Categories
Business Freedom and Privacy Life Skills

Starting a Company Right with LibreOffice Docs

If you are at a company at the startup phase, and you want to make sure that the company isn’t plagued by proprietary office documents, and to make sure that everyone knows the reason *why* this matters, I have created the attached documents. I will also paste the raw text into this post so you can know what’s in the documents.

You may need to send a very stern and heartfelt email with these documents (edited to your liking) to the Founders of a company to show them that you aren’t trying to make life hard but actually better. Many people who are wrapped up in closed software simply don’t understand they are victims.

I hope these prove to be valuable to you and your startup and that free software is further advanced as a result.

WORKING WITH OFFICE DOCUMENTS AT NEWCO

Working with office documents such as spreadsheets and text documents is fundamental to every business. Here at NewCo, we only work with office document software that respects our privacy and the privacy of those with whom we communicate on a day-to-day basis. By operating in this way, we assure that no one at NewCo (or outside) is forced to purchase expensive or unethical software to perform the task at hand. It also future-proofs NewCo against needs that may require wholesale adjustments to documents and / or implementations of business systems.

What this means on a practical level is that every spreadsheet and text document created, is done so in LibreOffice. LibreOffice is distributed on your Ubuntu operating system distribution and also on many other distributions in the world. LibreOffice also has the capability of opening proprietary software and saving to their formats.

Creating a New Office Document

  1. Open LibreOffice
  2. Select the type of document you want to create from top left icon in menu
  1. Click File / save or ‘control + s’ and it will automatically save in the correct (and ethical) format

Converting Proprietary Documents to LibreOffice

If someone sends you a document in a closed/proprietary format (such as Microsoft’s ‘Word’ or “Excel”) which is to be used for any business purpose whatsoever, especially on an ongoing basis:

  1. Open the document in LibreOffice
  2. Save the document ‘file / save’ or ‘control + s’
  1. If /when a warning appears, accept the ODF option. This will instantly convert the document to a format that works in LibreOffice. Most of the time there is no material damage to the formatting but if there is it is usually a quick fix.

Outbound Company Documents

Default to PDF – Every Time

In the event that someone needs a document from us, we should, unless asked otherwise, always provide the information / document in PDF format. There are three major reasons for this:

1. Security: this is a step way to help make sure information sent from NewCo is not manipulated on the other side (it’s an image file life a photo at its core).

2. Branding and Marketing : companies and their employees who send information in editable documents display their lack of professionalism to the recipient which is something we never want to do from the first day. Sending an editable office document . When someone in business sends a ‘Word or Excel” document, it screams “mom & pop operation” and immediately shows they are not a serious operation which will put NewCo in an inferior brand position.

3. Supreme Accessibility: PDF is one of the only formats that is able to be opened and viewed reliably, and with good formatting on any device on earth.

The good news is that in LibreOffice, this is dead easy: there is a one-button PDF creation tool in the menu. 

Creating a PDF Office Document

  1. Open Document in LibreOffice
  2. Click the one-button PDF creation tool
  1. Name it and save it

Increase the PDF Security with a Password (Optional)

The greater news is that by choosing ‘file’ and ‘export’ (instead of the one-button option above) you can easily export the same PDF with a password so that the person opening can only open it with the password you provide them, which further protects the data we send out and puts NewCo a further step above other companies in terms of quality presentation in front of others and in terms of security.

Outbound Company Documents As LibreOffice Only

In the event an external party needs a document that they need to manipulate:

  1. Attach the appropriate LibreOffice document in the LibreOffice format (ie. .odt, .ods)
  2. Copy and paste the following message into the body of the email which explains what’s going on and why:

+++++

I have attached the document you requested in LibreOffice format – a free, robust and ethical office document software suite. If you don’t already have the software, you can download it (for free) here and you and your company can benefit from it: https://www.libreoffice.org/download/download/

+++++

Outbound Company Documents as LibreOffice and Proprietary

If absolutely needed and you deem the recipient to be a ‘lost cause’ (there are many out there) then you can also pre-convert the document to a Microsoft format using LibreOffice and attach that as well with a modified version of the comments.

  1. Attach the appropriate LibreOffice document in the LibreOffice format (ie. .odt, .ods)
  2. Convert the LibreOffice formatted document to Microsoft’s proprietary format by performing a ‘file / save as’
  1. Attach the proprietary format to the email as well
  2. Copy and paste the following message into the body of the email which explains what’s going on and why:

+++++

I have attached the document you requested in LibreOffice format – a free, robust and ethical office document software suite that our company has embraced. If you don’t already have the software, you can download it (for free) here and you and your company can start benefiting from it: https://www.libreoffice.org/download/download/. I have also attached the document as a Microsoft format for the sake of time as I realize many companies out there are still paying for and using it.

+++++

Categories
Life Skills Parenting Technology Tutorial Ubuntu

Making Roblox Work on Ubuntu in Windows 7 on Virtual Box

IMPORTANT! THIS BLOG POST IS BEING TESTED NOW AND NEEDS SOME WORK. I EXPECT TO UPDATE / IMPROVE THIS AT LEAST ONE MORE TIME. IT’S HERE JUST FOR TESTING PURPOSES. NOTE ALSO THAT AS OF TODAY, EVEN IF YOU GET THIS ALL DONE YOU COULD GET THE SAME ‘KICKED BECAUSE OF WEIRD BEHAVIOUR’ MESSAGE (OR WHATEVER IT’S CALLED). OF COURSE, FEEL FREE TO TRY IT OUT AND LEAVE COMMENTS WHILE I’M ALSO CHECKING IT! 🙂

0. Background

Kids wanted roblox. I hate windows. Roblox only works on Windows. Therefore by deduction, I also hate Roblx. They made their setup so you can play only on windows, android and maybe ios (never checked). But no linux.. what? Serious? A goofy downloadable plugin-app-game kind of thing in 2020? But let’s move on. The fact is, I compromised and made a concession that this setup will be only for this one box for this one purpose and that’s it. I had an old windows 7 machine sticker on one of my ubuntu machines.

