瀏覽代碼

Merge branch 'stretch' of https://github.com/bashrc/freedombone

Bob Mottram 7 年之前
父節點
當前提交
957065483a
共有 6 個檔案被更改,包括 934 行新增120 行删除
  1. 32
    0
      doc/EN/app_privatebin.org
  2. 5
    1
      doc/EN/apps.org
  3. 459
    0
      src/freedombone-app-privatebin
  4. 1
    0
      src/freedombone-image-customise
  5. 306
    0
      website/EN/app_privatebin.html
  6. 131
    119
      website/EN/apps.html

+ 32
- 0
doc/EN/app_privatebin.org 查看文件

@@ -0,0 +1,32 @@
1
+#+TITLE:
2
+#+AUTHOR: Bob Mottram
3
+#+EMAIL: bob@freedombone.net
4
+#+KEYWORDS: freedombone, privatebin
5
+#+DESCRIPTION: How to use PrivateBin
6
+#+OPTIONS: ^:nil toc:nil
7
+#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
8
+
9
+#+BEGIN_CENTER
10
+[[file:images/logo.png]]
11
+#+END_CENTER
12
+
13
+#+BEGIN_EXPORT html
14
+<center>
15
+<h1>PrivateBin</h1>
16
+</center>
17
+#+END_EXPORT
18
+
19
+This is an encrypted pastebin, such that the server has zero knowledge of the content. It's intended for small amounts of text less than 32K in length. It's not intended for transfering large files, or for storing pastes for more than a day.
20
+
21
+Because this is completely open to any user on the internet you should be wary of the potential for DDoS, and only install this app if you really need to avoid using other pastebins or if other pastebin sites are censored or untrustable. There are traffic limits set within this app to attempt to minimize the potential for flooding attacks, but that might still not be sufficient in the worst cases.
22
+
23
+* Installation
24
+Log into your system with:
25
+
26
+#+begin_src bash
27
+ssh myusername@mydomain -p 2222
28
+#+end_src
29
+
30
+Using cursor keys, space bar and Enter key select *Administrator controls* and type in your password.
31
+
32
+Select *Add/Remove Apps* then *privatebin*. You'll need to enter your preferred subdomain - something like /paste.yourdomain.com/ and optionally a freedns code.

+ 5
- 1
doc/EN/apps.org 查看文件

@@ -135,7 +135,11 @@ The black hole for web adverts. Block adverts at the domain name level within yo
135 135
 * PostActiv
136 136
 An alternative federated social networking system compatible with GNU Social, Pleroma and Mastodon. It includes some optimisations and fixes currently not available within the main GNU Social project.
137 137
 
138
-[[./app_postactiv.html][How to use it]
138
+[[./app_postactiv.html][How to use it]]
139
+* PrivateBin
140
+A pastebin where the server has zero knowledge of the content being pasted.
141
+
142
+[[./app_privatebin.html][How to use it]]
139 143
 * Profanity
140 144
 A shell based XMPP client which you can run on the Freedombone server via ssh.
141 145
 

