Stretch

2017-06-25 23:24:17 +01:00 · 2017-06-25 23:24:17 +01:00 · 7268ee624b
parent 30f95a6576
commit 7268ee624b
6 changed files with 176 additions and 167 deletions
--- a/doc/EN/debianinstall.org
+++ b/doc/EN/debianinstall.org
@ -18,7 +18,7 @@

 Although the image builder supports a variety of architectures there may still be some which aren't supported. These especially include systems which have a proprietary boot blob, such as the Raspberry Pi boards.

-It's still possible to install the system onto these unsupported devices if you need to. First you'll need to ensure that you have *Debian Jessie* installed and can get ssh access to the system. Then either via ssh, or directly on the target device in the case of an old laptop or netbook:
+It's still possible to install the system onto these unsupported devices if you need to. First you'll need to ensure that you have *Debian Stretch* installed and can get ssh access to the system. Then either via ssh, or directly on the target device in the case of an old laptop or netbook:

 #+BEGIN_SRC bash
 su
@ -26,6 +26,7 @@ apt-get update
 apt-get -qy install build-essential git dialog
 git clone https://github.com/bashrc/freedombone
 cd freedombone
+git checkout stretch
 make install
 freedombone makeconfig
 #+END_SRC
--- a/doc/EN/installation.org
+++ b/doc/EN/installation.org
@ -80,7 +80,7 @@ freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian
 Before installing Freedombone you will need a few things.

  * Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt.
-  * System with a new installation of Debian Jessie or a downloaded/prepared disk image
+  * System with a new installation of Debian Stretch or a downloaded/prepared disk image
  * Ethernet connection between the system and your internet router
  * That it is possible to forward ports from the internet router to the system, typically via firewall settings
  * Have ssh access to the system, typically via fbone@freedombone.local on port 2222
@ -88,7 +88,7 @@ Before installing Freedombone you will need a few things.
 There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.

 ** On a Laptop, Netbook or Desktop machine
-If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Jessie onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
+If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:

 #+BEGIN_SRC bash
 su
@ -96,6 +96,7 @@ apt-get update
 apt-get -y install git dialog build-essential
 git clone https://github.com/bashrc/freedombone
 cd freedombone
+git checkout stretch
 make install
 freedombone menuconfig
 #+END_SRC
--- a/doc/EN/mesh.org
+++ b/doc/EN/mesh.org
@ -102,7 +102,7 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
 * Building Disk Images
 It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.

-First you will need to create an image. On a Debian based system (tested on Debian Jessie and Trisquel 7):
+First you will need to create an image. On a Debian based system (tested on Debian Stretch):

 #+begin_src bash
 sudo apt-get -y install build-essential libc6-dev-i386 wget \
@ -117,6 +117,7 @@ sha256sum freedombone-mesh-13-09-2016.tar.gz
 3e279f8ed762afb682bec6bd463830087354dd2f24020f3b0de51143585ab0ed
 tar -xzvf freedombone-mesh-13-09-2016.tar.gz
 cd freedombone
+git checkout stretch
 sudo make install
 freedombone-image -t i386 -v meshclient
 #+end_src
--- a/website/EN/debianinstall.html
+++ b/website/EN/debianinstall.html
@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-05-14 Sun 15:36 -->
+<!-- 2017-06-25 Sun 23:22 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@ -253,7 +253,7 @@ Although the image builder supports a variety of architectures there may still b
 </p>

 <p>
-It's still possible to install the system onto these unsupported devices if you need to. First you'll need to ensure that you have <b>Debian Jessie</b> installed and can get ssh access to the system. Then either via ssh, or directly on the target device in the case of an old laptop or netbook:
+It's still possible to install the system onto these unsupported devices if you need to. First you'll need to ensure that you have <b>Debian Stretch</b> installed and can get ssh access to the system. Then either via ssh, or directly on the target device in the case of an old laptop or netbook:
 </p>

 <div class="org-src-container">
@ -262,6 +262,7 @@ apt-get update
 apt-get -qy install build-essential git dialog
 git clone https://github.com/bashrc/freedombone
 <span class="org-builtin">cd</span> freedombone
+git checkout stretch
 make install
 freedombone makeconfig
 </code></pre>
--- a/website/EN/installation.html
+++ b/website/EN/installation.html
@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2016-11-20 Sun 17:10 -->
+<!-- 2017-06-25 Sun 23:22 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@ -71,6 +71,7 @@
  pre.src-fortran:before { content: 'Fortran'; }
  pre.src-gnuplot:before { content: 'gnuplot'; }
  pre.src-haskell:before { content: 'Haskell'; }
+  pre.src-hledger:before { content: 'hledger'; }
  pre.src-java:before { content: 'Java'; }
  pre.src-js:before { content: 'Javascript'; }
  pre.src-latex:before { content: 'LaTeX'; }
@ -188,7 +189,7 @@
@licstart  The following is the entire license notice for the
 JavaScript code in this tag.