1. Find a windows 7 cd rom or some ISO..somewhere…somehow…

Actually this step probably took a whole day. Hadn’t done this in years and windows is so lame that you have to buy their operating system (which isn’t worth paying for) and yeah. So I found some random link online and downloaded windows 7 .iso file professional to match my windows sticker (legitimate key). The fact they even made it hard to download something you already paid for was additional fuel for my Windows fire…

2. Download Virtualbox on Ubuntu

I think this is in the software centre in most Ubuntu Distros. Just search it, install it. Tip: in ubuntu software centre you need to type the whole word for it to show up easily, so ‘virtualbox’ instead of ‘virtual box’

3. Install Windows on Virtualbox

Just start up a “new” machine and point it to your downloaded ISO above. Do the usual windows install that we used to do back when we were slaves…I just accepted all the default suggestions for setting up the box and then adjusted them later. This helps assure a successful install, I believe.

4. Install Guest Additions

This section I’m breaking into two pieces because I’m not 100% sure what’s best. I ‘think’ it depends on what Windows you are using as to whether you need to install guest additions in safe or ‘regular / unsafe’ mode. At least, that’s what my hours of web-searching taught me… So, you can ‘try’ the regular unsafe mode (skip ahead) or, you can do ‘safe mode’ which takes longer and is more annoying. In either case, some of the steps / process might help you along the way so maybe worth a quick read.

A. Installing in ‘Safe’ Mode [this section needs checking / testing]

If you already tried installing guest additions in ‘unsafe mode’you might need to remove guest additions before trying again in safe mode. That’s what I did, anyway. Let’s get this done:

  • When windows is booting you press F8.
  • Choose ‘safe mode with networking’
  • In the Virtual box menu in guest machine window, go to the ‘Devices’ menu
  • Insert Guest additions from bottom of the drop down menu
  • go to ‘start’ menu then ‘my computer’ and the CD rom (in windows)
  • in the ROM directory, double click ‘vboxwindowsadditions-amd64’ (assuming you are 64 architecture…) and a wizard should start
  • Check the ‘direct3D support (experimental)’ checkbox
  • Click ‘install’
  • You may get ‘trust Oracle?’ messages. Even if they can’t be trusted it’s easier to check the box and move on. After all, this is already a highly questionable game and enterprise…
  • Reboot? yes
  • I have notes that said I got a message like “Accept ‘basic 3D’ but I can’t confirm. If you get this, I think you should accept it…
  • After machine comes back, skip ahead and do all the 2D and 3D steps in section below

Here is a helpful [link](this link helped: https://forums.virtualbox.org/viewtopic.php?t=55226) by the way

B. Installing in ‘Unsafe’ Mode

This part got me bad. I also had no idea about ‘Guest Additions’ somehow, so this turned out to be a good learning experience. What ‘guest additions’ does is basically install this big package which gives you more direct and quality connections to the host machines hardware. Before installing I was getting all sorts of video card driver errors. When I opened Roblox Studio it was asking to upgrade to OpenGL 2.0 or higher.

To do this step it was as simple as going to ‘Devices’ and ‘install guest additions’ and walking through the steps. Then it opened a wizard on Windows and walked through the install of the guest addition stuff. Finally it asked for a reboot and when it came back things were already working a bit better. But I was still getting driver errors on Roblox Studio…this ultimately froze the program and demanded to close program which I did. I noticed also that in my ‘device manager’ and then ‘display adaptor’ now it’s listing ‘virtualbox graphics adapter’ which should be best since it’s grabbing host hardware. And this is why I ended up doing all the steps in the ‘safe mode’ section above…

check to see if 3D acceleration is enabled by opening ‘run’ and typing ‘dxdiag’. This link will help if that sounds hard. You should see 3D acceleration as ‘enabled’.Try a round of Roblox? 🙂

5. Enable 3D acceleration in Virtualbox

This one sucked another hour or two of my short life so hopefully this can save you the pain. After doing all of the above I was still getting error after error. In my ‘Directx’ settings I was getting ‘direct3d not available’ messages and another setting ‘not available’. I assumed that Virtualbox would have installed 3D acceleration stuff by default but that was a bad assumption because probably Virtualbox is used by a lot of non-gaming developers who don’t need it nor the drain on the host hardware resources. Anyway, there is likely a good reason for it but the 3D acceleration wasn’t enabled. To enable it, shut down the guest machine, go to ‘settings’ (yellow cogwheel) then ‘display’ then check the 2d and 3d acceleration checkboxes (Not sure if i need 2D but I just wanted to be sure. Probably you should do section 6 below too before starting machine and save a step. Video card stuff may also be linked to the dreaded ‘roblox kicked unexpected client behavior’ message…

A helpful link about 3d acceration stuff.

6. Boosted video memory

I also noticed an ‘invalid setting’ in virtualbox saying that I was less than 27MB of video memory so I raised it from 16MB up to 32 to see if that made things better in the settings of the guest machine.

7. Overcoming the ‘roblox kicked unexpected client behavior’ issue

Frankly, I don’t have the answer yet but working on it. It ‘seems’ unsolvable for both Wine and Virtualbox in Ubuntu but I don’t quit easily. For now it would be nice to have others help on this one since I did all the heavy lifting. I feel there might be a browser hack or some other simple work around to stop the player from getting kicked for no reason.

Categories
Life Skills Technology Tutorial

How to Import Shopify Data into Prestashop with CSV

Brutal. I spent probably 3 hours trying to figure this out so I thought I should spend about 10 minutes and write this quick blog post for anyone else who might hit this.

I was testing out Prestashop (looking good so far!) and the aim was to move a new shopify account over to Prestashop to see how it goes.

First thing I did was had the Shopify product data exported as .csv file.

Next I followed the instructions on the documentation page for importing into Prestshop. Unfortunately, though, there seemed to be no detailed instructions about how to set up data. I think this is because there are a lot of migration companies that make some cash doing this so fair enough.

Anyways, what I did was opened up both Shopify .csv and Prestashop demo .csv for products and noticed that they both have different data separator formats.

Shopify uses commas whereas Prestashop uses semi colon.

So, all I had to do was manually type in a comma into the field that says ‘Field Separator’ in the Prestashop import module and everything started working and I could start mapping the fields and database tables as expected and as explained in documentation.

Hope this tiny, one second tip helps you save 3 hours and some cash.

Categories
Life Skills Tutorial Ubuntu

Getting Korean Hangul Working on Ubuntu 18 and higher

How to install Korean Hangul Keyboard Ubuntu Gnome 18

In Ubuntu there are two things that need to happen to be able to type a non-native language into the operating system. You need to get the fonts and the stuff and you then need to configure stuff so the keyboard knows what to do. Without doing both, nothing will work and you’ll think things are broken.

