Category: Life Skills

HOW TO MAKE A NEXTCLOUD PI BOX WORK AS REVERSE PROXY TO YUNOHOST

Background

The situation was that I wanted to test out the very cool project Yunohost but I already had Nextcloudpi (another awesome project!) running on my local network. I already had a DDNS service (No-ip) running which was pointing to my Nextcloudpi (“NCP” moving forward) box, and a second DNS service that I set up which pointed to my router for the purpose of Yunohost (“YH” moving forward). You can read about that cool DNS solution in my other blog post, by the way, as it works really well and gives a bit more power.. and it’s free.

The problem was that ports 443 and 80 were being used by NCP but YH needed them as well. The only options appeared to be:

a) change the ports of one of the machines (complicated because clients outside of the LAN in the world webs won’t know those ports) or
b) figure out what a ‘reverse proxy’ is and then make it work

The challenge was that NCP was using Apache whilst YH uses NGINX – both of which are capable of reverse proxy. So, in order to do this I ended up doing some learning of both although it turns out it wasn’t really needed after all. C’est la vie…at least I learned some things!

At the end of the journey of trying about 10,000 different settings in the Apache default configuration file that comes with NCP (and other Apache installs) called “000-default.conf” it started working after adding just two lines to my configuration which seemed not to be in any other tutorial online for some reason. The key two lines that were needed were:

SSLEngine On
SSLProxyEngine On

Without those two lines it would just never work even though the rest of my settings were right.

Ok, enough of my hard journey story, let’s log the actual configuration and steps so that anyone who wants to do the same setup can save the pain!

Assumptions

Before we begin, I will assume that you already have the following set up:

  1. Server A (in my case NCP) running Apache which is already successfully reachable and working from the outside world. Through this machine Server B will be reached.
  2. Server B (in my case YH) running whatever (I think) but in my case it’s running NGINX and this box is the one we are trying to make visible to the outside world through ports 80 and 443
  3. You have a domain (nameofyourdomain.com in this tutorial) which you own and which is already successfully hitting your router (You can test by pinging the domain and seeing the IP address of your router show up). You can do this with my other tutorial mentioned above as well. You can also get a free ‘domain’ from services like No-ip if you don’t care what the domain looks like.
  4. You have full access to SSH into both machines, but in this case Server A is the critical one.
  5. You are using an Ubuntu environment and have know how to open a Terminal and use it (roughly)
  6. You are willing to learn and try things if this doesn’t perfectly work as per this specific example. I’ll give you a few resource links as well to help you in case your set up needs tweaking.

Let’s Begin – Setting up Apache Default Config on Server A

  1. ssh into Server A (format ssh username@your.IP.Address )
  2. Change directory (cd) to your Apache2 sites-available directory. In my case it looks like this but if you aren’t using NCP it might be different
    cd /etc/apache2/sites-available
  3. Type this command to back up your Server A apache settings. If you mess anything up you can restore this one and delete the default and rename it back to original name.

sudo cp 000-default.conf 000-default.backup

  1. Check to make sure the new file with .backup is showing up by typing ‘ls’. If it’s there then proceed.
  2. Copy the sample configuration below into your clipboard
  3. Open the default Apache config file with this command (if you haven’t used nano before probably good to do a quick online overview) for editting:
    sudo nano 000-default-conf
  4. you may have some settings already in this file (you should) at the top. Scroll down to the bottom of whatever is there and then paste in the sample you have copied from below with the control + shift + v (If you don’t hold shift it won’t paste)
  5. Go through the newly-pasted configs and adjust to your settings changing domain names and ip addresses to yours.
  6. Control x to save and exit, ‘y’ to save modified buffer and ‘enter’ key to write your changes
  7. Restart apache with this command to see if it works (this will shut down whatever stuff is running on Server A so probably good idea to do this wisely if the server is currently being used by others…:

sudo systemctl restart apache2

If you get nice silence from your terminal, and no ‘journalctl’ messages, then things are going the right direction.

Run Let’s Encrypt Manually for SSL certs on Server A

For this step, to be honest, I’m not sure if you need to do it because certs are already on both boxes for NCP and YH. But you might not have that so I’ll provide the steps since after I did them nothing was worse and everything was working… I would love to get some feedback on this step.

  1. Install Let’s Encrypt tools:
    sudo apt-get install python-certbot-apache
  2. Run it
    sudo certbot --apache -d example.com -d www.example.com

Let’s Finish – Test Server B

Go to your domain from outside your LAN (just to make sure you are getting a real test) and try to hit Server B. I find mobile phone data plans are good for this kind of testing, otherwise, call your grandma and ask her what happens when she goes to nameofyourdomain.com…

If it works, you’re done.

If it doesn’t you might need to tweak your settings.

Sample Configuration – copy this and adjust to your set up

Your IP address will obviously be changed to the correct one where your Server B is. Copy everything in the code block below.

 <VirtualHost *:80>
    ServerAdmin name@nameofyourdomain.com
    ServerName nameofyourdomain.com
    ServerAlias www.nameofyourdomain.com

   ProxyPreserveHost on
   ProxyPass / http://192.168.1.37:80/
   ProxyPassReverse / http://192.168.1.37:80/

</VirtualHost>

#Listen 443

<VirtualHost *:443>

    SSLEngine On
    SSLProxyEngine On

     ServerAdmin name@nameofyourdomain.com
     ServerName nameofyourdomain.com
     ServerAlias www.nameofyourdomain.com

     ProxyPreserveHost on
     ProxyPass / https://192.168.1.37:443/
     ProxyPassReverse / https://192.168.37:443/
</VirtualHost>

FULL Sample Configuration Reference (DO NOT COPY THIS ONE)

This is what my config looked like when everything was done and working.

The ‘Rewrite engine’ stuff here was added by Lets Encrypt when it was run so it ‘should’ appear in your config after you run it after initial settings have been added. Same with the ‘Include’ stuff and the SSL certificate stuff at the bottom of the second entry.