-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.

 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@ -255,11 +256,11 @@ for the JavaScript code in this tag.
 </colgroup>
 <tbody>
 <tr>
-<td class="org-left"><a href="#orge03d33c">Building an image for a Single Board Computer or Virtual Machine</a></td>
+<td class="org-left"><a href="#org18d6c84">Building an image for a Single Board Computer or Virtual Machine</a></td>
 </tr>

 <tr>
-<td class="org-left"><a href="#org175cfc0">Checklist</a></td>
+<td class="org-left"><a href="#org584ec2f">Checklist</a></td>
 </tr>

 <tr>
@ -267,34 +268,34 @@ for the JavaScript code in this tag.
 </tr>

 <tr>
-<td class="org-left"><a href="#orgdf2add4">Installation</a></td>
+<td class="org-left"><a href="#orgfab577d">Installation</a></td>
 </tr>

 <tr>
-<td class="org-left"><a href="#org9f6b4ea">Social Key Management - the 'Unforgettable Key'</a></td>
+<td class="org-left"><a href="#orgcb6b854">Social Key Management - the 'Unforgettable Key'</a></td>
 </tr>

 <tr>
-<td class="org-left"><a href="#org27cecee">Final Setup</a></td>
+<td class="org-left"><a href="#org8b82a92">Final Setup</a></td>
 </tr>

 <tr>
-<td class="org-left"><a href="#org7b0166c">Keydrives</a></td>
+<td class="org-left"><a href="#org9be9bc1">Keydrives</a></td>
 </tr>

 <tr>
-<td class="org-left"><a href="#orgab1d21b">On Client Machines</a></td>
+<td class="org-left"><a href="#org4bfd97f">On Client Machines</a></td>
 </tr>

 <tr>
-<td class="org-left"><a href="#orga6b2eee">Administering the system</a></td>
+<td class="org-left"><a href="#org132bbc7">Administering the system</a></td>
 </tr>
 </tbody>
 </table>

-<div id="outline-container-orge03d33c" class="outline-2">
-<h2 id="orge03d33c">Building an image for a Single Board Computer or Virtual Machine</h2>
-<div class="outline-text-2" id="text-orge03d33c">
+<div id="outline-container-org18d6c84" class="outline-2">
+<h2 id="org18d6c84">Building an image for a Single Board Computer or Virtual Machine</h2>
+<div class="outline-text-2" id="text-org18d6c84">
 <p>
 You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the <b>freedombone-image</b> command.
 </p>
@ -304,11 +305,11 @@ Install the freedombone commands onto your laptop/desktop:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo apt-get install git build-essential dialog
+<pre><code class="src src-bash">sudo apt-get install git build-essential dialog
 git clone https://github.com/bashrc/freedombone
 <span class="org-builtin">cd</span> freedombone
 sudo make install
-</pre>
+</code></pre>
 </div>

 <p>
@ -316,8 +317,8 @@ Then install packages needed for building images:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image --setup debian
-</pre>
+<pre><code class="src src-bash">freedombone-image --setup debian
+</code></pre>
 </div>

 <p>
@ -325,8 +326,8 @@ or on an Arch/Parabola system:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image --setup parabola
-</pre>
+<pre><code class="src src-bash">freedombone-image --setup parabola
+</code></pre>
 </div>

 <p>
@ -334,8 +335,8 @@ A typical use case to build an 8GB image for a Beaglebone Black is as follows. Y
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image -t beaglebone -s 8G
-</pre>
+<pre><code class="src src-bash">freedombone-image -t beaglebone -s 8G
+</code></pre>
 </div>

 <p>
@ -343,8 +344,8 @@ If you prefer an advanced installation with all of the options available then us
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image -t beaglebone -s 8G --minimal no
-</pre>
+<pre><code class="src src-bash">freedombone-image -t beaglebone -s 8G --minimal no
+</code></pre>
 </div>

 <p>
@ -352,8 +353,8 @@ To build a 64bit Qemu image:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image -t qemu-x86_64 -s 8G
-</pre>
+<pre><code class="src src-bash">freedombone-image -t qemu-x86_64 -s 8G
+</code></pre>
 </div>

 <p>
@ -365,59 +366,60 @@ If the image build fails with an error such as "<i>Error reading from server. Re
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian
-</pre>
+<pre><code class="src src-bash">freedombone-image -t beaglebone -s 8G -m http://ftp.de.debian.org/debian
+</code></pre>
 </div>
 </div>
 </div>