Part 1 – Getting your Korean Language Fonts and Stuff Installed on Machine

  1. super key (sometimes erroneously called the ‘windows key’)
  2. start typing’languages’
  3. Select ‘language and region’ option (may not be top, largest option)
  4. Click the’manage installed languages’ button
  5. If you get the ‘language support is not installed completely select ‘install’. you will be prompted for your admin pass
  6. Click the ‘install/remove lanaguages’ button (on the same ‘Language SUpport’ window. NOTE: This window seems to get easily hidden by other stuff but you can find it again easily in the left launcher while it’s open)
  7. Start typing ‘Ko..’ to trigger the search of ‘Korean’ language when the list of language and their checkboxes appear
  8. select ‘Korean’ and ‘apply’ you will again be prompted for your admin pass. If you are coming from another less secure operating system this is about securing your computer against weird scripts and making sure what is happening is authorized…At this point fonts start downloading and the ‘applying changes’ window is on your screen. This takes a little while sometimes.

Remember, nothing will work yet. You have to do the next section 😉

Now, important little tip here. You need to REBOOT your system now to assure that the input sources in the next steps are refreshed. I cannot tell you how many hours I have burned on this one so just to be sure, take a second to reboot the machine now before continuing.

Part 2 – Getting Input Source Setup So You Can Actually Use the Language

  1. On the same page ‘Language and Region’, under ‘Input Sources’ section, hit the plus + button. I should state here that if for some reason you aren’t seeing what I”m seeing here, just hit your super key and then ‘settings’ and then go to “language & Region” from there. Sometimes stuff moves around…
  2. Hit the 3 dot vertical hamburger icon looking option at the bottom of the list… admittedly this step and the next are not intuitive so feel free to file a GUI suggestion with the fine folks who make Gnome. 🙂
  3. By hitting that option a search field opens up which you’d think would allow you to type ‘Korean’ or ‘Hangul’ and then find your language – but in this case you’d be incorrect for thinking that. What you need to do is scroll to the bottom of this list and selecting ‘Other’. You can alternatively type ‘Ot’ into the search field here…but you cannot type anything more than ‘Ot’ Admittedly this part is plain bad for design… so probably just use the scroll feature here to avoid thinking it’s missing, lol.
  4. Now you are able to use the search field to type ‘Korean’ and / or scroll down to find it. So go ahead and do that now…
  5. You wil see ‘Korean’ and “Korean(101/104 key compatible)” but those are just decoys! Pure deception! The one you want is called “Korean(hangul)”. I have no idea what the other ones are or do but I do know they don’t work for me. Again, if you don’t see this specific option now, you probably didn’t listen to me above and didn’t reboot your machine so be a good student and go ahead and reboot that now…

After it’s highlighted in your list, select the ‘add’ button which should change to a green colour when it’s ready. You should now be brought back to the “Language and Region’ screen and see ‘Korean(Hangul)’ in your list of ‘Input Sources’ You should also notice in the top right area where your wifi, battery, other stuff is that the symbol for your native language has appeared with a drop down arrow. In my case it’s English so I see ‘en’ with the down arrow.

Technically now you have Korean installed and a keyboard input ready to go but a quick tutorial on setting up and using it is probably wise…

Setting up and Using Korean Keyboard

Probably, if you’re like me, you’ve already hit the down arrow, switched to the ‘Ko’ (Korean) option and started typing only to find that it’s still typing English. Why is that after all this work? Because Korean keyboard input is able to type both English and Korean so you have to be able to – while in KO mode – switch back and forth. So what keys do that?

First, let’s take a look at how to switch between input sources. On the Language & Region screen, if you hit the ‘Options’ button (which appeared after you installed Korean) you can now see the key combos to switch between ‘en’ and ‘ko’. This is useful because I find that most of the time I want to be in ‘en’ because my fingers sometimes switch me to Korean accidentally during the day when I don’t need it. The default combo is ‘super’ + space bar. What is ‘super’? See above. It’s the powerful key to the left of the space bar sometimes erroneously called the ‘windows key’. Hit that with space bar and you’ll be able to switch.

Next, while in ‘korean mode’ how to switch between English and Korean? The default appears to be ‘shift + space bar’ (while in Korean mode).

You can make this combo whatever you want by one of two methods:
a) while in Korean mode, hitting the top ‘EN’ drop down in top menu of screen. This will then give you the IBUS ‘setup’ option. I like this way to adjust things. However you can also find it by
b) going to language and Region page, highlighting Korean(hangul) in input sources and hitting the settings cogwheel. Same-same….

Nice. Now you’re typing 강남 style.

Hope this helps. Should have made a video but yeah whatever too late.

Categories
Freedom and Privacy Life Skills Technology

THE NEED FOR A NEW QR CODE WORLD – OR SOMETHING LIKE THAT…

The Background – The Feelings

The background to this one is that I was really amazed by the technology and functionality of QR codes. QR codes brought the convenience of UPC retail bar codes to the average person without the crazy costs associated. So, even from a business perspective you could have your own scanning system if you wanted.

On a personal level, it was mind blowing that I could have a business card with a QR code on it that would ‘hide’ data within visually and then the smart phone or web cam could see the code, unpack the data and leave it with you in a digital format – with no typing needed and no errors (unless the creator goofed). This allowed me to turn a business card into an immediately usable tool, instead of what would happen before where the paper card would get buried or lost before I got to use it, plus it would force me to type more keystrokes than I wanted. I mean.. It could even do a .vcf format something which could be loaded direct into your contact books, from what I recall (would need to review this one but 99% sure I did that…)

Further to the personal benefits, let’s say you are at a social gathering. Someone approaches you and wishes to get your business card, or, some form of contact informaton that might normally be on a business card. But, you don’t really want to share certain parts, or any parts with said person. These days normally you would fumble and figure it out on the fly. What if the person says ‘text me’? Typically I say “I don’t text” and then I have to have a long discussion about why I don’t text and how to reach me, and here’s my email, and here’s my number, but don’t call me, because I don’t like phone calls, blah blah blah… It would be nice to have a standardized way of transmitting data – line of sight – no internet – no wifi – no bluetooth. Just transmit basic data. No worrying about whether they are on apple, or android or Ubuntu Touch (wait, that’s no problem!) or whatever. No worrying about whether they have a cell phone or a cell phone plan, etc. It’s also more inclusive that way.

