Freedombone Blog

Freedom in the Cloud

Website Icons

A few tweaks have been made to the index page of the website.

Image description

Information about the mesh version now has its own icon and the Patreon icon has been removed so that there are two rows of four icons. The icons have also been made not so overwhelmingly gigantic. This makes the site look better on a small mobile screen in portrait orientation. The Patreon link has been moved into the FAQ.

Muted words

It's still experimental and not very well tested but I've been adding a new feature to the blocking screen of Freedombone which allows for messages containing certain words or phrases to be blocked. Twitter has this feature and calls it "muted words" and there's a similar capability within the Pleroma interface.

As an example, maybe I don't want to see anything containing the phrase "Black Friday" or "blockchain". There has been so much blockchain hype in the last year that posts on the topic are just another eye-rolling event.

I'm also expecting that as the fediverse becomes more popular that it will also become more adversarial with a greater amount of spammy posts. This type of word based blocking, combined with the existing domain/address blocking might help to mitigate that.

Tweaks and improvements

A few recent improvements to the Freedombone system.

XMPP server

The version of Prosody has been upgraded to 0.11.0, also with a corresponding update of the community modules. It looks like Prosody is gradually becoming more compatible with the Conversations android app and including the needed XEPs by default.

Some changes have been made to minimize the occasions upon which Prosody needs to be restarted. Restarting the daemon often seemed to break PEP. The upgrade to 0.11.0 may also help this situation because it has a more recent PEP implementation.

App installs

When installing an app there is now a progress bar shown. Previously there was an install and pray approach in which once you had got past the confirmation step you just had to hope that the app would show up some time later. This removes that ambiguity.

Added EteSync

A new app for synchronizing calendar and contacts across devices.

Added Zap

Zap is like Hubzilla, but with some features removed so that it's specialized as a social network system rather than a general web publishing system. It uses the latest version of the Zot protocol.

Better app icons

Previously the icons for apps had been added rather hastily and some of them looked quite blurry. The icons have been updated so they now have better resolution.

Fixed amd64 images

There was a catastrophic bug in the amd64 images which was preventing them from installing properly. This only applied if you were installing from a USB drive. At an early stage in the install the USB bus was being reset, which obviously caused dire problems and data corruption. That should no longer be an issue and the downloads have been updated.

App help screens

These have now all been added, although currently most of them are very basic. There's scope to make the help on these screens more comprehensive.

Pi-Hole on Freedombone

The ad blocking system called pi-hole has now been integrated with the new web based user interface of Freedombone. This blocks ads at the DNS level on your home network. It's not perfect and doesn't block all ads, but it does help to improve the user experience and speed of browsing the web. One thing I notice in particular is that it doesn't block ads on YouTube, and that Google has been adopting devious ways to avoid ad blocking by using randomly generated subdomains to serve advertising content from.

For a long time I didn't really care about ads and the internet didn't depend highly upon them. Then I distinctly remember the occasion in 2007 when my web browsing experience went from having discreet banner ads which I didn't care about to having actually offensive ads shoved in my face in a highly disrespectful manner. From that time onwards I started using browser based ad blockers, and then eventually pi-hole.

Pi-hole has its own web based user interface, but I've made no attempt to integrate that into the Freedombone web UI. That's because it requires logging, and from both a security and a performance perspective I'd rather avoid any additional unnecessary logging. If you're running on a microSD card then writing the minimum amount of things to disk is important because I/O bandwidth is low and the disk itself wears out eventually.

Continuously Integrating

I've now set up a continuous integration (CI) system for making image builds for the Freedombone system. This is something I had been wanting to do for a while, because building images by hand is laborious and not always reliable. If during a build a repo fails or a certificate expires somewhere on the internets then you have to start again. The details of the new system can be found here.

In compressed format Freedombone images are typically just over 3GB in size. Even on a fast multi-core machine builds can take an hour or more, because it's creating a minimal Debian operating system and then installing and configuring many things on top of that. In the past, and even now, I don't have a spare laptop or desktop machine to dedicate to continuous builds which would be powerful enough to make multi-gigabyte images within a reasonable amount of time. But ARM SBCs are getting good enough for this task, with a combination of a fast CPU and also the ability to run from an SSD which gives I/O performance which is an order of magnitude better than EMMC or microSD.

Various CI systems exist, but I thought I'd do the traditional thing which is to make one out of a bash script. In the old days, before the now well known CI systems existed, hackers would just create some scripts to compile overnight and report the results back by email which could be viewed in the morning. My CI system, called BirbCI is not a lot different from that except that the results are reported on a web page. Originally it was 80 lines of bash. It has grown a little, and is now a few hundred lines, but it's not all that complicated and is very general such that any type of build in whatever language you choose could be supported. The web page on which results appear can also be customized.

So in future it should be easier to do releases, since at any point in time there will be a bunch of ready made images. It will also be easier to know if anything I do with the source code breaks the build.

Proxying email

Continuing on email integration with the web interface of Freedombone an email proxying screen has been added. This only applies to clearnet installs, so if you're running an onion version then you don't need to be concerned with this.

Why would you need to proxy your email? Well, the current state of email systems on the internet - as you may already be aware - is quite dire and heavily favours a few giant companies. If you're running an independent email server, as is the case with Freedombone, then it's highly likely that any emails you send will be blocked by other servers and you'll get a "delivery failed" type of message perhaps accompanied by a difficult to parse error. Even just a few years ago this wasn't always the case, and this aspect of the internet has been becoming increasingly closed to independents. Email blocking today is highly indiscriminate, with entire IP address ranges or countries being blocked by some systems. There doesn't need to be any actual evidence that you were sending out spam and in most cases you're just discriminated against by default because you're not one of the big companies. It is possible to get around this via proxying your emails through an SMTP server run by your ISP or another email service providing company. It's a less than ideal situation, but can make the difference between being in control of your own email or becoming a SaaS slave.

The email proxy screen can be accessed via the Mail icon by selecting the logo at the top of the webmail login screen. It looks like this:

Once you've entered the SMTP proxy server details then select Update and you'll then be ready to send out emails through it. That's all there is to it.

If you're sending to onion based email addresses then the proxying doesn't apply because it gets routed through the Tor network instead.