freedombone/website/EN/installation.html

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title></title>
<!-- 2015-02-03 Tue 20:51 -->
<meta  http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta  name="generator" content="Org-mode" />
<meta  name="author" content="Bob Mottram" />
<meta  name="description" content="Turn the Beaglebone Black into a personal communications server"
 />
<meta  name="keywords" content="freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber" />
<style type="text/css">
 <!--/*--><![CDATA[/*><!--*/
  .title  { text-align: center; }
  .todo   { font-family: monospace; color: red; }
  .done   { color: green; }
  .tag    { background-color: #eee; font-family: monospace;
            padding: 2px; font-size: 80%; font-weight: normal; }
  .timestamp { color: #bebebe; }
  .timestamp-kwd { color: #5f9ea0; }
  .right  { margin-left: auto; margin-right: 0px;  text-align: right; }
  .left   { margin-left: 0px;  margin-right: auto; text-align: left; }
  .center { margin-left: auto; margin-right: auto; text-align: center; }
  .underline { text-decoration: underline; }
  #postamble p, #preamble p { font-size: 90%; margin: .2em; }
  p.verse { margin-left: 3%; }
  pre {
    border: 1px solid #ccc;
    box-shadow: 3px 3px 3px #eee;
    padding: 8pt;
    font-family: monospace;
    overflow: auto;
    margin: 1.2em;
  }
  pre.src {
    position: relative;
    overflow: visible;
    padding-top: 1.2em;
  }
  pre.src:before {
    display: none;
    position: absolute;
    background-color: white;
    top: -10px;
    right: 10px;
    padding: 3px;
    border: 1px solid black;
  }
  pre.src:hover:before { display: inline;}
  pre.src-sh:before    { content: 'sh'; }
  pre.src-bash:before  { content: 'sh'; }
  pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
  pre.src-R:before     { content: 'R'; }
  pre.src-perl:before  { content: 'Perl'; }
  pre.src-java:before  { content: 'Java'; }
  pre.src-sql:before   { content: 'SQL'; }

  table { border-collapse:collapse; }
  caption.t-above { caption-side: top; }
  caption.t-bottom { caption-side: bottom; }
  td, th { vertical-align:top;  }
  th.right  { text-align: center;  }
  th.left   { text-align: center;   }
  th.center { text-align: center; }
  td.right  { text-align: right;  }
  td.left   { text-align: left;   }
  td.center { text-align: center; }
  dt { font-weight: bold; }
  .footpara:nth-child(2) { display: inline; }
  .footpara { display: block; }
  .footdef  { margin-bottom: 1em; }
  .figure { padding: 1em; }
  .figure p { text-align: center; }
  .inlinetask {
    padding: 10px;
    border: 2px solid gray;
    margin: 10px;
    background: #ffffcc;
  }
  #org-div-home-and-up
   { text-align: right; font-size: 70%; white-space: nowrap; }
  textarea { overflow-x: auto; }
  .linenr { font-size: smaller }
  .code-highlighted { background-color: #ffff00; }
  .org-info-js_info-navigation { border-style: none; }
  #org-info-js_console-label
    { font-size: 10px; font-weight: bold; white-space: nowrap; }
  .org-info-js_search-highlight
    { background-color: #ffff00; color: #000000; font-weight: bold; }
  /*]]>*/-->
</style>
<link rel="stylesheet" type="text/css"
href="http://sachachua.com/blog/wp-content/themes/sacha-v3/foundation/css/foundation.min.css"></link>
<link rel="stylesheet" type="text/css" href="http://sachachua.com/org-export.css"></link>
<link rel="stylesheet" type="text/css" href="http://sachachua.com/blog/wp-content/themes/sacha-v3/style.css"></link>
<script type="text/javascript">
/*
@licstart  The following is the entire license notice for the
JavaScript code in this tag.

Copyright (C) 2012-2013 Free Software Foundation, Inc.

The JavaScript code in this tag is free software: you can
redistribute it and/or modify it under the terms of the GNU
General Public License (GNU GPL) as published by the Free Software
Foundation, either version 3 of the License, or (at your option)
any later version.  The code is distributed WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE.  See the GNU GPL for more details.

As additional permission under GNU GPL version 3 section 7, you
may distribute non-source (e.g., minimized or compacted) forms of
that code without the copy of the GNU GPL normally required by
section 4, provided you include this license notice and a URL
through which recipients can access the Corresponding Source.