I can hear the voices now:

  • “But you can email all that!” – No! I want faster. No typing. No thinking.
  • “But you can text all that!” – No! I said I don’t text. Don’t ask me to text you.
  • “But you can ‘bump’ with Android” – I don’t bump. I don’t Android.
  • “This is making something new that we don’t need!” – Ok… maybe… And that’s the point of this blog. Let’s figure that out…

Why QR has failed thus far (In my opinion)

After all these thoughts above, I got to thinking about the limitations of QR. You can read some of my feelings in this bug report I filed at UBports for the Camera app. Of course, I completely understand the security need here and I can’t argue it. But this has always been the issue. For QR codes to flourish, the scanner must be one button away.

And, even if you had one button there is still the annoyance of having to focus the camera. I thought about creating a tiny keychain which had one button and a camera. You would point at the QR and push/hold the ‘shutter’ button. It would focus, scan the QR code and beep when it was logged. Later you could sync that data with whatever device you want, somehow securely.

And that’s when I started thinking that it would be cool to have an ‘audio QR code’. So I searched that and found Chirp. They basically have figured it out with proprietary software – not typically a good solution if you want awesome security and privacy… But, their stuff apparently works. It sends hypersonic sounds and data.

In my opinion, this direction could work, and here are the first pros/cons:

Pros

  • No focusing of cameras (faster scan?)
  • No camera at all (cheaper hardware?)
  • Audio? Maybe not as radioactive as radio??? (just throwing it out there for the healthy people?)
  • Other cool pros?

Cons

  • Apparently dogs don’t like hypersonic?
  • Would these things have to transmit all the time or could the ‘chirp’ be triggered with some kind of ‘hey! any birds out there who want to chirp me anything?”
  • Security? Could anyone chirp anything? I haven’t really looked deeply at that part yet as you can see.

Some suggestions to the conversation were:

  1. A watch (with a cam – full Dick Tracey style)
    Sure, except I would never wear a watch, and I’m not a Dick…Tracey…
  2. Near Field Communication (NFC) which is explained well in this old 2014 vid

Then, whatever the solution is, would be able to securely/safely transmit the stored data into the device of your choice for reviewing, handling.

Final thoughts

I feel like I don’t want to add to the smartphone in my pocket, but, it seems like there is no other way. Security people say you can’t really have a one-button something without compromising security of smartphone. SO…

That’s what I’ve got to say.

I hope some kind of cheap and useful solution lands here…

Categories
Life Skills Technology

CONVERT HARVESTED BULK EMAILS INTO USABLE SPREADSHEET IN A FEW STEPS

Did someone send you a bulk email and foolishly leave all the recipients exposed? Do you want to grab those recipients and use for your own great purposes? Good news, it’s not so hard to do!

Here’s what you’ll need:

  • A text editor (gedit on ubuntu)
  • Spreadsheet software (Libre Office is the one I’ll use here since it’s both free and awesome)

1. Copy and paste the emails into a text editor

Grab the group of email addresses starting from right after the ‘to: ‘ but don’t actually include the ‘to:’. Copy this into your clipgboard.

2. Paste this to a fresh text editor window

3. Clean up the Paste

Make sure there is a trailing semi-colon after the last entry and no other gobbly gook before or after, other than just the names of the recipients and the actual email addresses. So like this stuff:

John Doe johndoe@johndoe.com; Jane Doe janedoe@janedoe.com;

4. Save file as a .csv file

Click ‘save as’ and give the file a handy name and make sure it has a trailing .csv as the file type

5. Go and open the file.

In my case it opens the file with LibreOffice – this is good. In your case…how could I know your case?

6. Select ‘semi-colon’ as the separation type

When Libre Office opens the file, uncheck comma, etc, and just leave the semi-colon because that’s what you’ve got.

7. Reformat the Orientation (optional)

After importing thus far, Libre Office seems to make the orientation horizontal putting one email address in each column and all the entries into a row spanning many horizontal columns which I didn’t like. I want to convert this to a vertical orientation with the entries spanning downwards across many rows.

Yippee yay. Someone alrady figured this out here

But in short, just do this:

  1. copy all your horizontal entries
  2. copy them to clipboard (control c)
  3. control + shift + V into the cell you want
  4. Paste (which does the ‘paste special’ command)
  5. Delete the original row you just copied from

Voila. Clean vertical list of harvested emails!

Hope that helps.

My Comments

My only improvement would be to add a script that pulls the name out and adds to the column on the right. I know thunderbird can do this when you right click and either ‘copy email address’ or ‘copy name and email address’. So it’s definitely possible to do this. In fact, how cool would that be if Thunderbird could just do all this in an add-on … hmm. Too bad I can’t program…

Categories
Life Skills Nextcloud Technology Tutorial

How to Install Video Convertor App on Nextcloud

Someone complaining that they can’t view an Apple .MOV file on your Nextcloud server? No surprise considering ‘apple is apple’.

Heard about the cool app ‘Video Convertor’ for Nextcloud? Tried to install it and use it and got that ‘requires ffmpeg error?

Same.

Turns out it’s pretty easy to to get it going and here is how:

Let’s do it.

  1. ssh into your Nextcloud box. In my case it’s a nextcloudpi box if that matters…
  2. type this into the command line: sudo apt install ffmpeg
  3. Hit your enter key
  4. Wait a long time while a seriously large amount of stuff installs (and probably this is why it’s not installed by default)
  5. Go back to your video file in the Nextcloud in the browser user interface and note the three dots on the right side of the file name. Click that
  6. Select the video icon ‘convert into’
  7. Choose your options for speed and format
  8. Do it.
  9. Wait again (a lot of waiting here…)
  10. Create a new share of the newly created video file
  11. Test the file (good practice) by sending the share to yourself in a browser that you don’t use so you are seeing what your recipient will see without your login credentials affecting things.
  12. All good? Ship the new link to your recipient

Hope that helps

Categories
Freedom and Privacy Life Skills Nextcloud Technology Tutorial Ubuntu

HOW TO MAKE A NEXTCLOUD PI BOX WORK AS REVERSE PROXY TO YUNOHOST

Background

The situation was that I wanted to test out the very cool project Yunohost but I already had Nextcloudpi (another awesome project!) running on my local network. I already had a DDNS service (No-ip) running which was pointing to my Nextcloudpi (“NCP” moving forward) box, and a second DNS service that I set up which pointed to my router for the purpose of Yunohost (“YH” moving forward). You can read about that cool DNS solution in my other blog post, by the way, as it works really well and gives a bit more power.. and it’s free.