-<div id="outline-container-org175cfc0" class="outline-2">
-<h2 id="org175cfc0">Checklist</h2>
-<div class="outline-text-2" id="text-org175cfc0">
+<div id="outline-container-org584ec2f" class="outline-2">
+<h2 id="org584ec2f">Checklist</h2>
+<div class="outline-text-2" id="text-org584ec2f">
 <p>
 Before installing Freedombone you will need a few things.
 </p>

 <ul class="org-ul">
 <li>Have some domains, or subdomains, registered with a dynamic DNS service. For the full install you may need two "official" purchased domains or be using a subdomain provider which is supported by Let's Encrypt.</li>
-<li>System with a new installation of Debian Jessie or a downloaded/prepared disk image</li>
+<li>System with a new installation of Debian Stretch or a downloaded/prepared disk image</li>
 <li>Ethernet connection between the system and your internet router</li>
 <li>That it is possible to forward ports from the internet router to the system, typically via firewall settings</li>
 <li>Have ssh access to the system, typically via fbone@freedombone.local on port 2222</li>
 </ul>
 </div>
 </div>
-<div id="outline-container-orgdf2add4" class="outline-2">
-<h2 id="orgdf2add4">Installation</h2>
-<div class="outline-text-2" id="text-orgdf2add4">
+<div id="outline-container-orgfab577d" class="outline-2">
+<h2 id="orgfab577d">Installation</h2>
+<div class="outline-text-2" id="text-orgfab577d">
 <p>
 There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
 </p>
 </div>

-<div id="outline-container-org9e79b36" class="outline-3">
-<h3 id="org9e79b36">On a Laptop, Netbook or Desktop machine</h3>
-<div class="outline-text-3" id="text-org9e79b36">
+<div id="outline-container-org2d57cc6" class="outline-3">
+<h3 id="org2d57cc6">On a Laptop, Netbook or Desktop machine</h3>
+<div class="outline-text-3" id="text-org2d57cc6">
 <p>
-If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Jessie onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
+If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Stretch onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">su
+<pre><code class="src src-bash">su
 apt-get update
 apt-get -y install git dialog build-essential
 git clone https://github.com/bashrc/freedombone
 <span class="org-builtin">cd</span> freedombone
+git checkout stretch
 make install
 freedombone menuconfig
-</pre>
+</code></pre>
 </div>
 </div>
 </div>

-<div id="outline-container-org28c34d0" class="outline-3">
-<h3 id="org28c34d0">On a single board computer (SBC)</h3>
-<div class="outline-text-3" id="text-org28c34d0">
+<div id="outline-container-org7983334" class="outline-3">
+<h3 id="org7983334">On a single board computer (SBC)</h3>
+<div class="outline-text-3" id="text-org7983334">
 <p>
 Currently the following boards are supported:
 </p>
@ -436,8 +438,8 @@ If there is no existing image available then you can build one from scratch. See
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">gpg --verify filename.img.asc
-</pre>
+<pre><code class="src src-bash">gpg --verify filename.img.asc
+</code></pre>
 </div>

 <p>
@ -445,8 +447,8 @@ And the hash with:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sha256sum filename.img
-</pre>
+<pre><code class="src src-bash">sha256sum filename.img
+</code></pre>
 </div>

 <p>
@ -454,8 +456,8 @@ If the image is compressed then decompress it with:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">unxz filename.img.xz
-</pre>
+<pre><code class="src src-bash">unxz filename.img.xz
+</code></pre>
 </div>

 <p>
@ -463,8 +465,8 @@ Then copy it to a microSD card. Depending on your system you may need an adaptor
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=filename.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
-</pre>
+<pre><code class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=filename.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
+</code></pre>
 </div>

 <p>
@ -472,8 +474,8 @@ Where <b>sdX</b> is the microSD drive. You can check which drive is the microSD
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">ls /dev/sd*
-</pre>
+<pre><code class="src src-bash">ls /dev/sd*
+</code></pre>
 </div>

 <p>
@ -485,8 +487,8 @@ With the board connected and running you can ssh into the system with:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">ssh fbone@freedombone.local -p 2222
-</pre>
+<pre><code class="src src-bash">ssh fbone@freedombone.local -p 2222
+</code></pre>
 </div>

 <p>
@ -495,16 +497,16 @@ Using the password 'freedombone'. Take a note of the new login password and then
 </div>
 </div>