+ 459
- 0
src/freedombone-app-privatebin 查看文件

@@ -0,0 +1,459 @@
1
+#!/bin/bash
2
+#
3
+# .---.                  .              .
4
+# |                      |              |
5
+# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
6
+# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
7
+# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
8
+#
9
+#                    Freedom in the Cloud
10
+#
11
+# privatebin application
12
+#
13
+# License
14
+# =======
15
+#
16
+# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
17
+#
18
+# This program is free software: you can redistribute it and/or modify
19
+# it under the terms of the GNU Affero General Public License as published by
20
+# the Free Software Foundation, either version 3 of the License, or
21
+# (at your option) any later version.
22
+#
23
+# This program is distributed in the hope that it will be useful,
24
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
25
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
26
+# GNU Affero General Public License for more details.
27
+#
28
+# You should have received a copy of the GNU Affero General Public License
29
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
30
+
31
+VARIANTS='full full-vim writer'
32
+
33
+IN_DEFAULT_INSTALL=0
34
+SHOW_ON_ABOUT=1
35
+
36
+PRIVATEBIN_DOMAIN_NAME=
37
+PRIVATEBIN_CODE=
38
+PRIVATEBIN_ONION_PORT=8150
39
+PRIVATEBIN_REPO="https://github.com/PrivateBin/PrivateBin"
40
+PRIVATEBIN_COMMIT='9c132cd839fd5e91da18e4a1e8ebef64fce605fb'
41
+PRIVATEBIN_ADMIN_PASSWORD=
42
+
43
+privatebin_variables=(ONION_ONLY
44
+                      PRIVATEBIN_DOMAIN_NAME
45
+                      PRIVATEBIN_CODE
46
+                      DDNS_PROVIDER
47
+                      MY_USERNAME)
48
+
49
+function secure_privatebin {
50
+    pbpath="/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs"
51
+    pbdata="/var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/data"
52
+    htgroup='www-data'
53
+    rootuser='root'
54
+
55
+    find "${pbpath}/" -type f -print0 | xargs -0 chmod 0640
56
+    find "${pbpath}/" -type d -print0 | xargs -0 chmod 0550
57
+
58
+    chown -R ${rootuser}:${htgroup} "${pbpath}/"
59
+    chown -R www-data:www-data ${pbdata}
60
+}
61
+
62
+function logging_on_privatebin {
63
+    echo -n ''
64
+}
65
+
66
+function logging_off_privatebin {
67
+    echo -n ''
68
+}
69
+
70
+function remove_user_privatebin {
71
+    remove_username="$1"
72
+}
73
+
74
+function add_user_privatebin {
75
+    new_username="$1"
76
+    new_user_password="$2"
77
+
78
+    echo '0'
79
+}
80
+
81
+function install_interactive_privatebin {
82
+    if [ ! $ONION_ONLY ]; then
83
+        ONION_ONLY='no'
84
+    fi
85
+
86
+    if [[ $ONION_ONLY != "no" ]]; then
87
+        PRIVATEBIN_DOMAIN_NAME='privatebin.local'
88
+    else
89
+        PRIVATEBIN_DETAILS_COMPLETE=
90
+        while [ ! $PRIVATEBIN_DETAILS_COMPLETE ]
91
+        do
92
+            data=$(tempfile 2>/dev/null)
93
+            trap "rm -f $data" 0 1 2 5 15
94
+            if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
95
+                dialog --backtitle $"Freedombone Configuration" \
96
+                       --title $"PrivateBin Configuration" \
97
+                       --form $"\nPlease enter your PrivateBin details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \
98
+                       $"Domain:" 1 1 "$(grep 'PRIVATEBIN_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 15 33 40 \
99
+                       $"Code:" 2 1 "$(grep 'PRIVATEBIN_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 15 33 255 \
100
+                       2> $data
101
+            else
102
+                dialog --backtitle $"Freedombone Configuration" \
103
+                       --title $"PrivateBin Configuration" \
104
+                       --form $"\nPlease enter your PrivateBin details. The background image URL can be left blank.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \
105
+                       $"Domain:" 1 1 "$(grep 'PRIVATEBIN_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 15 33 40 \
106
+                       2> $data
107
+            fi
108
+            sel=$?
109
+            case $sel in
110
+                1) exit 1;;
111
+                255) exit 1;;
112
+            esac
113
+            PRIVATEBIN_DOMAIN_NAME=$(cat $data | sed -n 1p)
114
+            if [ $PRIVATEBIN_DOMAIN_NAME ]; then
115
+                if [[ $PRIVATEBIN_DOMAIN_NAME == "$HUBZILLA_DOMAIN_NAME" ]]; then
116
+                    PRIVATEBIN_DOMAIN_NAME=""
117
+                fi
118
+                TEST_DOMAIN_NAME=$PRIVATEBIN_DOMAIN_NAME
119
+                validate_domain_name
120
+                if [[ $TEST_DOMAIN_NAME != $PRIVATEBIN_DOMAIN_NAME ]]; then
121
+                    PRIVATEBIN_DOMAIN_NAME=
122
+                    dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
123
+                else
124
+                    if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
125
+                        PRIVATEBIN_CODE=$(cat $data | sed -n 2p)
126
+                        validate_freedns_code "$PRIVATEBIN_CODE"
127
+                        if [ ! $VALID_CODE ]; then
128
+                            PRIVATEBIN_DOMAIN_NAME=
129
+                        fi
130
+                    fi
131
+                fi
132
+            fi
133
+            if [ $PRIVATEBIN_DOMAIN_NAME ]; then
134
+                PRIVATEBIN_DETAILS_COMPLETE="yes"
135
+            fi
136
+        done
137
+
138
+        write_config_param "PRIVATEBIN_CODE" "$PRIVATEBIN_CODE"
139
+    fi
140
+    write_config_param "PRIVATEBIN_DOMAIN_NAME" "$PRIVATEBIN_DOMAIN_NAME"
141
+    APP_INSTALLED=1
142
+}
143
+
144
+function change_password_privatebin {
145
+    curr_username="$1"
146
+    new_user_password="$2"
147
+}
148
+
149
+function reconfigure_privatebin {
150
+    echo -n ''
151
+}
152
+
153
+function upgrade_privatebin {
154
+    CURR_PRIVATEBIN_COMMIT=$(get_completion_param "privatebin commit")
155
+    if [[ "$CURR_PRIVATEBIN_COMMIT" == "$PRIVATEBIN_COMMIT" ]]; then
156
+        return
157
+    fi
158
+
159
+    if grep -q "privatebin domain" $COMPLETION_FILE; then
160
+        PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain")
161
+    fi
162
+
163
+    # update to the next commit
164
+    function_check set_repo_commit
165
+    set_repo_commit /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs "privatebin commit" "$PRIVATEBIN_COMMIT" $PRIVATEBIN_REPO
166
+
167
+    secure_privatebin
168
+}
169
+
170
+
171
+function backup_local_privatebin {
172
+    PRIVATEBIN_DOMAIN_NAME='privatebin'
173
+    if grep -q "privatebin domain" $COMPLETION_FILE; then
174
+        PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain")
175
+    fi
176
+
177
+    source_directory=/var/www/${PRIVATEBIN_DOMAIN_NAME}/htdocs/data
178
+
179
+    function_check suspend_site
180
+    suspend_site ${PRIVATEBIN_DOMAIN_NAME}
181
+
182
+    function_check backup_directory_to_usb
183
+    dest_directory=privatebin
184
+    backup_directory_to_usb $source_directory $dest_directory
185
+
186
+    function_check restart_site
187
+    restart_site
188
+}
189
+
190
+function restore_local_privatebin {
191
+    if ! grep -q "privatebin domain" $COMPLETION_FILE; then
192
+        return
193
+    fi
194
+    PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain")
195
+    if [ $PRIVATEBIN_DOMAIN_NAME ]; then
196
+        echo $"Restoring privatebin"
197
+        temp_restore_dir=/root/tempprivatebin
198
+        privatebin_dir=/var/www/${PRIVATEBIN_DOMAIN_NAME}/htdocs/data
199
+
200
+        function_check restore_directory_from_usb
201
+        restore_directory_from_usb $temp_restore_dir privatebin
202
+        if [ -d $temp_restore_dir ]; then
203
+            if [ -d cp $temp_restore_dir$privatebin_dir ]; then
204
+                cp -rp $temp_restore_dir$privatebin_dir/* $privatebin_dir/
205
+            else
206
+                cp -rp $temp_restore_dir/* $privatebin_dir/
207
+            fi
208
+            secure_privatebin
209
+            rm -rf $temp_restore_dir
210
+        fi
211
+
212
+        echo $"Restore of privatebin complete"
213
+    fi
214
+}
215
+
216
+function backup_remote_privatebin {
217
+    PRIVATEBIN_DOMAIN_NAME='privatebin'
218
+    if grep -q "privatebin domain" $COMPLETION_FILE; then
219
+        PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain")
220
+    fi
221
+
222
+    source_directory=/var/www/${PRIVATEBIN_DOMAIN_NAME}/htdocs/data
223
+
224
+    function_check suspend_site
225
+    suspend_site ${PRIVATEBIN_DOMAIN_NAME}
226
+
227
+    function_check backup_directory_to_friend
228
+    dest_directory=privatebin
229
+    backup_directory_to_friend $source_directory $dest_directory
230
+
231
+    function_check restart_site
232
+    restart_site
233
+}
234
+
235
+function restore_remote_privatebin {
236
+    if ! grep -q "privatebin domain" $COMPLETION_FILE; then
237
+        return
238
+    fi
239
+    PRIVATEBIN_DOMAIN_NAME=$(get_completion_param "privatebin domain")
240
+    if [ $PRIVATEBIN_DOMAIN_NAME ]; then
241
+        temp_restore_dir=/root/tempprivatebin
242
+        privatebin_dir=/var/www/${PRIVATEBIN_DOMAIN_NAME}/htdocs/data
243
+
244
+        function_check restore_directory_from_friend
245
+        restore_directory_from_friend $temp_restore_dir privatebin
246
+        if [ -d $temp_restore_dir ]; then
247
+            if [ -d cp $temp_restore_dir$privatebin_dir ]; then
248
+                cp -rp $temp_restore_dir$privatebin_dir/* $privatebin_dir/
249
+            else
250
+                cp -rp $temp_restore_dir/* $privatebin_dir/
251
+            fi
252
+            secure_privatebin
253
+            rm -rf $temp_restore_dir
254
+        fi
255
+    fi
256
+}
257
+
258
+function remove_privatebin {
259
+    if [ ${#PRIVATEBIN_DOMAIN_NAME} -eq 0 ]; then
260
+        return
261
+    fi
262
+    read_config_param "PRIVATEBIN_DOMAIN_NAME"