The problem was that ports 443 and 80 were being used by NCP but YH needed them as well. The only options appeared to be:

a) change the ports of one of the machines (complicated because clients outside of the LAN in the world webs won’t know those ports) or
b) figure out what a ‘reverse proxy’ is and then make it work

The challenge was that NCP was using Apache whilst YH uses NGINX – both of which are capable of reverse proxy. So, in order to do this I ended up doing some learning of both although it turns out it wasn’t really needed after all. C’est la vie…at least I learned some things!

At the end of the journey of trying about 10,000 different settings in the Apache default configuration file that comes with NCP (and other Apache installs) called “000-default.conf” it started working after adding just two lines to my configuration which seemed not to be in any other tutorial online for some reason. The key two lines that were needed were:

SSLEngine On
SSLProxyEngine On

Without those two lines it would just never work even though the rest of my settings were right.

Ok, enough of my hard journey story, let’s log the actual configuration and steps so that anyone who wants to do the same setup can save the pain!

Assumptions

Before we begin, I will assume that you already have the following set up:

  1. Server A (in my case NCP) running Apache which is already successfully reachable and working from the outside world. Through this machine Server B will be reached.
  2. Server B (in my case YH) running whatever (I think) but in my case it’s running NGINX and this box is the one we are trying to make visible to the outside world through ports 80 and 443
  3. You have a domain (nameofyourdomain.com in this tutorial) which you own and which is already successfully hitting your router (You can test by pinging the domain and seeing the IP address of your router show up). You can do this with my other tutorial mentioned above as well. You can also get a free ‘domain’ from services like No-ip if you don’t care what the domain looks like.
  4. You have full access to SSH into both machines, but in this case Server A is the critical one.
  5. You are using an Ubuntu environment and have know how to open a Terminal and use it (roughly)
  6. You are willing to learn and try things if this doesn’t perfectly work as per this specific example. I’ll give you a few resource links as well to help you in case your set up needs tweaking.

Let’s Begin – Setting up Apache Default Config on Server A

  1. ssh into Server A (format ssh username@your.IP.Address )
  2. Change directory (cd) to your Apache2 sites-available directory. In my case it looks like this but if you aren’t using NCP it might be different
    cd /etc/apache2/sites-available
  3. Type this command to back up your Server A apache settings. If you mess anything up you can restore this one and delete the default and rename it back to original name.

sudo cp 000-default.conf 000-default.backup

  1. Check to make sure the new file with .backup is showing up by typing ‘ls’. If it’s there then proceed.
  2. Copy the sample configuration below into your clipboard
  3. Open the default Apache config file with this command (if you haven’t used nano before probably good to do a quick online overview) for editting:
    sudo nano 000-default-conf
  4. you may have some settings already in this file (you should) at the top. Scroll down to the bottom of whatever is there and then paste in the sample you have copied from below with the control + shift + v (If you don’t hold shift it won’t paste)
  5. Go through the newly-pasted configs and adjust to your settings changing domain names and ip addresses to yours.
  6. Control x to save and exit, ‘y’ to save modified buffer and ‘enter’ key to write your changes
  7. Restart apache with this command to see if it works (this will shut down whatever stuff is running on Server A so probably good idea to do this wisely if the server is currently being used by others…:

sudo systemctl restart apache2

If you get nice silence from your terminal, and no ‘journalctl’ messages, then things are going the right direction.

Run Let’s Encrypt Manually for SSL certs on Server A

For this step, to be honest, I’m not sure if you need to do it because certs are already on both boxes for NCP and YH. But you might not have that so I’ll provide the steps since after I did them nothing was worse and everything was working… I would love to get some feedback on this step.

  1. Install Let’s Encrypt tools:
    sudo apt-get install python-certbot-apache
  2. Run it
    sudo certbot --apache -d example.com -d www.example.com

Let’s Finish – Test Server B

Go to your domain from outside your LAN (just to make sure you are getting a real test) and try to hit Server B. I find mobile phone data plans are good for this kind of testing, otherwise, call your grandma and ask her what happens when she goes to nameofyourdomain.com…

If it works, you’re done.

If it doesn’t you might need to tweak your settings.

Sample Configuration – copy this and adjust to your set up

Your IP address will obviously be changed to the correct one where your Server B is. Copy everything in the code block below.

 <VirtualHost *:80>
    ServerAdmin name@nameofyourdomain.com
    ServerName nameofyourdomain.com
    ServerAlias www.nameofyourdomain.com

   ProxyPreserveHost on
   ProxyPass / http://192.168.1.37:80/
   ProxyPassReverse / http://192.168.1.37:80/

</VirtualHost>

#Listen 443

<VirtualHost *:443>

    SSLEngine On
    SSLProxyEngine On

     ServerAdmin name@nameofyourdomain.com
     ServerName nameofyourdomain.com
     ServerAlias www.nameofyourdomain.com

     ProxyPreserveHost on
     ProxyPass / https://192.168.1.37:443/
     ProxyPassReverse / https://192.168.37:443/
</VirtualHost>

FULL Sample Configuration Reference (DO NOT COPY THIS ONE)

This is what my config looked like when everything was done and working.

The ‘Rewrite engine’ stuff here was added by Lets Encrypt when it was run so it ‘should’ appear in your config after you run it after initial settings have been added. Same with the ‘Include’ stuff and the SSL certificate stuff at the bottom of the second entry.

<VirtualHost *:80>
    ServerAdmin name@nameofyourdomain.com
    ServerName nameofyourdomain.com
    ServerAlias www.nameofyourdomain.com

   ProxyPreserveHost on
   ProxyPass / http://192.168.1.37:80/
   ProxyPassReverse / http://192.168.1.37:80/

RewriteEngine on
RewriteCond %{SERVER_NAME} =nameofyourdomain.com [OR]
RewriteCond %{SERVER_NAME} =www.nameofyourdomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>

#Listen 443

<VirtualHost *:443>

    SSLEngine On
    SSLProxyEngine On

     ServerAdmin name@nameofyourdomain.com
     ServerName nameofyourdomain.com
     ServerAlias www.nameofyourdomain.com

     ProxyPreserveHost on
     ProxyPass / https://192.168.1.37:443/
     ProxyPassReverse / https://192.168.37:443/

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/nameofyourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nameofyourdomain.com/privkey.pem
</VirtualHost>

Random Keywords and messy spam from the Journey

This next section is merely a copy/paste of all the steps I was trying to try to get this working. The purpose is not to follow any of these instructions but merely to leave as keywords in hopes that other people trying the same things will end up finding this blog and save themself the pain! 🙂 So, don’t use the next section for any form of tutorial but feel free to read and learn.