<VirtualHost *:80>
    ServerAdmin name@nameofyourdomain.com
    ServerName nameofyourdomain.com
    ServerAlias www.nameofyourdomain.com

   ProxyPreserveHost on
   ProxyPass / http://192.168.1.37:80/
   ProxyPassReverse / http://192.168.1.37:80/

RewriteEngine on
RewriteCond %{SERVER_NAME} =nameofyourdomain.com [OR]
RewriteCond %{SERVER_NAME} =www.nameofyourdomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>

#Listen 443

<VirtualHost *:443>

    SSLEngine On
    SSLProxyEngine On

     ServerAdmin name@nameofyourdomain.com
     ServerName nameofyourdomain.com
     ServerAlias www.nameofyourdomain.com

     ProxyPreserveHost on
     ProxyPass / https://192.168.1.37:443/
     ProxyPassReverse / https://192.168.37:443/

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/nameofyourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nameofyourdomain.com/privkey.pem
</VirtualHost>

Random Keywords and messy spam from the Journey

This next section is merely a copy/paste of all the steps I was trying to try to get this working. The purpose is not to follow any of these instructions but merely to leave as keywords in hopes that other people trying the same things will end up finding this blog and save themself the pain! 🙂 So, don’t use the next section for any form of tutorial but feel free to read and learn.

  1. set up individual virtual host conf files on box 1 else:

We were unable to find a vhost with a ServerName or Address of mydomain.ca.
Which virtual host would you like to choose?


1: nextcloud.conf | mydomain.hopto.org | HTTPS | Enabled
2: ncp.conf | | HTTPS | Enabled
3: 000-default.conf | | | Enabled


Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel):

Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel): c
No vhost exists with servername or alias of mydomain.ca. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config.
No vhost selected

hmm.

finding apache config…

seems like one shouldn’t mess with this… and that lets encxrypt probably does it for you

  1. sudo apt-get install python-certbot-apache (apparently not installed on ncp somehow..)
  2. created basic conf file in /sites-available
  3. restarted apache – worked
  4. added symlink to sites-enabled, restarted apache, breaks
  5. run certbot without enabled…with usual
    sudo certbot –apache -d example.com -d www.example.com

pi@nextcloudpi:/etc/apache2 $ sudo certbot –apache -d mydomain.ca -d www.mydomain.ca
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/mydomain.ca.conf)

What would you like to do?


1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)


choosing option 2

fail. same error above

now trying to go back to simply 443 config in 000-default but wtihout ssl engine stuff.

now running:
sudo certbot --apache -d mydomain.ca -d www.mydomain.ca

this is something… progress….

the bad part:

Failed redirect for mydomain.ca
Unable to set enhancement redirect for mydomain.ca
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

the good part

IMPORTANT NOTES:

  • We were unable to set up enhancement redirect for your server,
    however, we successfully installed your certificate.
  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/mydomain.ca/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/mydomain.ca/privkey.pem
    Your cert will expire on 2019-09-14. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
Tags : , , , ,

SETTING UP EMAIL WITH YUNOHOST AND CLOUDFLARE

In a previous blog post I set up a Yunohost (“YH” moving forward) box with a script so that it would report it’s location back to Cloudflare (“CF” moving forward) automatically using a cron job entry on the box and a cool piece of free software called ddns-cloudflare. That blog was to make sure the website stuff (ie. WordPress blog, Nextcloud, etc) would work. The other neat part about setting up your YH box this way, I was thinking during the process, is that (I guess but haven’t tested yet), you could just unplug it and plug it in at another physical location (with the right ports open at that location, of course) and it should just start ‘magically working’. This would be a real selling feature for getting ‘off the grid’.

Now to attack the part that most people like me avoid – EMAIL!

We have all heard that email servers are complicated and stressful, but, with the CF-YH combo – once I figured it out – it now seems much easier than I had expected. But there weren’t any specific blogs out there for me to follow so I decided it would be super helpful to write one to help others avoid what I just went through.

This tutorial will connect CF to your YH email and give you a few tips to test as you go until it’s all working, since there are a few things in both CF and in YH that are a bit ‘weird’ I discovered. My hope is that this tutorial helps you get setup faster and easier.

This tutorial assumes you already have a CF account setup with the settings from the previous tutorial (www and A record stuff).

KNOWING WHERE YOUR YUNOHOST SETTINGS ARE

You will be able to find the private and unique details for your own Yunohost installation in the following section of your user interface:

Domains / nameofyourdomain.com / DNS Configuration

When you click this it will open up a pane that has all your records from the previous tutorial but also the recommended email settings. If you are like me, none of it will make sense at all.

The parts you are going to need to match up to CF are:

MX, DKIM and DMARC

The way in which you input them into CF is more than half of the battle, and the part where this tutorial should save you about 3 days of messing around.

First, let me give you a link to Cloudflare’s own support page on this topic. This will also give you a list of pretty much any kind of entry you might need in your own setup, if it’s more advanced than this tutorial. It also shows you how to create a records in your CF DNS settings. Here’s the link.

Now that you know how to enter a record in general, let’s enter them.

I’m going to display this like this:

MX RECORD

  • WHAT YH SHOWS IN DNS CONFIG PANE: @ 3600 IN MX 10 mylataylor.ca
  • HOW TO ENTER AND PASTE IT INTO CF
  • TYPE: MX
  • NAME: nameofyourdomain.com
  • VALUE: SERVER: nameofyourdomain.com PRIORITY: 10
  • TTL: AUTOMATIC

DKIM RECORD

  • WHAT YH SHOWS IN DNS CONFIG PANE: mail._domainkey 3600 IN TXT “v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA…super_duper_long_long_thing”
  • HOW TO ENTER AND PASTE IT INTO CF
  • TYPE: TXT
  • NAME: mail._domainkey
  • VALUE: v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA…super_duper_long_long_thing (NO quotations)
  • TTL: AUTOMATIC

DMARC RECORD

  • WHAT YH SHOWS IN DNS CONFIG PANE: _dmarc 3600 IN TXT “v=DMARC1; p=none”
  • HOW TO ENTER AND PASTE IT INTO CF
  • TYPE: TXT
  • NAME: _dmarc
  • VALUE: v=DMARC1; p=none
  • TTL: AUTOMATIC

It was explained to me that I also need to check RDNS, but I have not had any problems yet, and I’m not sure what this is nor how to do it. If you want to add this instruction in the comments that would be great.

