Documentation on vpn

doc/EN/app_vpn.org

@@ -0,0 +1,81 @@
+#+TITLE:
+#+AUTHOR: Bob Mottram
+#+EMAIL: bob@freedombone.net
+#+KEYWORDS: freedombone, openvpn
+#+DESCRIPTION: How to use OpenVPN on Freedombone
+#+OPTIONS: ^:nil toc:nil
+#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
+
+#+BEGIN_CENTER
+[[file:images/logo.png]]
+#+END_CENTER
+
+#+BEGIN_EXPORT html
+<center>
+<h1>OpenVPN</h1>
+</center>
+#+END_EXPORT
+
+#+begin_quote
+"/The Net interprets censorship as damage and routes around it./" -- John Gilmore
+#+end_quote
+
+A Virtual Private Network (VPN) allows you to move your internet traffic to a different machine in a different geographical location by creating a private cryptographically protected route to that location. The usual use cases are to get around local censorship of the internet such as when you see the message "/this content is not available in your area/" when trying to play a video. Maybe you're on holiday and your hotel or workplace internet connection is censored. Using a VPN you can connect to your home server and then use the internet normally.
+
+Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
+
+* Installation
+
+ssh into the system with:
+
+#+BEGIN_SRC bash
+ssh myusername@mydomainname -p 2222
+#+END_SRC
+
+Select *Administrator controls* then *Add/Remove apps* then *vpn*. Choose the port which you want the VPN to operate on and then the install will continue.
+
+Only use ports 443 or 80 for VPN as an /absolute last resort/, since doing so will prevent other web based apps from running on your server.
+
+* Usage
+
+When the installation is complete you can download your VPN keys and configuration files onto your local machine.
+
+#+begin_src bash
+scp -P 2222 myusername@mydomainname:/home/myusername/client.ovpn .
+scp -P 2222 myusername@mydomainname:/home/myusername/stunnel* .
+#+end_src
+
+You will need to ensure that the /openvpn/ and /stunnel/ packages are installed. On an Arch based system:
+
+#+begin_src bash
+sudp pacman -S openvpn stunnel4
+#+end_src
+
+Or on a Debian based system:
+
+#+begin_src bash
+sudo apt-get install openvpn stunnel4
+#+end_src
+
+Now you can connect to your VPN with:
+
+#+begin_src bash
+sudo stunnel stunnel-client.conf
+sudo openvpn client.ovpn
+#+end_src
+
+You should see a series of messages with "/Initialization Sequence Completed/" showing at the end. Leave the terminal open and perhaps minimize it to remain connected to the VPN. To leave the VPN close the terminal window.
+
+* Changing port number
+
+Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
+
+#+BEGIN_SRC bash
+ssh myusername@mydomainname -p 2222
+#+END_SRC
+
+Select *Administrator controls* then *App Settings* then *vpn*. Choose *Change TLS port* and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the [[Usage]] section above.
+
+* Generating new keys
+
+It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the *Administrator controls* by going to *App Settings* then *vpn* then choosing *Regenerate keys for a user* and downloading the new keys as described in the [[Usage]] section above.

doc/EN/apps.org

@@ -154,6 +154,10 @@ A system for privately creating and sharing notes and images, similar to Evernot
 * Vim
 If you use the Mutt client to read your email then this will set it up to use vim for composing new mail.
 
+* Virtual Private Network (VPN)
+Set up a VPN on your server so that you can bypass local internet censorship.
+
+[[./app_vpn.html][How to use it]]
 * XMPP
 Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as /client state notification/ to save battery power on your mobile devices, support for seamless roaming between networks and /message carbons/ so that you can receive the same messages while being simultaneously logged in to your account on more than one device.