  1. set up individual virtual host conf files on box 1 else:

We were unable to find a vhost with a ServerName or Address of mydomain.ca.
Which virtual host would you like to choose?


1: nextcloud.conf | mydomain.hopto.org | HTTPS | Enabled
2: ncp.conf | | HTTPS | Enabled
3: 000-default.conf | | | Enabled


Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel):

Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel): c
No vhost exists with servername or alias of mydomain.ca. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config.
No vhost selected

hmm.

finding apache config…

seems like one shouldn’t mess with this… and that lets encxrypt probably does it for you

  1. sudo apt-get install python-certbot-apache (apparently not installed on ncp somehow..)
  2. created basic conf file in /sites-available
  3. restarted apache – worked
  4. added symlink to sites-enabled, restarted apache, breaks
  5. run certbot without enabled…with usual
    sudo certbot –apache -d example.com -d www.example.com

pi@nextcloudpi:/etc/apache2 $ sudo certbot –apache -d mydomain.ca -d www.mydomain.ca
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/mydomain.ca.conf)

What would you like to do?


1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)


choosing option 2

fail. same error above

now trying to go back to simply 443 config in 000-default but wtihout ssl engine stuff.

now running:
sudo certbot --apache -d mydomain.ca -d www.mydomain.ca

this is something… progress….

the bad part:

Failed redirect for mydomain.ca
Unable to set enhancement redirect for mydomain.ca
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

the good part

IMPORTANT NOTES:

  • We were unable to set up enhancement redirect for your server,
    however, we successfully installed your certificate.
  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/mydomain.ca/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/mydomain.ca/privkey.pem
    Your cert will expire on 2019-09-14. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
Categories
Freedom and Privacy Life Skills Technology Tutorial

SETTING UP EMAIL WITH YUNOHOST AND CLOUDFLARE

In a previous blog post I set up a Yunohost (“YH” moving forward) box with a script so that it would report it’s location back to Cloudflare (“CF” moving forward) automatically using a cron job entry on the box and a cool piece of free software called ddns-cloudflare. That blog was to make sure the website stuff (ie. WordPress blog, Nextcloud, etc) would work. The other neat part about setting up your YH box this way, I was thinking during the process, is that (I guess but haven’t tested yet), you could just unplug it and plug it in at another physical location (with the right ports open at that location, of course) and it should just start ‘magically working’. This would be a real selling feature for getting ‘off the grid’.

Now to attack the part that most people like me avoid – EMAIL!

We have all heard that email servers are complicated and stressful, but, with the CF-YH combo – once I figured it out – it now seems much easier than I had expected. But there weren’t any specific blogs out there for me to follow so I decided it would be super helpful to write one to help others avoid what I just went through.

This tutorial will connect CF to your YH email and give you a few tips to test as you go until it’s all working, since there are a few things in both CF and in YH that are a bit ‘weird’ I discovered. My hope is that this tutorial helps you get setup faster and easier.

This tutorial assumes you already have a CF account setup with the settings from the previous tutorial (www and A record stuff).

KNOWING WHERE YOUR YUNOHOST SETTINGS ARE

You will be able to find the private and unique details for your own Yunohost installation in the following section of your user interface:

Domains / nameofyourdomain.com / DNS Configuration

When you click this it will open up a pane that has all your records from the previous tutorial but also the recommended email settings. If you are like me, none of it will make sense at all.

The parts you are going to need to match up to CF are:

MX, DKIM and DMARC

The way in which you input them into CF is more than half of the battle, and the part where this tutorial should save you about 3 days of messing around.

First, let me give you a link to Cloudflare’s own support page on this topic. This will also give you a list of pretty much any kind of entry you might need in your own setup, if it’s more advanced than this tutorial. It also shows you how to create a records in your CF DNS settings. Here’s the link.

Now that you know how to enter a record in general, let’s enter them.

I’m going to display this like this:

MX RECORD

  • WHAT YH SHOWS IN DNS CONFIG PANE: @ 3600 IN MX 10 mylataylor.ca
  • HOW TO ENTER AND PASTE IT INTO CF
  • TYPE: MX
  • NAME: nameofyourdomain.com
  • VALUE: SERVER: nameofyourdomain.com PRIORITY: 10
  • TTL: AUTOMATIC

DKIM RECORD

  • WHAT YH SHOWS IN DNS CONFIG PANE: mail._domainkey 3600 IN TXT “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA…super_duper_long_long_thing”
  • HOW TO ENTER AND PASTE IT INTO CF
  • TYPE: TXT
  • NAME: mail._domainkey
  • VALUE: v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA…super_duper_long_long_thing (NO quotations)
  • TTL: AUTOMATIC

DMARC RECORD

  • WHAT YH SHOWS IN DNS CONFIG PANE: _dmarc 3600 IN TXT “v=DMARC1; p=none”
  • HOW TO ENTER AND PASTE IT INTO CF
  • TYPE: TXT
  • NAME: _dmarc
  • VALUE: v=DMARC1; p=none
  • TTL: AUTOMATIC

It was explained to me that I also need to check RDNS, but I have not had any problems yet, and I’m not sure what this is nor how to do it. If you want to add this instruction in the comments that would be great.

If you refresh your page in CF and notice that an orange cloud has re-appeared from grey status, you may not have updated your .yml zone file correctly from previous tutorial. Your script might be updating the DNS records and accidentally forcing it back on. And this will stop your emails from working (the orange cloud). Go back to that tutorial and review the script yml config file setup and make sure you got he hashtags on the right lines…

At this point, it’s the moment of truth: will you be able to send and receive emails?

CREATE ACCOUNTS (AND EMAIL ACCOUNTS) IN YUNOHOST

This part created some issues for me because there may (or may not) be either a bug or an interface issue in the YH account setup. It appears, as you create the YH user that the email can be separate, however, from my experience, you should keep the username and the ’email name’ to be exactly the same – let YH auto-fill it and keep that as your email name. So, if you want your email to be johndoe@nameofyourdomain.com, make your YH username as johndoe at the top and let that auto-fill into the email field below. It seems like YH can’t take periods/dots in the username so john.doe won’t work. There appears to be email aliases that are supposed to work so probably you can figure this out but for me, for this tutorial, I would just avoid dots/periods, keep a simple username and make sure it auto-fills into the email field.