263
+    read_config_param "MY_USERNAME"
264
+    echo "Removing $PRIVATEBIN_DOMAIN_NAME"
265
+    nginx_dissite $PRIVATEBIN_DOMAIN_NAME
266
+    remove_certs $PRIVATEBIN_DOMAIN_NAME
267
+
268
+    if [ -d /var/www/$PRIVATEBIN_DOMAIN_NAME ]; then
269
+        rm -rf /var/www/$PRIVATEBIN_DOMAIN_NAME
270
+    fi
271
+    if [ -f /etc/nginx/sites-available/$PRIVATEBIN_DOMAIN_NAME ]; then
272
+        rm /etc/nginx/sites-available/$PRIVATEBIN_DOMAIN_NAME
273
+    fi
274
+    function_check remove_onion_service
275
+    remove_onion_service privatebin ${PRIVATEBIN_ONION_PORT}
276
+    if grep -q "privatebin" /etc/crontab; then
277
+        sed -i "/privatebin/d" /etc/crontab
278
+    fi
279
+    remove_app privatebin
280
+    remove_completion_param install_privatebin
281
+    sed -i '/privatebin/d' $COMPLETION_FILE
282
+
283
+    function_check remove_ddns_domain
284
+    remove_ddns_domain $PRIVATEBIN_DOMAIN_NAME
285
+}
286
+
287
+function install_privatebin {
288
+    if [ ! $ONION_ONLY ]; then
289
+        ONION_ONLY='no'
290
+    fi
291
+
292
+    if [ ! $PRIVATEBIN_DOMAIN_NAME ]; then
293
+        echo $'No domain name was given for privatebin'
294
+        exit 7359
295
+    fi
296
+
297
+    apt-get -yq install php-gettext php-curl php-gd php-mysql git curl
298
+    apt-get -yq install memcached php-memcached php-intl exiftool libfcgi0ldbl
299
+    apt-get -yq install php-libsodium libsodium18 php-mcrypt
300
+
301
+    if [ ! -d /var/www/$PRIVATEBIN_DOMAIN_NAME ]; then
302
+        mkdir /var/www/$PRIVATEBIN_DOMAIN_NAME
303
+    fi
304
+    if [ ! -d /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs ]; then
305
+
306
+        if [ -d /repos/privatebin ]; then
307
+            mkdir /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
308
+            cp -r -p /repos/privatebin/. /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
309
+            cd /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
310
+            git pull
311
+        else
312
+            function_check git_clone
313
+            git_clone $PRIVATEBIN_REPO /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
314
+        fi
315
+
316
+        if [ ! -d /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs ]; then
317
+            echo $'Unable to clone privatebin repo'
318
+            exit 63763873
319
+        fi
320
+    fi
321
+
322
+    cd /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
323
+    git checkout $PRIVATEBIN_COMMIT -b $PRIVATEBIN_COMMIT
324
+    set_completion_param "privatebin commit" "$PRIVATEBIN_COMMIT"
325
+
326
+    chmod g+w /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
327
+    chown -R www-data:www-data /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs
328
+
329
+    function_check add_ddns_domain
330
+    add_ddns_domain $PRIVATEBIN_DOMAIN_NAME
331
+
332
+    PRIVATEBIN_ONION_HOSTNAME=$(add_onion_service privatebin 80 ${PRIVATEBIN_ONION_PORT})
333
+
334
+    privatebin_nginx_site=/etc/nginx/sites-available/$PRIVATEBIN_DOMAIN_NAME
335
+    if [[ $ONION_ONLY == "no" ]]; then
336
+        function_check nginx_http_redirect
337
+        nginx_http_redirect $PRIVATEBIN_DOMAIN_NAME "index index.php"
338
+        echo 'server {' >> $privatebin_nginx_site
339
+        echo '  listen 443 ssl;' >> $privatebin_nginx_site
340
+        echo '  listen [::]:443 ssl;' >> $privatebin_nginx_site
341
+        echo "  server_name $PRIVATEBIN_DOMAIN_NAME;" >> $privatebin_nginx_site
342
+        echo '' >> $privatebin_nginx_site
343
+        function_check nginx_compress
344
+        nginx_compress $PRIVATEBIN_DOMAIN_NAME
345
+        echo '' >> $privatebin_nginx_site
346
+        echo '  # Security' >> $privatebin_nginx_site
347
+        function_check nginx_ssl
348
+        nginx_ssl $PRIVATEBIN_DOMAIN_NAME
349
+
350
+        function_check nginx_disable_sniffing
351
+        nginx_disable_sniffing $PRIVATEBIN_DOMAIN_NAME
352
+
353
+        echo '  add_header Strict-Transport-Security max-age=15768000;' >> $privatebin_nginx_site
354
+        echo '' >> $privatebin_nginx_site
355
+        echo '  # Logs' >> $privatebin_nginx_site
356
+        echo '  access_log /dev/null;' >> $privatebin_nginx_site
357
+        echo '  error_log /dev/null;' >> $privatebin_nginx_site
358
+        echo '' >> $privatebin_nginx_site
359
+        echo "  root /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs;" >> $privatebin_nginx_site
360
+        echo '' >> $privatebin_nginx_site
361
+        echo '  index index.php;' >> $privatebin_nginx_site
362
+        echo '' >> $privatebin_nginx_site
363
+        echo '  location ~ \.php {' >> $privatebin_nginx_site
364
+        echo '    include snippets/fastcgi-php.conf;' >> $privatebin_nginx_site
365
+        echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> $privatebin_nginx_site
366
+        echo '    fastcgi_read_timeout 30;' >> $privatebin_nginx_site
367
+        echo '  }' >> $privatebin_nginx_site
368
+        echo '' >> $privatebin_nginx_site
369
+        echo '  # Location' >> $privatebin_nginx_site
370
+        echo '  location / {' >> $privatebin_nginx_site
371
+        function_check nginx_limits
372
+        nginx_limits $PRIVATEBIN_DOMAIN_NAME '15m'
373
+        echo '    try_files $uri $uri/ @privatebin;' >> $privatebin_nginx_site
374
+        echo '  }' >> $privatebin_nginx_site
375
+        echo '' >> $privatebin_nginx_site
376
+        echo '  # Restrict access that is unnecessary anyway' >> $privatebin_nginx_site
377
+        echo '  location ~ /\.(ht|git) {' >> $privatebin_nginx_site
378
+        echo '    deny all;' >> $privatebin_nginx_site
379
+        echo '  }' >> $privatebin_nginx_site
380
+        echo '}' >> $privatebin_nginx_site
381
+        echo '' >> $privatebin_nginx_site
382
+    else
383
+        echo -n '' > $privatebin_nginx_site
384
+    fi
385
+    echo 'server {' >> $privatebin_nginx_site
386
+    echo "    listen 127.0.0.1:$PRIVATEBIN_ONION_PORT default_server;" >> $privatebin_nginx_site
387
+    echo "    server_name $PRIVATEBIN_ONION_HOSTNAME;" >> $privatebin_nginx_site
388
+    echo '' >> $privatebin_nginx_site
389
+    function_check nginx_compress
390
+    nginx_compress $PRIVATEBIN_DOMAIN_NAME
391
+    echo '' >> $privatebin_nginx_site
392
+    function_check nginx_disable_sniffing
393
+    nginx_disable_sniffing $PRIVATEBIN_DOMAIN_NAME
394
+    echo '' >> $privatebin_nginx_site
395
+    echo '  # Logs' >> $privatebin_nginx_site
396
+    echo '  access_log /dev/null;' >> $privatebin_nginx_site
397
+    echo '  error_log /dev/null;' >> $privatebin_nginx_site
398
+    echo '' >> $privatebin_nginx_site
399
+    echo "  root /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs;" >> $privatebin_nginx_site
400
+    echo '' >> $privatebin_nginx_site
401
+    echo '  index index.php;' >> $privatebin_nginx_site
402
+    echo '' >> $privatebin_nginx_site
403
+    echo '  location ~ \.php {' >> $privatebin_nginx_site
404
+    echo '    include snippets/fastcgi-php.conf;' >> $privatebin_nginx_site
405
+    echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> $privatebin_nginx_site
406
+    echo '    fastcgi_read_timeout 30;' >> $privatebin_nginx_site
407
+    echo '  }' >> $privatebin_nginx_site
408
+    echo '' >> $privatebin_nginx_site
409
+    echo '  # Location' >> $privatebin_nginx_site
410
+    echo '  location / {' >> $privatebin_nginx_site
411
+    function_check nginx_limits
412
+    nginx_limits $PRIVATEBIN_DOMAIN_NAME '15m'
413
+    echo '    try_files $uri $uri/ @privatebin;' >> $privatebin_nginx_site
414
+    echo '  }' >> $privatebin_nginx_site
415
+    echo '' >> $privatebin_nginx_site
416
+    echo '  # Restrict access that is unnecessary anyway' >> $privatebin_nginx_site
417
+    echo '  location ~ /\.(ht|git) {' >> $privatebin_nginx_site
418
+    echo '    deny all;' >> $privatebin_nginx_site
419
+    echo '  }' >> $privatebin_nginx_site
420
+    echo '}' >> $privatebin_nginx_site
421
+
422
+    function_check configure_php
423
+    configure_php
424
+
425
+    function_check create_site_certificate
426
+    create_site_certificate $PRIVATEBIN_DOMAIN_NAME 'yes'
427
+
428
+    function_check nginx_ensite
429
+    nginx_ensite $PRIVATEBIN_DOMAIN_NAME
430
+
431
+    cp /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.sample.php /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
432
+
433
+    # Change some defaults
434
+    sed -i 's|; qrcode|qrcode|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
435
+    sed -i 's|default =.*|default = "1day"|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
436
+    sed -i 's|languagedefault =.*|languagedefault = "en"|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
437
+    sed -i 's|1week =|; 1week =|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
438
+    sed -i 's|1month =|; 1month =|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
439
+    sed -i 's|1year =|; 1year =|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
440
+    sed -i 's|never =|; never =|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
441
+    sed -i 's|limit = 10|limit = 30|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
442
+    sed -i 's|limit = 300|limit = 0|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
443
+    sed -i 's|batchsize =.*|batchsize = 100|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
444
+    sed -i 's|sizelimit =.*|sizelimit = 32768|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
445
+    sed -i 's|defaultformatter =.*|defaultformatter = "markdown"|g' /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/cfg/conf.php
446
+
447
+    mkdir -p /var/www/$PRIVATEBIN_DOMAIN_NAME/htdocs/data
448
+
449
+    secure_privatebin
450
+
451
+    systemctl restart php7.0-fpm
452
+    systemctl restart nginx
453
+
454
+    set_completion_param "privatebin domain" "$PRIVATEBIN_DOMAIN_NAME"
455
+
456
+    APP_INSTALLED=1
457
+}
458
+
459
+# NOTE: deliberately there is no "exit 0"

