Une mise en œuvre du projet FreedomBox avec un matériel (presque1) libre et un FAI2.

Ceci est un humble témoignage d'un cas d'utilisation (EndUser). Je remercie et je salue bien bas les excellents contributeurs du projet FreedomBox3.

Ressouces, documents

Choix et achats

Premières mises sous tension


Seconde stratégie


Entretenir

Tentative "une"

sans succès. La version de Debian fournis par Olimex et mon expérience ont induit un abandon de cette voie (installation du paquet freedombox-setup à partir d'un GNU/Linux Debian nouvellement installé)

État des lieux à la livraison

fred@pyxtwo:~$ sudo ifconfig usb0 192.168.2.200

fred@pyxtwo:~$ ssh olimex@192.168.2.1

olimex@OLinuXino-A20:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 8.1 (jessie)
Release:        8.1
Codename:       jessie

olimex@OLinuXino-A20:~$ findmnt 
TARGET                           SOURCE     FSTYPE     OPTIONS
/                                /dev/mmcblk0p2
                                            ext4       rw,relatime,data=ordered
|-/dev                           devtmpfs   devtmpfs   rw,relatime,size=448624k,nr_inodes=112156,mode=755
| |-/dev/shm                     tmpfs      tmpfs      rw,nosuid,nodev
| `-/dev/pts                     devpts     devpts     rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
|-/sys                           sysfs      sysfs      rw,nosuid,nodev,noexec,relatime
| |-/sys/kernel/security         securityfs securityfs rw,nosuid,nodev,noexec,relatime
| |-/sys/fs/cgroup               tmpfs      tmpfs      ro,nosuid,nodev,noexec,mode=755
| | |-/sys/fs/cgroup/systemd     cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd
| | |-/sys/fs/cgroup/cpuset      cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,cpuset
| | |-/sys/fs/cgroup/cpu,cpuacct cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,cpuacct,cpu
| | |-/sys/fs/cgroup/memory      cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,memory
| | |-/sys/fs/cgroup/devices     cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,devices
| | |-/sys/fs/cgroup/freezer     cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,freezer
| | |-/sys/fs/cgroup/blkio       cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,blkio
| | `-/sys/fs/cgroup/perf_event  cgroup     cgroup     rw,nosuid,nodev,noexec,relatime,perf_event
| |-/sys/kernel/debug            debugfs    debugfs    rw,relatime
| |-/sys/fs/fuse/connections     fusectl    fusectl    rw,relatime
| `-/sys/kernel/config           configfs   configfs   rw,relatime
|-/proc                          proc       proc       rw,nosuid,nodev,noexec,relatime
| `-/proc/sys/fs/binfmt_misc     systemd-1  autofs     rw,relatime,fd=22,pgrp=1,timeout=300,minproto=5,maxproto=5,direct
|-/run                           tmpfs      tmpfs      rw,nosuid,nodev,mode=755
| |-/run/lock                    tmpfs      tmpfs      rw,nosuid,nodev,noexec,relatime,size=5120k
| `-/run/user/1001               tmpfs      tmpfs      rw,nosuid,nodev,relatime,size=89748k,mode=700,uid=1001,gid=1001
`-/media/olimex/6B4C-FFFD9       /dev/mmcblk0p1
                                            vfat       rw,nosuid,nodev,relatime,uid=1001,gid=1001,fmask=0022,dmask=0022,codepage=cp437,iocharset=ascii,shortname=mixed,s

olimex@OLinuXino-A20:~$ df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/root       7.3G  819M  6.2G  12% /
devtmpfs        439M     0  439M   0% /dev
tmpfs           439M     0  439M   0% /dev/shm
tmpfs           439M   12M  427M   3% /run
tmpfs           5.0M  4.0K  5.0M   1% /run/lock
tmpfs           439M     0  439M   0% /sys/fs/cgroup
tmpfs            88M  4.0K   88M   1% /run/user/1001
/dev/mmcblk0p1   16M  8.8M  7.3M  55% /media/olimex/6B4C-FFFD9

olimex@OLinuXino-A20:~$ ip l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: tunl0: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default 
    link/ipip 0.0.0.0 brd 0.0.0.0
3: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 72:05:ee:af:b6:4d brd ff:ff:ff:ff:ff:ff
4: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
    link/ether 8e:1c:d2:e1:29:52 brd ff:ff:ff:ff:ff:ff
5: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    link/ether 00:e1:80:40:57:97 brd ff:ff:ff:ff:ff:ff

