TITiPI's local server

From titipi
Jump to navigation Jump to search

TITiPI Local Server manual

This local server takes set-up fragments and inspiration from Networks Of Ones Own and Rosa. In this version the server includes the collaborative note keeping tool etherpad, the periodic publishing tool of etherpads to static files etherdump and the file manager tiny file manager.

Take into consideration that this manual may not be accurate or some things may not work as wished. Have all your eyes open and ask the help of your peers and the Internet for more eyes. Sometimes you may have to run the following commands with sudo user.

Server requirements

hardware

  • Transcend 16GB microSD High-Endurance (storage space can be more)
  • Raspberry Pi 5 - 4GB ram (for Etherpad use more than 2GB ram and it works with older versions of Raspberry Pi)

software

  • RPi OS 64-bit (download and install with Raspberry Pi Imager here

Connect the Raspberry Pi to a screen, keyboard, mouse. Plug it in and connect to the wifi.

Change hostname and password for the RPi through the steps of the Raspberry Pi Imager or the RPi terminal after the installation of the RPi OS:
$ sudo nano /etc/hosts A file opens that only contains the default hostname: “raspberrypi”. Remove the word and replace it with the one you want. Exit and save the file with ctrl+x.
Reboot: $ sudo reboot

OR
In the main menu, go to Preferences > Raspberry Pi Configuration. In the configuration tool, click on “Change Hostname” and update the field. Same with the password. Click “OK” to save the changes. And as with the other solutions, a reboot is needed to apply changes. Click on “Yes” to immediately reboot.

Activate remote access through SSH:

  • Boot into the graphical desktop on your Raspberry Pi.
  • Click the Raspberry Pi icon in the system tray of your desktop.
  • Select Preferences > Raspberry Pi Configuration from the menu.
  • Navigate to the Interfaces tab.
  • Click the radio button next to SSH into the active position.

Apache2 installation and configuration

Install the web server Apache2 in order to have access to the web based tools (etherpad, etherdump, tiny file manager) through the local network of your wifi. Open the terminal and run the following commands:

$ sudo apt-get update

$ sudo apt-get upgrade

$ sudo apt-get install apache2

$ hostname -I output of this is the IP address of your RPi.

You can continue either through the RPi terminal or through SSH access from your computer. For the second run this command in your computer:

$ ssh username@ipaddress Replace the username and ipaddress according to your RPi's details. After filling the RPi's password you are in the local server.

IP static address

Follow this guide https://networksofonesown.constantvzw.org/etherbox/manual.html#setup-hotspot based on https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md#internet-sharing

Configuring a static IP

$ sudo apt-get install dnsmasq hostapd

Since the configuration files are not ready yet, turn the new software off as follows:

$ sudo systemctl stop dnsmasq
$ sudo systemctl stop hostapd

We are configuring a standalone network to act as a server, so the Raspberry Pi needs to have a static IP address assigned to the wireless port. This documentation assumes that we are using the standard 192.168.x.x IP addresses for our wireless network, so we will assign the server the IP address 192.168.4.1. It is also assumed that the wireless device being used is wlan0.

To configure the static IP address, edit the dhcpcd configuration file with:

$ sudo nano /etc/dhcpcd.conf

Go to the end of the file and edit it so that it looks like the following:

interface wlan0

static ip_address=10.9.8.1/24
nohook wpa_supplicant

Now restart the dhcpcd daemon and set up the new wlan0 configuration:

$ sudo service dhcpcd restart or $ sudo systemctl restart dnsmasq

Configuring the DHCP server (dnsmasq)

The DHCP service is provided by dnsmasq. By default, the configuration file contains a lot of information that is not needed, and it is easier to start from scratch. Rename this configuration file, and edit a new one:

$ sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
$ sudo nano /etc/dnsmasq.conf

Type or copy the following information into the dnsmasq configuration file and save it:

interface=wlan0

dhcp-range=10.9.8.50,10.9.8.254,255.255.255.0,24h

So for wlan0, we are going to provide IP addresses between 10.9.8.50 and 10.9.8.254 with a lease time of 24 hours. If you are providing DHCP services for other network devices (e.g. eth0), you could add more sections with the appropriate interface header, with the range of addresses you intend to provide to that interface.