+ 1
- 0
src/freedombone-image-customise 查看文件

@@ -1672,6 +1672,7 @@ function image_preinstall_repos {
1672 1672
     git clone $KANBOARD_REPO $rootdir/repos/kanboard
1673 1673
     git clone $KEYSERVER_WEB_REPO $rootdir/repos/keyserverweb
1674 1674
     git clone $PEERTUBE_REPO $rootdir/repos/peertube
1675
+    git clone $PRIVATEBIN_REPO $rootdir/repos/privatebin
1675 1676
     #git clone $WEKAN_REPO $rootdir/repos/wekan
1676 1677
     #git clone $FLOW_ROUTER_REPO $rootdir/repos/flowrouter
1677 1678
     #git clone $METEOR_USERACCOUNTS_REPO $rootdir/repos/meteoruseraccounts

+ 306
- 0
website/EN/app_privatebin.html 查看文件

@@ -0,0 +1,306 @@
1
+<?xml version="1.0" encoding="utf-8"?>
2
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
3
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
5
+<head>
6
+<!-- 2018-01-10 Wed 22:19 -->
7
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
8
+<meta name="viewport" content="width=device-width, initial-scale=1" />
9
+<title>&lrm;</title>
10
+<meta name="generator" content="Org mode" />
11
+<meta name="author" content="Bob Mottram" />
12
+<meta name="description" content="How to use PrivateBin"
13
+ />
14
+<meta name="keywords" content="freedombone, privatebin" />
15
+<style type="text/css">
16
+ <!--/*--><![CDATA[/*><!--*/
17
+  .title  { text-align: center;
18
+             margin-bottom: .2em; }
19
+  .subtitle { text-align: center;
20
+              font-size: medium;
21
+              font-weight: bold;
22
+              margin-top:0; }
23
+  .todo   { font-family: monospace; color: red; }
24
+  .done   { font-family: monospace; color: green; }
25
+  .priority { font-family: monospace; color: orange; }
26
+  .tag    { background-color: #eee; font-family: monospace;
27
+            padding: 2px; font-size: 80%; font-weight: normal; }
28
+  .timestamp { color: #bebebe; }
29
+  .timestamp-kwd { color: #5f9ea0; }
30
+  .org-right  { margin-left: auto; margin-right: 0px;  text-align: right; }
31
+  .org-left   { margin-left: 0px;  margin-right: auto; text-align: left; }
32
+  .org-center { margin-left: auto; margin-right: auto; text-align: center; }
33
+  .underline { text-decoration: underline; }
34
+  #postamble p, #preamble p { font-size: 90%; margin: .2em; }
35
+  p.verse { margin-left: 3%; }
36
+  pre {
37
+    border: 1px solid #ccc;
38
+    box-shadow: 3px 3px 3px #eee;
39
+    padding: 8pt;
40
+    font-family: monospace;
41
+    overflow: auto;
42
+    margin: 1.2em;
43
+  }
44
+  pre.src {
45
+    position: relative;
46
+    overflow: visible;
47
+    padding-top: 1.2em;
48
+  }
49
+  pre.src:before {
50
+    display: none;
51
+    position: absolute;
52
+    background-color: white;
53
+    top: -10px;
54
+    right: 10px;
55
+    padding: 3px;
56
+    border: 1px solid black;
57
+  }
58
+  pre.src:hover:before { display: inline;}
59
+  /* Languages per Org manual */
60
+  pre.src-asymptote:before { content: 'Asymptote'; }
61
+  pre.src-awk:before { content: 'Awk'; }
62
+  pre.src-C:before { content: 'C'; }
63
+  /* pre.src-C++ doesn't work in CSS */
64
+  pre.src-clojure:before { content: 'Clojure'; }
65
+  pre.src-css:before { content: 'CSS'; }
66
+  pre.src-D:before { content: 'D'; }
67
+  pre.src-ditaa:before { content: 'ditaa'; }
68
+  pre.src-dot:before { content: 'Graphviz'; }
69
+  pre.src-calc:before { content: 'Emacs Calc'; }
70
+  pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
71
+  pre.src-fortran:before { content: 'Fortran'; }
72
+  pre.src-gnuplot:before { content: 'gnuplot'; }
73
+  pre.src-haskell:before { content: 'Haskell'; }
74
+  pre.src-hledger:before { content: 'hledger'; }
75
+  pre.src-java:before { content: 'Java'; }
76
+  pre.src-js:before { content: 'Javascript'; }
77
+  pre.src-latex:before { content: 'LaTeX'; }
78
+  pre.src-ledger:before { content: 'Ledger'; }
79
+  pre.src-lisp:before { content: 'Lisp'; }
80
+  pre.src-lilypond:before { content: 'Lilypond'; }
81
+  pre.src-lua:before { content: 'Lua'; }
82
+  pre.src-matlab:before { content: 'MATLAB'; }
83
+  pre.src-mscgen:before { content: 'Mscgen'; }
84
+  pre.src-ocaml:before { content: 'Objective Caml'; }
85
+  pre.src-octave:before { content: 'Octave'; }
86
+  pre.src-org:before { content: 'Org mode'; }
87
+  pre.src-oz:before { content: 'OZ'; }
88
+  pre.src-plantuml:before { content: 'Plantuml'; }
89
+  pre.src-processing:before { content: 'Processing.js'; }
90
+  pre.src-python:before { content: 'Python'; }
91
+  pre.src-R:before { content: 'R'; }
92
+  pre.src-ruby:before { content: 'Ruby'; }
93
+  pre.src-sass:before { content: 'Sass'; }
94
+  pre.src-scheme:before { content: 'Scheme'; }
95
+  pre.src-screen:before { content: 'Gnu Screen'; }
96
+  pre.src-sed:before { content: 'Sed'; }
97
+  pre.src-sh:before { content: 'shell'; }
98
+  pre.src-sql:before { content: 'SQL'; }
99
+  pre.src-sqlite:before { content: 'SQLite'; }
100
+  /* additional languages in org.el's org-babel-load-languages alist */
101
+  pre.src-forth:before { content: 'Forth'; }
102
+  pre.src-io:before { content: 'IO'; }
103
+  pre.src-J:before { content: 'J'; }
104
+  pre.src-makefile:before { content: 'Makefile'; }
105
+  pre.src-maxima:before { content: 'Maxima'; }
106
+  pre.src-perl:before { content: 'Perl'; }
107
+  pre.src-picolisp:before { content: 'Pico Lisp'; }
108
+  pre.src-scala:before { content: 'Scala'; }
109
+  pre.src-shell:before { content: 'Shell Script'; }
110
+  pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
111
+  /* additional language identifiers per "defun org-babel-execute"
112
+       in ob-*.el */
113
+  pre.src-cpp:before  { content: 'C++'; }
114
+  pre.src-abc:before  { content: 'ABC'; }
115
+  pre.src-coq:before  { content: 'Coq'; }
116
+  pre.src-groovy:before  { content: 'Groovy'; }
117
+  /* additional language identifiers from org-babel-shell-names in
118
+     ob-shell.el: ob-shell is the only babel language using a lambda to put
119
+     the execution function name together. */
120
+  pre.src-bash:before  { content: 'bash'; }
121
+  pre.src-csh:before  { content: 'csh'; }
122
+  pre.src-ash:before  { content: 'ash'; }
123
+  pre.src-dash:before  { content: 'dash'; }
124
+  pre.src-ksh:before  { content: 'ksh'; }
125
+  pre.src-mksh:before  { content: 'mksh'; }
126
+  pre.src-posh:before  { content: 'posh'; }
127
+  /* Additional Emacs modes also supported by the LaTeX listings package */
128
+  pre.src-ada:before { content: 'Ada'; }
129
+  pre.src-asm:before { content: 'Assembler'; }
130
+  pre.src-caml:before { content: 'Caml'; }
131
+  pre.src-delphi:before { content: 'Delphi'; }
132
+  pre.src-html:before { content: 'HTML'; }
133
