167 lines
8.3 KiB
Org Mode
167 lines
8.3 KiB
Org Mode
#+TITLE:
|
|
#+AUTHOR: Bob Mottram
|
|
#+EMAIL: bob@robotics.uk.to
|
|
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
|
|
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
|
|
#+OPTIONS: ^:nil
|
|
#+BEGIN_CENTER
|
|
[[./images/logo.png]]
|
|
#+END_CENTER
|
|
| [[file:index.html][Home]] | [[Download the code]] | [[On a Beaglebone Black]] | [[On a laptop/PC/netbook]] | [[Internet Router]] |
|
|
|
|
* Download and install the code
|
|
Firstly you'll need to download the code as follows:
|
|
|
|
#+BEGIN_SRC bash
|
|
sudo apt-get install git
|
|
git clone https://github.com/bashrc/freedombone
|
|
cd freedombone
|
|
make install
|
|
#+END_SRC
|
|
* On a Beaglebone Black
|
|
To get started you will need:
|
|
|
|
- A Beaglebone Black
|
|
- A MicroSD card
|
|
- Ethernet cable
|
|
- Optionally a 5V 2A power supply for the Beaglebone Black
|
|
- Access to the internet via a router with ethernet sockets
|
|
- USB thumb drive (for backups or storing media)
|
|
- One or more subdomains created on https://freedns.afraid.org
|
|
- A purchased domain name and SSL certificate (only needed for Red Matrix)
|
|
- A laptop or desktop machine with the ability to write to a microSD card (might need an adaptor)
|
|
|
|
You will also need to know, or find out, the IP address of your internet router and have a suitable static IP address for the Beaglebone on your local network. The router should allow you to forward ports to the Beaglebone (often this is under firewall or "advanced" settings).
|
|
|
|
Plug the microSD card into your laptop/desktop and then run the *freedombone-prep* command. For example:
|
|
|
|
#+BEGIN_SRC bash
|
|
freedombone-prep -d /dev/sdX --ip <static LAN IP> --iprouter <router LAN IP>
|
|
#+END_SRC
|
|
|
|
where */dev/sdX* is the device name for the microSD card. Often it's */dev/sdb* or */dev/sdc*, depending upon how many drives there are on your system. The script will download the Debian installer and update the microSD card. It can take a while, so be patient.
|
|
|
|
When the initial setup is done follow the instructions on screen to run the main Freedombone script. You can create a separate configuration file called *freedombone.cfg* which contains those variables. Variables which you might want to put into a *freedombone.cfg* file are:
|
|
|
|
#+BEGIN_SRC bash
|
|
MY_EMAIL_ADDRESS=<your email address>
|
|
MY_NAME=<your name/nick/pseudonym>
|
|
MY_BLOG_TITLE=<title of your blog>
|
|
MY_BLOG_SUBTITLE=<subtitle of your blog>
|
|
SSH_PORT=2222
|
|
FULLBLOG_DOMAIN_NAME=<freedns subdomain for your blog>
|
|
FULLBLOG_FREEDNS_SUBDOMAIN_CODE=<freedns subdomain code for your blog>
|
|
MICROBLOG_DOMAIN_NAME=<domain name for your microblog>
|
|
MICROBLOG_FREEDNS_SUBDOMAIN_CODE=1234
|
|
REDMATRIX_DOMAIN_NAME=<domain name for your Red Matrix site>
|
|
OWNCLOUD_DOMAIN_NAME=<freedns subdomain for your Owncloud site>
|
|
OWNCLOUD_FREEDNS_SUBDOMAIN_CODE=<freedns subdomain code for your Owncloud site>
|
|
WIKI_TITLE=<title of your wiki>
|
|
WIKI_DOMAIN_NAME=<freedns subdomain for your wiki>
|
|
WIKI_FREEDNS_SUBDOMAIN_CODE=<freedns subdomain code for your wiki>
|
|
MY_GPG_PUBLIC_KEY=<exported public key filename>
|
|
MY_GPG_PRIVATE_KE=<exported private key filename>
|
|
PUBLIC_MAILING_LIST=<name of your mailing list>
|
|
LOCAL_NETWORK_STATIC_IP_ADDRESS=192.168.1.60
|
|
ROUTER_IP_ADDRESS=192.168.1.254
|
|
ENABLE_CJDNS=no
|
|
#+END_SRC
|
|
|
|
The GPG public/private key variables are for the filenames of exported GPG keys, and if a private key filename is given then it will be automatically shredded after import.
|
|
|
|
The [[https://freedns.afraid.org/][FreeDNS]] subdomain codes can be found under "Dynamic DNS" and "quick cron example". On the last line it will be the string located between the '?' and the '==' characters.
|
|
|
|
The syntax of the *freedombone* command is:
|
|
|
|
#+BEGIN_SRC bash
|
|
freedombone --bbb -d [domain name] -u [username] -c [FreeDNS subdomain code] -s [optional variant type]
|
|
#+END_SRC
|
|
|
|
Also see the manpage for additional options which can be used instead of a configuration file. If you don't specify a variant type with the final option then everything will be installed. If you have a *freedombone.cfg* file then it should be in the same directory from which the *freedombone* command is run.
|
|
|
|
Installation is not quick, and depends upon which variant you choose and your internet bandwidth. Allow about three hours for a full installation on the Beaglebone Black. On the Beaglebone installation is in two parts, since a reboot is needed to enable the hardware random number generator and zram.