 

website/EN/app_vpn.html

@@ -0,0 +1,386 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+<head>
+<!-- 2017-09-27 Wed 17:43 -->
+<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<title>&lrm;</title>
+<meta name="generator" content="Org mode" />
+<meta name="author" content="Bob Mottram" />
+<meta name="description" content="How to use OpenVPN on Freedombone"
+ />
+<meta name="keywords" content="freedombone, openvpn" />
+<style type="text/css">
+ <!--/*--><![CDATA[/*><!--*/
+  .title  { text-align: center;
+             margin-bottom: .2em; }
+  .subtitle { text-align: center;
+              font-size: medium;
+              font-weight: bold;
+              margin-top:0; }
+  .todo   { font-family: monospace; color: red; }
+  .done   { font-family: monospace; color: green; }
+  .priority { font-family: monospace; color: orange; }
+  .tag    { background-color: #eee; font-family: monospace;
+            padding: 2px; font-size: 80%; font-weight: normal; }
+  .timestamp { color: #bebebe; }
+  .timestamp-kwd { color: #5f9ea0; }
+  .org-right  { margin-left: auto; margin-right: 0px;  text-align: right; }
+  .org-left   { margin-left: 0px;  margin-right: auto; text-align: left; }
+  .org-center { margin-left: auto; margin-right: auto; text-align: center; }
+  .underline { text-decoration: underline; }
+  #postamble p, #preamble p { font-size: 90%; margin: .2em; }
+  p.verse { margin-left: 3%; }
+  pre {
+    border: 1px solid #ccc;
+    box-shadow: 3px 3px 3px #eee;
+    padding: 8pt;
+    font-family: monospace;
+    overflow: auto;
+    margin: 1.2em;
+  }
+  pre.src {
+    position: relative;
+    overflow: visible;
+    padding-top: 1.2em;
+  }
+  pre.src:before {
+    display: none;
+    position: absolute;
+    background-color: white;
+    top: -10px;
+    right: 10px;
+    padding: 3px;
+    border: 1px solid black;
+  }
+  pre.src:hover:before { display: inline;}
+  /* Languages per Org manual */
+  pre.src-asymptote:before { content: 'Asymptote'; }
+  pre.src-awk:before { content: 'Awk'; }
+  pre.src-C:before { content: 'C'; }
+  /* pre.src-C++ doesn't work in CSS */
+  pre.src-clojure:before { content: 'Clojure'; }
+  pre.src-css:before { content: 'CSS'; }
+  pre.src-D:before { content: 'D'; }
+  pre.src-ditaa:before { content: 'ditaa'; }
+  pre.src-dot:before { content: 'Graphviz'; }
+  pre.src-calc:before { content: 'Emacs Calc'; }
+  pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
+  pre.src-fortran:before { content: 'Fortran'; }
+  pre.src-gnuplot:before { content: 'gnuplot'; }
+  pre.src-haskell:before { content: 'Haskell'; }
+  pre.src-hledger:before { content: 'hledger'; }
+  pre.src-java:before { content: 'Java'; }
+  pre.src-js:before { content: 'Javascript'; }
+  pre.src-latex:before { content: 'LaTeX'; }
+  pre.src-ledger:before { content: 'Ledger'; }
+  pre.src-lisp:before { content: 'Lisp'; }
+  pre.src-lilypond:before { content: 'Lilypond'; }
+  pre.src-lua:before { content: 'Lua'; }
+  pre.src-matlab:before { content: 'MATLAB'; }
+  pre.src-mscgen:before { content: 'Mscgen'; }
+  pre.src-ocaml:before { content: 'Objective Caml'; }
+  pre.src-octave:before { content: 'Octave'; }
+  pre.src-org:before { content: 'Org mode'; }
+  pre.src-oz:before { content: 'OZ'; }
+  pre.src-plantuml:before { content: 'Plantuml'; }
+  pre.src-processing:before { content: 'Processing.js'; }
+  pre.src-python:before { content: 'Python'; }
+  pre.src-R:before { content: 'R'; }
+  pre.src-ruby:before { content: 'Ruby'; }
+  pre.src-sass:before { content: 'Sass'; }
+  pre.src-scheme:before { content: 'Scheme'; }
+  pre.src-screen:before { content: 'Gnu Screen'; }
+  pre.src-sed:before { content: 'Sed'; }
+  pre.src-sh:before { content: 'shell'; }
+  pre.src-sql:before { content: 'SQL'; }
+  pre.src-sqlite:before { content: 'SQLite'; }
+  /* additional languages in org.el's org-babel-load-languages alist */
+  pre.src-forth:before { content: 'Forth'; }
+  pre.src-io:before { content: 'IO'; }
+  pre.src-J:before { content: 'J'; }
+  pre.src-makefile:before { content: 'Makefile'; }
+  pre.src-maxima:before { content: 'Maxima'; }
+  pre.src-perl:before { content: 'Perl'; }
+  pre.src-picolisp:before { content: 'Pico Lisp'; }
+  pre.src-scala:before { content: 'Scala'; }
+  pre.src-shell:before { content: 'Shell Script'; }
+  pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
+  /* additional language identifiers per "defun org-babel-execute"
+       in ob-*.el */
+  pre.src-cpp:before  { content: 'C++'; }
+  pre.src-abc:before  { content: 'ABC'; }
+  pre.src-coq:before  { content: 'Coq'; }
+  pre.src-groovy:before  { content: 'Groovy'; }
+  /* additional language identifiers from org-babel-shell-names in
+     ob-shell.el: ob-shell is the only babel language using a lambda to put
+     the execution function name together. */
+  pre.src-bash:before  { content: 'bash'; }
+  pre.src-csh:before  { content: 'csh'; }
+  pre.src-ash:before  { content: 'ash'; }
+  pre.src-dash:before  { content: 'dash'; }
+  pre.src-ksh:before  { content: 'ksh'; }
+  pre.src-mksh:before  { content: 'mksh'; }
+  pre.src-posh:before  { content: 'posh'; }
+  /* Additional Emacs modes also supported by the LaTeX listings package */
+  pre.src-ada:before { content: 'Ada'; }