602.sa-di

fred@pyxtwo:~$ ip r
default via 192.168.0.254 dev wlan0  proto static  metric 600 
169.254.0.0/16 dev virbr0  scope link  metric 1000 linkdown 
192.168.0.0/24 dev wlan0  proto kernel  scope link  src 192.168.0.36  metric 600 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 linkdown
{{{

{{{
fred@pyxtwo:~$ sudo arp -vna
Mot de passe [sudo] de fred :
? (192.168.0.254) at f4:ca:e5:44:31:21 [ether] on wlan0
? (192.168.0.184) at 66:82:c8:9a:ba:54 [ether] on wlan0
Entrées: 2      Ignorées: 0     Trouvées: 2

La console Freebox corrobore l'adresse MAC (66:82:c8:9a:ba:54).

fred@OLinuXino-A20:~$ id
uid=1000(fred) gid=1000(fred) groups=1000(fred),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),44(video),46(plugdev),100(users),997(i2c),998(spi)
fred@OLinuXino-A20:~$ uptime
 11:41:57 up 28 min,  1 user,  load average: 1,57, 1,26, 0,95
fred@OLinuXino-A20:~$ lsb_release -d
Description:    Debian GNU/Linux testing (stretch)
fred@OLinuXino-A20:~$ uname -a
Linux OLinuXino-A20 3.4.103-00033-g9a1cd03-dirty #17 SMP PREEMPT Tue Sep 8 11:01:09 EEST 2015 armv7l GNU/Linux
fred@OLinuXino-A20:~$ date
samedi 16 janvier 2016, 11:42:48 (UTC+0100)
fred@OLinuXino-A20:~$ ntpq -np
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 0.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.001
 1.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.001
 2.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.001
 3.debian.pool.n .POOL.          16 p    -   64    0    0.000    0.000   0.001
+195.154.41.195  195.13.23.5      3 u   29   64    3   33.027   39.436  33.586
+62.210.28.176   84.255.209.79    4 u   25   64    3   25.876   30.049  37.097
+213.186.36.183  145.238.203.14   2 u   25   64    3   29.143   33.524  36.503
-78.192.88.115   145.238.203.14   2 u   19   64    3   24.722   29.918  37.526
+91.121.154.183  145.238.203.10   3 u   23   64    3   31.491   31.962  36.920
+213.154.229.24  192.36.144.23    2 u   24   64    3   39.612   33.782  37.000
+5.196.160.139   10.21.137.1      2 u   24   64    3   27.146   32.401  38.059
+37.187.109.209  138.96.64.10     2 u   25   64    3   28.273   31.775  36.200
-178.23.121.164  192.53.103.104   2 u   23   64    3   48.285   37.647  35.921
*212.83.179.156  138.96.64.10     2 u   23   64    3   26.236   32.233  34.638

fred@OLinuXino-A20:~$ sudo arp -na
[sudo] password for fred: 
? (192.168.0.254) at f4:ca:e5:44:31:21 [ether] on eth0
? (192.168.0.36) at 0c:d2:92:6e:82:7d [ether] on eth0
fred@OLinuXino-A20:~$ w
 11:56:32 up 43 min,  1 user,  load average: 1,00, 1,01, 0,97
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
fred     pts/0    192.168.0.36     11:36    8.00s  0.29s  0.04s w

fred@OLinuXino-A20:~$ sudo apt-get --reinstall install locales
Reading package lists... Done
Building dependency tree       
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
Need to get 3 323 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://ftp.fr.debian.org/debian testing/main armhf locales all 2.21-6 [3 323 kB]
Fetched 3 323 kB in 7s (431 kB/s)                                                                                                                                      
Preconfiguring packages ...
(Reading database ... 37318 files and directories currently installed.)
Preparing to unpack .../locales_2.21-6_all.deb ...
Unpacking locales (2.21-6) over (2.21-6) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up locales (2.21-6) ...
Generating locales (this might take a while)...
  fr_FR.UTF-8...locale alias file `/usr/share/locale/locale.alias' not found: No such file or directory
 done
Generation complete.

Il reste un problème...

fred@OLinuXino-A20:~$ sudo apt-get -s purge locales libc-l10n
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  dialog
Use 'sudo apt autoremove' to remove it.
The following packages will be REMOVED:
  libc-l10n* locales* olimex-tools*
0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded.
Purg olimex-tools [1.0]
Purg locales [2.21-6]
Purg libc-l10n [2.21-6]
fred@OLinuXino-A20:~$ dpkg -L olimex-tools
/.
/usr
/usr/bin
/usr/bin/a10_display
/usr/bin/change_display.sh
/usr/bin/devmem
/usr/bin/netcardconfig
/usr/bin/wlcardconfig
/usr/bin/olimex-config

Tentative "deux"

Avec succès

Passage par image téléchargée

fred@pyxtwo:~$ ssh fred@192.168.0.20
The authenticity of host '192.168.0.20 (192.168.0.20)' can't be established.
ECDSA key fingerprint is SHA256:mQNuPPxekVe7xLDa0UWVn+Wl/H8wAjePgK2gWI4xghA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.20' (ECDSA) to the list of known hosts.
fred@192.168.0.20's password: 
Creating directory '/home/fred'.

