Differences between revisions 33 and 34
Revision 33 as of 2015-11-24 11:42:43
Size: 23188
Comment: Added: link to new test page for users only (/ReleaseNotesUser)
Revision 34 as of 2015-11-24 13:57:31
Size: 4035
Comment: Switched : user oriented content replacing developer content
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
{{{#!wiki comment
New Feature Template:

=== (Feature Common Name) ===

(What it does).

(How to use it.)

(How to set it up.)


The "use" and "setup" paragraphs can be "==== Separate Sections ====" if they're sufficiently long. If they need to be that long, we've probably built the system wrong.


Please check as well [[FreedomBox/Contribute|contribution]], [[FreedomBox/ProgressCalls|progress calls]], [[FreedomBox/TODO|TODOs]] related pages and [[/ReleaseNotesUser|Release Note for Users]].
Please check as well [[FreedomBox/Contribute|contribution]], [[FreedomBox/ProgressCalls|progress calls]], [[FreedomBox/TODO|TODOs]] related pages and [[/ReleaseNotesDev|Release Note for Developers]].
Line 29: Line 11:
Line 30: Line 13:

=== Notable Features ===
Line 39: Line 20:
==== freedom-maker ====

 * Added "make test" which boots the virtualbox image and runs diagnostic tests
 * Added options to use custom freedombox-setup and plinth packages
 * Moved hardware setup script from freedombox-setup to freedom-maker
 * Added support for A20 OLinuXino Lime2 and MICRO

==== Plinth ====

 * Added explicit port setting to pagekite configuration
 * Require older version of coverage for Travis build
 * pagekite: Make Augeas loading narrower and faster
 * networks: Ability to enable/disable without JS
 * Removed references to removed TODO file
 * Require library version for GObject introspection
 * datetime: Fix triggering install callback
 * Cleanup README, add links to wiki and homepage
 * Layout and description changes; removed the word 'Plinth' from the UI
 * First boot improvements
 * OpenVPN module for VPN into !FreedomBox
 * Added reStore module/application
 * Started translations: French, Norwegian Bokmål, Telugu, Dutch
 * Full internationalization including HTML templates
 * Allow hyphens in hostname and domainname
 * Test on python 3.3 and 3.4 with travis
 * Updated domain name validation and unit tests
 * restore: Fix minor styling issues
 * Added a 'language' dropdown field to the system configuration
Line 69: Line 21:

=== Notable Features ===
Line 83: Line 33:
==== freedom-maker ====

 * Removed unneeded DHCP config option to vmdebootstrap.
 * Use httpredir.debian.org official service instead of http.debian.net
 * Added support for Raspberry Pi 2.
 * Remove SSH keys from built image.
 * Add free/non-free tag to image filenames.
 * Revamped documentation and removed Dreamplug specific stuff.
 * Added missing license headers.
 * Removed unused files.

==== freedombox-setup ====

 * Fixed error preventing flash-kernel install on Dreamplug.
 * Fixed some errors in flash-kernel script.
 * Switched from mod_ssl to mod_gnutls.
 * Removed old manual in favor of new one present in Plinth.
 * Use httpredir.debian.org instead of http.debian.net
 * Removed Tor setup, now handled by Plinth.
 * Removed diagnostic testsuite, now handled by Plinth.
 * Removed unused and not-working code.
 * Added support for Raspberry Pi 2.
 * Added login greeter message with location of manuals.
 * Removed unneeded changes to fstab, hosts, and apt sources.
 * Don't remove SSH keys; this will be done by freedom-maker for pre-built images.
 * Default to not downloading sources
 * Removed apache2-mpm-worker from depends list.
 * Select Apache MPM prefork by default. Disable other MPMs.
 * Merge Wi-Fi configuration with network configuration.
 * Install avahi service files properly.
 * Moved Apache, PAM, sudoers configurations to files.
 * Moved sysctl configuration and LXC template to new hierarchy.
 * Moved machine-detect file to /usr/lib/freedombox.
 * Added Lintian override for Apache configuration name.
 * Enable PHP5 and CGI modules by default to avoid restarting Apache2 later.