+  pre.src-idl:before { content: 'IDL'; }
134
+  pre.src-mercury:before { content: 'Mercury'; }
135
+  pre.src-metapost:before { content: 'MetaPost'; }
136
+  pre.src-modula-2:before { content: 'Modula-2'; }
137
+  pre.src-pascal:before { content: 'Pascal'; }
138
+  pre.src-ps:before { content: 'PostScript'; }
139
+  pre.src-prolog:before { content: 'Prolog'; }
140
+  pre.src-simula:before { content: 'Simula'; }
141
+  pre.src-tcl:before { content: 'tcl'; }
142
+  pre.src-tex:before { content: 'TeX'; }
143
+  pre.src-plain-tex:before { content: 'Plain TeX'; }
144
+  pre.src-verilog:before { content: 'Verilog'; }
145
+  pre.src-vhdl:before { content: 'VHDL'; }
146
+  pre.src-xml:before { content: 'XML'; }
147
+  pre.src-nxml:before { content: 'XML'; }
148
+  /* add a generic configuration mode; LaTeX export needs an additional
149
+     (add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
150
+  pre.src-conf:before { content: 'Configuration File'; }
151
+
152
+  table { border-collapse:collapse; }
153
+  caption.t-above { caption-side: top; }
154
+  caption.t-bottom { caption-side: bottom; }
155
+  td, th { vertical-align:top;  }
156
+  th.org-right  { text-align: center;  }
157
+  th.org-left   { text-align: center;   }
158
+  th.org-center { text-align: center; }
159
+  td.org-right  { text-align: right;  }
160
+  td.org-left   { text-align: left;   }
161
+  td.org-center { text-align: center; }
162
+  dt { font-weight: bold; }
163
+  .footpara { display: inline; }
164
+  .footdef  { margin-bottom: 1em; }
165
+  .figure { padding: 1em; }
166
+  .figure p { text-align: center; }
167
+  .inlinetask {
168
+    padding: 10px;
169
+    border: 2px solid gray;
170
+    margin: 10px;
171
+    background: #ffffcc;
172
+  }
173
+  #org-div-home-and-up
174
+   { text-align: right; font-size: 70%; white-space: nowrap; }
175
+  textarea { overflow-x: auto; }
176
+  .linenr { font-size: smaller }
177
+  .code-highlighted { background-color: #ffff00; }
178
+  .org-info-js_info-navigation { border-style: none; }
179
+  #org-info-js_console-label
180
+    { font-size: 10px; font-weight: bold; white-space: nowrap; }
181
+  .org-info-js_search-highlight
182
+    { background-color: #ffff00; color: #000000; font-weight: bold; }
183
+  .org-svg { width: 90%; }
184
+  /*]]>*/-->
185
+</style>
186
+<link rel="stylesheet" type="text/css" href="freedombone.css" />
187
+<script type="text/javascript">
188
+/*
189
+@licstart  The following is the entire license notice for the
190
+JavaScript code in this tag.
191
+
192
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
193
+
194
+The JavaScript code in this tag is free software: you can
195
+redistribute it and/or modify it under the terms of the GNU
196
+General Public License (GNU GPL) as published by the Free Software
197
+Foundation, either version 3 of the License, or (at your option)
198
+any later version.  The code is distributed WITHOUT ANY WARRANTY;
199
+without even the implied warranty of MERCHANTABILITY or FITNESS
200
+FOR A PARTICULAR PURPOSE.  See the GNU GPL for more details.
201
+
202
+As additional permission under GNU GPL version 3 section 7, you
203
+may distribute non-source (e.g., minimized or compacted) forms of
204
+that code without the copy of the GNU GPL normally required by
205
+section 4, provided you include this license notice and a URL
206
+through which recipients can access the Corresponding Source.
207
+
208
+
209
+@licend  The above is the entire license notice
210
+for the JavaScript code in this tag.
211
+*/
212
+<!--/*--><![CDATA[/*><!--*/
213
+ function CodeHighlightOn(elem, id)
214
+ {
215
+   var target = document.getElementById(id);
216
+   if(null != target) {
217
+     elem.cacheClassElem = elem.className;
218
+     elem.cacheClassTarget = target.className;
219
+     target.className = "code-highlighted";
220
+     elem.className   = "code-highlighted";
221
+   }
222
+ }
223
+ function CodeHighlightOff(elem, id)
224
+ {
225
+   var target = document.getElementById(id);
226
+   if(elem.cacheClassElem)
227
+     elem.className = elem.cacheClassElem;
228
+   if(elem.cacheClassTarget)
229
+     target.className = elem.cacheClassTarget;
230
+ }
231
+/*]]>*///-->
232
+</script>
233
+</head>
234
+<body>
235
+<div id="preamble" class="status">
236
+<a name="top" id="top"></a>
237
+</div>
238
+<div id="content">
239
+<div class="org-center">
240
+
241
+<div class="figure">
242
+<p><img src="images/logo.png" alt="logo.png" />
243
+</p>
244
+</div>
245
+</div>
246
+
247
+<center>
248
+<h1>PrivateBin</h1>
249
+</center>
250
+
251
+<p>
252
+This is an encrypted pastebin, such that the server has zero knowledge of the content. It's intended for small amounts of text less than 32K in length. It's not intended for transfering large files, or for storing pastes for more than a day.
253
+</p>
254
+
255
+<p>
256
+Because this is completely open to any user on the internet you should be wary of the potential for DDoS, and only install this app if you really need to avoid using other pastebins or if other pastebin sites are censored or untrustable. There are traffic limits set within this app to attempt to minimize the potential for flooding attacks, but that might still not be sufficient in the worst cases.
257
+</p>
258
+
259
+<div id="outline-container-org59eddf8" class="outline-2">
260
+<h2 id="org59eddf8">Installation</h2>
261
+<div class="outline-text-2" id="text-org59eddf8">
262
+<p>
263
+Log into your system with:
264
+</p>
265
+
266
+<div class="org-src-container">
267
+<pre class="src src-bash">ssh myusername@mydomain -p 2222
268
+</pre>
269
+</div>
270
+
271
+<p>
272
+Using cursor keys, space bar and Enter key select <b>Administrator controls</b> and type in your password.
273
+</p>
274
+
275
+<p>
276
+Select <b>Add/Remove Apps</b> then <b>privatebin</b>. You'll need to enter your preferred subdomain - something like <i>paste.yourdomain.com</i> and optionally a freedns code.
277
+</p>
278
+</div>
279
+</div>
280
+</div>
281
+<div id="postamble" class="status">
282
+
283
+<style type="text/css">
284
+.back-to-top {
285
+    position: fixed;
286
+    bottom: 2em;
287
+    right: 0px;
288
+    text-decoration: none;
289
+    color: #000000;
290
+    background-color: rgba(235, 235, 235, 0.80);
291
+    font-size: 12px;
292
+    padding: 1em;
293
+    display: none;
294
+}
295
+
296
+.back-to-top:hover {
297
+    background-color: rgba(135, 135, 135, 0.50);
298
+}
299
+</style>
300
+
301
+<div class="back-to-top">
302
+<a href="#top">Back to top</a> | <a href="mailto:bob@freedombone.net">E-mail me</a>
303
+</div>
304
+</div>
305
+</body>
306
+</html>