-<div id="outline-container-org770fac8" class="outline-3">
-<h3 id="org770fac8">As a Virtual Machine</h3>
-<div class="outline-text-3" id="text-org770fac8">
+<div id="outline-container-org8cdd9ea" class="outline-3">
+<h3 id="org8cdd9ea">As a Virtual Machine</h3>
+<div class="outline-text-3" id="text-org8cdd9ea">
 <p>
 Qemu is currently supported, since it's s fully free software system. You can run a 64 bit Qemu image with:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">qemu-system-x86_64 -m 1G filename.img
-</pre>
+<pre><code class="src src-bash">qemu-system-x86_64 -m 1G filename.img
+</code></pre>
 </div>

 <p>
@ -514,42 +516,42 @@ The default login will be username 'fbone' and password 'freedombone'. Take a no
 </div>
 </div>

-<div id="outline-container-org9f6b4ea" class="outline-2">
-<h2 id="org9f6b4ea">Social Key Management - the 'Unforgettable Key'</h2>
-<div class="outline-text-2" id="text-org9f6b4ea">
+<div id="outline-container-orgcb6b854" class="outline-2">
+<h2 id="orgcb6b854">Social Key Management - the 'Unforgettable Key'</h2>
+<div class="outline-text-2" id="text-orgcb6b854">
 <p>
 During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities
 </p>
 </div>

-<div id="outline-container-orgc29300f" class="outline-3">
-<h3 id="orgc29300f">You have the gnupg keyring on an encrypted USB drive</h3>
-<div class="outline-text-3" id="text-orgc29300f">
+<div id="outline-container-orgd4bc308" class="outline-3">
+<h3 id="orgd4bc308">You have the gnupg keyring on an encrypted USB drive</h3>
+<div class="outline-text-3" id="text-orgd4bc308">
 <p>
 If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments.
 </p>
 </div>
 </div>
-<div id="outline-container-org56b3c34" class="outline-3">
-<h3 id="org56b3c34">You have a number of key fragments on USB drives retrieved from friends</h3>
-<div class="outline-text-3" id="text-org56b3c34">
+<div id="outline-container-orgb94d773" class="outline-3">
+<h3 id="orgb94d773">You have a number of key fragments on USB drives retrieved from friends</h3>
+<div class="outline-text-3" id="text-orgb94d773">
 <p>
-If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#org7b0166c">Keydrives</a>.
+If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#org9be9bc1">Keydrives</a>.
 </p>
 </div>
 </div>
-<div id="outline-container-org32ca660" class="outline-3">
-<h3 id="org32ca660">You can specify some ssh login details for friends servers containing key fragments</h3>
-<div class="outline-text-3" id="text-org32ca660">
+<div id="outline-container-orgb78381f" class="outline-3">
+<h3 id="orgb78381f">You can specify some ssh login details for friends servers containing key fragments</h3>
+<div class="outline-text-3" id="text-orgb78381f">
 <p>
 Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled.
 </p>
 </div>
 </div>
 </div>
-<div id="outline-container-org27cecee" class="outline-2">
-<h2 id="org27cecee">Final Setup</h2>
-<div class="outline-text-2" id="text-org27cecee">
+<div id="outline-container-org8b82a92" class="outline-2">
+<h2 id="org8b82a92">Final Setup</h2>
+<div class="outline-text-2" id="text-org8b82a92">
 <p>
 Any manual post-installation setup instructions or passwords can be found in /home/username/README.
 </p>
@ -667,23 +669,23 @@ On your internet router, typically under firewall settings, open the following p
 </div>
 </div>

-<div id="outline-container-org7b0166c" class="outline-2">
-<h2 id="org7b0166c">Keydrives</h2>
-<div class="outline-text-2" id="text-org7b0166c">
+<div id="outline-container-org9be9bc1" class="outline-2">
+<h2 id="org9be9bc1">Keydrives</h2>
+<div class="outline-text-2" id="text-org9be9bc1">
 <p>
 After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
 </p>
 </div>
-<div id="outline-container-orgf3e3d0b" class="outline-3">
-<h3 id="orgf3e3d0b">Master Keydrive</h3>
-<div class="outline-text-3" id="text-orgf3e3d0b">
+<div id="outline-container-org9f35c99" class="outline-3">
+<h3 id="org9f35c99">Master Keydrive</h3>
+<div class="outline-text-3" id="text-org9f35c99">
 <p>
 This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">ssh myusername@mydomainname -p 2222
-</pre>
+<pre><code class="src src-bash">ssh myusername@mydomainname -p 2222
+</code></pre>
 </div>