If you refresh your page in CF and notice that an orange cloud has re-appeared from grey status, you may not have updated your .yml zone file correctly from previous tutorial. Your script might be updating the DNS records and accidentally forcing it back on. And this will stop your emails from working (the orange cloud). Go back to that tutorial and review the script yml config file setup and make sure you got he hashtags on the right lines…

At this point, it’s the moment of truth: will you be able to send and receive emails?

CREATE ACCOUNTS (AND EMAIL ACCOUNTS) IN YUNOHOST

This part created some issues for me because there may (or may not) be either a bug or an interface issue in the YH account setup. It appears, as you create the YH user that the email can be separate, however, from my experience, you should keep the username and the ’email name’ to be exactly the same – let YH auto-fill it and keep that as your email name. So, if you want your email to be johndoe@nameofyourdomain.com, make your YH username as johndoe at the top and let that auto-fill into the email field below. It seems like YH can’t take periods/dots in the username so john.doe won’t work. There appears to be email aliases that are supposed to work so probably you can figure this out but for me, for this tutorial, I would just avoid dots/periods, keep a simple username and make sure it auto-fills into the email field.

TEST YOUR SETUP

Once your username / email is set up in YH, now move on to test the email, in the client of your choice, but I strongly recommend Thunderbird to at least test to make sure things are working because it definitely works, I can confirm. Once this test is confirmed and you can send, receive emails with a basic thunderbird setup, then can feel confidence about all your settings above.

THUNDERBIRD SETUP

Literally, just follow this link exactly. If your settings are right, it will work. If they aren’t, they won’t. Also, be sure to wait at least 30 minutes for your cron jobs (if you are continuing from the Cloudflare tutorial) to run because the cron job can mess up your settings as well, I discovered. Once you have run a cycle or two of cron jobs and all is well, go wild with the hottest new technology – email…

TIP: when you get to the manual config, Thunderbird puts a period / dot before the serverhostname which is easy to miss. If your email is in the main domain root, then make sure to remove these dots.

Now send a test email to another account you have access to. One important thing to check is that you aren’t ending up in spam folders…

TIP: If you press send on your test email and it hangs on sending, go into your account settings of Thunderbird and you might have some old Outoing (SMTP) servers from previous YH email tests in there. I found after I deleted these old test servers and tried again, it worked perfectly, but if there were other ones in there it hung and failed.

Assuming you got your test email, now send a reply back to it and make sure you get that too. If you’re excited and bored or both, do this step over and over again perhaps with nursery rhyme verses…but make sure no one is watching you… I can’t emphasize enough that you need to wait at least a cycle or two of your cron jobs running to make sure it’s not messing things up over at Cloudflare.

All good? Nice. Another consideration now that you are a warrior hosting your own email is that by using Thunderbird you can back up your emails easily enough by simply connecting and synching your emails across multiple devices.

UBUNTU TOUCH DEKKO SETUP

Now let’s set this up on our Ubuntu Touch device with Dekko.

  1. Select the left hamburger menu
  2. Select the top right settings cogwheel on dark panel
  3. Select ‘mail’
  4. Select ‘accounts’
  5. Select the top right + plus sign
  6. Select IMAP
  7. Enter ‘whatever you want’ for the first two name options
  8. IMAP hostname: overwrite example with your yunhost server email location
  9. ENCRYPTION: should already default to this: ‘force encryption (SSL/TLS)’. if not, do it.
  10. username/password: auto-filled from first step
  11. authentication: change to ‘login’ (defaults to ‘plain’)
  12. SMTP server: overwrite example with your yunohost server email location
  13. SMTP port: 587
  14. ENCRYPTION: ‘use encryption (STARTTLS)
  15. AUTHENTICATION: change to ‘login’ (it defaults to ‘plain’)

Last and final and very important or your outbound email will literally break for this account and, I think, all your email accounts. You need to go back into the settings for this new email address and to this step:

  1. Select top left hamburger menu
  2. Select top right settings cogwheel on dark panel
  3. Select ‘mail’
  4. Select ‘accounts’
  5. Select Your newly-created yunohost email account
  6. Select Outgoing Server
  7. Scroll down under the LOGIN field and turn on the switch that says ‘Authenticate from server capabilities’
  8. Press left arrow at top of screen to save settings

CONCLUSION

Now, you should be in business sending and receiving emails from a Yunohost server, in your house, using Dekko email client on your Ubuntu Touch device.

Tags : , , , ,

HOW TO SET UP YUNOHOST WITH YOUR OWN DOMAIN (USING CLOUDFLARE)

EDIT 19/06/12 – made some tweaks to this after realizing a few small errors. Sorry if you followed before June 12 🙁

I really wanted to self-host a kind of ‘family box’ which would allow me to have self-hosted email, Nextcloud, websites, and a few other basic things and not have it running on someone else’s server. During the process of searching I came across Yunohost (Pronounced “Why You No Host?”). I installed it on an old test box (super old) with their own documentation and it was really quite simple, especially if you have done any kind of operating system installation before.

My specific goal was to make it all work with a domain that I own (nameofyourdomain.com for this tutorial). I feel that having a strange email address (the default Yunohost email setup looks weird and is awkward) is of little value for most people so this step must be overcome to become a viable solution for myself and other people I know.

OPTION 1 – DIRECT WITH REGISTRAR (EASIEST)

If your registrar gives you full control of your DNS, CNAME, MX etc settings you might not even need this Cloudflare-Yunohost tutorial. My registrar didn’t allow me to do what I needed so I went to the next step. I don’t have enough experience to speak about the different registrars and their settings so research that yourself if you want. Otherwise, move on to this exciting Cloudflare-Yunohost setup…

OPTION 2 – WITH A CLOUDFLARE SCRIPT

As mentioned above, my registrar didn’t make it clear how to do CNAME stuff and mess with MX records, etc, so I ended up searching high and low for an open, free and reliable solution. Thanks to the free software community, I was pointed towards Cloudflare. People I trust and like consider Cloudflare to be ‘good guys’ and that was enough for me to trust and try.

Forgive my limited understanding and description, but I’ll do my best here: Cloudflare is a super robust ‘web traffic controller’ which gives the website admin person (since you are installing Yunohost that is you now!) really powerful control over how data moves to/from the domain/servers. They have cool controls and a nice interface too. Anyway, they have a free account you can start which allows you to do everything in this tutorial and through the process you’ll get a chance to see how nice Cloudflare (“CF” moving forward) is too.