+  pre.src-asm:before { content: 'Assembler'; }
+  pre.src-caml:before { content: 'Caml'; }
+  pre.src-delphi:before { content: 'Delphi'; }
+  pre.src-html:before { content: 'HTML'; }
+  pre.src-idl:before { content: 'IDL'; }
+  pre.src-mercury:before { content: 'Mercury'; }
+  pre.src-metapost:before { content: 'MetaPost'; }
+  pre.src-modula-2:before { content: 'Modula-2'; }
+  pre.src-pascal:before { content: 'Pascal'; }
+  pre.src-ps:before { content: 'PostScript'; }
+  pre.src-prolog:before { content: 'Prolog'; }
+  pre.src-simula:before { content: 'Simula'; }
+  pre.src-tcl:before { content: 'tcl'; }
+  pre.src-tex:before { content: 'TeX'; }
+  pre.src-plain-tex:before { content: 'Plain TeX'; }
+  pre.src-verilog:before { content: 'Verilog'; }
+  pre.src-vhdl:before { content: 'VHDL'; }
+  pre.src-xml:before { content: 'XML'; }
+  pre.src-nxml:before { content: 'XML'; }
+  /* add a generic configuration mode; LaTeX export needs an additional
+     (add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
+  pre.src-conf:before { content: 'Configuration File'; }
+
+  table { border-collapse:collapse; }
+  caption.t-above { caption-side: top; }
+  caption.t-bottom { caption-side: bottom; }
+  td, th { vertical-align:top;  }
+  th.org-right  { text-align: center;  }
+  th.org-left   { text-align: center;   }
+  th.org-center { text-align: center; }
+  td.org-right  { text-align: right;  }
+  td.org-left   { text-align: left;   }
+  td.org-center { text-align: center; }
+  dt { font-weight: bold; }
+  .footpara { display: inline; }
+  .footdef  { margin-bottom: 1em; }
+  .figure { padding: 1em; }
+  .figure p { text-align: center; }
+  .inlinetask {
+    padding: 10px;
+    border: 2px solid gray;
+    margin: 10px;
+    background: #ffffcc;
+  }
+  #org-div-home-and-up
+   { text-align: right; font-size: 70%; white-space: nowrap; }
+  textarea { overflow-x: auto; }
+  .linenr { font-size: smaller }
+  .code-highlighted { background-color: #ffff00; }
+  .org-info-js_info-navigation { border-style: none; }
+  #org-info-js_console-label
+    { font-size: 10px; font-weight: bold; white-space: nowrap; }
+  .org-info-js_search-highlight
+    { background-color: #ffff00; color: #000000; font-weight: bold; }
+  .org-svg { width: 90%; }
+  /*]]>*/-->
+</style>
+<link rel="stylesheet" type="text/css" href="freedombone.css" />
+<script type="text/javascript">
+/*
+@licstart  The following is the entire license notice for the
+JavaScript code in this tag.
+
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
+
+The JavaScript code in this tag is free software: you can
+redistribute it and/or modify it under the terms of the GNU
+General Public License (GNU GPL) as published by the Free Software
+Foundation, either version 3 of the License, or (at your option)
+any later version.  The code is distributed WITHOUT ANY WARRANTY;
+without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE.  See the GNU GPL for more details.
+
+As additional permission under GNU GPL version 3 section 7, you
+may distribute non-source (e.g., minimized or compacted) forms of
+that code without the copy of the GNU GPL normally required by
+section 4, provided you include this license notice and a URL
+through which recipients can access the Corresponding Source.
+
+
+@licend  The above is the entire license notice
+for the JavaScript code in this tag.
+*/
+<!--/*--><![CDATA[/*><!--*/
+ function CodeHighlightOn(elem, id)
+ {
+   var target = document.getElementById(id);
+   if(null != target) {
+     elem.cacheClassElem = elem.className;
+     elem.cacheClassTarget = target.className;
+     target.className = "code-highlighted";
+     elem.className   = "code-highlighted";
+   }
+ }
+ function CodeHighlightOff(elem, id)
+ {
+   var target = document.getElementById(id);
+   if(elem.cacheClassElem)
+     elem.className = elem.cacheClassElem;
+   if(elem.cacheClassTarget)
+     target.className = elem.cacheClassTarget;
+ }
+/*]]>*///-->
+</script>
+</head>
+<body>
+<div id="preamble" class="status">
+<a name="top" id="top"></a>
+</div>
+<div id="content">
+<div class="org-center">
+
+<div class="figure">
+<p><img src="images/logo.png" alt="logo.png" />
+</p>
+</div>
+</div>
+
+<center>
+<h1>OpenVPN</h1>
+</center>
+
+<blockquote>
+<p>
+"<i>The Net interprets censorship as damage and routes around it.</i>" &#x2013; John Gilmore
+</p>
+</blockquote>
+
+<p>
+A Virtual Private Network (VPN) allows you to move your internet traffic to a different machine in a different geographical location by creating a private cryptographically protected route to that location. The usual use cases are to get around local censorship of the internet such as when you see the message "<i>this content is not available in your area</i>" when trying to play a video. Maybe you're on holiday and your hotel or workplace internet connection is censored. Using a VPN you can connect to your home server and then use the internet normally.
+</p>
+
+<p>
+Using a Tor browser is another way to get around censorship, but there might be occasions where you don't want to use a Tor browser or where Tor relays and bridges are blocked or where you want to run internet apps which aren't within a browser.