 <p>
@ -691,16 +693,16 @@ Select <i>Administrator controls</i> then <i>Backup and Restore</i> then <i>Back
 </p>
 </div>
 </div>
-<div id="outline-container-org57b5534" class="outline-3">
-<h3 id="org57b5534">Fragment keydrives</h3>
-<div class="outline-text-3" id="text-org57b5534">
+<div id="outline-container-org17de37d" class="outline-3">
+<h3 id="org17de37d">Fragment keydrives</h3>
+<div class="outline-text-3" id="text-org17de37d">
 <p>
 This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">ssh myusername@mydomainname -p 2222
-</pre>
+<pre><code class="src src-bash">ssh myusername@mydomainname -p 2222
+</code></pre>
 </div>

 <p>
@ -713,35 +715,35 @@ Fragments are randomly assigned and so you will need at least three or four keyd
 </div>
 </div>
 </div>
-<div id="outline-container-orgab1d21b" class="outline-2">
-<h2 id="orgab1d21b">On Client Machines</h2>
-<div class="outline-text-2" id="text-orgab1d21b">
+<div id="outline-container-org4bfd97f" class="outline-2">
+<h2 id="org4bfd97f">On Client Machines</h2>
+<div class="outline-text-2" id="text-org4bfd97f">
 <p>
 You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo apt-get update
+<pre><code class="src src-bash">sudo apt-get update
 sudo apt-get install git dialog haveged build-essential
 git clone https://github.com/bashrc/freedombone
 <span class="org-builtin">cd</span> freedombone
 sudo make install
 freedombone-client
-</pre>
+</code></pre>
 </div>
 </div>
 </div>

-<div id="outline-container-orga6b2eee" class="outline-2">
-<h2 id="orga6b2eee">Administering the system</h2>
-<div class="outline-text-2" id="text-orga6b2eee">
+<div id="outline-container-org132bbc7" class="outline-2">
+<h2 id="org132bbc7">Administering the system</h2>
+<div class="outline-text-2" id="text-org132bbc7">
 <p>
 To administer the system after installation log in via ssh, become the root user and then launch the control panel.
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">ssh myusername@freedombone.local -p 2222
-</pre>
+<pre><code class="src src-bash">ssh myusername@freedombone.local -p 2222
+</code></pre>
 </div>

 <p>
--- a/website/EN/mesh.html
+++ b/website/EN/mesh.html
@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2016-11-26 Sat 16:04 -->
+<!-- 2017-06-25 Sun 23:23 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@ -71,6 +71,7 @@
  pre.src-fortran:before { content: 'Fortran'; }
  pre.src-gnuplot:before { content: 'gnuplot'; }
  pre.src-haskell:before { content: 'Haskell'; }
+  pre.src-hledger:before { content: 'hledger'; }
  pre.src-java:before { content: 'Java'; }
  pre.src-js:before { content: 'Javascript'; }
  pre.src-latex:before { content: 'LaTeX'; }
@ -188,7 +189,7 @@
@licstart  The following is the entire license notice for the
 JavaScript code in this tag.

-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.

 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@ -273,13 +274,13 @@ for the JavaScript code in this tag.
 </colgroup>
 <tbody>
 <tr>
-<td class="org-left"><a href="#org37ebd13">What the system can do</a></td>
+<td class="org-left"><a href="#orga1510fd">What the system can do</a></td>
 <td class="org-left">-</td>
-<td class="org-left"><a href="#org3dee082">Disk Images</a></td>
+<td class="org-left"><a href="#orgaaaf045">Disk Images</a></td>
 <td class="org-left">-</td>
-<td class="org-left"><a href="#org2b3ae4e">Building Disk Images</a></td>
+<td class="org-left"><a href="#org467d9af">Building Disk Images</a></td>
 <td class="org-left">-</td>
-<td class="org-left"><a href="#org1e15009">How to use it</a></td>
+<td class="org-left"><a href="#org7e57982">How to use it</a></td>
 </tr>
 </tbody>
 </table>
@ -288,9 +289,9 @@ for the JavaScript code in this tag.
 Mesh networks are useful as a quick way to make a fully decentralised communications system which is not connected to or reliant upon the internet. Think festivals, hacker conferences, onboard ships at sea, disaster/war zones, small business internal office communications, protests, remote areas of the world, temporary "digital blackouts", scientific expeditions and off-world space colonies. The down side is that you can't access any internet content. The upside is that you can securely communicate with anyone on the local mesh. No ISPs. No payments or subscriptions beyond the cost of obtaining the hardware. Systems need to be within wifi range of each other for the mesh to be created. It can be an ultra-convenient way to do purely local communications.
 </p>

-<div id="outline-container-org37ebd13" class="outline-2">
-<h2 id="org37ebd13">What the system can do</h2>
-<div class="outline-text-2" id="text-org37ebd13">
+<div id="outline-container-orga1510fd" class="outline-2">
+<h2 id="orga1510fd">What the system can do</h2>
+<div class="outline-text-2" id="text-orga1510fd">
 <ul class="org-ul">
 <li>Discovery of other users on the network</li>
 <li>Text based chat, one-to-one and in groups</li>
@ -311,12 +312,13 @@ This system should be quite scalable. Both qTox and IPFS are based upon distribu
 </div>
 </div>