Note: this tutorial assumes you are using Ubuntu or at least have the same terminal commands.

PRE-FLIGHT BULLET POINTS
We’re going to do this:

  1. Tell your domain registrar to point traffic to CF
  2. Tell your Yunohost (“YH” moving forward) box to point to CF
  3. Stick a free software script on your YH box that automatically tells CF where your YH box is every 30 minutes (in case your IP address changes)(replaces dynamic dns service need…)

THE FLIGHT

  1. Do the YH setup as per yunohost. Make sure your router’s ports are open! Check this page about ports and note that some ISPs will (unethically?) block you from using port 25 (email) and in this case you might be completely out of luck or have to change your ISP so you should check that first on this page. If port 25 is blocked you should be able to use everything except email (nextcloud, wordpress, etc should work) so it’s not completely without hope… TIP! If you get your domain setup first in YH sometimes Cloudflare will be able to magically import all your stuff automatically helping you avoid the manual inputs over at CF
  2. Get a Cloudflare account
  3. Log into your domain registrar and change nameservers to the ones shown in your CF account. This guy’s video is pretty good if you haven’t done it before.
  4. Take note of this project, which is the script which will automate the DNS updates stuff. Special thanks to the programmer!
  5. ssh into your yunohost box by typing (where 123 stuff is the local IP address of your YH box):
    ssh admin@123.123.123.12
    This will get you into your YH box where you can stick the script files into your home directory.
  6. Clone the cloudflare-ddns project files above into your YH box by typing this into your terminal (TIP! do NOT use ‘sudo’ here!):
    git clone https://github.com/adrienbrignon/cloudflare-ddns.git
  7. Then change to your new directory:
    cd cloudflare-ddns
  8. Then change to the zones directory within:
    cd zones
  9. Then copy the example yml file so that it duplicates and is named to your own domain:
    cp example.com.yml nameofyourdomain.com.yml
  10. Now open the file so you can edit the contents:
    sudo nano nameofyourdomain.com.yml
  11. Now edit the ‘admin@example.com’ line and change to the email you registered your CF account with
  12. Change whatever it says to the right of cp_api_key: to your cloudflare api key. There is a link of how to find that right in the terminal window but in case it stresses you out and you miss it here is the link
  13. Change zone name (cf_zone:) to: nameofyourdomain.com
  14. Set all the DNS stuff so that the file looks like this where the # signs are ‘comments’ telling the script to forget about this part:

Only write the subdomain (‘ddns’ for ‘ddns.example.com’)

cf_records:
– ‘@’:
type: A
# proxied: true
log: ERROR

  • ‘www’:
    type: A
    # – ‘ddns’:
    # type: AAAA
    # ttl: 300
    # proxied: false
    # log: INFO

If you compare to the example file you can see the changes.

I just commented-out with hashtags the AAAA stuff since apparently I don’t need it (a great contributer told me) as well as the smallest but most painful one, the ‘Proxied: true” line! This one, if you don’t put a hashtag in front, will, every time your cron job runs, tell CF to make CF the controller of the DNS and then basically shut down your websites and your email will also stop working. Then you have to go in and turn the orange cloud back to grey again.

  1. Save and exit the nano editor with control x and ‘yes’
  2. Then move back up one level in the directory so you can run next command:
    cd ..
  3. Run a one-off test to see if it’s working as per the usage docs with this command
    python cloudflare-ddns.py -z nameofyourdomain.com

if it’s ‘working’ you should:

a) see a success report back from your terminal that looks something like this:

2019-05-31 05:16:15,165 | INFO | The record 'www.nameofyoudomain.ca' (A) is already up to date

and

b) should be able to now go to your CF account and see the IP address of where your YUNO-box is / public-facing router listed in the DNS area. You can check this part by going into your router (or one of those ‘what’s my IP address?” websites) and compare your router’s IP address with the IP address in Cloudflare – they should be the same now. If not, assure that the orange cloud in CF is turned off by clicking. It will change to a grey colour when off and this is what you want.

If everything is looking good, let’s move on to making this update process happen automated in the backgroun since it would not be fun to have to run this test script every day or a few times a day!

Now that your config file for this script is all good, let’s go and do the cron job thing

  1. Type:
    crontab -e

Probably if you haven’t done this already it will say it’s blank and give you two options. choose ‘nano’ because it’s easier (option 1) and not VIM because it’s brutal and hurts

  1. The script provided in the usage page for doing this next step assumes you know what you are doing, that you understand Linux file structures and paths and even cron jobs. I didn’t. So, I’m going to spare you the pain here (you can read the pain below in the bonus section(s) if you are bored or like learning) and tweak this script so that you have a higher chance of this working. First, this is what was provided from the usage page:

Every 30 minutes, update my Cloudflare records.

*/30 * * * * python /path/to/cloudflare-ddns.py -z example.com

If you just simply ran this tutorial that means your Cloudflare directory that you git-cloned in step 6 above is in your home directory. However, you need to add in the user into the path for this to work properly. Also, until you know this thing is working, I would advise you add in the MAILTO option above the script so that you can get a few emails for a few hours confirming it is or isn’t working. You can go back in and remove or comment out with a # the MAILTO line (or comment it out with a hashtag) after you are sure everything is working.

So, here is what I did that finally made it work

Every 30 minutes, update my Cloudflare records.

MAILTO=myemail@myreliablemail.ca
*/30 * * * * python /home/admin/cloudflare-ddns/cloudflare-ddns.py -z nameofyourdomain.com

If everything is working, you’ll keep getting ‘success’ emails that look like this everytime the cron job runs:

2019-05-31 05:30:05,942 | INFO | The record ‘www.mylataylor.ca’ (A) is already up to date

At this point I went back in (see step 17 above) in and hashtagged out the MAILTO= line so the emails stopped coming every thirty minutes.

ADJUST YOUR CLOUDFLARE SETTINGS!

  1. CRYPTO/SSL SETTING
    This one took me an addition day to figure out. I was getting continual TOO_MANY_REDIRECTS errors when trying to access my Yunobox. The problem was solved by the click of one box in my Cloudflare settings as follows:

crypto / SSL : change to ‘FULL’ in the dropdown.

