update {filename} to {static} for pelican 4.0

This commit is contained in:
rscmbbng 2019-02-02 09:22:39 +01:00
parent e4b4cc3966
commit 1a83c0240d
4 changed files with 26 additions and 25 deletions

2
.gitignore vendored
View File

@ -1,4 +1,4 @@
*.pyc *.pyc
*~ *~
homebrewserver.club homebrewserver.club
newsboy* .venv/

View File

@ -3,7 +3,7 @@ Date: 2018-11-17
Category: xmpp Category: xmpp
Tags: xmpp, chat, guide, instant messaging, prosody Tags: xmpp, chat, guide, instant messaging, prosody
Slug: configuring-a-modern-xmpp-server Slug: configuring-a-modern-xmpp-server
Description: Hands-on step-by-step guide that shows how to configure Prosody 0.11 aimed at security, mobile messaging, rich features and ease of use. Summary: Hands-on step-by-step guide that shows how to set up a federated chat server based on Prosody 0.11 configured for security, mobile messaging, rich features and ease of use.
Status: Published Status: Published
[TOC] [TOC]

View File

@ -6,14 +6,15 @@ Tags: homebrewserver
Slug: about Slug: about
A monthly gathering for those who (wish to) host their own online services from home, rather than using commercial and privacy unfriendly alternatives. Together we config and work on our homebrew server setups. These are low-cost, low-power, low-maintenance, high-fun computers through which we can host all of our online necessities and keep them out of the cloud. The club meetings are open for anyone, from more experienced users to interested beginners. During the homebrewserver.club meetings we exchange tips or look into particular topics together. As we gain more knowledge about a topic, we write and publish guides for others to share. A monthly gathering for those who (wish to) host their own online services from home, rather than using commercial and privacy unfriendly alternatives. Together we config and work on our homebrew server setups. These are low-cost, low-power, low-maintenance, high-fun computers through which we can host all of our online necessities and keep them out of the cloud. The club meetings are open for anyone, from more experienced users to interested beginners. During the homebrewserver.club meetings we exchange tips or look into particular topics together. As we gain more knowledge about a topic, we write and publish guides for others to share.
If you have questions or would like to join check out our [mailinglist](https://we.lurk.org/postorius/lists/hbsc.we.lurk.org/) or join us in our [XMPP chatroom](xmpp://hbsc@muc.lurk.org?join) If you have questions or would like to join check out our [mailinglist](https://we.lurk.org/postorius/lists/hbsc.we.lurk.org/) or join us in our [XMPP chatroom](xmpp:hbsc@muc.lurk.org?join)
Unless otherwise specified, all the material on this website is published under a [Attribution-ShareAlike 4.0 International license](http://creativecommons.org/licenses/by-sa/4.0/). Unless otherwise specified, all the material on this website is published under a [Attribution-ShareAlike 4.0 International license](http://creativecommons.org/licenses/by-sa/4.0/).
![CC]({filename}../images/chooser_cc.png) ![BY]({filename}../images/chooser_by.png) ![CC]({static}../images/chooser_cc.png) ![BY]({static}../images/chooser_by.png)
![SA]({filename}../images/chooser_sa.png) ![SA]({static}../images/chooser_sa.png)
![winning!]({filename}../images/seal_of_freedom.png) ![winning!]({static}../images/seal_of_freedom.png)

