188 lines
7.1 KiB
Org Mode
188 lines
7.1 KiB
Org Mode
#+TITLE:
|
|
#+AUTHOR: Bob Mottram
|
|
#+EMAIL: bob@robotics.uk.to
|
|
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
|
|
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
|
|
#+OPTIONS: ^:nil
|
|
#+BEGIN_CENTER
|
|
[[./images/logo.png]]
|
|
#+END_CENTER
|
|
| [[file:index.html][Home]] | [[Preparation for the Beaglebone Black]] | [[Checklist]] | [[GPG Keys]] | [[Interactive Setup]] | [[Non-Interactive Setup]] | [[Post-Setup]] | [[On Client Machines]] |
|
|
|
|
|
|
* Preparation for the Beaglebone Black
|
|
This section is specific to the Beaglebone Black hardware. If you're not using that hardware then just skip to the next section.
|
|
|
|
To get started you will need:
|
|
|
|
- A Beaglebone Black
|
|
- A MicroSD card
|
|
- Ethernet cable
|
|
- Optionally a 5V 2A power supply for the Beaglebone Black
|
|
- Access to the internet via a router with ethernet sockets
|
|
- USB thumb drive (for backups or storing media)
|
|
- One or more domains available via a dynamic DNS provider, such as https://freedns.afraid.org
|
|
- A purchased domain name and SSL certificate (only needed for Red Matrix)
|
|
- A laptop or desktop machine with the ability to write to a microSD card (might need an adaptor)
|
|
|
|
You will also need to know, or find out, the IP address of your internet router and have a suitable static IP address for the Beaglebone on your local network. The router should allow you to forward ports to the Beaglebone (often this is under firewall or "advanced" settings).
|
|
|
|
You can either install from a debian package or manually as follows:
|
|
|
|
#+BEGIN_SRC bash
|
|
sudo apt-get update
|
|
sudo apt-get install git dialog build-essential
|
|
git clone https://github.com/bashrc/freedombone
|
|
cd freedombone
|
|
sudo make install
|
|
#+END_SRC
|
|
|
|
Plug the microSD card into your laptop/desktop and then run the *freedombone-prep* command. For example:
|
|
|
|
#+BEGIN_SRC bash
|
|
freedombone-prep -d /dev/sdX --ip freedombone_IP_address --iprouter router_IP_address
|
|
#+END_SRC
|
|
|
|
where /dev/sdX is the device name for the microSD card. Often it's /dev/sdb or /dev/sdc, depending upon how many drives there are on your system. The script will download the Debian installer and update the microSD card. It can take a while, so be patient.
|
|
|
|
When the initial setup is done follow the instructions on screen to run the main freedombone command.
|
|
|
|
* Checklist
|
|
Before running the freedombone command you will need a few things.
|
|
|
|
* Have some domains, or subdomains, registered with a dynamic DNS service
|
|
* System with a new installation of Debian Jessie
|
|
* Ethernet connection to an internet router
|
|
* It is possible to forward ports from the internet router to the system
|
|
* If you want to set up a social network or microblog then you will need SSL certificates corresponding to those domains
|
|
* Have ssh access to the system
|
|
|
|
* GPG Keys
|
|
If you have existing GPG keys then copy the .gnupg directory onto the system.
|
|
|
|
#+BEGIN_SRC bash
|
|
scp -r ~/.gnupg username@freedombone_IP_address:/home/username
|
|
#+END_SRC
|
|
|
|
* Interactive Setup
|
|
The interactive server configuration setup is recommended for most users. On the system where freedombone is to be installed create a configuration file.
|
|
|
|
#+BEGIN_SRC bash
|
|
ssh myusername@freedombone_IP_address
|
|
su
|
|
sudo apt-get update
|
|
apt-get install git dialog build-essential
|
|
git clone https://github.com/bashrc/freedombone
|
|
cd freedombone
|
|
make install
|
|
#+END_SRC
|
|
|
|
Now the easiest way to install the system is via the interactive setup.
|
|
|
|
#+BEGIN_SRC bash
|
|
freedombone menuconfig
|
|
#+END_SRC
|
|
|
|
You can select which variant you wish to install and then enter the details as requested. A video of the install sequence can be [[./installer.ogv][seen here]].
|
|
|
|
* Non-Interactive Setup
|
|
If you don't want to install interactively then it's possible to manually create a configuration file as follows:
|
|
|
|
On the system where freedombone is to be installed create a configuration file.