There are many more options for dnsmasq; see the dnsmasq documentation for more details.

Configuring the access point host software (hostapd)

You need to edit the hostapd configuration file, located at /etc/hostapd/hostapd.conf, to add the various parameters for your wireless network. After initial install, this will be a new/empty file.

$ sudo nano /etc/hostapd/hostapd.conf

Add the information below to the configuration file. This configuration assumes we are using channel 7, with a network name of NameOfNetwork, and a password AardvarkBadgerHedgehog. Note that the name and password should not have quotes around them. The passphrase should be between 8 and 64 characters in length.

interface=wlan0
driver=nl80211
ssid=etherbox
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0

To password protect the hotspot:

wpa=2
wpa_passphrase=AardvarkBadgerHedgehog
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

We now need to tell the system where to find this configuration file.

$ sudo nano /etc/default/hostapd

Find the line with #DAEMON_CONF, and replace it with this:

DAEMON_CONF="/etc/hostapd/hostapd.conf"

Start it up

Now start up the remaining services:

$ sudo systemctl start hostapd
$ sudo systemctl start dnsmasq

Add routing and masquerade

Edit /etc/sysctl.conf and uncomment this line:

net.ipv4.ip_forward=1

$ sudo apt-get install iptables

Add a masquerade for outbound traffic on eth0:

$ sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Edit /etc/rc.local and add this just above "exit 0" to install these rules on boot.

$ iptables-restore < /etc/iptables.ipv4.nat

Save the iptables rule.

$ sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

Reboot

If necessary throughout this manual:

$ sudo apt-get update $ sudo apt-get upgrade

Etherpad-lite installation

installation

Follow that guide: https://github.com/ether/etherpad-lite combined with that https://networksofonesown.constantvzw.org/etherbox/manual.html#install-etherpad

$ nvm install 20 Install Node.js version 20

$ node -v Check version of node installed

$ sudo apt-get install npm git

Install pnpm: $ npm install -g pnpm (Administrator privileges may be required).

$ cd /opt

Clone the repository: $ sudo git clone -b master https://github.com/ether/etherpad-lite.git

$ sudo mv etherpad-lite etherpad

$ sudo adduser --system --no-create-home --home=/opt/etherpad --group etherpad

$ sudo chown -R etherpad:etherpad etherpad

$ cd etherpad/

$ Run pnpm i

Run $ pnpm run build:etherpad

Run $ pnpm run prod

$ sudo --user etherpad cp settings.json.template settings.json Create your setting file.

$ sudo --user etherpad nano settings.json

Find and change this part :

  //The Type of the database. You can choose between dirty, postgres, sqlite and mysql
  //You shouldn't use "dirty" for for anything else than testing or development
 /* "dbType" : "dirty",
  //the database specific settings
  "dbSettings" : {
                   "filename" : "var/dirty.db"
                 },
*/
  //An Example of MySQL Configuration
   "dbType" : "mysql",
   "dbSettings" : {
                    "user"    : "etherpaduser",
                    "host"    : "localhost",
                    "password": "etherpadpass",
                    "database": "etherpad",
                    "charset" : "utf8mb4"
                  },

Change the authentication method in order to create an API key when Etherpad starts so we can use it for the follow-up tool, etherdump. In the settings find that line:

  "authenticationMethod": "${AUTHENTICATION_METHOD:sso}",

and replace with

  "authenticationMethod": "${AUTHENTICATION_METHOD:apikey}",

Visit http://ipadressofrpi:9001 in your browser (replace ipadressofrpi with the IP address of the RPi). or http://hostname.local:9001 (replace hostname with the hostname of the RPi)

In case the port 9001 is occupied in your network (for example a printer maybe is using it) then stop etherpad with cntrl+c and run:

$ sudo nano settings.json Find where the port is configured and change the number from 9001 to something else like 8001. You change it in this line