|
|
|
|
When done you can ssh into the Freedombone with:
|
|
|
|
#+BEGIN_SRC bash
|
|
ssh username@domain -p 2222
|
|
#+END_SRC
|
|
|
|
Any manual post-installation setup instructions or passwords can be found in */home/username/README*. You should remove any passwords from that file and store them within a password manager such as KeepassX.
|
|
|
|
* On a laptop/PC/netbook
|
|
It's also possible to install Freedombone onto other hardware, including other types of single board computer. Any system with a fresh installation of Debian Jessie will do. Just make sure that you change the variable INSTALLING_ON_BBB to "no" within *freedombone.cfg* or do not include the *--bbb* option within the *freedombone* command. Obviously, you don't need to run the *freedombone-prep* command on non-Beaglebone systems.
|
|
|
|
* Download the [[https://www.debian.org/devel/debian-installer][Debian Jessie "netinst" installer]]
|
|
* Use [[https://apps.ubuntu.com/cat/applications/usb-creator-gtk/][Startup Disk Creator]] or [[https://en.wikipedia.org/wiki/UNetbootin][Unetbootin]] to copy the netinst image to a USB thumb drive
|
|
* Connect the machine to your internet router using an ethernet patch lead. Freedombone is a fully free (as in freedom) system and so wifi drivers may not work. A wired network connection will give better performance anyway.
|
|
* On the target machine boot from the USB drive and go through the installation. It's a good idea to use LVM and disk encryption together with a long passphrase which will be hard to crack by brute force methods. Keep a note of the passphrase in your password manager.
|
|
* Within the installer unselect the *print server* and select the *ssh server*
|
|
* After installation use ssh to access the machine and become the root user
|
|
#+BEGIN_SRC bash
|
|
ssh username@192.168.1.60
|
|
su
|
|
#+END_SRC
|
|
* If you have GPG keys you may wish to transfer them to the */home/usernname* directory. If the machine has a second USB socket or an SD card slot then that may be the most secure way to do it.
|
|
* Run the following commands:
|
|
#+BEGIN_SRC bash
|
|
cd /home/<username>
|
|
apt-get install git
|
|
git clone https://github.com/bashrc/freedombone
|
|
cd freedombone
|
|
make install
|
|
nano freedombone.cfg
|
|
#+END_SRC
|
|
|
|
* Now create a configuration file, such as the following, filling in the details for your [[https://freedns.afraid.org/][FreeDNS subdomains]].
|
|
#+BEGIN_SRC bash
|
|
INSTALLING_ON_BBB=no
|
|
MY_EMAIL_ADDRESS=<your email address>
|
|
MY_NAME=<your name/nick/pseudonym>
|
|
MY_BLOG_TITLE=<title of your blog>
|
|
MY_BLOG_SUBTITLE=<subtitle of your blog>
|
|
SSH_PORT=2222
|
|
FULLBLOG_DOMAIN_NAME=<freedns subdomain for your blog>
|
|
FULLBLOG_FREEDNS_SUBDOMAIN_CODE=<freedns subdomain code for your blog>
|
|
MICROBLOG_DOMAIN_NAME=<domain name for your microblog>
|
|
MICROBLOG_FREEDNS_SUBDOMAIN_CODE=1234
|
|
REDMATRIX_DOMAIN_NAME=<domain name for your Red Matrix site>
|
|
OWNCLOUD_DOMAIN_NAME=<freedns subdomain for your Owncloud site>
|
|
OWNCLOUD_FREEDNS_SUBDOMAIN_CODE=<freedns subdomain code for your Owncloud site>
|
|
WIKI_TITLE=<title of your wiki>
|
|
WIKI_DOMAIN_NAME=<freedns subdomain for your wiki>
|
|
WIKI_FREEDNS_SUBDOMAIN_CODE=<freedns subdomain code for your wiki>
|
|
MY_GPG_PUBLIC_KEY=<exported public key filename>
|
|
MY_GPG_PRIVATE_KE=<exported private key filename>
|
|
PUBLIC_MAILING_LIST=<name of your mailing list>
|
|
LOCAL_NETWORK_STATIC_IP_ADDRESS=192.168.1.60
|
|
ROUTER_IP_ADDRESS=192.168.1.254
|
|
ENABLE_CJDNS=no
|
|
#+END_SRC
|
|
|
|
* Save and exit, then run:
|
|
#+BEGIN_SRC bash
|
|
freedombone -d <your wiki domain name> -u <your username> -c <your wiki FreeDNS domain code>
|
|
#+END_SRC
|
|
|
|
* Internet Router
|
|
On your internet router, typically under firewall settings, open the following ports and forward them to the Freedombone.
|
|
|
|
| Service | Ports |
|
|
|---------+------------|
|
|
| HTTP | 80 |
|
|
| HTTPS | 443 |
|
|
| SSH | 2222 |
|
|
| DLNA | 1900 |
|
|
| DLNA | 8200 |
|
|
| XMPP | 5222..5223 |
|
|
| XMPP | 5269 |
|
|
| XMPP | 5280..5281 |
|
|
| IRC | 6697 |
|
|
| IRC | 9999 |
|
|
| Git | 9418 |
|
|
| Email | 25 |
|
|
| Email | 587 |
|
|
| Email | 465 |
|
|
| Email | 993 |
|