  1. TURN YOUR ORANGE CLOUDS TO GREY
    If you don’t do this step, your email and a few other things won’t work. Just click the orange clounds in your DNS section so they turn grey. That’s it.

DO YOUR LETS ENCRYPT SSL CERTIFICATE ON YOUR YUNHOST BOX

If you try to do your letsencrypt SSL cert before these steps are done, it won’t let you (from my experience) But at this point it should all work. In your YH admin interface, just go to domains, nameofyourdomain.com, SSL certificate, and then ‘install lets encrypt’

CONCLUSIONS

Now your Yunobox should be automatically reporting back your router’s IP address to Cloudflare and Cloudflare is routing your website traffic through its nameservers, etc. As long as your ports and certificates are working, you should now be able to start using it with your own domain.

Now that this is done and you go to your new domain and nothing is there that’s because… there is nothing there. Go figure. So you have to install an ‘app’ (ie wordpress, nextcloud) through the Yunohost app area of admin. I’ll do a separate blog on that probably, but it’s pretty easy.

Tags : ,

How to Set up a Calendar with Ubuntu Touch and Nextcloud

1. Set up online account in Ubuntu Touch

You will need all your calendar info from your Nextcloud instance before beginning. Looks something like this: https://yourdomain.com/nextcloudserverlocation/remote.php/dav/calendars/username

  1. open calendar
  2. middle icon that shows grid calendar
  3. ‘add online calendar’
  4. choose NC
  5. enter credentials

2. Sync

UT calendar ‘should’ start syncing right away and you’ll see a little icon appear showing that sync started and stopped. Sometimes, however, it seems like a manual sync is required. You can do this by going to the calendar page and selecting the top right hamburger menu and then the circular arrow ‘refresh’ icon.

Tags : , , , , ,

How to Encrypt a Password Around and Merge Multiple PDFs in Ubuntu

For some reason, this is way harder than it should be. I thought I would be able to find a simple ‘pdf stitcher’ software in the Software Centre and just put them in there, arrange them and then export to PDF – with a password. I think this used to be possible with PDF Sam but anyway. This tutorial will hopefully be a long term and reliable way that we can do this in a pinch from any machine.

This is all terminal based so get ready to pump up your terminal skills.

1. Stick PDFs in a Dedicated Folder

Assemble into one directory all the PDFs you plan to stitch together and wrap up with a password. I think the command will only work if they are in one place so this step is important.

2. Install PDFTK

sudo apt install pdftk… I think… but you might need some other package these days… remind me in comments if this is wrong 🙂

3. Go to your PDF directory

Using the CD (change directory) command, navigate to the directory you made in step 1.

4. Run the Command for One Page Only.

This is the basic format for PDFTk showing one file being output with a new name and a password

pdftk [mydoc_old].pdf output [mydoc_new].pdf user_pw [awesomepasswd]

In this case you”ll swap out the filenames accordingly.

*Special note! do not put the square brackets in there. those are just to show you what needs to be swapped out. I actually did this and wasted a lot of time (lol)

Also, take note of this, you ‘might’ get a warning that the PDF has a user password and you can’t do these tasks because you don’t know the owner password. It seems banks do this on their bank statements, which is funny, because they don’t supply a secure way to send banking documents to them and ask me to email…

Error will look like this if you need to work around it:

filename.pdf
has set an owner password (which is not required to handle this PDF).
You did not supply this password. Please respect any copyright.

I found a nice work around to stick it to these bankers which is to use the Ubuntu ‘print’ (ie. printing to your printer) and then change from your printer to ‘print to file’. Side note: If you didn’t know about this built in and super easy PDF feature and you only need to do one PDF at a time and no encryption, this is the way to do it.

The output PDF from this method seems to strip away any of the ‘owner password’ annyoyances. Hint: this is also a good time to rename your individual pdfs to a number in the order you want them to appear in the final merged PDF. I do 001, 002, 003 during this phase making the next section way, way easier.

5. Run the Command for Merging Multiple PDFs

The process is the same as above, but now that you have your folder full of 001, 002, 003 numbered files, here is what you do:

pdftk [001].pdf [002].pdf [003.pdf] output [mydoc_new].pdf user_pw [awesomepasswd]

Once you hit ‘enter’ a new file will appear in the same directory with name ‘mydoc_new.pdf’ and will have 001, 002, 003 in it and be locked behind the password ‘awesomepasswd’.

Pretty handy especially when you have to deal with ‘owner passwords’ in the PDF.

Hope this helps!

Tags : , , , ,

How to Flash OpenWRT onto a Zsun Card

Background

EDIT JAN 7, 2019
Warning! Before beginning this tutorial, note that I have **fried** two Zsun devices nearly immediately after doing these steps. My theory appears to be correct that as soon as you flash to OpenWRT the default power output is way, way too high and so it starts heating up and frying it. Within about 15 minutes of flashing both devices were dead and inaccessible – their SSID didn’t even show up. I am now testing another one where I dropped the power to low and it’s still alive after about 45 minutes. Therefore pay special attention I’m going to test another one now, but in case you find this blog today, you might want to wait a few days for my findings….

I found a lot of pages on the internet showing that it’s possible to flash OpenWRT onto a Zsun Smart Card Reader. A friend gave me a couple and I wanted to try some mesh network ideas. However, for some reason I couldn’t find everything in one spot for Ubuntu, so I’m writing this guide for anyone else who might want to try. There was also a significant bug I encountered which I overcame which might help you if you have tried and failed in the past.

I also recommend staying fully disconnected from your home wifi while you are doing this to avoid confusion. If you have access to an ethernet cable and router this will make things a bit more simple.

What You Will Need

  1. Zsun Reader
  2. micro SD card to insert into reader – BONUS! I just discovered you only need this for the flashing process and then can remove and use again for flashing other devices (microSD not required to function as extender!)
  3. Ubuntu machine with understanding of how to open a Terminal
  4. (optional) A dedicated folder/directory on your computer where you can ‘do all your actions’. I find this reduces risks and helps you keep your files in one place. You can even download this blog to PDF and put it in the same folder.
  5. All the stuff you need in one place on local machine (because your internet will go down while flashing)

Step 1: Download to local machine the File you will need to flash onto the Zsun

I found it really hard to find the file on this page. Here is a direct link to the file and save this in a memorable location on your computer as we’ll need to access it soon.