+</p>
+
+<div id="outline-container-org74feb72" class="outline-2">
+<h2 id="org74feb72">Installation</h2>
+<div class="outline-text-2" id="text-org74feb72">
+<p>
+ssh into the system with:
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">ssh myusername@mydomainname -p 2222
+</pre>
+</div>
+
+<p>
+Select <b>Administrator controls</b> then <b>Add/Remove apps</b> then <b>vpn</b>. Choose the port which you want the VPN to operate on and then the install will continue.
+</p>
+
+<p>
+Only use ports 443 or 80 for VPN as an <i>absolute last resort</i>, since doing so will prevent other web based apps from running on your server.
+</p>
+</div>
+</div>
+
+<div id="outline-container-org1a94be0" class="outline-2">
+<h2 id="org1a94be0">Usage</h2>
+<div class="outline-text-2" id="text-org1a94be0">
+<p>
+When the installation is complete you can download your VPN keys and configuration files onto your local machine.
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">scp -P 2222 myusername@mydomainname:/home/myusername/client.ovpn .
+scp -P 2222 myusername@mydomainname:/home/myusername/stunnel* .
+</pre>
+</div>
+
+<p>
+You will need to ensure that the <i>openvpn</i> and <i>stunnel</i> packages are installed. On an Arch based system:
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">sudp pacman -S openvpn stunnel4
+</pre>
+</div>
+
+<p>
+Or on a Debian based system:
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">sudo apt-get install openvpn stunnel4
+</pre>
+</div>
+
+<p>
+Now you can connect to your VPN with:
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">sudo stunnel stunnel-client.conf
+sudo openvpn client.ovpn
+</pre>
+</div>
+
+<p>
+You should see a series of messages with "<i>Initialization Sequence Completed</i>" showing at the end. Leave the terminal open and perhaps minimize it to remain connected to the VPN. To leave the VPN close the terminal window.
+</p>
+</div>
+</div>
+
+<div id="outline-container-orgf3e0fef" class="outline-2">
+<h2 id="orgf3e0fef">Changing port number</h2>
+<div class="outline-text-2" id="text-orgf3e0fef">
+<p>
+Avoiding censorship can be a cat and mouse game, and so if the port you're using for VPN gets blocked then you may want to change it.
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">ssh myusername@mydomainname -p 2222
+</pre>
+</div>
+
+<p>
+Select <b>Administrator controls</b> then <b>App Settings</b> then <b>vpn</b>. Choose <b>Change TLS port</b> and enter a new port value. You can then either manually change the port within your VPN configuration files, or download them again as described in the <a href="#org1a94be0">Usage</a> section above.
+</p>
+</div>
+</div>
+
+<div id="outline-container-org98985f3" class="outline-2">
+<h2 id="org98985f3">Generating new keys</h2>
+<div class="outline-text-2" id="text-org98985f3">
+<p>
+It's possible that your VPN keys might get lost or compromised on your local machine. If that happens you can generate new ones from the <b>Administrator controls</b> by going to <b>App Settings</b> then <b>vpn</b> then choosing <b>Regenerate keys for a user</b> and downloading the new keys as described in the <a href="#org1a94be0">Usage</a> section above.
+</p>
+</div>
+</div>
+</div>
+<div id="postamble" class="status">
+
+<style type="text/css">
+.back-to-top {
+    position: fixed;
+    bottom: 2em;
+    right: 0px;
+    text-decoration: none;
+    color: #000000;
+    background-color: rgba(235, 235, 235, 0.80);
+    font-size: 12px;
+    padding: 1em;
+    display: none;
+}
+
+.back-to-top:hover {
+    background-color: rgba(135, 135, 135, 0.50);
+}
+</style>
+
+<div class="back-to-top">
+<a href="#top">Back to top</a> | <a href="mailto:bob@freedombone.net">E-mail me</a>
+</div>
+</div>
+</body>
+</html>

website/EN/apps.html

@@ -3,10 +3,10 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-07-28 Fri 22:42 -->
+<!-- 2017-09-27 Wed 17:45 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
-<title></title>
+<title>&lrm;</title>
 <meta name="generator" content="Org mode" />
 <meta name="author" content="Bob Mottram" />
 <meta name="description" content="List of apps available on freedombone"
@@ -264,9 +264,9 @@ The base install of the system just contains an email server and Mutt client, bu
 </div>
 </div>
 
-<div id="outline-container-orgbe17d63" class="outline-2">
-<h2 id="orgbe17d63">CryptPad</h2>
-<div class="outline-text-2" id="text-orgbe17d63">
+<div id="outline-container-orge12e0d4" class="outline-2">
+<h2 id="orge12e0d4">CryptPad</h2>
+<div class="outline-text-2" id="text-orge12e0d4">
 <p>
 Collaborate on editing documents, presentations and source code, or vote on things. All with a good level of security.