|
|
|
|
#+BEGIN_SRC bash
|
|
ssh myusername@freedombone_IP_address
|
|
su
|
|
sudo apt-get update
|
|
apt-get install git build-essential
|
|
git clone https://github.com/bashrc/freedombone
|
|
cd freedombone
|
|
make install
|
|
nano /home/myusername/freedombone/freedombone.cfg
|
|
#+END_SRC
|
|
|
|
Add the following, and set the values as needed. DEFAULT_DOMAIN_NAME is where your email/xmpp/irc/voip will be accessed from. It could be the same as one of your other domains, or separate.
|
|
|
|
#+BEGIN_SRC bash
|
|
MY_USERNAME=myusername
|
|
DEFAULT_DOMAIN_NAME=mywikidomain
|
|
SYSTEM_TYPE=full
|
|
INSTALLING_ON_BBB=no
|
|
DDNS_PROVIDER=default@freedns.afraid.org
|
|
DDNS_USERNAME=ddnsusername
|
|
DDNS_PASSWORD=ddnspassword3471326
|
|
MY_NAME=MyFullNameOrNick
|
|
MY_EMAIL_ADDRESS=myusername@mywikidomain
|
|
LOCAL_NETWORK_STATIC_IP_ADDRESS=192.168.1.60
|
|
ROUTER_IP_ADDRESS=192.168.1.254
|
|
ENABLE_CJDNS=no
|
|
DEBIAN_REPO=ftp.us.debian.org
|
|
NAMESERVER1=85.214.73.63
|
|
NAMESERVER2=213.73.91.35
|
|
WIKI_TITLE=my wiki title
|
|
WIKI_DOMAIN_NAME=mywikidomain
|
|
MY_BLOG_TITLE=my blog
|
|
FULLBLOG_DOMAIN_NAME=myblogdomain
|
|
MICROBLOG_DOMAIN_NAME=mymicroblogdomain
|
|
REDMATRIX_DOMAIN_NAME=myredmatrixdomain
|
|
OWNCLOUD_DOMAIN_NAME=myownclouddomain
|
|
#+END_SRC
|
|
|
|
Both of the IP addresses are local IP addresses, typically of the form 192.168.x.x, with one being for the system and the other being for the internet router.
|
|
|
|
Save the configuration file and exit from your editor.
|
|
|
|
Now you can begin the installation. If you are doing this on a Beaglebone Black:
|
|
|
|
#+BEGIN_SRC bash
|
|
freedombone -c freedombone.cfg
|
|
#+END_SRC
|
|
|
|
The above command should be run in the same directory in which your configuration file exists.
|
|
|
|
Also see the manpage for additional options which can be used instead of a configuration file.
|
|
|
|
* Post-Setup
|
|
Setup of the server and installation of all the relevant packages is not quick, and depends upon which variant you choose and your internet bandwidth. Allow about three hours for a full installation on the Beaglebone Black. On the Beaglebone installation is in two parts, since a reboot is needed to enable the hardware random number generator and zram.
|
|
|
|
When done you can ssh into the Freedombone with:
|
|
|
|
#+BEGIN_SRC bash
|
|
ssh myusername@domain -p 2222
|
|
#+END_SRC
|
|
|
|
Any manual post-installation setup instructions or passwords can be found in /home/username/README. You should remove any passwords from that file and store them within a password manager such as KeepassX.
|
|
|
|
On your internet router, typically under firewall settings, open the following ports and forward them to your server.
|
|
|
|
| Service | Ports |
|
|
|---------+------------|
|
|
| HTTP | 80 |
|
|
| HTTPS | 443 |
|
|
| SSH | 2222 |
|
|
| DLNA | 1900 |
|
|
| DLNA | 8200 |
|
|
| XMPP | 5222..5223 |
|
|
| XMPP | 5269 |
|
|
| XMPP | 5280..5281 |
|
|
| IRC | 6697 |
|
|
| IRC | 9999 |
|
|
| Git | 9418 |
|
|
| Email | 25 |
|
|
| Email | 587 |
|
|
| Email | 465 |
|
|
| Email | 993 |
|
|
| VoIP | 64738 |
|
|
|
|
* On Client Machines
|
|
You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
|
|
|
|
#+BEGIN_SRC bash
|
|
sudo apt-get update
|
|
sudo apt-get install git dialog haveged build-essential
|
|
git clone https://github.com/bashrc/freedombone
|
|
cd freedombone
|
|
sudo make install
|
|
freedombone-client
|
|
#+END_SRC
|