"port": 9001,

and

  "sso": {
    "issuer": "${SSO_ISSUER:http://localhost:9001}",
      "clients": [
        {
          "client_id": "${ADMIN_CLIENT:admin_client}",
          "client_secret": "${ADMIN_SECRET:admin}",
          "grant_types": ["authorization_code"],
          "response_types": ["code"],
          "redirect_uris": ["${ADMIN_REDIRECT:http://localhost:9001/admin/}"]
        },
        {
          "client_id": "${USER_CLIENT:user_client}",
          "client_secret": "${USER_SECRET:user}",
          "grant_types": ["authorization_code"],
          "response_types": ["code"],
          "redirect_uris": ["${USER_REDIRECT:http://localhost:9001/}"]
        }
      ]
    }

Run again: $ pnpm run prod and access the etherpad in the right port.

Style the main page of Etherpad here:

$ nano /opt/etherpad/src/static/skins/colibris/index.css

Set up Mysql

First thing to do is to install MySQL :

$ sudo apt-get install mysql-server

Then create the database, for this we need to login with the Root user (super-user):
$ sudo su

Run mysql :
$ mysql

Then create the database and the user 'etherpaduser' with the password 'etherpadpass' :

create database etherpad;
grant all on etherpad.* to 'etherpaduser'@'localhost' identified by 'etherpadpass';

Use Ctrl-D to quit mysql. And exit to quit su.

Just to test if it works :

$ mysql -u etherpaduser -p etherpad

Run etherpad for the first time as the etherpad user...

$ cd /opt/etherpad
$ sudo --user etherpad bin/run.sh

The first time you run the etherpad software it takes a long time as it downloads related packages. It may also give quite some warnings, but hopefully no errors.

Setup etherpad to start as a service

$ sudo nano /etc/systemd/system/etherpad.service

[Unit]
Description=Etherpad-lite, the collaborative editor.
After=syslog.target network.target

[Service]
Type=simple
User=etherpad
Group=etherpad
WorkingDirectory=/opt/etherpad
ExecStart=/usr/bin/nodejs /opt/etherpad/node_modules/ep_etherpad-lite/node/server.js
Restart=always

[Install]
WantedBy=multi-user.target

After this, to start once...

$ sudo systemctl start etherpad

Check if it's working with:

$ sudo systemctl status etherpad

And finally automatically start on boot:

$ sudo systemctl enable etherpad

If this way doesn't work then activate it every time you reboot manually with tmux:

$ sudo apt-get install tmux
$ tmux new -s etherpad
$ sudo --user etherpad /opt/etherpad/bin/run.sh

Press ctrl+B and D to exit

Come back to this tmux session with: $ tmux attach -t etherpad

__NOPUBLISH__ pads

If you want to keep the pad out of the archive, add the __NOPUBLISH__ tag into the body text

Etherdump installation

Etherdump is a script that dumps all pads to different format text files. It's run periodically by a cron job to create a running archive of the etherpads. Follow this guide https://gitlab.constantvzw.org/aa/etherdump in combination with https://networksofonesown.constantvzw.org/etherbox/manual.html#etherdump

Installation

Install dependencies:

$ sudo apt install python3-pip $ sudo pip3 install python-dateutil jinja2 html5lib

Install from repo:

$ cd $ mkdir Software $ cd Software $ git clone http://murtaugh@gitlab.constantvzw.org/aa/etherdump.git $ cd etherdump $ sudo python3 setup.py install

Init the folder

You need the etherpad API key (which is generated the first time you ran the software, see above). Copy it from:

$ cat /opt/etherpad/APIKEY.txt'

Then...

$ cd /home/username $ mkdir etherdump $ cd etherdump $ etherdump init

For the URL use: http://ipadressofpi:9001/ (which is the URL of the etherpad)

And paste the API key.

$ sudo mkdir /var/www/html/etherdump

Use pandoc to convert pads to HTML

Pandoc is used to convert markdown files to HTML.

$ sudo apt-get install pandoc

Create an image gallery with imagemagick

Imagemagick to make thumbnails.