Direct link to download

Step 2: Make sure your micro SD card is formatted to FAT32

On ubuntu you can do this by pressing the super key, typing ‘disk’and using the disk utility. Note – always unplug all external drives you do not want to accidentally kill! Also pay super-special attention you are not accidentally formatting your own computer’s hard drive (I’ve done this hard life lesson and you don’t want it)

Step 3: Insert empty and correctly formatted card into the Zsun card reader

Self explanatory

Step 4: Plug in Zsun card reader into your computer (or any powered usb slot)

Self explanatory

Step 5: Connect the Zsun to your WIFI network

This is funny because I totally missed this step and (obviously) it has to be connected to the network in order for it to show up in network and be able to access the admin page. I had an attempted connection which failed and then the second time it connected. You connect to it like any wifi network but it won’t ask for a password.

Step 6: Make Card Accessible to Admin

I ‘guess’ that this step in one of the tutorials I read preps the card to be able to access via Samba. Not sure, I could not access the files on the card until I performed this step so let’s do that now. In a browser, copy/paste this:

http://10.168.168.1:8080/goform/Setcardworkmode?workmode=0

It should spit back this:
{"status":"0"}

Note: if you get ‘connection refused’ message in the next step you may have to re-try this command a few times. Make sure you are actually connected by wifi to device. One time I had to do a full computer reboot too and then it seemed to work.

Step 7: Access the Zsun via Samba (SMB)

(reminder this is an Ubuntu tutorial so you might have to do it a different way on your machine if it isn’t the same)

The super painful part of this tutorial for me is that this easy part was subject to a weird Ubuntu bug that tracks back nearly 10 years. If you are bored you can read about it here, but probably, like me, you just want to hack this zsun and then put evertyhing back the way it was. So let’s do that:

Step 8: Overcoming the Ubuntu Samba Username password bug

  1. in a terminal enter this:
    sudo nano /etc/samba/smb.conf
  2. Scroll down into the ‘Authentification’ section.
  3. at the very bottom in the space just above the “Domains” section, paste in (with control shift paste) this:

security = user
client use spnego = no

  1. ctrl x to get out
  2. ctrl y to agree to write the changes

Step 9: Continue with Tutorial and Accesss the Zsun via Samba

  1. Open Nautilus (called ‘Files’ on the launcher) (the file cabinet icon thing…)
  2. Go to ‘Other locations’ on the left menu at the bottom. A ‘Enter server address’ field will appear.
  3. Type in zsun address as follows: smb://10.168.168.1
  4. enter admin/admin pass/user (don’t worry about ‘workgroup’)
  5. when greeted with ‘public’ enter that directory
  6. hit ‘contrl h’ on your keyboard which will show hidden folders. If you don’t do this step you might not think the next step will work since it’s a hidden folder.
  7. You should see ‘trash~’ something. But if you don’t… whatever. Seems to work if it’s fully blank too… Here is where you create the following folder (with the dot/period in front):
    .update if it doesn’t appear after creating this folder, review step 6 above…
  8. Drag and drop the file you downloaded way above (SD100-openwrt.tar.gz) into this new .update folder. Yes, the whole tar file, don’t extract it.
  9. CRITICAL STEP! Before doing step 10, make sure you skip ahead, and deeply familiarize yourself with the steps following it because you will have a short time to do those steps before the device fries and dies. Once you have read it all (especially big step 11 below) then come back here and execute step 10.
  10. After you are sure that the file is done copying in, go to a browser and enter this:

http://10.168.168.1:8080/goform/upFirmWare

When you see this, things should be working:
{"status":2}

Here is a fair-use paste from buddy’s blog

Wait for the reboot into OpenWRT

Wait for long LED flash, then multiple fast flashes – now OpenWRT is booting for the first time.
There will be a long period of (normal slow) flashing, then one long flash, then a whole bunch of very fast flashes. The ZSun Wifi network disappears, and eventually re-appears as OpenWRT.

What he didn’t add that I discovered was when everything is totally done it will be a solid light colour.

SUPER IMPORTANT NOTE (in case you missed my other 20 warnings…) immediately as quickly as possible and reduce transmission power on device! Learn how to do this in Big Step 11 below …if it’s not too late.

Step 10: Log into your new OpenWRT Mini Router!

I have another OpenWRT router going in my house so right away I’m going to log into the new little guy here and change it’s IP address to something different to make sure they don’t conflict. The default OpenWRT is 192.168.1.1 so we’ll access it there now.

You’ll get a browser warning that it’s not secure. No problem, add exception, move forward.

You’ll be greeted with a log in screen with no password set.

Log in.

Step 11: Turn Down Radio Transmission Power to Prevent Deep Fried Zsun!

IMMEDIATELY reduce the transmission power of the device. The default is set to the maximum power and it will fry/kill this device in less than 10 minutes after you flash it. I lost two devices this way so act quickly as follows:

1. Go to network

2. go to ‘wifi’

3. click ‘edit’ on the ‘OpenWRT’ entry

4. Drop transmit power to 4 (lowest)

5. ‘save and apply’ button at the bottom

This will momentarily disconnect you from the device while it makes these settings. From here, assuming my theory above is true, you can start doing other things now such as resetting your device access password:

Go to ‘system’ and ‘system administration’ and create a new user/password

Step 12: Undo whatever we did to that Samba bug above (If you want)

Remember when we fixed that Samba bug above? I’m frankly not sure if that was a secure thing to do so let’s undo it in your computer just in case by going back in the same way, deleting those lines you added, and then saving.

Step 13: Remove microSD

As mentioned above, the microSD is no longer required if you are just using device as a wifi range extender (see this tutorial). You can unplug, remove microSD and plug it in now.

Step 13: Enjoy!

The rest, my friends, is up to you. Hope this helps!

Thanks to the following resources

  1. This nice video helped me create this Ubuntu guide
  2. This great blog entry mentioned at the beginning.
  3. Of course the awesome people who hacked this thing here

Tags : , , , ,

Stop Fighting Apple-Just Force this Disclosure on buyers!