TEST YOUR SETUP

Once your username / email is set up in YH, now move on to test the email, in the client of your choice, but I strongly recommend Thunderbird to at least test to make sure things are working because it definitely works, I can confirm. Once this test is confirmed and you can send, receive emails with a basic thunderbird setup, then can feel confidence about all your settings above.

THUNDERBIRD SETUP

Literally, just follow this link exactly. If your settings are right, it will work. If they aren’t, they won’t. Also, be sure to wait at least 30 minutes for your cron jobs (if you are continuing from the Cloudflare tutorial) to run because the cron job can mess up your settings as well, I discovered. Once you have run a cycle or two of cron jobs and all is well, go wild with the hottest new technology – email…

TIP: when you get to the manual config, Thunderbird puts a period / dot before the serverhostname which is easy to miss. If your email is in the main domain root, then make sure to remove these dots.

Now send a test email to another account you have access to. One important thing to check is that you aren’t ending up in spam folders…

TIP: If you press send on your test email and it hangs on sending, go into your account settings of Thunderbird and you might have some old Outoing (SMTP) servers from previous YH email tests in there. I found after I deleted these old test servers and tried again, it worked perfectly, but if there were other ones in there it hung and failed.

Assuming you got your test email, now send a reply back to it and make sure you get that too. If you’re excited and bored or both, do this step over and over again perhaps with nursery rhyme verses…but make sure no one is watching you… I can’t emphasize enough that you need to wait at least a cycle or two of your cron jobs running to make sure it’s not messing things up over at Cloudflare.

All good? Nice. Another consideration now that you are a warrior hosting your own email is that by using Thunderbird you can back up your emails easily enough by simply connecting and synching your emails across multiple devices.

UBUNTU TOUCH DEKKO SETUP

Now let’s set this up on our Ubuntu Touch device with Dekko.

  1. Select the left hamburger menu
  2. Select the top right settings cogwheel on dark panel
  3. Select ‘mail’
  4. Select ‘accounts’
  5. Select the top right + plus sign
  6. Select IMAP
  7. Enter ‘whatever you want’ for the first two name options
  8. IMAP hostname: overwrite example with your yunhost server email location
  9. ENCRYPTION: should already default to this: ‘force encryption (SSL/TLS)’. if not, do it.
  10. username/password: auto-filled from first step
  11. authentication: change to ‘login’ (defaults to ‘plain’)
  12. SMTP server: overwrite example with your yunohost server email location
  13. SMTP port: 587
  14. ENCRYPTION: ‘use encryption (STARTTLS)
  15. AUTHENTICATION: change to ‘login’ (it defaults to ‘plain’)

Last and final and very important or your outbound email will literally break for this account and, I think, all your email accounts. You need to go back into the settings for this new email address and to this step:

  1. Select top left hamburger menu
  2. Select top right settings cogwheel on dark panel
  3. Select ‘mail’
  4. Select ‘accounts’
  5. Select Your newly-created yunohost email account
  6. Select Outgoing Server
  7. Scroll down under the LOGIN field and turn on the switch that says ‘Authenticate from server capabilities’
  8. Press left arrow at top of screen to save settings

CONCLUSION

Now, you should be in business sending and receiving emails from a Yunohost server, in your house, using Dekko email client on your Ubuntu Touch device.

Categories
Freedom and Privacy Life Skills Nextcloud Technology Tutorial Ubuntu

HOW TO SET UP YUNOHOST WITH YOUR OWN DOMAIN (USING CLOUDFLARE)

EDIT 19/06/12 – made some tweaks to this after realizing a few small errors. Sorry if you followed before June 12 🙁

I really wanted to self-host a kind of ‘family box’ which would allow me to have self-hosted email, Nextcloud, websites, and a few other basic things and not have it running on someone else’s server. During the process of searching I came across Yunohost (Pronounced “Why You No Host?”). I installed it on an old test box (super old) with their own documentation and it was really quite simple, especially if you have done any kind of operating system installation before.

My specific goal was to make it all work with a domain that I own (nameofyourdomain.com for this tutorial). I feel that having a strange email address (the default Yunohost email setup looks weird and is awkward) is of little value for most people so this step must be overcome to become a viable solution for myself and other people I know.

OPTION 1 – DIRECT WITH REGISTRAR (EASIEST)

If your registrar gives you full control of your DNS, CNAME, MX etc settings you might not even need this Cloudflare-Yunohost tutorial. My registrar didn’t allow me to do what I needed so I went to the next step. I don’t have enough experience to speak about the different registrars and their settings so research that yourself if you want. Otherwise, move on to this exciting Cloudflare-Yunohost setup…

OPTION 2 – WITH A CLOUDFLARE SCRIPT

As mentioned above, my registrar didn’t make it clear how to do CNAME stuff and mess with MX records, etc, so I ended up searching high and low for an open, free and reliable solution. Thanks to the free software community, I was pointed towards Cloudflare. People I trust and like consider Cloudflare to be ‘good guys’ and that was enough for me to trust and try.

Forgive my limited understanding and description, but I’ll do my best here: Cloudflare is a super robust ‘web traffic controller’ which gives the website admin person (since you are installing Yunohost that is you now!) really powerful control over how data moves to/from the domain/servers. They have cool controls and a nice interface too. Anyway, they have a free account you can start which allows you to do everything in this tutorial and through the process you’ll get a chance to see how nice Cloudflare (“CF” moving forward) is too.

Note: this tutorial assumes you are using Ubuntu or at least have the same terminal commands.