 </p>
@@ -276,9 +276,9 @@ Collaborate on editing documents, presentations and source code, or vote on thin
 </p>
 </div>
 </div>
-<div id="outline-container-orgeb85cd1" class="outline-2">
-<h2 id="orgeb85cd1">DLNA</h2>
-<div class="outline-text-2" id="text-orgeb85cd1">
+<div id="outline-container-orgaaead32" class="outline-2">
+<h2 id="orgaaead32">DLNA</h2>
+<div class="outline-text-2" id="text-orgaaead32">
 <p>
 Enables you to use the system as a music server which any DLNA compatible devices can connect to within your home network.
 </p>
@@ -288,9 +288,9 @@ Enables you to use the system as a music server which any DLNA compatible device
 </p>
 </div>
 </div>
-<div id="outline-container-orge7dce56" class="outline-2">
-<h2 id="orge7dce56">Dokuwiki</h2>
-<div class="outline-text-2" id="text-orge7dce56">
+<div id="outline-container-orga0c144d" class="outline-2">
+<h2 id="orga0c144d">Dokuwiki</h2>
+<div class="outline-text-2" id="text-orga0c144d">
 <p>
 A databaseless wiki system.
 </p>
@@ -300,9 +300,9 @@ A databaseless wiki system.
 </p>
 </div>
 </div>
-<div id="outline-container-org16980fe" class="outline-2">
-<h2 id="org16980fe">Emacs</h2>
-<div class="outline-text-2" id="text-org16980fe">
+<div id="outline-container-orgad65042" class="outline-2">
+<h2 id="orgad65042">Emacs</h2>
+<div class="outline-text-2" id="text-orgad65042">
 <p>
 If you use the Mutt client to read your email then this will set it up to use emacs for composing new mail.
 </p>
@@ -312,9 +312,9 @@ If you use the Mutt client to read your email then this will set it up to use em
 </p>
 </div>
 </div>
-<div id="outline-container-orge6eede4" class="outline-2">
-<h2 id="orge6eede4">Etherpad</h2>
-<div class="outline-text-2" id="text-orge6eede4">
+<div id="outline-container-org7ba525b" class="outline-2">
+<h2 id="org7ba525b">Etherpad</h2>
+<div class="outline-text-2" id="text-org7ba525b">
 <p>
 Collaborate on creating documents in real time. Maybe you're planning a holiday with other family members or creating documentation for a Free Software project along with other volunteers. Etherpad is hard to beat for simplicity and speed. Only users of the system will be able to access it.
 </p>
@@ -324,9 +324,9 @@ Collaborate on creating documents in real time. Maybe you're planning a holiday
 </p>
 </div>
 </div>
-<div id="outline-container-org72aea62" class="outline-2">
-<h2 id="org72aea62">Friendica</h2>
-<div class="outline-text-2" id="text-org72aea62">
+<div id="outline-container-orgb7656a4" class="outline-2">
+<h2 id="orgb7656a4">Friendica</h2>
+<div class="outline-text-2" id="text-orgb7656a4">
 <p>
 Federated social network system.
 </p>
@@ -336,9 +336,9 @@ Federated social network system.
 </p>
 </div>
 </div>
-<div id="outline-container-org75bbd1d" class="outline-2">
-<h2 id="org75bbd1d">Ghost</h2>
-<div class="outline-text-2" id="text-org75bbd1d">
+<div id="outline-container-org9b12dc6" class="outline-2">
+<h2 id="org9b12dc6">Ghost</h2>
+<div class="outline-text-2" id="text-org9b12dc6">
 <p>
 Modern looking blogging system.
 </p>
@@ -348,9 +348,9 @@ Modern looking blogging system.
 </p>
 </div>
 </div>
-<div id="outline-container-org879241a" class="outline-2">
-<h2 id="org879241a">GNU Social</h2>
-<div class="outline-text-2" id="text-org879241a">
+<div id="outline-container-org507ecb0" class="outline-2">
+<h2 id="org507ecb0">GNU Social</h2>
+<div class="outline-text-2" id="text-org507ecb0">
 <p>
 Federated social network. You can "<i>remote follow</i>" other users within the GNU Social federation.
 </p>
@@ -360,9 +360,9 @@ Federated social network. You can "<i>remote follow</i>" other users within the
 </p>
 </div>
 </div>
-<div id="outline-container-org0c63c0d" class="outline-2">
-<h2 id="org0c63c0d">Gogs</h2>
-<div class="outline-text-2" id="text-org0c63c0d">
+<div id="outline-container-org8309404" class="outline-2">
+<h2 id="org8309404">Gogs</h2>
+<div class="outline-text-2" id="text-org8309404">
 <p>
 Lightweight git project hosting system. You can mirror projects from Github, or if Github turns evil then just host your own projects while retaining the familiar <i>fork-and-pull</i> workflow. If you can use Github then you can also use Gogs.
 </p>
@@ -372,9 +372,9 @@ Lightweight git project hosting system. You can mirror projects from Github, or
 </p>
 </div>
 </div>
-<div id="outline-container-org8d5a195" class="outline-2">
-<h2 id="org8d5a195">HTMLy</h2>
-<div class="outline-text-2" id="text-org8d5a195">
+<div id="outline-container-orgc12018c" class="outline-2">
+<h2 id="orgc12018c">HTMLy</h2>
+<div class="outline-text-2" id="text-orgc12018c">
 <p>
 Databaseless blogging system. Quite simple and with a markdown-like format.