==== Plinth ====

 * Improved diagnostics:
   * Moved diagnostic tests from freedombox-setup to individual Plinth modules.
   * Added ability to perform diagnostics on individual services.
   * Made diagnostics more accessible from the main App interface.
   * Added structured information about tests performed.
   * Introduced --diagnose option to Plinth command line.
   * Added external dependency psutil.
   * Added basic diagnostics for many more modules.
 * Added PPPoE connections to Networks setup.
 * Passwords sent to actions are now sent over stdin, instead of as command line arguments.
 * Moved Tor setup from freedombox-setup into Plinth.
 * Implemented datetime module:
   * Added new module for handling date and time
   * Moved ntp diagnostic tests from freedombox-setup to this module.
 * Added Bookmarks (Shaarli) module.
 * Fixed issue with Apache configuration
 * firewall: Removed assigning zones to interfaces during first-run setup. This is done by freedombox-setup.
 * xmpp: Replace ejabberd host during domainname change. Display current domainname and example user ID.
 * upgrades: Enable automatic upgrades after install. Moved auto upgrades configure form to first tab.
 * Enable apt-transport-tor during Tor setup, with option to disable.
 * POST is now used to change connection state instead of GET, for CSRF.
 * Start deluge-web service after package install.
 * Handle default time zone properly.
 * Centered the login form. Removed settings icon and 'Log In' item from top right menu.
 * Apply workaround to ssl config for mod_gnutls.
 * Documentation Revamp:
   * Get latest !FreedomBox user manual from wiki.
   * Manual is focused on using !FreedomBox, with a section on developing Plinth modules.
   * Updated outdated descriptions everywhere.
   * Wrote a proper manual page for plinth.
 * Added missing calls to service.notify_enabled() from on_install handlers.
 * owncloud: Added on_install handler to enable after install.
 * Removed deprecated firstboot css.
 * Added config entry danube_edition.
 * Explicitly state datatypes for config entries
 * Removed redundant requirement for pagekite.
 * Changed Apache conf files to use Require instead of Allow/Deny.
 * Added Service Discovery module which allows enabling/disabling of avahi-daemon.
 * xmpp: Disable TLS on ejabberd's http-bind port (work around for jwchat issue).
Line 162: Line 34:

=== Notable Features ===
Line 175: Line 45:
==== freedom-maker ====

 * Add ability to set build and image mirrors separately
 * Updated installation instructions
 * Ability to set specific components based on targets
 * Add support for !CubieTruck
 * Fix build failure during date change boundary
 * Disable btrfs for Raspberry Pi
 * Add support for building i386/amd64 images
 * Update documentation about the new targets
 * Corrected the git url for freedom-maker build
 * Use vmdebootstrap-0.8
 * Remove unneeded DHCP config option to vmdebootstrap

==== freedombox-setup ====

 * Setup uap0 interface on dreamplug, using hostapd to configure wifi AP.
 * Set HOME in first-run initscript so etckeeper can find the git config.
 * Beaglebone: Don't need to copy u-boot files to boot partition. freedom-maker will install it in front of boot partition.
 * Add initial support for cubietruck.
 * Remove pagekite recommendation as Plinth now takes care of its installation and setup
 * Redirect to Plinth from home page instead of showing jwchat
 * Migrate to dh_python3 from python-support
 * Use nmcli to setup network connections
 * Remove jwchat/ejabber setup as it is handle by Plinth
 * Remove LDAP root password and create ou=groups
 * Remove renaming of network interfaces as it does not work. Start using systemd's new predictable naming. Don't alter /etc/network/interface anymore.
 * Use network manager for configuring DNS and DHCP servers
 * Fix hang issue when building Raspberry Pi images
 * Remove privoxy setup as it happens in Plinth now
 * Configure PAM for LDAP user logins