@licend  The above is the entire license notice
for the JavaScript code in this tag.
*/
<!--/*--><![CDATA[/*><!--*/
 function CodeHighlightOn(elem, id)
 {
   var target = document.getElementById(id);
   if(null != target) {
     elem.cacheClassElem = elem.className;
     elem.cacheClassTarget = target.className;
     target.className = "code-highlighted";
     elem.className   = "code-highlighted";
   }
 }
 function CodeHighlightOff(elem, id)
 {
   var target = document.getElementById(id);
   if(elem.cacheClassElem)
     elem.className = elem.cacheClassElem;
   if(elem.cacheClassTarget)
     target.className = elem.cacheClassTarget;
 }
/*]]>*///-->
</script>
</head>
<body>
<div id="preamble" class="status">
<a name="top" id="top"></a>
</div>
<div id="content">
<h1 class="title"></h1>
<div class="center">

<div class="figure">
<p><img src="./images/logo.png" alt="logo.png" />
</p>
</div>
</div>
<table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">


<colgroup>
<col  class="left" />

<col  class="left" />

<col  class="left" />

<col  class="left" />

<col  class="left" />

<col  class="left" />

<col  class="left" />

<col  class="left" />
</colgroup>
<tbody>
<tr>
<td class="left"><a href="index.html">Home</a></td>
<td class="left"><a href="#unnumbered-1">Preparation for the Beaglebone Black</a></td>
<td class="left"><a href="#unnumbered-2">Checklist</a></td>
<td class="left"><a href="#unnumbered-3">GPG Keys</a></td>
<td class="left"><a href="#unnumbered-4">Interactive Setup</a></td>
<td class="left"><a href="#unnumbered-5">Non-Interactive Setup</a></td>
<td class="left"><a href="#unnumbered-6">Post-Setup</a></td>
<td class="left"><a href="#unnumbered-7">On Client Machines</a></td>
</tr>
</tbody>
</table>


<div id="outline-container-unnumbered-1" class="outline-2">
<h2 id="unnumbered-1">Preparation for the Beaglebone Black</h2>
<div class="outline-text-2" id="text-unnumbered-1">
<p>
This section is specific to the Beaglebone Black hardware. If you're not using that hardware then just skip to the next section.
</p>

<p>
To get started you will need:
</p>

<ul class="org-ul">
<li>A Beaglebone Black
</li>
<li>A MicroSD card
</li>
<li>Ethernet cable
</li>
<li>Optionally a 5V 2A power supply for the Beaglebone Black
</li>
<li>Access to the internet via a router with ethernet sockets
</li>
<li>USB thumb drive (for backups or storing media)
</li>
<li>One or more domains available via a dynamic DNS provider, such as <a href="https://freedns.afraid.org/">https://freedns.afraid.org/</a>
</li>
<li>A purchased domain name and SSL certificate (only needed for Red Matrix)
</li>
<li>A laptop or desktop machine with the ability to write to a microSD card (might need an adaptor)
</li>
</ul>

<p>
You will also need to know, or find out, the IP address of your internet router and have a suitable static IP address for the Beaglebone on your local network. The router should allow you to forward ports to the Beaglebone (often this is under firewall or "advanced" settings).
</p>

<p>
You can either install from a debian package or manually as follows:
</p>

<div class="org-src-container">

<pre class="src src-bash">sudo apt-get update
sudo apt-get install git dialog build-essential
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
sudo make install
</pre>
</div>

<p>
Plug the microSD card into your laptop/desktop and then run the <b>freedombone-prep</b> command. For example:
</p>

<div class="org-src-container">

<pre class="src src-bash">freedombone-prep -d /dev/sdX --ip freedombone_IP_address --iprouter router_IP_address
</pre>
</div>

<p>
where /dev/sdX is the device name for the microSD card. Often it's /dev/sdb or /dev/sdc, depending upon how many drives there are on your system. The script will download the Debian installer and update the microSD card. It can take a while, so be patient.
</p>

<p>
When the initial setup is done follow the instructions on screen to run the main freedombone command.
</p>
</div>
</div>

<div id="outline-container-unnumbered-2" class="outline-2">
<h2 id="unnumbered-2">Checklist</h2>
<div class="outline-text-2" id="text-unnumbered-2">
<p>
Before running the freedombone command you will need a few things.
</p>

<ul class="org-ul">
<li>Have some domains, or subdomains, registered with a dynamic DNS service
</li>
<li>System with a new installation of Debian Jessie
</li>
<li>Ethernet connection to an internet router
</li>
<li>It is possible to forward ports from the internet router to the system
</li>
<li>If you want to set up a social network or microblog then you will need SSL certificates corresponding to those domains
</li>
<li>Have ssh access to the system
</li>
</ul>
</div>
</div>