PRE-FLIGHT BULLET POINTS
We’re going to do this:

  1. Tell your domain registrar to point traffic to CF
  2. Tell your Yunohost (“YH” moving forward) box to point to CF
  3. Stick a free software script on your YH box that automatically tells CF where your YH box is every 30 minutes (in case your IP address changes)(replaces dynamic dns service need…)

THE FLIGHT

  1. Do the YH setup as per yunohost. Make sure your router’s ports are open! Check this page about ports and note that some ISPs will (unethically?) block you from using port 25 (email) and in this case you might be completely out of luck or have to change your ISP so you should check that first on this page. If port 25 is blocked you should be able to use everything except email (nextcloud, wordpress, etc should work) so it’s not completely without hope… TIP! If you get your domain setup first in YH sometimes Cloudflare will be able to magically import all your stuff automatically helping you avoid the manual inputs over at CF
  2. Get a Cloudflare account
  3. Log into your domain registrar and change nameservers to the ones shown in your CF account. This guy’s video is pretty good if you haven’t done it before.
  4. Take note of this project, which is the script which will automate the DNS updates stuff. Special thanks to the programmer!
  5. ssh into your yunohost box by typing (where 123 stuff is the local IP address of your YH box):
    ssh admin@123.123.123.12
    This will get you into your YH box where you can stick the script files into your home directory.
  6. Clone the cloudflare-ddns project files above into your YH box by typing this into your terminal (TIP! do NOT use ‘sudo’ here!):
    git clone https://github.com/adrienbrignon/cloudflare-ddns.git
  7. Then change to your new directory:
    cd cloudflare-ddns
  8. Then change to the zones directory within:
    cd zones
  9. Then copy the example yml file so that it duplicates and is named to your own domain:
    cp example.com.yml nameofyourdomain.com.yml
  10. Now open the file so you can edit the contents:
    sudo nano nameofyourdomain.com.yml
  11. Now edit the ‘admin@example.com’ line and change to the email you registered your CF account with
  12. Change whatever it says to the right of cp_api_key: to your cloudflare api key. There is a link of how to find that right in the terminal window but in case it stresses you out and you miss it here is the link
  13. Change zone name (cf_zone:) to: nameofyourdomain.com
  14. Set all the DNS stuff so that the file looks like this where the # signs are ‘comments’ telling the script to forget about this part:

Only write the subdomain (‘ddns’ for ‘ddns.example.com’)

cf_records:
– ‘@’:
type: A
# proxied: true
log: ERROR

  • ‘www’:
    type: A
    # – ‘ddns’:
    # type: AAAA
    # ttl: 300
    # proxied: false
    # log: INFO

If you compare to the example file you can see the changes.

I just commented-out with hashtags the AAAA stuff since apparently I don’t need it (a great contributer told me) as well as the smallest but most painful one, the ‘Proxied: true” line! This one, if you don’t put a hashtag in front, will, every time your cron job runs, tell CF to make CF the controller of the DNS and then basically shut down your websites and your email will also stop working. Then you have to go in and turn the orange cloud back to grey again.

  1. Save and exit the nano editor with control x and ‘yes’
  2. Then move back up one level in the directory so you can run next command:
    cd ..
  3. Run a one-off test to see if it’s working as per the usage docs with this command
    python cloudflare-ddns.py -z nameofyourdomain.com

if it’s ‘working’ you should:

a) see a success report back from your terminal that looks something like this:

2019-05-31 05:16:15,165 | INFO | The record 'www.nameofyoudomain.ca' (A) is already up to date

and

b) should be able to now go to your CF account and see the IP address of where your YUNO-box is / public-facing router listed in the DNS area. You can check this part by going into your router (or one of those ‘what’s my IP address?” websites) and compare your router’s IP address with the IP address in Cloudflare – they should be the same now. If not, assure that the orange cloud in CF is turned off by clicking. It will change to a grey colour when off and this is what you want.

If everything is looking good, let’s move on to making this update process happen automated in the backgroun since it would not be fun to have to run this test script every day or a few times a day!

Now that your config file for this script is all good, let’s go and do the cron job thing

  1. Type:
    crontab -e

Probably if you haven’t done this already it will say it’s blank and give you two options. choose ‘nano’ because it’s easier (option 1) and not VIM because it’s brutal and hurts

  1. The script provided in the usage page for doing this next step assumes you know what you are doing, that you understand Linux file structures and paths and even cron jobs. I didn’t. So, I’m going to spare you the pain here (you can read the pain below in the bonus section(s) if you are bored or like learning) and tweak this script so that you have a higher chance of this working. First, this is what was provided from the usage page:

Every 30 minutes, update my Cloudflare records.

*/30 * * * * python /path/to/cloudflare-ddns.py -z example.com

If you just simply ran this tutorial that means your Cloudflare directory that you git-cloned in step 6 above is in your home directory. However, you need to add in the user into the path for this to work properly. Also, until you know this thing is working, I would advise you add in the MAILTO option above the script so that you can get a few emails for a few hours confirming it is or isn’t working. You can go back in and remove or comment out with a # the MAILTO line (or comment it out with a hashtag) after you are sure everything is working.

So, here is what I did that finally made it work

Every 30 minutes, update my Cloudflare records.

MAILTO=myemail@myreliablemail.ca
*/30 * * * * python /home/admin/cloudflare-ddns/cloudflare-ddns.py -z nameofyourdomain.com

If everything is working, you’ll keep getting ‘success’ emails that look like this everytime the cron job runs:

2019-05-31 05:30:05,942 | INFO | The record ‘www.mylataylor.ca’ (A) is already up to date

At this point I went back in (see step 17 above) in and hashtagged out the MAILTO= line so the emails stopped coming every thirty minutes.

ADJUST YOUR CLOUDFLARE SETTINGS!

  1. CRYPTO/SSL SETTING
    This one took me an addition day to figure out. I was getting continual TOO_MANY_REDIRECTS errors when trying to access my Yunobox. The problem was solved by the click of one box in my Cloudflare settings as follows:

crypto / SSL : change to ‘FULL’ in the dropdown.

  1. TURN YOUR ORANGE CLOUDS TO GREY
    If you don’t do this step, your email and a few other things won’t work. Just click the orange clounds in your DNS section so they turn grey. That’s it.

DO YOUR LETS ENCRYPT SSL CERTIFICATE ON YOUR YUNHOST BOX

If you try to do your letsencrypt SSL cert before these steps are done, it won’t let you (from my experience) But at this point it should all work. In your YH admin interface, just go to domains, nameofyourdomain.com, SSL certificate, and then ‘install lets encrypt’

CONCLUSIONS

Now your Yunobox should be automatically reporting back your router’s IP address to Cloudflare and Cloudflare is routing your website traffic through its nameservers, etc. As long as your ports and certificates are working, you should now be able to start using it with your own domain.

Now that this is done and you go to your new domain and nothing is there that’s because… there is nothing there. Go figure. So you have to install an ‘app’ (ie wordpress, nextcloud) through the Yunohost app area of admin. I’ll do a separate blog on that probably, but it’s pretty easy.