View File

@ -83,11 +83,11 @@ To start a chat you need to add another Jabber friend under the '+' in the menu
So lets activate OMEMO encryption by pressing the padlock in the top menu bar: So lets activate OMEMO encryption by pressing the padlock in the top menu bar:
![selecting OMEMO encryption]({filename}images/conv_1.png) ![selecting OMEMO encryption]({static}images/conv_1.png)
OMEMO is an extension to XMPP for multi-client end-to-end encryption. OMEMO only works if the fingerprint of your and your friends device match. To compare them, open one of your conversations and click on your profile picture next to one of your messages. At the same time, your friend clicks on your icon on his phone. OMEMO is an extension to XMPP for multi-client end-to-end encryption. OMEMO only works if the fingerprint of your and your friends device match. To compare them, open one of your conversations and click on your profile picture next to one of your messages. At the same time, your friend clicks on your icon on his phone.
![Checking fingerprints]({filename}images/conv_2.png) ![Checking fingerprints]({static}images/conv_2.png)
Now, both of you should see a fingerprint that you can check. If they match, change the slider as you see in the screenshot to the right. Now, both of you should see a fingerprint that you can check. If they match, change the slider as you see in the screenshot to the right.
@ -95,22 +95,22 @@ If OMEMO cannot be activated, just send a message in the chat window. This somet
After you activated OMEMO, the input field at the bottom should say you can now send encrypted messages: After you activated OMEMO, the input field at the bottom should say you can now send encrypted messages:
![The shield or padlock indicates an encrypted message]({filename}images/conv_3.png) ![The shield or padlock indicates an encrypted message]({static}images/conv_3.png)
Troubleshooting Conversations Troubleshooting Conversations
--- ---
If OMEMO cannot be activated, just send a message in the chat window. This sometimes helps. Also, it may help to end a conversation by pressing the menu on the top right inside a conversation as shown in the following screenshot, and then re-open the conversation again. If OMEMO cannot be activated, just send a message in the chat window. This sometimes helps. Also, it may help to end a conversation by pressing the menu on the top right inside a conversation as shown in the following screenshot, and then re-open the conversation again.
![Ending a conversation]({filename}images/conv_4.png) ![Ending a conversation]({static}images/conv_4.png)
Allow presence updates, this is used by OMEMO to exchange keys: In a conversation, click on the icon/image of your chat partner. In the new screen (as shown below), make sure that all checkboxes are activated: Allow presence updates, this is used by OMEMO to exchange keys: In a conversation, click on the icon/image of your chat partner. In the new screen (as shown below), make sure that all checkboxes are activated:
![Make sure you allow presence updates so your client can exchange OMEMO keys]({filename}images/conv_5.png) ![Make sure you allow presence updates so your client can exchange OMEMO keys]({static}images/conv_5.png)
Check fingerprints: You might be asked to trust fingerprints like this: Check fingerprints: You might be asked to trust fingerprints like this:
![Checking fingerprints]({filename}images/conv_2.png) ![Checking fingerprints]({static}images/conv_2.png)
If you run into problems try asking for help in the Conversations XMPP groupchat: [conversations@conference.siacs.eu](xmpp:conversations@conference.siacs.eu?join) If you run into problems try asking for help in the Conversations XMPP groupchat: [conversations@conference.siacs.eu](xmpp:conversations@conference.siacs.eu?join)
@ -125,32 +125,32 @@ Get ChatSecure from the AppStore. `¯\_(ツ)_/¯`
Choose whether to create a new account or login with an existing one: Choose whether to create a new account or login with an existing one:
![Initial screen: create or add account]({filename}images/cs_1.png) > ![Select XMPP]({filename}images/cs_2.png) > ![The login screen]({filename}images/cs_3.png) ![Initial screen: create or add account]({static}images/cs_1.png) > ![Select XMPP]({static}images/cs_2.png) > ![The login screen]({static}images/cs_3.png)
If you already have an XMPP account, you can log in with your username@hostname and password. After you selected "Add Existing Account" you have the option to connect with "XMPP" or with "Google Talk". Select "XMPP" and fill in your Nickname, Username (username@server.net) and password. Optionally fill in the Hostname of your XMPP server and select if you want to use Tor or not. If you're doubting about the port, 5222 is the default XMPP port and would likely be on your server as well. If you already have an XMPP account, you can log in with your username@hostname and password. After you selected "Add Existing Account" you have the option to connect with "XMPP" or with "Google Talk". Select "XMPP" and fill in your Nickname, Username (username@server.net) and password. Optionally fill in the Hostname of your XMPP server and select if you want to use Tor or not. If you're doubting about the port, 5222 is the default XMPP port and would likely be on your server as well.
**Enabling Push** **Enabling Push**
![Considering using push]({filename}images/cs_4.png) ![Considering using push]({static}images/cs_4.png)
