100644 --- a/website/EN/codeofconduct.html +++ b/website/EN/codeofconduct.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + @@ -246,27 +246,27 @@ for the JavaScript code in this tag.

Code of Conduct

-
-

Be respectful

-
+
+

Be respectful

+

In any Free Software project with more than one participant inevitably there may be people with whom you may disagree, or find it difficult to cooperate. Accept that, but even so, remain respectful. Disagreement is no excuse for poor behaviour or personal attacks, and a community in which people feel threatened is not a healthy community.

-
-

Assume good faith

-
+
+

Assume good faith

+

Freedombone Contributors have many ways of reaching our common goal of providing freedom respecting internet or mesh systems which may differ from your ways. Assume that other people are working towards this goal.

-
-

Be collaborative

-
+
+

Be collaborative

+

Freedombone is a moderately complex project, though nothing big and professional like GNU. It's good to ask for help when you need it. Similarly, offers for help should be seen in the context of our shared goal of improving the system.

@@ -277,9 +277,9 @@ When you make something for the benefit of the project, be willing to explain to
-
-

Try to be concise

-
+
+

Try to be concise

+

If you're submitting documentation then keep in mind that what you write once could be read by many other people. To avoid TL;DR keep it as short and concise as possible. This will also reduce the amount of translations effort needed.

@@ -290,9 +290,9 @@ If you're discussing an issue or bug, try to stay on topic, especially in discus
-
-

Be open

-
+
+

Be open

+

Most ways of communication used within Freedombone (eg Matrix/XMPP) allow for public and private communication. Prefer public methods of communication for Freedombone-related messages, unless posting something sensitive.

@@ -303,9 +303,9 @@ This applies to messages for help, too; not only is a public support request muc
-
-

In case of problems

-
+
+

In case of problems

+

While this code of conduct should be adhered to by participants, we recognize that sometimes people may have a bad day, or be unaware of some of the guidelines in this code of conduct. When that happens, you may reply to them and point out this code of conduct. Such messages may be in public or in private, whatever is most appropriate. However, regardless of whether the message is public or not, it should still adhere to the relevant parts of this code of conduct; in particular, it should not be abusive or disrespectful. Assume good faith; it is more likely that participants are unaware of their bad behaviour than that they intentionally try to degrade the quality of the discussion.

@@ -315,7 +315,7 @@ Serious or persistent offenders will be kicked from chat rooms and any of their

-This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG/OpenPGP if you can, or XMPP with OTR/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response. +This is not a big project and so there is no division of labor or special enforcement committee or bureaucratic process. Complaints should be made (in private) to the maintainer or chat room admin. The typical email address can be found in the source code headers. Preferably use GPG if you can, or XMPP with OpenPGP/OMEMO to bob@freedombone.net. XMPP messages are likely to get a quicker response.

diff --git a/website/EN/support.html b/website/EN/support.html index c8d8fec6..37b77e34 100644 --- a/website/EN/support.html +++ b/website/EN/support.html @@ -3,7 +3,7 @@ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - + @@ -248,9 +248,9 @@ for the JavaScript code in this tag.

Support

-
-

Contact details

-
+
+

Contact details

+

This site can also be accessed via a Tor browser at http://yjxlc3imv7obva4grjae6u3qw527koaytrgjgdp364hmthrst3jodiid.onion

@@ -264,7 +264,7 @@ This site can also be accessed via a Tor browser at
-
-

Things which would be nice to have

-
+
+

Things which would be nice to have

+
-
-

Ideas

-
+
+

Ideas

+

Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included.

-