                         .--._    _.--.
                        (     \  /     )
                         \     /\     /
                          \_   \/   _/
                           /        \
                          (    /\    )
                           `--'  `--'

                           FreedomBox

FreedomBox is a pure blend of Debian GNU/Linux.  FreedomBox manual is
available in /usr/share/doc/plinth.

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
fred@freedombox:~$ date
dimanche 17 janvier 2016, 15:34:20 (UTC+0000)

fred@freedombox:~$ uname -a
Linux freedombox 4.2.0-1-armmp-lpae #1 SMP Debian 4.2.6-3 (2015-12-06) armv7l GNU/Linux
fred@freedombox:~$ date
lundi 18 janvier 2016, 16:11:31 (UTC+0100)

Activation et essais de quelques applications

À décrire.

Préparation LVM

Disk /dev/sda: 465,8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
fred@freedombox:~$ pvdisplay
-bash: pvdisplay : commande introuvable
fred@freedombox:~$ sudo pvdisplay
fred@freedombox:~$ sudo pvcreate /dev/sda
  allocation/use_blkid_wiping=1 configuration setting is set while LVM is not compiled with blkid wiping support.
  Falling back to native LVM signature detection.
  Physical volume "/dev/sda" successfully created
fred@freedombox:~$ sudo pvdisplay
  "/dev/sda" is a new physical volume of "465,76 GiB"
  --- NEW Physical volume ---
  PV Name               /dev/sda
  VG Name               
  PV Size               465,76 GiB
  Allocatable           NO
  PE Size               0   
  Total PE              0
  Free PE               0
  Allocated PE          0
  PV UUID               MdGBd2-ebx1-6o6y-ltF6-8hPa-kMEO-fpm40M

Porter le contenu de /var/lib

Pour suivre le design FreedomBox.

fred@freedombox:~$ sudo vgcreate ddsata /dev/sda
  Volume group "ddsata" successfully created
fred@freedombox:~$ sudo vgdisplay
  --- Volume group ---
  VG Name               ddsata
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  1
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                0
  Open LV               0
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               465,76 GiB
  PE Size               4,00 MiB
  Total PE              119234
  Alloc PE / Size       0 / 0   
  Free  PE / Size       119234 / 465,76 GiB
  VG UUID               9rAVRr-38WJ-6K0r-BwcU-nLNF-qA8Q-OdPNBa

fred@freedombox:~$ sudo lvcreate -n varlib -L 200g ddsata
  allocation/use_blkid_wiping=1 configuration setting is set while LVM is not compiled with blkid wiping support.
  Falling back to native LVM signature detection.
  Logical volume "varlib" created.
fred@freedombox:~$ sudo lvdisplay
  --- Logical volume ---
  LV Path                /dev/ddsata/varlib
  LV Name                varlib
  VG Name                ddsata
  LV UUID                1FLvL1-4w3z-XJL3-YTqy-eA03-fVkt-THhFUC
  LV Write Access        read/write
  LV Creation host, time freedombox, 2016-01-18 17:40:45 +0100
  LV Status              available
  # open                 0
  LV Size                200,00 GiB
  Current LE             51200
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           254:0

fred@freedombox:~$ sudo lvs
  LV     VG     Attr       LSize   Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  varlib ddsata -wi-a----- 200,00g                                                    