I’m super bored reading these kind of stories.  I’ve been free from such software and hardware for many years so at this point it’s just boring.  However, I do have a solution instead of trying to sue them for monopolizing or overcharging: just force a really simple, plain language disclosure document before the sale of any Apple Inc device. Here is my proposed disclosure:


I understand that by purchasing this Apple Inc device I will be forced into a software environment called the “App Store” that is the equivalent of a rigid monopolist jail cell.  I understand that the only apps I will be able to install must come from this Apple ‘App Store’.  There is no other way to get an app without violating your warranties but through this monopolist app store .

Because Apple Inc will take from the software developers who develop for this device a mandatory 30% of the purchase price when you purchase an app through their system, I could either be spending money on an app that could be otherwise free, or spending 30% more than I could while software developers try to make up for their business losses from this significant commission that Apple unilaterally takes for itself. 

Furthermore, I also understand that I will risk the chance of having my device’s performance remotely throttled by Apple Inc whenever they feel it is right to do so and without first consulting me about it.  I also understand that even the hardware itself is made with proprietary connectors (i.e. chargers) that will not work with other standard industry connectors.

I also understand that there are other software systems such as Linux which has operating systems such as Ubuntu, that respect my freedom and choices, and provide free software and free delivery of software and that are capable of running on top of many different types of hardware, including mobile phones.  I understand that many of the large corporations (such as Apple, Google) run these Linux systems for their own computers and servers. 

I declare that no one is forcing me to enter into this relationship with Apple Inc, that I have do have choices, that I have been warned, and I now choose to move forward with this purchase and risk suffering all of the above pains.

________________________

Apple Inc Device Customer

 

__________________________
Date of purchase

 


 

Tags : , , , , , , , , ,

How to Convert YouTube Video into MP3 Audio

This is a useful tool and tutorial if you, for example, make a video on Youtube and then want to publish the audio quickly on Soundcloud (or somewhere else).

If you aren’t already running Ubuntu on your computer this will be a couple of steps more difficult for you but well worth the effort.

Step 1: Get Ubuntu on your computer

If you don’t know what this, look it up and get it done.  Apple and Microsoft are so restrictive, un-secure, and 1990….

Step 2: Open a terminal

If you don’t know what this is, go look that up too.

Step 3: Install Youtube-dl tool with Terminal

Make sure the youtube-dl app thing is installed on your machine by pasting this into your terminal.  Note, you cannot just ‘control c/control-v’ into a terminal but you need to hold down both control *and shift* before pressing V to paste…  ready?  Ok, control C this into your computers clipboard (if it runs the command upon pasting, you’ll have to type it out manually, sorry)

sudo apt install youtube-dl

Now press enter in Terminal.

This will complete the installation of the tool.  Say ‘yes’ if it asks you to do anything since it’s just hard to argue these days…

Step 4: Copy the ‘magic line’ into your clipboard

We say ‘magic’ in technology when we’re doing something that is harder than sending an email.

Copy this ‘magic line’ of whatever to your computer with control C

youtube-dl --extract-audio --audio-format mp3

Step 5: Paste the ‘magic line’ into your Terminal

Paste the ‘magic line’ into your terminal taking note of my notes in Step 3…  pay special attention that there is only one trailing space and no other stuff after the ‘3’ in mp3.  You are going to paste a URL here from the video in the next step so extra garbage before or after the ‘magic line’ could mess it up.

Step 6: Copy Video URL from Youtube to clipboard

Using the ‘share’ link from the Youtube video (I find this works better than the main video URL…) copy the URL to the computer clipboard.

Step 7: Paste video URL to Terminal

Paste the video URL at the end of the magic line in your terminal using again my notes from Step 3.

Step 8: Press ‘enter’ in Terminal and get some popcorn

Press ‘enter’ on your keyboard.  The thing should run and it will be dumping the mp3 audio into your ‘home’ folder on your computer.  It takes a bit of time for this step so let it go and have a coffee

Boom.  A nice MP3 of your video.

Thanks to all the folks who made the youtube-dl tool!

Thanks to all the efforts of the free software community who make all of this possible.

Extra note: If, for some reason everything looks like it was running fine and you can’t find your new MP3 file in the Home directory, it’s possible the defaults were changed by you or something else and the Terminal downloaded the video somewhere else.  Do a system wide search for your file and you’ll probably find it somewhere.  This happened to me a few times 🙁

Tags : , , , , ,

How to Fix Black and Decker Coffee Grinder in 10 minutes

Ever seen this coffee grinder?

 

Hopefully you weren’t unfortunate to buy it, but if you were and dropped the lid JUST ONCE, you will know that Black and Decker designed this to break.  They had to actually think long and hard in a design room to figure out a way to make sure this would break in the first few months.  Anyway, they upset me so much with this one that I actually decided to fix it so that their evil design team wouldn’t have the joy of knowing I ‘might’ buy another one…

Now, to upset them more, I’m going to share this 10 minute fix with you.

It’s so easy, I’m not even going to give instructions.  Just let the pictures do the teaching, and enjoy your totally perfectly coffee grinder.

 

STEP 1

STEP 1

 

STEP 2

STEP 3

 

 

STEP 4

 

STEP 5 – ENJOY!

 

Tags : , , ,

How to Eat a Digital Elephant One Bite at a Time

I can’t believe I didn’t blog this before but let’s put my regrets aside.

So, you have come to realize that everyone who knows how technology works was right – it’s all spying on you.  And, well, you don’t like it but – you don’t know where to start.  You feel overwhelmed.  Many people have these kind of feelings

  • I’m too busy to figure this out
  • I’m afraid to try something new in case something breaks
  • I’m used to letting ‘geniuses’ fix my tech
  • I’m too old
  • Everything is changing to fast
  • I just want it to work

Ok, these are all normal feelings but let me be crystal clear that none of them are an excuse for letting a creep spy on you.  Imagine if a peeping tom had binoculars fixed on your bedroom window. It’s as bad as that or worse so do something today, ok?

Great.  Let’s get started.

THE SOCIAL STUFF

This is the most scary stuff.  I watch my foolish friends and family amass the precious photos and history of their children (who had no choice in the matter) onto the servers of some very uncool people.  What’s most frightening is that 9 out of 10 of these people don’t even know exactly how the technology works.  If you are one of those 9, just trust me and start making the better choice for your family with the following alteratives – and bring your friends and family so that you aren’t alone.