+ 131
- 119
website/EN/apps.html 查看文件

@@ -3,7 +3,7 @@
3 3
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
4 4
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
5 5
 <head>
6
-<!-- 2018-01-10 Wed 14:24 -->
6
+<!-- 2018-01-10 Wed 22:25 -->
7 7
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
8 8
 <meta name="viewport" content="width=device-width, initial-scale=1" />
9 9
 <title>&lrm;</title>
@@ -265,9 +265,9 @@ The base install of the system just contains an email server and Mutt client, bu
265 265
 </div>
266 266
 
267 267
 
268
-<div id="outline-container-org8e1c6de" class="outline-2">
269
-<h2 id="org8e1c6de">Akaunting</h2>
270
-<div class="outline-text-2" id="text-org8e1c6de">
268
+<div id="outline-container-org882df4a" class="outline-2">
269
+<h2 id="org882df4a">Akaunting</h2>
270
+<div class="outline-text-2" id="text-org882df4a">
271 271
 <p>
272 272
 A web based accounts system for small businesses or freelancers.
273 273
 </p>
@@ -277,9 +277,9 @@ A web based accounts system for small businesses or freelancers.
277 277
 </p>
278 278
 </div>
279 279
 </div>
280
-<div id="outline-container-org5781982" class="outline-2">
281
-<h2 id="org5781982">CryptPad</h2>
282
-<div class="outline-text-2" id="text-org5781982">
280
+<div id="outline-container-orge821a92" class="outline-2">
281
+<h2 id="orge821a92">CryptPad</h2>
282
+<div class="outline-text-2" id="text-orge821a92">
283 283
 <p>
284 284
 Collaborate on editing documents, presentations and source code, or vote on things. All with a good level of security.
285 285
 </p>
@@ -289,9 +289,9 @@ Collaborate on editing documents, presentations and source code, or vote on thin
289 289
 </p>
290 290
 </div>
291 291
 </div>
292
-<div id="outline-container-org634d134" class="outline-2">
293
-<h2 id="org634d134">DLNA</h2>
294
-<div class="outline-text-2" id="text-org634d134">
292
+<div id="outline-container-org6d56481" class="outline-2">
293
+<h2 id="org6d56481">DLNA</h2>
294
+<div class="outline-text-2" id="text-org6d56481">
295 295
 <p>
296 296
 Enables you to use the system as a music server which any DLNA compatible devices can connect to within your home network.
297 297
 </p>
@@ -301,9 +301,9 @@ Enables you to use the system as a music server which any DLNA compatible device
301 301
 </p>
302 302
 </div>
303 303
 </div>
304
-<div id="outline-container-org3ef1ba1" class="outline-2">
305
-<h2 id="org3ef1ba1">Dokuwiki</h2>
306
-<div class="outline-text-2" id="text-org3ef1ba1">
304
+<div id="outline-container-org0aaf2bf" class="outline-2">
305
+<h2 id="org0aaf2bf">Dokuwiki</h2>
306
+<div class="outline-text-2" id="text-org0aaf2bf">
307 307
 <p>
308 308
 A databaseless wiki system.
309 309
 </p>
@@ -313,9 +313,9 @@ A databaseless wiki system.
313 313
 </p>
314 314
 </div>
315 315
 </div>
316
-<div id="outline-container-orgd8f4217" class="outline-2">
317
-<h2 id="orgd8f4217">Emacs</h2>
318
-<div class="outline-text-2" id="text-orgd8f4217">
316
+<div id="outline-container-orga523977" class="outline-2">
317
+<h2 id="orga523977">Emacs</h2>
318
+<div class="outline-text-2" id="text-orga523977">
319 319
 <p>
320 320
 If you use the Mutt client to read your email then this will set it up to use emacs for composing new mail.
321 321
 </p>
@@ -325,9 +325,9 @@ If you use the Mutt client to read your email then this will set it up to use em
325 325
 </p>
326 326
 </div>
327 327
 </div>
328
-<div id="outline-container-orgf878069" class="outline-2">
329
-<h2 id="orgf878069">Etherpad</h2>
330
-<div class="outline-text-2" id="text-orgf878069">
328
+<div id="outline-container-org11ae2d9" class="outline-2">
329
+<h2 id="org11ae2d9">Etherpad</h2>
330
+<div class="outline-text-2" id="text-org11ae2d9">
331 331
 <p>
332 332
 Collaborate on creating documents in real time. Maybe you're planning a holiday with other family members or creating documentation for a Free Software project along with other volunteers. Etherpad is hard to beat for simplicity and speed. Only users of the system will be able to access it.
333 333
 </p>
@@ -337,9 +337,9 @@ Collaborate on creating documents in real time. Maybe you're planning a holiday
337 337
 </p>
338 338
 </div>
339 339
 </div>
340
-<div id="outline-container-org9a9c4f3" class="outline-2">
341
-<h2 id="org9a9c4f3">Federated wiki</h2>
342
-<div class="outline-text-2" id="text-org9a9c4f3">
340
+<div id="outline-container-org7f75cbc" class="outline-2">
341
+<h2 id="org7f75cbc">Federated wiki</h2>
342
+<div class="outline-text-2" id="text-org7f75cbc">
343 343
 <p>
344 344
 A new approach to creating wiki content.
345 345
 </p>
@@ -349,9 +349,9 @@ A new approach to creating wiki content.
349 349
 </p>
350 350
 </div>
351 351
 </div>
352
-<div id="outline-container-org91b656b" class="outline-2">
353
-<h2 id="org91b656b">Friendica</h2>
354
-<div class="outline-text-2" id="text-org91b656b">
352
+<div id="outline-container-org538cc52" class="outline-2">
353
+<h2 id="org538cc52">Friendica</h2>
354
+<div class="outline-text-2" id="text-org538cc52">
355 355
 <p>
356 356
 Federated social network system.
357 357
 </p>
@@ -361,9 +361,9 @@ Federated social network system.
361 361
 </p>
362 362
 </div>
363 363
 </div>
364
-<div id="outline-container-org271eb94" class="outline-2">
365
-<h2 id="org271eb94">Ghost</h2>
366
-<div class="outline-text-2" id="text-org271eb94">
364
+<div id="outline-container-orga0e917c" class="outline-2">
365
+<h2 id="orga0e917c">Ghost</h2>
366
+<div class="outline-text-2" id="text-orga0e917c">
367 367
 <p>
368 368
 Modern looking blogging system.
369 369
 </p>
@@ -373,9 +373,9 @@ Modern looking blogging system.
373 373
 </p>
374 374
 </div>
375 375
 </div>
376
-<div id="outline-container-orga389f87" class="outline-2">
377
-<h2 id="orga389f87">GNU Social</h2>
378
-<div class="outline-text-2" id="text-orga389f87">
376
+<div id="outline-container-org5741481" class="outline-2">
377
+<h2 id="org5741481">GNU Social</h2>
378
+<div class="outline-text-2" id="text-org5741481">
379 379
 <p>
380 380
 Federated social network based on the OStatus protocol. You can "<i>remote follow</i>" other users within the GNU Social federation.
381 381
 </p>
@@ -385,9 +385,9 @@ Federated social network based on the OStatus protocol. You can "<i>remote follo
385 385
 </p>
386 386
 </div>
387 387
 </div>
388
-<div id="outline-container-org25dbd8b" class="outline-2">
389
-<h2 id="org25dbd8b">Gogs</h2>
390
-<div class="outline-text-2" id="text-org25dbd8b">
388
+<div id="outline-container-org0b7fe9f" class="outline-2">
389
+<h2 id="org0b7fe9f">Gogs</h2>
390
+<div class="outline-text-2" id="text-org0b7fe9f">
391 391
 <p>
392 392
 Lightweight git project hosting system. You can mirror projects from Github, or if Github turns evil then just host your own projects while retaining the familiar <i>fork-and-pull</i> workflow. If you can use Github then you can also use Gogs.
393 393
 </p>
@@ -397,9 +397,9 @@ Lightweight git project hosting system. You can mirror projects from Github, or
397 397
 </p>
398 398
 </div>
399 399
 </div>
400
-<div id="outline-container-orga0d0944" class="outline-2">
401
-<h2 id="orga0d0944">HTMLy</h2>
402
-<div class="outline-text-2" id="text-orga0d0944">
400
+<div id="outline-container-org0cb9182" class="outline-2">
401
+<h2 id="org0cb9182">HTMLy</h2>
402
+<div class="outline-text-2" id="text-org0cb9182">
403 403
 <p>
404 404
 Databaseless blogging system. Quite simple and with a markdown-like format.
405 405
 </p>
@@ -409,9 +409,9 @@ Databaseless blogging system. Quite simple and with a markdown-like format.
409 409
 </p>
410 410
 </div>
411 411
 </div>
412
-<div id="outline-container-orgaee8baf" class="outline-2">
413
-<h2 id="orgaee8baf">Hubzilla</h2>
414
-<div class="outline-text-2" id="text-orgaee8baf">
412
+<div id="outline-container-orgd9569c1" class="outline-2">
413
+<h2 id="orgd9569c1">Hubzilla</h2>
414
+<div class="outline-text-2" id="text-orgd9569c1">
415 415
 <p>
416 416
 Web publishing platform with social network like features and good privacy controls so that it's possible to specify who can see which content. Includes photo albums, calendar, wiki and file storage.
417 417
 </p>
@@ -421,9 +421,9 @@ Web publishing platform with social network like features and good privacy contr
421 421
 </p>
422 422
 </div>
423 423
 </div>
424
-<div id="outline-container-org96c213d" class="outline-2">
425
-<h2 id="org96c213d">Icecast media stream</h2>
426
-<div class="outline-text-2" id="text-org96c213d">
424
+<div id="outline-container-orgab4800e" class="outline-2">
425
+<h2 id="orgab4800e">Icecast media stream</h2>
426
+<div class="outline-text-2" id="text-orgab4800e">
427 427
 <p>
428 428
 Make your own internet radio station.
429 429
 </p>
@@ -433,9 +433,9 @@ Make your own internet radio station.
433 433
 </p>
434 434
 </div>
435 435
 </div>
436
-<div id="outline-container-org1b6fde5" class="outline-2">
437
-<h2 id="org1b6fde5">IRC Server (ngirc)</h2>
438
-<div class="outline-text-2" id="text-org1b6fde5">
436
+<div id="outline-container-orgd862282" class="outline-2">
437
+<h2 id="orgd862282">IRC Server (ngirc)</h2>
438
+<div class="outline-text-2" id="text-orgd862282">
439 439
 <p>
440 440
 Run your own IRC chat channel which can be secured with a password and accessible via an onion address. A bouncer is included so that you can receive messages sent while you were offline. Works with Hexchat and other popular clients.
441 441
 </p>
@@ -445,18 +445,18 @@ Run your own IRC chat channel which can be secured with a password and accessibl
445 445
 </p>
446 446
 </div>
447 447
 </div>
448
-<div id="outline-container-org96e6f4f" class="outline-2">
449
-<h2 id="org96e6f4f">Jitsi Meet</h2>
450
-<div class="outline-text-2" id="text-org96e6f4f">
448
+<div id="outline-container-orgd19b0f8" class="outline-2">
449
+<h2 id="orgd19b0f8">Jitsi Meet</h2>
450
+<div class="outline-text-2" id="text-orgd19b0f8">
451 451
 <p>
452 452
 Experimental WebRTC video conferencing system, similar to Google Hangouts. This may not be fully functional, but is hoped to be in the near future.
453 453
 </p>
454 454
 </div>
455 455
 </div>
456 456
 