fred@freedombox:~/603traces$ findmnt 
TARGET                                SOURCE              FSTYPE     OPTIONS
/                                     /dev/mmcblk0p2[/@]  btrfs      rw,relatime,ssd,space_cache,subvolid=257,subvol=/@
├─/sys                                sysfs               sysfs      rw,nosuid,nodev,noexec,relatime
│ ├─/sys/kernel/security              securityfs          securityfs rw,nosuid,nodev,noexec,relatime
│ ├─/sys/fs/cgroup                    tmpfs               tmpfs      ro,nosuid,nodev,noexec,mode=755
│ │ ├─/sys/fs/cgroup/systemd          cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd
│ │ ├─/sys/fs/cgroup/blkio            cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,blkio
│ │ ├─/sys/fs/cgroup/freezer          cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,freezer
│ │ ├─/sys/fs/cgroup/perf_event       cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,perf_event
│ │ ├─/sys/fs/cgroup/net_cls,net_prio cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,net_cls,net_prio
│ │ ├─/sys/fs/cgroup/cpu,cpuacct      cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,cpu,cpuacct
│ │ ├─/sys/fs/cgroup/cpuset           cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,cpuset
│ │ └─/sys/fs/cgroup/devices          cgroup              cgroup     rw,nosuid,nodev,noexec,relatime,devices
│ └─/sys/kernel/debug                 debugfs             debugfs    rw,relatime
├─/proc                               proc                proc       rw,relatime
│ └─/proc/sys/fs/binfmt_misc          systemd-1           autofs     rw,relatime,fd=22,pgrp=1,timeout=0,minproto=5,maxproto=5,direct
├─/dev                                udev                devtmpfs   rw,relatime,size=10240k,nr_inodes=126433,mode=755
│ ├─/dev/pts                          devpts              devpts     rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
│ ├─/dev/shm                          tmpfs               tmpfs      rw,nosuid,nodev
│ ├─/dev/hugepages                    hugetlbfs           hugetlbfs  rw,relatime
│ └─/dev/mqueue                       mqueue              mqueue     rw,relatime
├─/run                                tmpfs               tmpfs      rw,nosuid,relatime,size=205480k,mode=755
│ ├─/run/lock                         tmpfs               tmpfs      rw,nosuid,nodev,noexec,relatime,size=5120k
│ └─/run/user/10000                   tmpfs               tmpfs      rw,nosuid,nodev,relatime,size=102740k,mode=700,uid=10000,gid=100
├─/btrfs                              /dev/mmcblk0p2      btrfs      rw,relatime,ssd,space_cache,subvolid=5,subvol=/
├─/boot                               /dev/mmcblk0p1      ext2       rw,relatime,errors=remount-ro
└─/var/lib                            /dev/mapper/ddsata-varlib
                                                          ext4       rw,relatime,errors=remount-ro,data=ordered
fred@freedombox:~/603traces$ sudo lvs
[sudo] password for fred: 
  LV     VG     Attr       LSize   Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  varlib ddsata -wi-ao---- 200,00g                                                    

Application "tor"

Installation

Cette fonction requiert un paquet additionnel. Voulez-vous l'installer ?

Paquet                  Sommaire

obfs4proxy              pluggable transport proxy for Tor, implementing obfs4
apt-transport-tor       APT transport for anonymous package downloads via Tor
tor-geoipdb             GeoIP database for Tor
tor                     anonymizing overlay network for TCP
torsocks                use SOCKS-friendly applications with Tor

ownCloud

fred@freedombox:~$ df -h
Sys. de fichiers          Taille Utilisé Dispo Uti% Monté sur
udev                         10M       0   10M   0% /dev
tmpfs                       201M    3,2M  198M   2% /run
/dev/mmcblk0p2              3,7G    1,6G  1,8G  48% /
tmpfs                       502M       0  502M   0% /dev/shm
tmpfs                       5,0M       0  5,0M   0% /run/lock
tmpfs                       502M       0  502M   0% /sys/fs/cgroup
/dev/mmcblk0p2              3,7G    1,6G  1,8G  48% /btrfs
/dev/mmcblk0p1              113M     31M   76M  29% /boot
/dev/mapper/ddsata-varlib   197G    219M  187G   1% /var/lib
tmpfs                       101M       0  101M   0% /run/user/10000

Cette fonction requiert un paquet additionnel. Voulez-vous l'installer ?
Paquet          Sommaire
php5-pgsql      PostgreSQL module for php5
owncloud        cloud storage for files, music, contacts, calendars and many more
postgresql      object-relational SQL database (supported version)

État d'avancement

fred@freedombox:~$ date ; uptime
jeudi 21 janvier 2016, 10:07:02 (UTC+0100)
 10:07:02 up 1 day, 18:18,  1 user,  load average: 0,00, 0,01, 0,05

Bonnes sensations dans l'ensemble.

À reconsidérer

Période d'observation

je.28/1/6

lu.01/2/6

Quelques conclusions non définitives.

je.04/2/6

Période de suivi

Version ciblée : Testing

Exposition de la solution FreedomBox dans la DMZ du boîtier du FAI.

Et bien, qu'est-ce cela ?

Changement, évolution DNS

La "prestation" DNS fournis par le FAI-Free prête à confusion entre "sous-domaine" et "hôte".freeboxos.fr.

Je choisi :

IRC avec Quassel

De retour d'une semaine d'éloignement

:)


note(s) de bas de page