 </p>
@@ -384,9 +384,9 @@ Databaseless blogging system. Quite simple and with a markdown-like format.
 </p>
 </div>
 </div>
-<div id="outline-container-orgbc0a684" class="outline-2">
-<h2 id="orgbc0a684">Hubzilla</h2>
-<div class="outline-text-2" id="text-orgbc0a684">
+<div id="outline-container-org7c97a23" class="outline-2">
+<h2 id="org7c97a23">Hubzilla</h2>
+<div class="outline-text-2" id="text-org7c97a23">
 <p>
 Web publishing platform with social network like features and good privacy controls so that it's possible to specify who can see which content. Includes photo albums, calendar, wiki and file storage.
 </p>
@@ -396,9 +396,9 @@ Web publishing platform with social network like features and good privacy contr
 </p>
 </div>
 </div>
-<div id="outline-container-org4f18360" class="outline-2">
-<h2 id="org4f18360">IRC Server (ngirc)</h2>
-<div class="outline-text-2" id="text-org4f18360">
+<div id="outline-container-org15dcaac" class="outline-2">
+<h2 id="org15dcaac">IRC Server (ngirc)</h2>
+<div class="outline-text-2" id="text-org15dcaac">
 <p>
 Run your own IRC chat channel which can be secured with a password and accessible via an onion address. A bouncer is included so that you can receive messages sent while you were offline. Works with Hexchat and other popular clients.
 </p>
@@ -408,18 +408,18 @@ Run your own IRC chat channel which can be secured with a password and accessibl
 </p>
 </div>
 </div>
-<div id="outline-container-orgc105f39" class="outline-2">
-<h2 id="orgc105f39">Jitsi Meet</h2>
-<div class="outline-text-2" id="text-orgc105f39">
+<div id="outline-container-orga195719" class="outline-2">
+<h2 id="orga195719">Jitsi Meet</h2>
+<div class="outline-text-2" id="text-orga195719">
 <p>
 Experimental WebRTC video conferencing system, similar to Google Hangouts. This may not be fully functional, but is hoped to be in the near future.
 </p>
 </div>
 </div>
 
-<div id="outline-container-org10fbc88" class="outline-2">
-<h2 id="org10fbc88">KanBoard</h2>
-<div class="outline-text-2" id="text-org10fbc88">
+<div id="outline-container-org67269ac" class="outline-2">
+<h2 id="org67269ac">KanBoard</h2>
+<div class="outline-text-2" id="text-org67269ac">
 <p>
 A simple kanban system for managing projects or TODO lists.
 </p>
@@ -429,9 +429,9 @@ A simple kanban system for managing projects or TODO lists.
 </p>
 </div>
 </div>
-<div id="outline-container-orgb3097e7" class="outline-2">
-<h2 id="orgb3097e7">Key Server</h2>
-<div class="outline-text-2" id="text-orgb3097e7">
+<div id="outline-container-org5db580b" class="outline-2">
+<h2 id="org5db580b">Key Server</h2>
+<div class="outline-text-2" id="text-org5db580b">
 <p>
 An OpenPGP key server for storing and retrieving GPG public keys.
 </p>
@@ -441,9 +441,9 @@ An OpenPGP key server for storing and retrieving GPG public keys.
 </p>
 </div>
 </div>
-<div id="outline-container-orga3542ee" class="outline-2">
-<h2 id="orga3542ee">Koel</h2>
-<div class="outline-text-2" id="text-orga3542ee">
+<div id="outline-container-org6675f8f" class="outline-2">
+<h2 id="org6675f8f">Koel</h2>
+<div class="outline-text-2" id="text-org6675f8f">
 <p>
 Access your music collection from any internet connected device.
 </p>
@@ -453,9 +453,9 @@ Access your music collection from any internet connected device.
 </p>
 </div>
 </div>
-<div id="outline-container-orga662c8f" class="outline-2">
-<h2 id="orga662c8f">Lychee</h2>
-<div class="outline-text-2" id="text-orga662c8f">
+<div id="outline-container-orgdfd8572" class="outline-2">
+<h2 id="orgdfd8572">Lychee</h2>
+<div class="outline-text-2" id="text-orgdfd8572">
 <p>
 Make your photo albums available on the web.
 </p>
@@ -465,9 +465,9 @@ Make your photo albums available on the web.
 </p>
 </div>
 </div>
-<div id="outline-container-orgccf23ee" class="outline-2">
-<h2 id="orgccf23ee">Mailpile</h2>
-<div class="outline-text-2" id="text-orgccf23ee">
+<div id="outline-container-org5f70509" class="outline-2">
+<h2 id="org5f70509">Mailpile</h2>
+<div class="outline-text-2" id="text-org5f70509">
 <p>
 Modern email client which supports GPG encryption.
 </p>
@@ -477,9 +477,9 @@ Modern email client which supports GPG encryption.