<div id="outline-container-unnumbered-3" class="outline-2">
<h2 id="unnumbered-3">GPG Keys</h2>
<div class="outline-text-2" id="text-unnumbered-3">
<p>
If you have existing GPG keys then copy the .gnupg directory onto the system.
</p>

<div class="org-src-container">

<pre class="src src-bash">scp -r ~/.gnupg username@freedombone_IP_address:/home/username
</pre>
</div>
</div>
</div>

<div id="outline-container-unnumbered-4" class="outline-2">
<h2 id="unnumbered-4">Interactive Setup</h2>
<div class="outline-text-2" id="text-unnumbered-4">
<p>
The interactive server configuration setup is recommended for most users. On the system where freedombone is to be installed create a configuration file.
</p>

<div class="org-src-container">

<pre class="src src-bash">ssh myusername@freedombone_IP_address
su
sudo apt-get update
apt-get install git dialog build-essential
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
make install
</pre>
</div>

<p>
Now the easiest way to install the system is via the interactive setup.
</p>

<div class="org-src-container">

<pre class="src src-bash">freedombone menuconfig
</pre>
</div>

<p>
You can select which variant you wish to install and then enter the details as requested. A video of the install sequence can be <a href="./installer.ogv">seen here</a>.
</p>
</div>
</div>

<div id="outline-container-unnumbered-5" class="outline-2">
<h2 id="unnumbered-5">Non-Interactive Setup</h2>
<div class="outline-text-2" id="text-unnumbered-5">
<p>
If you don't want to install interactively then it's possible to manually create a configuration file as follows:
</p>

<p>
On the system where freedombone is to be installed create a configuration file.
</p>

<div class="org-src-container">

<pre class="src src-bash">ssh myusername@freedombone_IP_address
su
sudo apt-get update
apt-get install git build-essential
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
make install
nano /home/myusername/freedombone/freedombone.cfg
</pre>
</div>

<p>
Add the following, and set the values as needed. DEFAULT_DOMAIN_NAME is where your email/xmpp/irc/voip will be accessed from. It could be the same as one of your other domains, or separate.
</p>

<div class="org-src-container">

<pre class="src src-bash"><span class="org-variable-name">MY_USERNAME</span>=myusername
<span class="org-variable-name">DEFAULT_DOMAIN_NAME</span>=mywikidomain
<span class="org-variable-name">SYSTEM_TYPE</span>=full
<span class="org-variable-name">INSTALLING_ON_BBB</span>=no
<span class="org-variable-name">DDNS_PROVIDER</span>=default@freedns.afraid.org
<span class="org-variable-name">DDNS_USERNAME</span>=ddnsusername
<span class="org-variable-name">DDNS_PASSWORD</span>=ddnspassword3471326
<span class="org-variable-name">MY_NAME</span>=MyFullNameOrNick
<span class="org-variable-name">MY_EMAIL_ADDRESS</span>=myusername@mywikidomain
<span class="org-variable-name">LOCAL_NETWORK_STATIC_IP_ADDRESS</span>=192.168.1.60
<span class="org-variable-name">ROUTER_IP_ADDRESS</span>=192.168.1.254
<span class="org-variable-name">ENABLE_CJDNS</span>=no
<span class="org-variable-name">DEBIAN_REPO</span>=ftp.us.debian.org
<span class="org-variable-name">NAMESERVER1</span>=85.214.73.63
<span class="org-variable-name">NAMESERVER2</span>=213.73.91.35
<span class="org-variable-name">WIKI_TITLE</span>=my wiki title
<span class="org-variable-name">WIKI_DOMAIN_NAME</span>=mywikidomain
<span class="org-variable-name">MY_BLOG_TITLE</span>=my blog
<span class="org-variable-name">FULLBLOG_DOMAIN_NAME</span>=myblogdomain
<span class="org-variable-name">MICROBLOG_DOMAIN_NAME</span>=mymicroblogdomain
<span class="org-variable-name">REDMATRIX_DOMAIN_NAME</span>=myredmatrixdomain
<span class="org-variable-name">OWNCLOUD_DOMAIN_NAME</span>=myownclouddomain
</pre>
</div>

<p>
Both of the IP addresses are local IP addresses, typically of the form 192.168.x.x, with one being for the system and the other being for the internet router.
</p>