457
-<div id="outline-container-orge07f1f9" class="outline-2">
458
-<h2 id="orge07f1f9">KanBoard</h2>
459
-<div class="outline-text-2" id="text-orge07f1f9">
457
+<div id="outline-container-org4fd23ed" class="outline-2">
458
+<h2 id="org4fd23ed">KanBoard</h2>
459
+<div class="outline-text-2" id="text-org4fd23ed">
460 460
 <p>
461 461
 A simple kanban system for managing projects or TODO lists.
462 462
 </p>
@@ -466,9 +466,9 @@ A simple kanban system for managing projects or TODO lists.
466 466
 </p>
467 467
 </div>
468 468
 </div>
469
-<div id="outline-container-orgd69a78b" class="outline-2">
470
-<h2 id="orgd69a78b">Key Server</h2>
471
-<div class="outline-text-2" id="text-orgd69a78b">
469
+<div id="outline-container-org091b6da" class="outline-2">
470
+<h2 id="org091b6da">Key Server</h2>
471
+<div class="outline-text-2" id="text-org091b6da">
472 472
 <p>
473 473
 An OpenPGP key server for storing and retrieving GPG public keys.
474 474
 </p>
@@ -478,9 +478,9 @@ An OpenPGP key server for storing and retrieving GPG public keys.
478 478
 </p>
479 479
 </div>
480 480
 </div>
481
-<div id="outline-container-org84e4e1c" class="outline-2">
482
-<h2 id="org84e4e1c">Koel</h2>
483
-<div class="outline-text-2" id="text-org84e4e1c">
481
+<div id="outline-container-org471027b" class="outline-2">
482
+<h2 id="org471027b">Koel</h2>
483
+<div class="outline-text-2" id="text-org471027b">
484 484
 <p>
485 485
 Access your music collection from any internet connected device.
486 486
 </p>
@@ -490,9 +490,9 @@ Access your music collection from any internet connected device.
490 490
 </p>
491 491
 </div>
492 492
 </div>
493
-<div id="outline-container-org92b57ea" class="outline-2">
494
-<h2 id="org92b57ea">Lychee</h2>
495
-<div class="outline-text-2" id="text-org92b57ea">
493
+<div id="outline-container-org0424b63" class="outline-2">
494
+<h2 id="org0424b63">Lychee</h2>
495
+<div class="outline-text-2" id="text-org0424b63">
496 496
 <p>
497 497
 Make your photo albums available on the web.
498 498
 </p>
@@ -502,9 +502,9 @@ Make your photo albums available on the web.
502 502
 </p>
503 503
 </div>
504 504
 </div>
505
-<div id="outline-container-orgeb1cdb7" class="outline-2">
506
-<h2 id="orgeb1cdb7">Mailpile</h2>
507
-<div class="outline-text-2" id="text-orgeb1cdb7">
505
+<div id="outline-container-orga6a88dd" class="outline-2">
506
+<h2 id="orga6a88dd">Mailpile</h2>
507
+<div class="outline-text-2" id="text-orga6a88dd">
508 508
 <p>
509 509
 Modern email client which supports GPG encryption.
510 510
 </p>
@@ -514,9 +514,9 @@ Modern email client which supports GPG encryption.
514 514
 </p>
515 515
 </div>
516 516
 </div>
517
-<div id="outline-container-org48106ac" class="outline-2">
518
-<h2 id="org48106ac">Matrix</h2>
519
-<div class="outline-text-2" id="text-org48106ac">
517
+<div id="outline-container-org6518c3d" class="outline-2">
518
+<h2 id="org6518c3d">Matrix</h2>
519
+<div class="outline-text-2" id="text-org6518c3d">
520 520
 <p>
521 521
 Multi-user chat with some security and moderation controls.
522 522
 </p>
@@ -526,9 +526,9 @@ Multi-user chat with some security and moderation controls.
526 526
 </p>
527 527
 </div>
528 528
 </div>
529
-<div id="outline-container-orgdb0e51d" class="outline-2">
530
-<h2 id="orgdb0e51d">Mediagoblin</h2>
531
-<div class="outline-text-2" id="text-orgdb0e51d">
529
+<div id="outline-container-org1413e81" class="outline-2">
530
+<h2 id="org1413e81">Mediagoblin</h2>
531
+<div class="outline-text-2" id="text-org1413e81">
532 532
 <p>
533 533
 Publicly host video and audio files so that you don't need to use YouTube/Vimeo/etc.
534 534
 </p>
@@ -538,9 +538,9 @@ Publicly host video and audio files so that you don't need to use YouTube/Vimeo/
538 538
 </p>
539 539
 </div>
540 540
 </div>
541
-<div id="outline-container-org12e0a7d" class="outline-2">
542
-<h2 id="org12e0a7d">Mumble</h2>
543
-<div class="outline-text-2" id="text-org12e0a7d">
541
+<div id="outline-container-orgb8d2738" class="outline-2">
542
+<h2 id="orgb8d2738">Mumble</h2>
543
+<div class="outline-text-2" id="text-orgb8d2738">
544 544
 <p>
545 545
 The popular VoIP and text chat system. Say goodbye to old-fashioned telephony conferences with silly dial codes. Also works well on mobile.
546 546
 </p>
@@ -550,9 +550,9 @@ The popular VoIP and text chat system. Say goodbye to old-fashioned telephony co
550 550
 </p>
551 551
 </div>
552 552
 </div>
553
-<div id="outline-container-org6d141d2" class="outline-2">
554
-<h2 id="org6d141d2">NextCloud</h2>
555
-<div class="outline-text-2" id="text-org6d141d2">
553
+<div id="outline-container-org78d79cd" class="outline-2">
554
+<h2 id="org78d79cd">NextCloud</h2>
555
+<div class="outline-text-2" id="text-org78d79cd">
556 556
 <p>
557 557
 Store files on your server and sync them with laptops or mobile devices. Includes many plugins including videoconferencing and collaborative document editing.
558 558
 </p>
@@ -562,9 +562,9 @@ Store files on your server and sync them with laptops or mobile devices. Include
562 562
 </p>
563 563
 </div>
564 564
 </div>
565
-<div id="outline-container-orgfbcc2bd" class="outline-2">
566
-<h2 id="orgfbcc2bd">PeerTube</h2>
567
-<div class="outline-text-2" id="text-orgfbcc2bd">
565
+<div id="outline-container-org40a7fdc" class="outline-2">
566
+<h2 id="org40a7fdc">PeerTube</h2>
567
+<div class="outline-text-2" id="text-org40a7fdc">
568 568
 <p>
569 569
 Peer-to-peer video hosting. Similar to Mediagoblin, but the P2P aspect better enables the streaming load to be shared across servers.
570 570
 </p>
@@ -574,9 +574,9 @@ Peer-to-peer video hosting. Similar to Mediagoblin, but the P2P aspect better en
574 574
 </p>
575 575
 </div>
576 576
 </div>
577
-<div id="outline-container-org460d63a" class="outline-2">
578
-<h2 id="org460d63a">PI-Hole</h2>
579
-<div class="outline-text-2" id="text-org460d63a">
577
+<div id="outline-container-orgfca92a1" class="outline-2">
578
+<h2 id="orgfca92a1">PI-Hole</h2>
579
+<div class="outline-text-2" id="text-orgfca92a1">
580 580
 <p>
581 581
 The black hole for web adverts. Block adverts at the domain name level within your local network. It can significantly reduce bandwidth, speed up page load times and protect your systems from being tracked by spyware.
582 582
 </p>
@@ -586,21 +586,33 @@ The black hole for web adverts. Block adverts at the domain name level within yo
586 586
 </p>
587 587
 </div>
588 588
 </div>
589
-<div id="outline-container-org65deb16" class="outline-2">
590
-<h2 id="org65deb16">PostActiv</h2>
591
-<div class="outline-text-2" id="text-org65deb16">
589
+<div id="outline-container-org78a2d24" class="outline-2">
590
+<h2 id="org78a2d24">PostActiv</h2>
591
+<div class="outline-text-2" id="text-org78a2d24">
592 592
 <p>
593 593
 An alternative federated social networking system compatible with GNU Social, Pleroma and Mastodon. It includes some optimisations and fixes currently not available within the main GNU Social project.
594 594
 </p>
595 595
 