-<div id="outline-container-org3dee082" class="outline-2">
-<h2 id="org3dee082">Disk Images</h2>
-<div class="outline-text-2" id="text-org3dee082">
-</div><div id="outline-container-org7a8aec4" class="outline-3">
-<h3 id="org7a8aec4">Client images</h3>
-<div class="outline-text-3" id="text-org7a8aec4">
+<div id="outline-container-orgaaaf045" class="outline-2">
+<h2 id="orgaaaf045">Disk Images</h2>
+<div class="outline-text-2" id="text-orgaaaf045">
+</div>
+<div id="outline-container-org0bc1bed" class="outline-3">
+<h3 id="org0bc1bed">Client images</h3>
+<div class="outline-text-3" id="text-org0bc1bed">
 <div class="org-center">

 <div class="figure">
@ -330,7 +332,7 @@ This system should be quite scalable. Both qTox and IPFS are based upon distribu
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo apt-get install xz-utils wget
+<pre><code class="src src-bash">sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/v2.00/freedombone-meshclient-2.00_all-i386.img.xz
 wget https://freedombone.net/downloads/v2.00/freedombone-meshclient-2.00_all-i386.img.xz.sig
 gpg --verify freedombone-meshclient-2.00_all-i386.img.xz.sig
@ -338,7 +340,7 @@ sha256sum freedombone-meshclient-2.00_all-i386.img.xz
 403cf1cc2bc5272e5921d3ebefc351540928141bc65641b6d16f2262a933cb4e
 unxz freedombone-meshclient-2.00_all-i386.img.xz
 sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=freedombone-meshclient-2.00_all-i386.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
-</pre>
+</code></pre>
 </div>

 <p>
@ -350,7 +352,7 @@ If you're in an emergency and don't have Atheros wifi dongles then there is also
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo apt-get install xz-utils wget
+<pre><code class="src src-bash">sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/v2.00/freedombone-meshclient-insecure-2.00_all-i386.img.xz
 wget https://freedombone.net/downloads/v2.00/freedombone-meshclient-insecure-2.00_all-i386.img.xz.sig
 gpg --verify freedombone-meshclient-insecure-2.00_all-i386.img.xz.sig
@ -358,21 +360,21 @@ sha256sum freedombone-meshclient-insecure-2.00_all-i386.img.xz
 7cda1a52acad7d18156ea238d7eb550479a5f882ac45c8cf9b9e56077fb26be9
 unxz freedombone-meshclient-insecure-2.00_all-i386.img.xz
 sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=freedombone-meshclient-insecure-2.00_all-i386.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
-</pre>
+</code></pre>
 </div>
 </div>
 </div>

-<div id="outline-container-org2ff6bdb" class="outline-3">
-<h3 id="org2ff6bdb">Router images</h3>
-<div class="outline-text-3" id="text-org2ff6bdb">
+<div id="outline-container-org25954b0" class="outline-3">
+<h3 id="org25954b0">Router images</h3>
+<div class="outline-text-3" id="text-org25954b0">
 <p>
 Routers are intended to build network coverage for an area using small and low cost hardware. You can bolt them to walls or leave them on window ledges. They don't have any user interface and their only job is to haul network traffic across the mesh and to enable peers to find each other via running bootstrap nodes for Tox and IPFS. Copy the image to a microSD card and insert it into the router, plug in an Atheros wifi dongle and power on. That should be all you need to do.
 </p>
 </div>
-<div id="outline-container-org4dcac3a" class="outline-4">
-<h4 id="org4dcac3a">Beaglebone Black</h4>
-<div class="outline-text-4" id="text-org4dcac3a">
+<div id="outline-container-org4c1be64" class="outline-4">
+<h4 id="org4c1be64">Beaglebone Black</h4>
+<div class="outline-text-4" id="text-org4c1be64">
 <div class="org-center">

 <div class="figure">
@ -386,7 +388,7 @@ The above picture shows a Beaglebone Black with the image copied onto a microSD
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo apt-get install xz-utils wget
+<pre><code class="src src-bash">sudo apt-get install xz-utils wget
 wget https://freedombone.net/downloads/v2.00/freedombone-mesh-2.00_beaglebone-armhf.img.xz
 wget https://freedombone.net/downloads/v2.00/freedombone-mesh-2.00_beaglebone-armhf.img.xz.sig
 gpg --verify freedombone-mesh-2.00_beaglebone-armhf.img.xz.sig
@ -394,7 +396,7 @@ sha256sum freedombone-mesh-2.00_beaglebone-armhf.img.xz
 daf8c82f111ae8714cffc52633156554c23d5feafabbe85cb15925e0373a3ff4
 unxz freedombone-mesh-2.00_beaglebone-armhf.img.xz
 sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=freedombone-mesh-2.00_beaglebone-armhf.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
-</pre>
+</code></pre>
 </div>