==== Plinth 0.4.5 ====

 * New app modules:
   * !BitTorrent (Transmission)
   * Dynamic DNS
   * Voice Chat (Mumble)
   * Wiki & Blog (ikiwiki)
 * New system modules:
   * Networks
   * Software Upgrades
 * Add unit tests with coverage report and Travis-CI integration
 * Add systemd service file for Plinth
 * Use augeas to configure Pagekite
 * Use domainname as ejabberd host
 * Bugfixes for ownCloud and packagekit
 * Fixes for user dropdown menu when javascript is disabled
 * Simpler look

==== Plinth 0.5 ====

 * New app modules:
   * !BitTorrent (Deluge)
   * Email Client (Roundcube)
   * Web Proxy (Privoxy)
 * Use libnm for Networks module
 * Add support for testing Django-dependent modules
 * Plinth can now setup ejabberd and jwchat
 * Setup firewall zones for network-manager connections
 * Manage LDAP users and groups with ldapscripts package
 * LDAP user authentication is now used for XMPP, ikiwiki, and SSH
 * Fixes to cherrypy autoreload and remove unneeded extra server. Plinth now uses much less CPU.
 * Use django-stronghold for authentication handling
 * Bundle tests with applications; add Travis-CI status image to README
 * Move to using python3-augeas for Pagekite
 * Extend and use action utilities for enabling/disabling services and Apache confs
 * Fixed timezone list issue
 * Bind a Network connection to an interface
 * Many small cleanups
Line 247: Line 46:

=== Notable Features ===
Line 262: Line 59:
==== freedom-maker ====

 * Newer images use systemd by default
 * !VirtualBox images for amd64 architecture also
 * Default to btrfs filesytem where supported
 * Images for !BeagleBone
 * Use Grub for virtualbox images
 * Use eatmydata to speed up build process
 * Switch to Debian Unstable as suite of choice
 * Drop well-known root password (an account with sudo capabilities still exists for now)

==== freedombox-setup ====

 * Add !BeagleBone support
 * Enable scramblesuite for obfsproxy
 * Enable obfsproxy
 * Updates to testsuite
 * Pull documentation from Wiki and build it
 * Enable Tor transparent proxy
 * Update tests in testsuite

==== Plinth 0.4.1 ====

 * Ability to enable and see status of Tor Hidden Services.
 * Fully migrated to Django and removed all code that was re-inventing web frameworks.
 * Migrated to Python 3.
 * Ability to write and distribute Plinth modules outside of Plinth repository: !FreedomBox Apps.
 * Improved security using Django authentication and forms.
 * Reorganized source code to look more like a Python application.
 * Use Python setup.py instead of custom Makefiles.
 * Setting up Plinth for development is easier.
 * Removed dependency on withsqlite package with help from Django models.
 * Removed duplicated code in Twitter bootstrap JS/CSS by depending on proper Debian packages.
 * Removed stubs and TODOish messages in UI in preparation of proper public (developer) release.
 * Code quality clean-ups.
 * Updated documentation on setting up and using Plinth from source.

==== Plinth 0.4.4 ====

 * Update to Bootstrap3 and improve styling in general
 * Fix issue with Apache configuration
 * Improvements to working behind a proxy server
 * Introduce package management framework
 * Show progress bar while installing ownCloud
 * Tested JWChat/ownCloud on .onion addresses
 * Test coverage measurement
 * Rewamped first boot wizard
 * Proper user management with editing and setting passwords
 * Remove expert mode
 * Seperate out domain name vs. hostname configuration
 * Fix issues with ejabberd configuration update on hostname change
 * Fix issue with hostname changes
 * Debian packaging related fixes
 * Many bug fixes and code cleanups

==== Firewall ====

Firewall is a network security system that controls the incoming and outgoing network traffic. Keeping a firewall
enabled and properly configured reduces risk of security threat from the Internet.

