1 Title: Recipe to test the Freedombox project on amd64 or Raspberry Pi
2 Tags: english, debian, freedombox, surveillance, web, sikkerhet
5 <p>I was introduced to the
6 <a href="http://www.freedomboxfoundation.org/">Freedombox project</a>
7 in 2010, when Eben Moglen presented his vision about serving the need
8 of non-technical people to keep their personal information private and
9 within the legal protection of their own homes. The idea is to give
10 people back the power over their network and machines, and return
11 Internet back to its intended peer-to-peer architecture. Instead of
12 depending on a central service, the Freedombox will give everyone
13 control over their own basic infrastructure.</p>
15 <p>I've intended to join the effort since then, but other tasks have
16 taken priority. But this summers nasty news about the misuse of trust
17 and privilege exercised by the "western" intelligence gathering
18 communities increased my eagerness to contribute to a point where I
19 actually started working on the project a while back.</p>
21 <p>The <a href="https://alioth.debian.org/projects/freedombox/">initial
22 Debian initiative</a> based on the vision from Eben Moglen, is to
23 create a simple and cheap Debian based appliance that anyone can hook
24 up in their home and get access to secure and private services and
25 communication. The initial deployment platform have been the
26 <a href="http://www.globalscaletechnologies.com/t-dreamplugdetails.aspx">Dreamplug</a>,
27 which is a piece of hardware I do not own. So to be able to test what
28 the current Freedombox setup look like, I had to come up with a way to install
29 it on some hardware I do have access to. I have rewritten the
30 <a href="https://github.com/NickDaly/freedom-maker">freedom-maker</a>
31 image build framework to use .deb packages instead of only copying
32 setup into the boot images, and thanks to this rewrite I am able to
33 set up any machine supported by Debian Wheezy as a Freedombox, using
34 the previously mentioned deb (and a few support debs for packages
35 missing in Debian).</p>
37 <p>The current Freedombox setup consist of a set of bootstrapping
39 (<a href="https://github.com/petterreinholdtsen/freedombox-setup">freedombox-setup</a>),
40 and a administrative web interface
41 (<a href="https://github.com/NickDaly/Plinth">plinth</a> + exmachina +
42 withsqlite), as well as a privacy enhancing proxy based on
43 <a href="http://packages.qa.debian.org/privoxy">privoxy</a>
44 (freedombox-privoxy). There is also a web/javascript based XMPP
45 client (<a href="http://packages.qa.debian.org/jwchat">jwchat</a>)
46 trying (unsuccessfully so far) to talk to the XMPP server
47 (<a href="http://packages.qa.debian.org/ejabberd">ejabberd</a>). The
48 web interface is pluggable, and the goal is to use it to enable OpenID
49 services, mesh network connectivity, use of TOR, etc, etc. Not much of
50 this is really working yet, see
51 <a href="https://github.com/NickDaly/freedombox-todos/blob/master/TODO">the
52 project TODO</a> for links to GIT repositories. Most of the code is
53 on github at the moment. The HTTP proxy is operational out of the
54 box, and the admin web interface can be used to add/remove plinth
55 users. I've not been able to do anything else with it so far, but
56 know there are several branches spread around github and other places
57 with lots of half baked features.</p>
59 <p>Anyway, if you want to have a look at the current state, the
60 following recipes should work to give you a test machine to poke
63 <p><strong>Debian Wheezy amd64</strong></p>
67 <li>Fetch normal Debian Wheezy installation ISO.</li>
68 <li>Boot from it, either as CD or USB stick.</li>
69 <li><p>Press [tab] on the boot prompt and add this as a boot argument
70 to the Debian installer:<p>
71 <pre>url=<a href="http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat">http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat</a></pre></li>
73 <li>Answer the few language/region/password questions and pick disk to
76 <li>When the installation is finished and the machine have rebooted a
77 few times, your Freedombox is ready for testing.</li>
81 <p><strong>Raspberry Pi Raspbian</strong></p>
85 <li>Fetch a Raspbian SD card image, create SD card.</li>
86 <li>Boot from SD card, extend file system to fill the card completely.</li>
87 <li><p>Log in and add this to /etc/sources.list:</p>
89 deb <a href="http://www.reinholdtsen.name/freedombox/">http://www.reinholdtsen.name/freedombox</a> wheezy main
91 <li><p>Run this as root:</p>
93 wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
96 apt-get install freedombox-setup
97 /usr/lib/freedombox/setup
99 <li>Reboot into your freshly created Freedombox.</li>
103 <p>You can test it on other architectures too, but because the
104 freedombox-privoxy package is binary, it will only work as intended on
105 the architectures where I have had time to build the binary and put it
106 in my APT repository. But do not let this stop you. It is only a
107 short "<tt>apt-get source -b freedombox-privoxy</tt>" away. :)</p>
109 <p>Note that by default Freedombox is a DHCP server on the
110 192.168.1.0/24 subnet, so if this is your subnet be careful and turn
111 off the DHCP server by running "<tt>update-rc.d isc-dhcp-server
112 disable</tt>" as root.</p>
114 <p>Please let me know if this works for you, or if you have any
115 problems. We gather on the IRC channel
116 <a href="irc://irc.debian.org:6667/%23freedombox">#freedombox</a> on
117 irc.debian.org and the
118 <a href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss">project
119 mailing list</a>.</p>
121 <p>Once you get your freedombox operational, you can visit
122 <tt>http://your-host-name:8001/</tt> to see the state of the plint
123 welcome screen (dead end - do not be surprised if you are unable to
124 get past it), and next visit <tt>http://your-host-name:8001/help/</tt>
125 to look at the rest of plinth. The default user is 'admin' and the
126 default password is 'secret'.</p>
projects / homepage.git / blob