After you've logged in, the app proposes to establishe secure connections by sending an empty message to offline contacts. You have the option to "Enable push" or "skip" this part. iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. By sending empty messages ChatSecure limits the data being sent to the Apple Cloud's Push Server but obviously still provide their vertically integrated cloud platform with meta-data. Read more about the Push issues [here](https://chatsecure.org/blog/chatsecure-v32-push/) and [here](https://chatsecure.org/blog/fixing-the-xmpp-push-problem/) After you've logged in, the app proposes to establishe secure connections by sending an empty message to offline contacts. You have the option to "Enable push" or "skip" this part. iOS typically end the connection when an app runs in the background and requires use of Apple's Push servers to wake up and receive a message. By sending empty messages ChatSecure limits the data being sent to the Apple Cloud's Push Server but obviously still provide their vertically integrated cloud platform with meta-data. Read more about the Push issues [here](https://chatsecure.org/blog/chatsecure-v32-push/) and [here](https://chatsecure.org/blog/fixing-the-xmpp-push-problem/)
In the next screen you can "Share invite" (let people on social media know about the app) or tap the '✓' symbol in the top right corner to continue. This takes you to the general 'Settings' menu. In the next screen you can "Share invite" (let people on social media know about the app) or tap the '✓' symbol in the top right corner to continue. This takes you to the general 'Settings' menu.
![Invite others to use ChatSecure]({filename}images/cs_5.png) > ![Settings]({filename}images/cs_6.png) > ![Logging out]({filename}images/cs_7.png) ![Invite others to use ChatSecure]({static}images/cs_5.png) > ![Settings]({static}images/cs_6.png) > ![Logging out]({static}images/cs_7.png)
If you are successfully connected, the word "Connected" appears right under your username. Before you can edit your account settings, you need to log out. To do this, click your account/nickname in the settings menu and select "Log Out". If you are successfully connected, the word "Connected" appears right under your username. Before you can edit your account settings, you need to log out. To do this, click your account/nickname in the settings menu and select "Log Out".
**Create New Account** **Create New Account**
![advanced options]({filename}images/cs_8.png) > ![advanced options]({filename}images/cs_9.png) > ![server options]({filename}images/cs_10.png) ![advanced options]({static}images/cs_8.png) > ![advanced options]({static}images/cs_9.png) > ![server options]({static}images/cs_10.png)
Choose "Create New Account" and give your preferred nickname. Under "show advanced options" you can customize your username, generate an automatic password, enable TOR (we didn't test it) and select a server where you would like to register your account on. This is the server you will use to communicate with other people's selected servers, and depending on the server settings it will also store your (encrypted) messages. ChatSecure let's you choose between 3 built-in servers options. Default is DuckDuckGo, but when you tap on "DuckDuckGo" the app will take you to the server selection screen where you can choose between DuckDuckGo, Calyxinstitute.org and OTR.im[ref]All three of these servers score poorly on the modern XMPP [compliance test](https://gultsch.de/compliance.html)[/ref], it also offers you the option to select another, custom, server. Here you can fill in the hostname of the XMPP server of a friend. Choose "Create New Account" and give your preferred nickname. Under "show advanced options" you can customize your username, generate an automatic password, enable TOR (we didn't test it) and select a server where you would like to register your account on. This is the server you will use to communicate with other people's selected servers, and depending on the server settings it will also store your (encrypted) messages. ChatSecure let's you choose between 3 built-in servers options. Default is DuckDuckGo, but when you tap on "DuckDuckGo" the app will take you to the server selection screen where you can choose between DuckDuckGo, Calyxinstitute.org and OTR.im[ref]All three of these servers score poorly on the modern XMPP [compliance test](https://gultsch.de/compliance.html)[/ref], it also offers you the option to select another, custom, server. Here you can fill in the hostname of the XMPP server of a friend.
**Adding contacts** **Adding contacts**
![server options]({filename}images/cs_13.png) > ![server options]({filename}images/cs_14.png) > ![friend request]({filename}images/cs_15.png) ![server options]({static}images/cs_13.png) > ![server options]({static}images/cs_14.png) > ![friend request]({static}images/cs_15.png)
From the settings menu, tap 'Chats' (top left) to start chatting and adding friends. To add friends tap the 'Compose' icon, top left corner. Then tap "Add Buddy" and fill in your friends username and hostname (username@hostname) or scan their QR code. From the settings menu, tap 'Chats' (top left) to start chatting and adding friends. To add friends tap the 'Compose' icon, top left corner. Then tap "Add Buddy" and fill in your friends username and hostname (username@hostname) or scan their QR code.
@ -163,13 +163,13 @@ If you get a friend request, their nickname will appear in the "Chats" list.
When in a chat, tap the information icon on the top right (i) to change your encryption settings. The information menu displays your current and past verified fingerprints and allows you to specify an encryption method by tapping "Show Advanced Encryption Sett...". When in a chat, tap the information icon on the top right (i) to change your encryption settings. The information menu displays your current and past verified fingerprints and allows you to specify an encryption method by tapping "Show Advanced Encryption Sett...".
![friend request]({filename}images/cs_16.png) > ![friend request]({filename}images/cs_17.png) > ![friend request]({filename}images/cs_18.png) ![friend request]({static}images/cs_16.png) > ![friend request]({static}images/cs_17.png) > ![friend request]({static}images/cs_18.png)