The operation of the firewall is automatic. When you enable a service it is automatically permitted in the firewall and you disable a service is automatically disabled in the firewall.

Automatic management of firewall in !FreedomBox is handled by Plinth web user interface using [[https://fedoraproject.org/wiki/FirewallD|FirewallD]].
Line 328: Line 61:
=== New Architectures ===

In addition to the [[FreedomBox/Hardware/DreamPlug|DreamPlug]], Raspberry Pi and !VirtualBox (x86) images are now provided.

=== New Services ===

These services are new as of this release:

 * Configuration Management UI
 * Instant Messaging
 * !OwnCloud
 * dnsmasq
 * Low-Level Configuration Management
 * Service Announcement
 * LDAP Server
 * LXC Support
 * Source Packages

See [[../Manual/Jessie|the user documentation]] for instruction on how to use them.

==== Configuration Management UI ====

The !FreedomBox now has an administrative interface, Plinth.

To use it:

 1. Start your !FreedomBox.
 1. After Plinth is configured, log in.

To configure it:

 1. Start your !FreedomBox.
 1. Plug your Ethernet cable in to your computer and eth1 on your [[FreedomBox/Hardware/DreamPlug|DreamPlug]].
 1. Connect to Plinth.
 1. Set up the user name and password you'll use to log into Plinth.

==== Instant Messaging ====

The !FreedomBox now supports instant messaging via [[https://en.wikipedia.org/wiki/XMPP|XMPP]], using [[https://jwchat.org/|JWChat]].

To use it:

 1. Start your !FreedomBox.
 1. Register a new Jabber account.
 1. Log in to your Jabber account.

==== OwnCloud ====

 (with 4GB images)

(What is this? What is it for? How do we use it?)

==== dnsmasq ====

(What is this? What is it for? How do we use it?)

==== Low-Level Configuration Management ====

Etckeeper is now used for configuration management: after every major system operation, the system automatically takes a configuration snapshot so configuration changes can be reversed, as necessary.

==== Service Announcement ====

Avahi Service Announcement and mDNS Name Resolution.

(What is this? What is it for? How do we use it?)

==== LDAP server ====

(What is this? What is it for? How do we use it?)

==== LXC support ====

(What is this? What is it for? How do we use it?)

==== Source Packages ====

Source Packages for each installed package are now stored in the /usr/src/packages/ directory.

=== Changes since 0.1 release ===
 * Support for Raspberry Pi and !VirtualBox (x86) in addition to the [[/FreedomBox/Hardware/DreamPlug|DreamPlug]].
 * New Services:
  * Configuration Management UI.
  * Instant Messaging.
  * !OwnCloud.
  * dnsmasq.
  * Low-Level Configuration Management.
  * Service Announcement.
  * LDAP Server.
  * LXC Support.
  * Source Packages.
Line 412: Line 76:
I am pleased to announce our first !FreedomBox software release. The
!FreedomBox 0.1 image is available
(.torrent) (sha512sum:

This 0.1 version is primarily a developer release, which means that it
focuses on architecture and infrastructure rather than finish
work. The exception to this is privoxy-freedombox, the web proxy
discussed in previous updates, which people can begin using right now
to make their web browsing more secure and private and which will very
soon be available on non-!FreedomBox systems. More information on that
tool at the end of this post.

 * What have we accomplished?

   This first release completes a number of important milestones for
   the project.

   * Full hardware support in Debian

     A big part of the vision for the !FreedomBox project revolves
     around the "Boxs", tiny plug servers that are capable of running
     full size computing loads cheaply and with little use of
     electricity. In many respects these are wireless routers given
     the brains of a smart phone. If you want to change the software
     on a router or smart phone today you normally need to worry about
     bootloader images, custom roms, and a whole collection of
     specialized build and install tools. We wanted to the !FreedomBox
     to move beyond this fragmented environment and, with the help of
     some embedded device experts, we have managed to make our
     [[https://www.globalscaletechnologies.com/t-dreamplugdetails.aspx|development hardware]]
     into a fully supported Debian platform. That means that anyone
     with a device can install Debian on it just like a laptop or
     desktop computer. This support is very important for ensuring
     that the work we do on the !FreedomBox is as portable and reusable
     as possible.