UnsafeSafer AlternativeWhere to get itQuick Notes
Facebook*Diasporahttps://diasporafoundation.org/Choose a pod. Sign up. Bring your friends and family. Never go back to facebook. Totally decentralized. Totally your data. You can even import and export all your data!
TwitterMastodonhttps://mastodon.socialFun and extremely awesome and powerful. Totally decentralized. Totally your data.
InstagramTBAlet me know!

THE PERIPHERAL STUFF

The first step is to start switching from unsafe ‘peripherals’ to safer ones.  These will immediately start helping you relax about change because your operating system will be familiar.  It’s kind of like renovating an ensuite washroom before tackling the kitchen.  It kind of eases you into this new and safer life. But before we move on to this easy and simple step, please keep in mind that your ultimate goal *must* be to remove all unsafe operating systems from your life.  This includes Apple, Microsoft and Android.

But for now, let’s start with taking one bite of the elephant.

Unsafe Safer AlternativeWhere to get itQuick Notes
Microsoft Office SuiteLibre Officehttp://www.libreoffice.org/Wipes out Microsoft Word, Excel, Power Point and more while leaving you with *more* power and features and a great experience.
WhatsAppTelegram Messengerhttps://telegram.org/Not only open source but feature loaded and works on literally any device as well as even on a web browser.
Kakao TalkTelegram Messengerhttps://telegram.org/See notes above
Skypehublhttps://hubl.in/Browser based. Just allow it to use your mic/camera. Use it on almost any device. Once finished with link, never use it again, or link stays active and you can use it again and again. Multiple people at the same time is also awesome. No file sharing yet but Telegram can do this while on a chat.
Skypejitsihttps://meet.jit.si/Have heard good reports that jitsi works well on self-hosting (even safer)
Google ChromeFirefox
Internet Explorer (or whatever dumb new name they give to the same garbage)Firefoxhttps://www.mozilla.org/en-US/firefox/new/Most people use this anyways, but just in case you are really lost... Also, the plugins you can add to this make browsing so much more awesome.
Outlook ExpressThunderbirdhttps://www.mozilla.org/en-US/thunderbird/Just awesome and then you just plug in Enigmail plugin for total email encryption.
icloudNextcloudhttps://nextcloud.com/You can either buy their box or install it on an old computer as a server... or put it on shared hosting. Pure sweetness in cloud file stuff.
Adobe PhotoshopGIMPhttps://www.gimp.org/Unbelievably robust and easy to use. Edit photos like a pro or as a pro and never turn back.
Missed any?? Let me know!

EMAIL

So now we have the stuff out of the way, we need to deal with email by itself.

Most people, sadly, use some of the most compromising and horrific spying machines around.  Some of these might look familiar:

  • hotmail
  • gmail
  • yahoo
  • live
  • outlook
  • etc

First of all, putting technology aside, your email address actually speaks volumes about who you are as a person.  For more on this, read my post here about that.  But, on top of that, it’s not secure having your email on someone’s computer.  For just a second ask yourself this concerning question: Why would a company pay to give you free email?  Answer: to market to you or worse. So in order to market to you they must have all your data.  Haven’t you ever wondered why advertisements start to look very, very similar to what you are doing in your life?  Yeah.  That’s because of that (and other things)

For email, if you are technologically savvy enough you ‘could’ run your own email server which would be the safest possible solution.  However, it’s not that easy.  Maybe your friend could set it up, but if you don’t have such a friend, what is best is to stop supporting these companies who prey on people like this and move to something cooler.  It’s really *not* that expensive to pay for email.  Here is what you do:

  1. buy a domain like ‘your name’
  2. choose something cool that goes before it like ‘me’ or ‘name’
  3. call a company that sells domains and email (preferably in a country like Canada) and force their tech support to set it up.

Then you would have an email like this:

me@yourname.ca

If it’s not available there are countless Top Level Domains (TLDs) that you can choose from and certainly one of these will be waiting for you.  And it’s fun!

Just make sure that when you buy your domain and email that you have enough memory.  Most of them have some kind of unlimited plan for memory so go with that.  Also, make sure that it has IMAP support – I would be shocked if they didn’t but this is the email service you want.  You should budget about $15/year for the domain and another $?? for email and storage.  I have been really happy with Canadian Web Hosting for service and pricing if I can make a quick plug.  For about $5.00/month to have safe email per person is pretty reasonable.  If you have another reason to have a website, you could simply get unlimited email through your website hosting plan as well.  This requires a little more skill but it’s not that hard.  A friend who runs their own website should be happy to set it up for you once you purchase.  I would do this for my friends…

Now you’ve got your email and your other ‘stuff’ more secure, the last discussion is the big one.

THE OPERATING SYSTEM

You need to start planning to get rid of your current operating system which is probably either Apple/mac or Microsoft Windows.  These companies have compromised many things at your expense of both dollars and privacy.  They do not deserve your business nor are there endless reasons to stay with them.  For 99% of people they could switch 100% to a safer option and be completely happy.  There are a very small number of people in niche markets like print and design and perhaps medicine where the entire industry has forced everyone to communicate with these corrupted systems.  In these cases you may need to keep one computer for ‘work only’ and your ‘personal life’ should be immediately moved to a safer option.

I recommend that everyone immediately switch their desktop and laptops to Ubuntu

Ubuntu is the safest, fastest, most supported and most loved free and open source operating system in the world.  Switching to Ubuntu operating system is not that difficult but it does require enough comfort and skill.  It’s easy enough to learn, but if you do have access to an ubuntu community near you, you should join that community or start one yourself.

Soon Ubuntu will be ready to go for mobile devices too.  This is another reason why it would be wise to consider Ubuntu.

UBUNTU WEBSITE

 

A NEW AND SAFER INTERNET

Another important thing that we will all need to work on quickly is to create a new and community-owned internet.  This is a bigger picture discussion but please also start preparing your mind for ‘mesh networks‘.  I will post more here as I learn and this will be my new focus for 2017 and 2018 because what good is all this safe stuff if we are using them on unsafe platforms owned by people who have agendas that we cannot control?

I hope this has helped someone break the chains.

Tags : , , , , , , ,