FreedomBox
Not sure if any others here have installed hubzilla on a FreedomBox.
I'm finally working my way around the platform.
I was having some issues with LetsEncrypt certs and PageKite, but apparently I've misunderstood what exactly the buttons on the FreedomBox system administration page actually do.
Long story short, my CNAME entries on my registrar (namecheap) for my subdomains are configured correctly
and my kites are all configured correctly on PageKite.net.
To keep things logical I defined one subdomain for each pagekite on my registrar
Type Host Value
CNAME @ www.mydomain.com
CNAME www www-mydomain.pagekite.me
CNAME hub hub-mydomain.pagekite.me
and the corresponding kites at PageKite.net
mydomain.pagekite.me
www-mydomain.pagekite.me with a CNAME -> www.mydomain
hub-mydomain.pagekite.me with a CNAME -> hub.mydomain
and configuration in /etc/pagekite.d/{80_http.rc, 443_https.rc}
# 80_http.rc
service_on http:@kitename:localhost:80:@kitesecret
service_on http:www.mydomain:localhost:80:@kitesecret
service_on http:hub.mydomain:localhost:80:@kitesecret
#443_https.rc
service_on https:@kitename:localhost:443@kitesecret
service_on https:www.mydomain:localhost:443:@kitesecret
service_on https:hub.mydomain:localhost:443:@kitesecret
Clicking on the LetsEncrypt button on the FreedomBox system page, runs letsencrypt and correctly generates the SSL certs
and installs in default locations for apache /etc/letsencrypt/live/<domainname>
Running "certbot --list" shows I have 3 valid certs. All good.
But, the FreedomBox never uses any certs other than the one for www.mydomain
even though I have vhost for subdomains configured in /etc/apache2/sites-available/
and have enabled the symlink.
Apparently, the FreedomBox, uses some rewrite rules in "/etc/apache2/conf-available/" to rewrite every request
to "https://www.mydomain/<APP> or the default "https://www.mydomain/plinth"
So all requests get the certificate for "www.mydomain" which is valid if in fact I'm requesting "https://www.mydomain/<APP>"
but not valid if apache connects me to vhost defined in /etc/apache2/sites-available/
Anyhow, I've submitted a question on the FreedomBox site on how to override their defaults which prevent using subdomains with valid SSL certs.
In the meantime, I've created a rewrite rule of my own in /etc/apache2/conf-available/huzilla-freedombox.conf
to rewrite requests from
#^https://www.mydomain/hubzilla to
#^https://hub.mydomain" and vice-versa.
With my new re-write rules I was able to finish installing hubzilla and is working.
I can access at
#^http://hub.mydomain/channel/user and all works fine.
Can also access at
#^http://www.mydomain/hubzilla which get redirected to
#^http://hub.mydomain/hubzilla (not fine -- no such page)
but at least I have the hubzilla landing page with login, which then works,.
Might be missing something on my apache2 re-write rules which I borrowed off the internet or maybe it's not possible to do exactly what I need. Anyhow, best option would be to just have subdomain and cert working properly on FreedomBox without FreedomBox clobbering with their own re-write rules.
I'm fine with FreedomBox keeping
#^http://www.mydomain/<APP>
so all their APPS using a single cert from www.mydomain and then get reverse-proxied to localhost app servers.
But see no reason why
#^http://hub.mydomain can't be allowed to work normally with vhost "hub.mydomain" defined in /etc/apache2/site-available/hub-mydomain.conf fetching correct SSL cert.
Eventually may clone my current hubzilla account over to the FreedomBox once I get a feel for its performance. Guess I'll also need to figure out how much disk is used for current hubzilla database pics, etc and see if I've got enough storage space on FreedomBox.
It'd be nice to have a portable server no bigger than a cigarette pack which can run off internal battery that I can carry in my pocket if necessary for whatever reason.