  * Basic software tools selected

    There is a lot of great free software out there to choose from and
    we put a lot of thought into which elements would be included in
    our basic tool kit. This includes the user interface system
    "plinth" that I outlined in a [[http://www.kickstarter.com/projects/721744279/push-the-freedombox-foundation-from-0-to-60-in-30/posts/260995|recent kickstarter update]]
    as well as basic cryptography tools like gpg and a one named
    "monkeysphere" that leverages gpg as an authentication tool. All
    of these are now bundled together and installed on the release
    image. This common working environment will simplify development
    going forward.

  * Box-to-box communication design

    Some goals of the !FreedomBox can be accomplished with one user and
    one !FreedomBox but many, like helping someone route around
    repressive government firewalls, will require groups of people and
    groups of boxes working together. One of our greatest
    architectural challenges has been finding a way for boxes to
    communicate securely without so slowing down or breaking network
    access as to make the system unpleasant to use. We have now
    and built the first version of our proposed solution:
    Freedom-buddy. Freedom-buddy uses the world class
    [[https://en.wikipedia.org/wiki/Tor_%28anonymity_network%29|TOR network]]
    so that boxes can find each other regardless of location or
    restrictive firewall and then allows the boxes to negotiate secure
    direct connections to each other for actually sending large or
    time sensitive data. We believe this blended approach will be most
    effective at improving the security and usability of
    personal-server communications and all the services we plan to
    build into those servers.

  * Web cleaning

    Our first service, a piece of software you can use today to start
    making your web browsing more secure and private, is called
    "privoxy-freedombox". This software combines the functionality of
    the [[https://adblockplus.org/en/|Adblock Plus]] ad
    blocker, the [[https://easylist.adblockplus.org/en/|Easy Privacy]]
    filtering list, and the
    ([[https://www.eff.org/https-everywhere|HTTPS Everywhere]])
    website redirection plugin into a single piece of software to run
    on your !FreedomBox. Combining these different plugins into
    software for your !FreedomBox means that you can use them with
    almost any browser or mobile device using a standard web proxy
    connection. Because of our focus on building the !FreedomBox as
    part of Debian this software will soon be available to anyone
    running a Debian system regardless of whether you are using our
    target !DreamPlug hardware, a laptop, or a large rack server

    As you read this packages should already be available in the [[http://www.raspbian.org/|Raspbian]] repositories, which is the
    optimized version of Debian used on the Raspberry Pi
    hardware. Hopefully we will get that onto the main Debian mirrors
    over the next month; if you are interested in building it for
    yourself in the meantime, the source is available from
    [[https://www.gitorious.org/freedombox-privoxy/freedombox-privoxy|gitorious]]. As
    we build additional components for the !FreedomBox we will continue
    to work on making them widely available.

 * What is next?

   As you may have seen, our Project Lead, Bdale Garbee, is about to begin a well earned [[http://www.gag.com/bdale/blog/posts/Early_Retirement.html|early retirement]] from his long time role as Open Source & Linux Chief
   Technologist at Hewlett-Packard. Over the coming month Bdale and
   the rest of the Foundation team will be putting together plans for
   the next stage of !FreedomBox development and the road to a 1.0
   release. News and updates will follow at
 * First !FreedomBox software release (0.1 image, developer release).
 * Full hardware support in Debian
 * Support for [[FreedomBox/Hardware/DreamPlug|DreamPlug]].
 * Basic software tools selected as common working environment:
  * User interface system "plinth"
  * Cryptography tools: gpg or "monkeysphere"
  * Box-to-box communication design: Freedom-buddy (uses [[https://en.wikipedia.org/wiki/Tor_%28anonymity_network%29|TOR network]])
  * Web cleaning: "privoxy-freedombox".