<p>
Save the configuration file and exit from your editor.
</p>

<p>
Now you can begin the installation. If you are doing this on a Beaglebone Black:
</p>

<div class="org-src-container">

<pre class="src src-bash">freedombone -c freedombone.cfg
</pre>
</div>

<p>
The above command should be run in the same directory in which your configuration file exists.
</p>

<p>
Also see the manpage for additional options which can be used instead of a configuration file.
</p>
</div>
</div>

<div id="outline-container-unnumbered-6" class="outline-2">
<h2 id="unnumbered-6">Post-Setup</h2>
<div class="outline-text-2" id="text-unnumbered-6">
<p>
Setup of the server and installation of all the relevant packages is not quick, and depends upon which variant you choose and your internet bandwidth. Allow about three hours for a full installation on the Beaglebone Black. On the Beaglebone installation is in two parts, since a reboot is needed to enable the hardware random number generator and zram.
</p>

<p>
When done you can ssh into the Freedombone with:
</p>

<div class="org-src-container">

<pre class="src src-bash">ssh myusername@domain -p 2222
</pre>
</div>

<p>
Any manual post-installation setup instructions or passwords can be found in /home/username/README. You should remove any passwords from that file and store them within a password manager such as KeepassX.
</p>

<p>
On your internet router, typically under firewall settings, open the following ports and forward them to your server.
</p>

<table border="2" cellspacing="0" cellpadding="6" rules="groups" frame="hsides">


<colgroup>
<col  class="left" />

<col  class="right" />
</colgroup>
<thead>
<tr>
<th scope="col" class="left">Service</th>
<th scope="col" class="right">Ports</th>
</tr>
</thead>
<tbody>
<tr>
<td class="left">HTTP</td>
<td class="right">80</td>
</tr>

<tr>
<td class="left">HTTPS</td>
<td class="right">443</td>
</tr>

<tr>
<td class="left">SSH</td>
<td class="right">2222</td>
</tr>

<tr>
<td class="left">DLNA</td>
<td class="right">1900</td>
</tr>

<tr>
<td class="left">DLNA</td>
<td class="right">8200</td>
</tr>

<tr>
<td class="left">XMPP</td>
<td class="right">5222..5223</td>
</tr>

<tr>
<td class="left">XMPP</td>
<td class="right">5269</td>
</tr>

<tr>
<td class="left">XMPP</td>
<td class="right">5280..5281</td>
</tr>

<tr>
<td class="left">IRC</td>
<td class="right">6697</td>
</tr>

<tr>
<td class="left">IRC</td>
<td class="right">9999</td>
</tr>

<tr>
<td class="left">Git</td>
<td class="right">9418</td>
</tr>

<tr>
<td class="left">Email</td>
<td class="right">25</td>
</tr>

<tr>
<td class="left">Email</td>
<td class="right">587</td>
</tr>

<tr>
<td class="left">Email</td>
<td class="right">465</td>
</tr>

<tr>
<td class="left">Email</td>
<td class="right">993</td>
</tr>

<tr>
<td class="left">VoIP</td>
<td class="right">64738</td>
</tr>
</tbody>
</table>
</div>
</div>

<div id="outline-container-unnumbered-7" class="outline-2">
<h2 id="unnumbered-7">On Client Machines</h2>
<div class="outline-text-2" id="text-unnumbered-7">
<p>
You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
</p>

<div class="org-src-container">

<pre class="src src-bash">sudo apt-get update
sudo apt-get install git dialog haveged build-essential
git clone https://github.com/bashrc/freedombone
<span class="org-builtin">cd</span> freedombone
sudo make install
freedombone-client
</pre>
</div>
</div>
</div>
</div>
<div id="postamble" class="status">

<style type="text/css">
.back-to-top {
    position: fixed;
    bottom: 2em;
    right: 0px;
    text-decoration: none;
    color: #000000;
    background-color: rgba(235, 235, 235, 0.80);
    font-size: 12px;
    padding: 1em;
    display: none;
}

.back-to-top:hover {
    background-color: rgba(135, 135, 135, 0.50);
}
</style>

<div class="back-to-top">
<a href="#top">Back to top</a> | <a href="mailto:bob@robotics.uk.to">E-mail me</a>
</div>

<script type="text/javascript">
    var offset = 220;
    var duration = 500;
    jQuery(window).scroll(function() {
        if (jQuery(this).scrollTop() > offset) {
            jQuery('.back-to-top').fadeIn(duration);
        } else {
            jQuery('.back-to-top').fadeOut(duration);
        }
    });
</script>
</div>
</body>
</html>