At the time of writing OMEMO works well with other OMEMO clients, images shared over HTTPUpload however are not displayed inline but rather as a URL. If you click that your browser will open it and fail to decrypt the OMEMO encoded image, because it has no notion of your OMEMO fingerprints. So for now the images shared over HTTPUpload have to be shared using plaintext. At the time of writing OMEMO works well with other OMEMO clients, images shared over HTTPUpload however are not displayed inline but rather as a URL. If you click that your browser will open it and fail to decrypt the OMEMO encoded image, because it has no notion of your OMEMO fingerprints. So for now the images shared over HTTPUpload have to be shared using plaintext.
ChatSecure implements OMEMO and OTR on a TOFU or “trust on first use" basis. New "buddies" are automatically trusted. ChatSecure implements OMEMO and OTR on a TOFU or “trust on first use" basis. New "buddies" are automatically trusted.
![friend request]({filename}images/cs_18.png) > ![friend request]({filename}images/cs_19.png) ![friend request]({static}images/cs_18.png) > ![friend request]({static}images/cs_19.png)
You can also untrust your friends devices/fingerprints by sliding the green "Verified" button and share fingerprints by tapping them and selecting a medium to share your fingerprint over. You can also untrust your friends devices/fingerprints by sliding the green "Verified" button and share fingerprints by tapping them and selecting a medium to share your fingerprint over.
@ -232,7 +232,7 @@ And now for OMEMO! There is a package gajim-omemo on Debian Backports. So run:
Next, start Gajim. After Gajim has started, wait some seconds until it requests your permission to install updates: Next, start Gajim. After Gajim has started, wait some seconds until it requests your permission to install updates:
![Allow Gajim to update itself]({filename}images/gajim_1.png) ![Allow Gajim to update itself]({static}images/gajim_1.png)
Allow this. Afterwards, a new window will open that lists all components that can be installed and updated. In this list, activate the checkbox next to the following plugins: Allow this. Afterwards, a new window will open that lists all components that can be installed and updated. In this list, activate the checkbox next to the following plugins:
@ -252,7 +252,7 @@ After the update has finished, go to the other tab **Installed**. There, make su
Then, you should see a wizard to setup your XMPP account. Select the option that you already have an account and follow all instructions yourself using the default settings. Then, you should see a wizard to setup your XMPP account. Select the option that you already have an account and follow all instructions yourself using the default settings.
![Gajim account creation wizard]({filename}images/gajim_2.png) ![Gajim account creation wizard]({static}images/gajim_2.png)
After you finished the wizard successfully, Gajim will show your status as **Available**. Congratulations! After you finished the wizard successfully, Gajim will show your status as **Available**. Congratulations!
@ -260,13 +260,13 @@ Now, lets send messages to your friends.
To do so, click on the Gajim window and move your mouse to the top of the screen. There, a menu should appear. Go to Actions -> Start chat… . In the new window, add the XMPP ID of your friend and click ok. To do so, click on the Gajim window and move your mouse to the top of the screen. There, a menu should appear. Go to Actions -> Start chat… . In the new window, add the XMPP ID of your friend and click ok.
![Adding contacts]({filename}images/gajim_3.png) ![Adding contacts]({static}images/gajim_3.png)
Go to the main menu again and select **View -> Show offline contacts…** . In the Gajim window, you should see your friend. Right click on the name of your friend and select **Manage contact -> Add to roster.** In the pop up, just click **Add**. Now your friend is permanently added to your list of contacts. Next, right click on your friend and select **Manage contact -> Allow subscription -> Allow contact to see my status**. Go to the main menu again and select **View -> Show offline contacts…** . In the Gajim window, you should see your friend. Right click on the name of your friend and select **Manage contact -> Add to roster.** In the pop up, just click **Add**. Now your friend is permanently added to your list of contacts. Next, right click on your friend and select **Manage contact -> Allow subscription -> Allow contact to see my status**.
Your friend should see a request like this: Your friend should see a request like this:
![Friend request]({filename}images/gajim_4.png) ![Friend request]({static}images/gajim_4.png)
Your friend should click **Authorize**, which enables her to see if you are online or not. Also, this step is necessary for activating the encryption. Your friend should click **Authorize**, which enables her to see if you are online or not. Also, this step is necessary for activating the encryption.
@ -274,7 +274,7 @@ Next, make sure that your friend also allows you to see her status.
Now, when you open the chat window to your friend, it should say OMEMO encryption enabled and show a red shield next to the input field, like this: Now, when you open the chat window to your friend, it should say OMEMO encryption enabled and show a red shield next to the input field, like this:
![Omemo enabled]({filename}images/gajim_5.png) ![Omemo enabled]({static}images/gajim_5.png)
If you dont see the OMEMO encryption enabledjust restart Gajim and have a look again. If you dont see the OMEMO encryption enabledjust restart Gajim and have a look again.
@ -291,7 +291,7 @@ She should chose the tab Own devices, while you chose the tab Contact. Now, sele
Finally, all fingerprints should be green like this: Finally, all fingerprints should be green like this:
![Omemo enabled]({filename}images/gajim_6.png) ![Omemo enabled]({static}images/gajim_6.png)
**Troubleshooting** **Troubleshooting**