 </p>
 </div>
 </div>
-<div id="outline-container-orgdee374a" class="outline-2">
-<h2 id="orgdee374a">Matrix</h2>
-<div class="outline-text-2" id="text-orgdee374a">
+<div id="outline-container-orgacaf2b5" class="outline-2">
+<h2 id="orgacaf2b5">Matrix</h2>
+<div class="outline-text-2" id="text-orgacaf2b5">
 <p>
 Multi-user chat with some security and moderation controls.
 </p>
@@ -489,9 +489,9 @@ Multi-user chat with some security and moderation controls.
 </p>
 </div>
 </div>
-<div id="outline-container-org7faaca0" class="outline-2">
-<h2 id="org7faaca0">Mediagoblin</h2>
-<div class="outline-text-2" id="text-org7faaca0">
+<div id="outline-container-org4c6673d" class="outline-2">
+<h2 id="org4c6673d">Mediagoblin</h2>
+<div class="outline-text-2" id="text-org4c6673d">
 <p>
 Publicly host video and audio files so that you don't need to use YouTube/Vimeo/etc.
 </p>
@@ -501,9 +501,9 @@ Publicly host video and audio files so that you don't need to use YouTube/Vimeo/
 </p>
 </div>
 </div>
-<div id="outline-container-orgfa87291" class="outline-2">
-<h2 id="orgfa87291">Mumble</h2>
-<div class="outline-text-2" id="text-orgfa87291">
+<div id="outline-container-org5778590" class="outline-2">
+<h2 id="org5778590">Mumble</h2>
+<div class="outline-text-2" id="text-org5778590">
 <p>
 The popular VoIP and text chat system. Say goodbye to old-fashioned telephony conferences with silly dial codes. Also works well on mobile.
 </p>
@@ -513,9 +513,9 @@ The popular VoIP and text chat system. Say goodbye to old-fashioned telephony co
 </p>
 </div>
 </div>
-<div id="outline-container-org88bc444" class="outline-2">
-<h2 id="org88bc444">NextCloud</h2>
-<div class="outline-text-2" id="text-org88bc444">
+<div id="outline-container-orgbecac51" class="outline-2">
+<h2 id="orgbecac51">NextCloud</h2>
+<div class="outline-text-2" id="text-orgbecac51">
 <p>
 Store files on your server and sync them with laptops or mobile devices. Includes many plugins including videoconferencing and collaborative document editing.
 </p>
@@ -525,9 +525,9 @@ Store files on your server and sync them with laptops or mobile devices. Include
 </p>
 </div>
 </div>
-<div id="outline-container-orgd909087" class="outline-2">
-<h2 id="orgd909087">PI-Hole</h2>
-<div class="outline-text-2" id="text-orgd909087">
+<div id="outline-container-org4e52617" class="outline-2">
+<h2 id="org4e52617">PI-Hole</h2>
+<div class="outline-text-2" id="text-org4e52617">
 <p>
 The black hole for web adverts. Block adverts at the domain name level within your local network. It can significantly reduce bandwidth, speed up page load times and protect your systems from being tracked by spyware.
 </p>
@@ -537,9 +537,9 @@ The black hole for web adverts. Block adverts at the domain name level within yo
 </p>
 </div>
 </div>
-<div id="outline-container-org54cc393" class="outline-2">
-<h2 id="org54cc393">PostActiv</h2>
-<div class="outline-text-2" id="text-org54cc393">
+<div id="outline-container-org77c5c76" class="outline-2">
+<h2 id="org77c5c76">PostActiv</h2>
+<div class="outline-text-2" id="text-org77c5c76">
 <p>
 An alternative federated social networking system compatible with GNU Social. It includes some optimisations and fixes currently not available within the main GNU Social project.
 </p>
@@ -549,9 +549,9 @@ An alternative federated social networking system compatible with GNU Social. It
 </p>
 </div>
 </div>
-<div id="outline-container-orgbf4385b" class="outline-2">
-<h2 id="orgbf4385b">Profanity</h2>
-<div class="outline-text-2" id="text-orgbf4385b">
+<div id="outline-container-org0bf6985" class="outline-2">
+<h2 id="org0bf6985">Profanity</h2>
+<div class="outline-text-2" id="text-org0bf6985">
 <p>
 A shell based XMPP client which you can run on the Freedombone server via ssh.
 </p>
@@ -561,9 +561,9 @@ A shell based XMPP client which you can run on the Freedombone server via ssh.
 </p>
 </div>
 </div>
-<div id="outline-container-orgda318c9" class="outline-2">
-<h2 id="orgda318c9">Riot Web</h2>
-<div class="outline-text-2" id="text-orgda318c9">
+<div id="outline-container-org3a8644d" class="outline-2">
+<h2 id="org3a8644d">Riot Web</h2>
+<div class="outline-text-2" id="text-org3a8644d">
 <p>
 A browser based user interface for the Matrix federated communications system, including WebRTC audio and video chat.
 </p>
@@ -573,9 +573,9 @@ A browser based user interface for the Matrix federated communications system, i
 </p>
 </div>
 </div>
-<div id="outline-container-org99449d0" class="outline-2">
-<h2 id="org99449d0">SearX</h2>
-<div class="outline-text-2" id="text-org99449d0">
+<div id="outline-container-org072b2ee" class="outline-2">
+<h2 id="org072b2ee">SearX</h2>
+<div class="outline-text-2" id="text-org072b2ee">
 <p>
 A metasearch engine for customised and private web searches.