 <p>
@ -409,19 +411,19 @@ There is still a software freedom issue with the Beaglebone Black, but it doesn'
 </div>
 </div>

-<div id="outline-container-org2b3ae4e" class="outline-2">
-<h2 id="org2b3ae4e">Building Disk Images</h2>
-<div class="outline-text-2" id="text-org2b3ae4e">
+<div id="outline-container-org467d9af" class="outline-2">
+<h2 id="org467d9af">Building Disk Images</h2>
+<div class="outline-text-2" id="text-org467d9af">
 <p>
 It's better not to trust images downloaded from random places on the interwebs. Chances are that unless you are in the web of trust of the above GPG signatures then they don't mean very much to you. If you actually want something trustworthy then build the images from scratch. It will take some time. Here's how to do it.
 </p>

 <p>
-First you will need to create an image. On a Debian based system (tested on Debian Jessie and Trisquel 7):
+First you will need to create an image. On a Debian based system (tested on Debian Stretch):
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo apt-get -y install build-essential libc6-dev-i386 wget <span class="org-sh-escaped-newline">\</span>
+<pre><code class="src src-bash">sudo apt-get -y install build-essential libc6-dev-i386 wget <span class="org-sh-escaped-newline">\</span>
    gcc-multilib g++-multilib git python-docutils mktorrent <span class="org-sh-escaped-newline">\</span>
    vmdebootstrap xz-utils dosfstools btrfs-tools extlinux <span class="org-sh-escaped-newline">\</span>
    python-distro-info mbr qemu-user-static binfmt-support <span class="org-sh-escaped-newline">\</span>
@ -433,9 +435,10 @@ sha256sum freedombone-mesh-13-09-2016.tar.gz
 3e279f8ed762afb682bec6bd463830087354dd2f24020f3b0de51143585ab0ed
 tar -xzvf freedombone-mesh-13-09-2016.tar.gz
 <span class="org-builtin">cd</span> freedombone
+git checkout stretch
 sudo make install
 freedombone-image -t i386 -v meshclient
-</pre>
+</code></pre>
 </div>

 <p>
@ -443,8 +446,8 @@ If you don't have Atheros or free software compatible wifi adapter then you can
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image -t i386 -v meshclient --insecure yes
-</pre>
+<pre><code class="src src-bash">freedombone-image -t i386 -v meshclient --insecure yes
+</code></pre>
 </div>

 <p>
@ -456,8 +459,8 @@ List what drives are on your system with:
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">ls /dev/sd*
-</pre>
+<pre><code class="src src-bash">ls /dev/sd*
+</code></pre>
 </div>

 <p>
@ -469,8 +472,8 @@ You can now copy the image to the USB thumb drive, replacing <b>sdX</b> with the
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
-</pre>
+<pre><code class="src src-bash">sudo dd <span class="org-variable-name">bs</span>=1M <span class="org-variable-name">if</span>=myimagefile.img <span class="org-variable-name">of</span>=/dev/sdX <span class="org-variable-name">conv</span>=fdatasync
+</code></pre>
 </div>

 <p>
@ -490,8 +493,8 @@ You can also use single board computers (SBCs) such as the BeagleBone Black to m
 </p>

 <div class="org-src-container">
-<pre class="src src-bash">freedombone-image -t beaglebone -v mesh
-</pre>
+<pre><code class="src src-bash">freedombone-image -t beaglebone -v mesh
+</code></pre>
 </div>

 <p>
@ -500,9 +503,9 @@ The resulting image can be copied to a microSD card, inserted into a Beaglebone
 </div>
 </div>