Please check as well contribution, progress calls, TODOs related pages and ?Release Note for Developers.

Release Notes

The following are the release notes for each FreedomBox version.

Version 0.7 (unreleased)

  • Translations!
  • Support for OLinuXino A20 MICRO and LIME2
  • New Plinth applications: OpenVPN, reStore
  • Improved first-boot experience
  • Many bugfixes and cleanups

Version 0.6 (2015-10-31)

  • New supported hardware target: Raspberry Pi 2
  • New modules in Plinth:
    • Shaarli: Web application to manage and share bookmarks
    • Date & Time: Configure time zone and NTP service

    • Service Discovery: Configure Avahi service
  • Documentation revamp including new user manual and developer guide
  • Improved diagnostic tests, available in Plinth
  • Avoid unnecessary changes when installing on existing Debian system
  • Network configuration supports PPPoE connections
  • Debian packages can be download over Tor

Version 0.5 (2015-08-07)

  • New targets: CubieTruck, i386, amd64

  • New apps in Plinth: Transmission, Dynamic DNS, Mumble, ikiwiki, Deluge, Roundcube, Privoxy
  • NetworkManager handles network configuration and can be manipulated through Plinth.

  • Software Upgrades (unattended-upgrades) module can upgrade the system, and enable automatic upgrades.
  • Plinth is now capable of installing ejabberd, jwchat, and privoxy, so they are not included in image but can be installed when needed.
  • User authentication through LDAP for SSH, XMPP (ejabberd), and ikiwiki.
  • Unit test suite is automatically run on Plinth upstream. This helps us catch at least some code errors before they are discovered by users!
  • New, simpler look for Plinth.
  • Performance improvements for Plinth.

Version 0.3 (2015-01-20)

  • Tor Bridges: All boxes now act as non-exit Tor bridges, routing traffic for the Tor network.
  • Firewall: firewall is on by default and is automatically managed.

  • Add BeagleBone support. We now have images for BeagleBone, RaspberryPi, VirtualBox i386/amd64, and DreamPlug.

  • Ability to enable and use Tor Hidden Services. Works with Ejabberd/JWChat and ownCloud services.
  • Enable Tor obfsproxy with scramblesuit.
  • Drop well-known root password (an account with sudo capabilities still exists for now but will be removed soon).
  • Switch to unstable as suite of choice for easier development.
  • Newer images are built with systemd by default (due to Debian change).
  • Install and operate firewall automatically (uses firewalld).
  • Major restructuring of Plinth UI using Python3, Django web development framework and Bootstrap3. Code quality is much better and UI is more polished.
  • Introduced packaging framework in Plinth UI for on-demand application installation.

Version 0.2 (2014-03-16)

  • Support for Raspberry Pi and VirtualBox (x86) in addition to the ?DreamPlug.

  • New Services:
    • Configuration Management UI.
    • Instant Messaging.
    • OwnCloud.

    • dnsmasq.
    • Low-Level Configuration Management.
    • Service Announcement.
    • LDAP Server.
    • LXC Support.
    • Source Packages.
  • The privoxy setup is now the default from Debian.

Version 0.1 (2013-02-26)

  • First FreedomBox software release (0.1 image, developer release).

  • Full hardware support in Debian
  • Support for ?DreamPlug.

  • Basic software tools selected as common working environment:
    • User interface system "plinth"
    • Cryptography tools: gpg or "monkeysphere"
    • Box-to-box communication design: Freedom-buddy (uses TOR network)

    • Web cleaning: "privoxy-freedombox".









Live Help

Where To Start







To Do









FreedomBox for Communities

FreedomBox Developer Manual

HELP & DISCUSSIONS: Discussion Forum - Mailing List - #freedombox irc.debian.org | CONTACT Foundation | JOIN Project

Next call: Saturday, November 13 at 14:00 UTC

This page is copyright its contributors and is licensed under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.