$ sudo apt-get install imagemagick

cron.sh

$ mkdir /home/username/include

$ cp /home/username/Software/etherdump/etherdump/data/templates/index.html /home/username/include/etherdump.template.html This is the template for how the etherdump index page looks like.

$ nano /home/username/cron.sh

# Dump the etherpad to files
cd etherdump
sudo -u titipi etherdump pull --meta --text --dhtml --pub . --no-raw-ext
sudo -u titipi etherdump index \
  *.meta.json \
  --templatepath /home/username/include \
  --template etherdump.template.html \
  --title "TITiPI etherdump" > index2.html
sudo -u root cp index2.html /var/www/html/etherdump/index.html
sudo -u root cp * /var/www/html/etherdump/

Make it executable:

$ chmod +x /home/username/cron.sh

Enable the cron job

$ crontab -e

The following runs the cron.sh every minute.

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin$

# For more information see the manual pages of crontab(5) and cro$
#
# m h  dom mon dow   command
* * * * * /home/username/cron.sh 2> /home/username/cron.log

You may need to do this if it doesn't work:

$ sudo chown -R username:www-data files/

You can access etherdump here: http://hostname.local/etherdump/index.html

Install tiny file manager

installation

Follow guide https://github.com/prasathmani/tinyfilemanager

$ sudo apt-get install php
$ sudo apt-get install wget
$ wget -c https://github.com/prasathmani/tinyfilemanager/archive/refs/heads/master.zip
$ sudo apt install unzip
$ unzip master.zip
$ rm master.zip
$ cd tinyfilemanager-master/
$ cp tinyfilemanager.php /var/www/html/files/files.php

Access the file manager here: http://titipi.local/files/files.php

Create an index page

$ nano /var /www/html/index.html

Replace paths accordingly and names:

<!DOCTYPE html>
<html>
<link rel="stylesheet" href="styles.css">
<body>
<a href="http://hostname.local:9001"><button> Create a pad</button></a>
<p>
<a href="http://hostname/etherdump/index.html"><button>Pads list</button></a>
<p>
<a href="http://hostname/files/files.php?p=files">
<button>Drop files</button></a>
<br>
<br>
<br>
<hr>
<ul>
<li>Resistant Infra <a href="https://circulations.constantvzw.org/octomode/infra-resistance/pdf/">pdf</a>, <a href="https://circulations.constantvzw.org/octomode/infra-resistance/pad/">pad</a></li>
<li>Genocidal Tech Map <a href="https://circulations.constantvzw.org/octomode/genocidal_tech/pdf/">pdf</a></li>
<li>Inspiration from<a href="https://hub.vvvvvvaria.org/rosa/"> Rosa server</a> and <a href="https://networksofonesown.constantvzw.org">Networks Of One's Own</a></li>
</ul>

<!--<h2>Resistant Infra <a href="https://circulations.constantvzw.org/octomode/infra-resistance/pdf/">pdf</a></h2>
You can edit the list of the Resistant Infra <a href="https://circulations.constantvzw.org/octomode/infra-resistance/pad/">here</a>-->
</body>
</html>

styles.css:

@font-face {
  font-family: 'workavec';
  src: url(workavec-semibold-webfont.woff);
}


button {
color: #0c9f9d;
padding: 0.3em 1.5em 0.5em;
border: groove;
border-radius: 15px;
font-weight: bold;
background-color: #f0f0f0;
margin-left: -0.1em;
font-size:1em;}



body {
font-size: 1em;
font-family: 'workavec';
background: url(etherdump/worms.png) center center no-repeat fixed #fff;
}

hr {
  border-top: 1px dashed #0c9f9d;
}

Install burrow

Instead of etherdump, install burrow: https://gitlab.constantvzw.org/titipi/burrow

Needs editing...

Change server's language

Play with the server's languages following this example from Rosa: https://hub.vvvvvvaria.org/rosa/pad/p/languages-within-languages

Needs editing...

Install Icecast

Make a streaming server.

Needs editing...