This is work in progress, I will update this post this week on a regular basis
Hey all,
Coming Thursday I want to give an online workshop on installing YNH on a VPS.
The workshop will be 90-120 minutes long and there will be max 30 participants.
At the end every participant should have:
- a working VPS
- with YNH installed
- at least one working app
- and two users
- a general idea on how to continue and where to look for help (on this forum)
Bonus points would be to
- install a Let’s Encrypt Cert.
- cover how to update the server
- go over the backup methods
There is a Dutch hoster so kind to sponsor me with 30 VPSs that participants of the workshop can continue using for free for 3 months after the workshop ends.
I thought I will write out my plan on how to give this workshop here and hope that people will like the idea and maybe have ideas for improvements
So without further ado, here is the plan. Please react with improvements or stuff I might have missed!
Workshop - Working at Home in the Public Stack.
An online workshop 30 April 20:00 - 21:30.
- Estimated participants: 30
- Knowledge level: Novice
- Channel: Zoom
Each participant will have access to a VPS with:
- 1 CPU Core
- 1.024 MB RAM
- 50 GB SSD
- 1 TB Pooled Traffic.
Prerequisites
Stuff every participant should have arranged before they enter the workshop
- A desktop or laptop with MacOS or Linux (Sorry, no Windows support…)
- A charger, or a full enough battery for two hours of surfing and live video conferencing.
- The link to the Jitsi room. Please enter on time and check your A/V settings.
- A link to a private zerobin with their username and password for their server (and maybe some other details…
1. Introduction
In the introduction I want to talk about how the internet is build up of a network of networks and that there are different typologies on how a network can be structured: Centralized, Decentralized and Distributed.
In an ideal, resilient, privacy-friendly world everyone is able to talk with everyone without an intermediary; the distributed model. But due to many constraints; resources, network effects, security, investment models and the structure of the capital market, the internet has converged to the centralized model in which a few super-nodes take care of the majority of interpersonal en intermachine communication.
To install a YNH server is a step in the right direction from totally centralized towards decentralized (but not yet distributed). What we will do is to reclaim a node in the network to serve the participants and their relatives with their own private decentralized space for communication of any sort.
Which software are we going to use and why?
This gives a good oppertunity to explain a little about the different layers in the stack and the public stack.
- We start with TransIP: the network layer. Sadly no Public Stack here. But what is a hoster? What do they look like? I can show some datacentre and marinecable images to get some idea.
- Debian 9; The OS layer. Robust, floss OS that is known for its security and stability. Has been part of the public stack for decades.
- Yunohost: a, primarily French, floss project that has been going for many years and has as a primal objective to make hosting yourself easy. They have come a long way and are getting better and better. They are under active development and, very important, they have an active supportive community online.
- Nextcloud: a, primarily German, floss project that was forked from Owncloud and has seen rapid improvement in the last years; they make running your private cloud easy.
- and a whole slew of dependencies; php. mysql, nginx etc. etc.
Now we get to work!
2. SSH into your VPS and Install YNH.
To communicate with the VPS we use SSH.
Note:
- I installed all VPS’s before hand. I noted the IP address, login, password and root password in an excel file.
- I created a Zero/PrivateBin installation with the help of YNH and created a unique paste for every participant containing their login details.
- I send this link to every participant using the private message feature of Jitsi.
- Open the terminal program on your computer.
- Type
ssh waag@[your ip adress]
and hit enter.
The authenticity of host '[ip adress] can’t be established.
ECDSA key fingerprint is SHA256:7ROrZxxxeIxxxxxxxxxxxxxxxxxxxxxxxxxxxxx30.
Are you sure you want to continue connecting (yes/no)?
- confirm adding the server to your host file by typing
yes
and hitting enter. - become root:
su -
- type root password
- install yunohost
curl https://install.yunohost.org | bash
- Confirm you want to overwrite system files.
- Confirm you want to change SSH behaviour
3. Post installation.
Perform the post-installation with the web interface by entering in your browser: the public IP address of the server.
- Explain the security warning people are likely to encounter related to the certificate used by the server.
- add a security exception to accept the current certificate.
We will then walk through the steps together for the post-installation:
- Main domain
People do not have a domain; only an IP, so we will use the YunoHost’s DynDNS service and choose a sub-domain of .nohost.me , .noho.st or .ynh.fr (e.g.homersimpson.nohost.me
). Provided that it’s not already taken, the domain will be configured automatically and you won’t need any further configuration step.
Note: Add information for people who have their own domain and refer to the DNS page page for more information.
- Administration password
This password will be used to access to your server’s administration interface. You would also use it to connect via SSH or SFTP . In general terms, this is your system’s key , choose it carefully.
4. We are in and can create our first user!
Let’s setup the first user who is going to be using this machine. Probably you yourself.
Note: add information on the difference between users and admins
You can create accounts for multiple users: let’s try one more; a friend, your partner/kid or housemate.
5. And now the fun stuff; what do you want to do with a server for yourself?
Think about the apps that you’ve been using with your friends and family to communicate? Or do you want a private serach engine? Do you chat a lot over WhatsApp? Do you share files? Do you have a household with a shared calendar?
What is the functionality that you’d like to replace and run on your own private server?
- We’re going to look at Nextcloud as I believe this is an extremly powerfull piece of software that can enable you to do a lot of stuff:
- Share files between people and/or machines
- Backup files (auto upload from your smartphone!)
- Calendar/Contact sync
- And it support apps in itself.
Note: how is the LDAP support between YNH and NC…?
Walk through the installation steps:
Note: explain that there might be small differences in these steps as every app is different; show where people can find the read.me and the project page on github.
- choose an app
- Choose a label
- choose a domain
- choose a path (!)
explain difference between subdomains and subdirectories
End with testing: and pointing out that NExtcloud has a mobile and desktop app. And that many apps can be installed, but that there are limitation due to RAM and CPU constraints.