596 596
 <p>
597
-[[./app_postactiv.html][How to use it]
597
+<a href="./app_postactiv.html">How to use it</a>
598 598
 </p>
599 599
 </div>
600 600
 </div>
601
-<div id="outline-container-org8852da5" class="outline-2">
602
-<h2 id="org8852da5">Profanity</h2>
603
-<div class="outline-text-2" id="text-org8852da5">
601
+<div id="outline-container-org233a0fb" class="outline-2">
602
+<h2 id="org233a0fb">PrivateBin</h2>
603
+<div class="outline-text-2" id="text-org233a0fb">
604
+<p>
605
+A pastebin where the server has zero knowledge of the content being pasted.
606
+</p>
607
+
608
+<p>
609
+<a href="./app_privatebin.html">How to use it</a>
610
+</p>
611
+</div>
612
+</div>
613
+<div id="outline-container-org70bfbdf" class="outline-2">
614
+<h2 id="org70bfbdf">Profanity</h2>
615
+<div class="outline-text-2" id="text-org70bfbdf">
604 616
 <p>
605 617
 A shell based XMPP client which you can run on the Freedombone server via ssh.
606 618
 </p>
@@ -610,9 +622,9 @@ A shell based XMPP client which you can run on the Freedombone server via ssh.
610 622
 </p>
611 623
 </div>
612 624
 </div>
613
-<div id="outline-container-org262f5c6" class="outline-2">
614
-<h2 id="org262f5c6">Riot Web</h2>
615
-<div class="outline-text-2" id="text-org262f5c6">
625
+<div id="outline-container-org3e596b4" class="outline-2">
626
+<h2 id="org3e596b4">Riot Web</h2>
627
+<div class="outline-text-2" id="text-org3e596b4">
616 628
 <p>
617 629
 A browser based user interface for the Matrix federated communications system, including WebRTC audio and video chat.
618 630
 </p>
@@ -622,9 +634,9 @@ A browser based user interface for the Matrix federated communications system, i
622 634
 </p>
623 635
 </div>
624 636
 </div>
625
-<div id="outline-container-org5c685c7" class="outline-2">
626
-<h2 id="org5c685c7">SearX</h2>
627
-<div class="outline-text-2" id="text-org5c685c7">
637
+<div id="outline-container-org19a30bc" class="outline-2">
638
+<h2 id="org19a30bc">SearX</h2>
639
+<div class="outline-text-2" id="text-org19a30bc">
628 640
 <p>
629 641
 A metasearch engine for customised and private web searches.
630 642
 </p>
@@ -634,9 +646,9 @@ A metasearch engine for customised and private web searches.
634 646
 </p>
635 647
 </div>
636 648
 </div>
637
-<div id="outline-container-org609aeef" class="outline-2">
638
-<h2 id="org609aeef">tt-rss</h2>
639
-<div class="outline-text-2" id="text-org609aeef">
649
+<div id="outline-container-orgfdae631" class="outline-2">
650
+<h2 id="orgfdae631">tt-rss</h2>
651
+<div class="outline-text-2" id="text-orgfdae631">
640 652
 <p>
641 653
 Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via an onion address. Have "<i>the right to read</i>" without the Surveillance State knowing what you're reading. Also available with a user interface suitable for viewing on mobile devices via a browser such as OrFox.
642 654
 </p>
@@ -646,9 +658,9 @@ Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via a
646 658
 </p>
647 659
 </div>
648 660
 </div>
649
-<div id="outline-container-orgf0d4a79" class="outline-2">
650
-<h2 id="orgf0d4a79">Syncthing</h2>
651
-<div class="outline-text-2" id="text-orgf0d4a79">
661
+<div id="outline-container-org6c1fb9a" class="outline-2">
662
+<h2 id="org6c1fb9a">Syncthing</h2>
663
+<div class="outline-text-2" id="text-org6c1fb9a">
652 664
 <p>
653 665
 Possibly the best way to synchronise files across all of your devices. Once it has been set up it "just works" with no user intervention needed.
654 666
 </p>
@@ -658,9 +670,9 @@ Possibly the best way to synchronise files across all of your devices. Once it h
658 670
 </p>
659 671
 </div>
660 672
 </div>
661
-<div id="outline-container-org91cbbcf" class="outline-2">
662
-<h2 id="org91cbbcf">Tahoe-LAFS</h2>
663
-<div class="outline-text-2" id="text-org91cbbcf">
673
+<div id="outline-container-org313c9b7" class="outline-2">
674
+<h2 id="org313c9b7">Tahoe-LAFS</h2>
675
+<div class="outline-text-2" id="text-org313c9b7">
664 676
 <p>
665 677
 Robust and encrypted storage of files on one or more server.
666 678
 </p>
@@ -670,9 +682,9 @@ Robust and encrypted storage of files on one or more server.
670 682
 </p>
671 683
 </div>
672 684
 </div>
673
-<div id="outline-container-orgf95d31b" class="outline-2">
674
-<h2 id="orgf95d31b">Tox</h2>
675
-<div class="outline-text-2" id="text-orgf95d31b">
685
+<div id="outline-container-org74af2ab" class="outline-2">
686
+<h2 id="org74af2ab">Tox</h2>
687
+<div class="outline-text-2" id="text-org74af2ab">
676 688
 <p>
677 689
 Client and bootstrap node for the Tox chat/VoIP system.
678 690
 </p>
@@ -682,9 +694,9 @@ Client and bootstrap node for the Tox chat/VoIP system.
682 694
 </p>
683 695
 </div>
684 696
 </div>
685
-<div id="outline-container-org20594a2" class="outline-2">
686
-<h2 id="org20594a2">Turtl</h2>
687
-<div class="outline-text-2" id="text-org20594a2">
697
+<div id="outline-container-org5d5986e" class="outline-2">
698
+<h2 id="org5d5986e">Turtl</h2>
699
+<div class="outline-text-2" id="text-org5d5986e">
688 700
 <p>
689 701
 A system for privately creating and sharing notes and images, similar to Evernote but without the spying.
690 702
 </p>
@@ -694,18 +706,18 @@ A system for privately creating and sharing notes and images, similar to Evernot
694 706
 </p>
695 707
 </div>
696 708
 </div>
697
-<div id="outline-container-orga4d94aa" class="outline-2">
698
-<h2 id="orga4d94aa">Vim</h2>
699
-<div class="outline-text-2" id="text-orga4d94aa">
709
+<div id="outline-container-org2b614c0" class="outline-2">
710
+<h2 id="org2b614c0">Vim</h2>
711
+<div class="outline-text-2" id="text-org2b614c0">
700 712
 <p>
701 713
 If you use the Mutt client to read your email then this will set it up to use vim for composing new mail.
702 714
 </p>
703 715
 </div>
704 716
 </div>
705 717
 
706
-<div id="outline-container-org83399c4" class="outline-2">
707
-<h2 id="org83399c4">Virtual Private Network (VPN)</h2>
708
-<div class="outline-text-2" id="text-org83399c4">
718
+<div id="outline-container-orgdb6427c" class="outline-2">
719
+<h2 id="orgdb6427c">Virtual Private Network (VPN)</h2>
720
+<div class="outline-text-2" id="text-orgdb6427c">
709 721
 <p>
710 722
 Set up a VPN on your server so that you can bypass local internet censorship.
711 723
 </p>
@@ -715,9 +727,9 @@ Set up a VPN on your server so that you can bypass local internet censorship.
715 727
 </p>
716 728
 </div>
717 729
 </div>
718
-<div id="outline-container-org409bdd6" class="outline-2">
719
-<h2 id="org409bdd6">XMPP</h2>
720
-<div class="outline-text-2" id="text-org409bdd6">
730
+<div id="outline-container-org15bc23b" class="outline-2">
731
+<h2 id="org15bc23b">XMPP</h2>
732
+<div class="outline-text-2" id="text-org15bc23b">
721 733
 <p>
722 734
 Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as <i>client state notification</i> to save battery power on your mobile devices, support for seamless roaming between networks and <i>message carbons</i> so that you can receive the same messages while being simultaneously logged in to your account on more than one device.
723 735
 </p>