-<div id="outline-container-org8c4ac12" class="outline-2">
-<h2 id="org8c4ac12">Customisation</h2>
-<div class="outline-text-2" id="text-org8c4ac12">
+<div id="outline-container-org6801b92" class="outline-2">
+<h2 id="org6801b92">Customisation</h2>
+<div class="outline-text-2" id="text-org6801b92">
 <p>
 If you want to make your own specially branded version, such as for a particular event, then to change the default desktop backgrounds edit the images within <b>img/backgrounds</b> and to change the available avatars and desktop icons edit the images within <b>img/avatars</b>. Re-create disk images using the instructions shown previously.
 </p>
@ -512,9 +515,9 @@ If you need particular <i>dconf</i> commands to alter desktop appearance or beha
 </p>
 </div>
 </div>
-<div id="outline-container-org1e15009" class="outline-2">
-<h2 id="org1e15009">How to use it</h2>
-<div class="outline-text-2" id="text-org1e15009">
+<div id="outline-container-org7e57982" class="outline-2">
+<h2 id="org7e57982">How to use it</h2>
+<div class="outline-text-2" id="text-org7e57982">
 <p>
 When you first boot from the USB drive the system will create some encryption keys, assign a unique network address to the system and then reboot itself. When that's done you should see a prompt asking for a username. This username just makes it easy for others to initially find you on the mesh and will appear in the list of users.
 </p>
@ -524,9 +527,9 @@ After a minute or two if you are within wifi range and there is at least one oth
 </p>
 </div>

-<div id="outline-container-orgef19b14" class="outline-3">
-<h3 id="orgef19b14">Set the Date</h3>
-<div class="outline-text-3" id="text-orgef19b14">
+<div id="outline-container-org2de7191" class="outline-3">
+<h3 id="org2de7191">Set the Date</h3>
+<div class="outline-text-3" id="text-org2de7191">
 <p>
 On the ordinary internet the date and time of your system would be set automatically via NTP. But this is not the internet and so you will need to manually ensure that your date and time settings are correct. You might need to periodically do this if your clock drifts. It's not essential that the time on your system be highly accurate, but if it drifts too far or goes back to epoch then things could become a little confusing in regard to the order of blog posts.
 </p>
@ -536,9 +539,9 @@ On the ordinary internet the date and time of your system would be set automatic
 </p>
 </div>
 </div>
-<div id="outline-container-org54d2f66" class="outline-3">
-<h3 id="org54d2f66">Check network status</h3>
-<div class="outline-text-3" id="text-org54d2f66">
+<div id="outline-container-org87e6daf" class="outline-3">
+<h3 id="org87e6daf">Check network status</h3>
+<div class="outline-text-3" id="text-org87e6daf">
 <p>
 Unlike with ordinary wifi, on the mesh you don't get a signal strength icon and so it's not simple to see if you have a good connection.
 </p>
@ -562,9 +565,9 @@ When you are finished close the window and then select the <i>Network Restart</i
 </div>
 </div>

-<div id="outline-container-orge862a19" class="outline-3">
-<h3 id="orge862a19">Chat System</h3>
-<div class="outline-text-3" id="text-orge862a19">
+<div id="outline-container-orgab337c2" class="outline-3">
+<h3 id="orgab337c2">Chat System</h3>
+<div class="outline-text-3" id="text-orgab337c2">
 <p>
 Ensure that you're within wifi range of at least one other mesh peer (could be a router or client) and then you should see that the <i>Chat</i> and <i>Other Users</i> icons appear. Select the users icon and you should see a list of users on the mesh. Select the <i>Chat</i> icon and once you are connected you should see the status light turn green. If after a few minutes you don't get the green status light then try closing and re-opening the Tox chat application. Select the plus button to add a friend and then copy and paste in a Tox ID from the users list.
 </p>
@ -623,9 +626,9 @@ At present video doesn't work reliably, but text and voice chat do work well.
 </div>
 </div>

-<div id="outline-container-orgd36ab06" class="outline-3">
-<h3 id="orgd36ab06">Sharing Files</h3>
-<div class="outline-text-3" id="text-orgd36ab06">
+<div id="outline-container-org701219f" class="outline-3">
+<h3 id="org701219f">Sharing Files</h3>
+<div class="outline-text-3" id="text-org701219f">
 <p>
 You can make files publicly available on the network simply by dragging and dropping them into the <i>Public</i> folder on the desktop. To view the files belonging to another user select the desktop icon called <i>Visit a site</i> and enter the username or Tox ID of the other user.
 </p>
@ -640,9 +643,9 @@ You can make files publicly available on the network simply by dragging and drop
 </div>
 </div>

-<div id="outline-container-org0d1e26a" class="outline-3">
-<h3 id="org0d1e26a">Blogging</h3>
-<div class="outline-text-3" id="text-org0d1e26a">
+<div id="outline-container-org06ffe7d" class="outline-3">
+<h3 id="org06ffe7d">Blogging</h3>
+<div class="outline-text-3" id="text-org06ffe7d">
 <p>
 To create a blog post select the <i>Blog</i> icon on the desktop and then use the up and down cursor keys, space bar and enter key to add a new entry. Edit the title of the entry and add your text. You can also include photos if you wish - just copy them to the <b>CreateBlog/content/images</b> directory and then link to them as shown.
 </p>