 </p>
@@ -585,9 +585,9 @@ A metasearch engine for customised and private web searches.
 </p>
 </div>
 </div>
-<div id="outline-container-org761a652" class="outline-2">
-<h2 id="org761a652">tt-rss</h2>
-<div class="outline-text-2" id="text-org761a652">
+<div id="outline-container-orge6d7a97" class="outline-2">
+<h2 id="orge6d7a97">tt-rss</h2>
+<div class="outline-text-2" id="text-orge6d7a97">
 <p>
 Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via an onion address. Have "<i>the right to read</i>" without the Surveillance State knowing what you're reading. Also available with a user interface suitable for viewing on mobile devices via a browser such as OrFox.
 </p>
@@ -597,9 +597,9 @@ Private RSS reader. Pulls in RSS/Atom feeds via Tor and is only accessible via a
 </p>
 </div>
 </div>
-<div id="outline-container-orga6e23d7" class="outline-2">
-<h2 id="orga6e23d7">Syncthing</h2>
-<div class="outline-text-2" id="text-orga6e23d7">
+<div id="outline-container-orgb533fa3" class="outline-2">
+<h2 id="orgb533fa3">Syncthing</h2>
+<div class="outline-text-2" id="text-orgb533fa3">
 <p>
 Possibly the best way to synchronise files across all of your devices. Once it has been set up it "just works" with no user intervention needed.
 </p>
@@ -609,9 +609,9 @@ Possibly the best way to synchronise files across all of your devices. Once it h
 </p>
 </div>
 </div>
-<div id="outline-container-org643b86b" class="outline-2">
-<h2 id="org643b86b">Tahoe-LAFS</h2>
-<div class="outline-text-2" id="text-org643b86b">
+<div id="outline-container-orgae3276a" class="outline-2">
+<h2 id="orgae3276a">Tahoe-LAFS</h2>
+<div class="outline-text-2" id="text-orgae3276a">
 <p>
 Robust and encrypted storage of files on one or more server.
 </p>
@@ -621,9 +621,9 @@ Robust and encrypted storage of files on one or more server.
 </p>
 </div>
 </div>
-<div id="outline-container-org8eb9d12" class="outline-2">
-<h2 id="org8eb9d12">Tox</h2>
-<div class="outline-text-2" id="text-org8eb9d12">
+<div id="outline-container-orga445624" class="outline-2">
+<h2 id="orga445624">Tox</h2>
+<div class="outline-text-2" id="text-orga445624">
 <p>
 Client and bootstrap node for the Tox chat/VoIP system.
 </p>
@@ -633,9 +633,9 @@ Client and bootstrap node for the Tox chat/VoIP system.
 </p>
 </div>
 </div>
-<div id="outline-container-org5a0e4e5" class="outline-2">
-<h2 id="org5a0e4e5">Turtl</h2>
-<div class="outline-text-2" id="text-org5a0e4e5">
+<div id="outline-container-org176644c" class="outline-2">
+<h2 id="org176644c">Turtl</h2>
+<div class="outline-text-2" id="text-org176644c">
 <p>
 A system for privately creating and sharing notes and images, similar to Evernote but without the spying.
 </p>
@@ -645,18 +645,30 @@ A system for privately creating and sharing notes and images, similar to Evernot
 </p>
 </div>
 </div>
-<div id="outline-container-orgdeeab5b" class="outline-2">
-<h2 id="orgdeeab5b">Vim</h2>
-<div class="outline-text-2" id="text-orgdeeab5b">
+<div id="outline-container-org8d3d9ed" class="outline-2">
+<h2 id="org8d3d9ed">Vim</h2>
+<div class="outline-text-2" id="text-org8d3d9ed">
 <p>
 If you use the Mutt client to read your email then this will set it up to use vim for composing new mail.
 </p>
 </div>
 </div>
 
-<div id="outline-container-orgdbd802c" class="outline-2">
-<h2 id="orgdbd802c">XMPP</h2>
-<div class="outline-text-2" id="text-orgdbd802c">
+<div id="outline-container-orgbab78c1" class="outline-2">
+<h2 id="orgbab78c1">Virtual Private Network (VPN)</h2>
+<div class="outline-text-2" id="text-orgbab78c1">
+<p>
+Set up a VPN on your server so that you can bypass local internet censorship.
+</p>
+
+<p>
+<a href="./app_vpn.html">How to use it</a>
+</p>
+</div>
+</div>
+<div id="outline-container-org76fcabc" class="outline-2">
+<h2 id="org76fcabc">XMPP</h2>
+<div class="outline-text-2" id="text-org76fcabc">
 <p>
 Chat server which can be used together with client such as Gajim or Conversations to provide end-to-end content security and also onion routed metadata security. Includes advanced features such as <i>client state notification</i> to save battery power on your mobile devices, support for seamless roaming between networks and <i>message carbons</i> so that you can receive the same messages while being simultaneously logged in to your account on more than one device.
 </p>