SelfPrivacy/selfprivacy.org
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy.org.git synced 2024-11-18 14:49:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
selfprivacy.org/content/second.en.md

297 lines
10 KiB
Markdown
Raw Normal View History

switch to hugo
2022-09-26 07:08:27 +00:00
---
title: Second
images: ["brand.png"]
---
<div class="margin-16 boxes">
<div class="max-width">
<h2 class="install-page-header">
Deployment and setup
</h2>
<div class="blue-border">
<p></p>
<p class="bottom-p">
SelfPrivacy-server is created step by step within an hour. Sounds scary, but believe me,
you shouldn't be a PhD to accomplish that. It's as simple as purchase in the e-shop.
</p>
<ul>
<li>
<!--1. -->Searching for passport and card with balance of $10-15 and $5 per month
</li>
<li>
<!--2. -->Accounts registration
</li>
<li>
<!--3. -->Protecting accounts
</li>
<li>
<!--4. -->Domain purchasing
</li>
<li>
<!--5. -->Connecting Domain to DNS Server
</li>
<li>
<!--6. -->🔑 Generating tokens
</li>
<li>
<!--7. -->Installation
</li>
<li>
<!--8. -->Connecting to the services 🎉
</li>
</ul>
<p class="bottom-p">
If you delegate this process to someone else, you will lose privacy. For 100% independence
and control
we recommend to do everything on your own.
</p>
</div>
<div class="blue-border">
<p class="top-p">
Accounts registration
</p>
<p class="bottom-p">
For stability and privacy, SelfPrivacy requires many accounts. If you hold everything in one
place,
you'll get the same you've been running from — all data in hands of one corporation🤦
</p>
<p class="bottom-p">
That's why, different parts of the system will be in different places. Let's register:
</p>
<ul>
<li>
<a href="https://accounts.hetzner.com/signUp">Hetzner </a>is a virtual server hosting. Our
data and SelfPrivacy services will live here.
</li>
<li>
<a href="https://www.namecheap.com/myaccount/signup/">NameCheap</a> or any other
registrar, to purchase your personal address on the Internet —
the domain that will point to the server.
</li>
<li>
<a href="https://dash.cloudflare.com/sign-up">CloudFlare </a>is a DNS server, where your
personal
address(domain) works.
</li>
<li>
<a
href="https://portal.aws.amazon.com/gp/aws/developer/registration/index.html?nc2=h_ct&src=default">
Backblaze </a>is an IaaS, that provides free storage for your encrypted backups.
</li>
</ul>
<p class="bottom-p">
Registration is trivial, but sometimes account activation may take up to few days or requires
additional documents.
Therefore, use real documents and fill out everything carefully.
Providers protect themselves from spam in such way. Nothing personal )
</p>
</div>
<div class="blue-border">
<p class="top-p">
Protecting accounts
</p>
<p class="bottom-p">
Most often, systems are hacked through the weakest part. In order for accounts not to be such
a part, passwords must be different and complex. TwinkleTwinkleLittleStar is a great example of a
bad password.
A good one 🌈 is a
passphrase:
</p>
<p class="code-p">
expert repose postwar anytime glimpse freestyle liability effects
</p>
<p class="bottom-p">or</p>
<p class="code-p">
}Rj;EtG:,M!bc4/|
</p>
<p class="bottom-p">
How to remember such complicated password? No way! Passwords do not need to be remembered, they must
be
created and stored in the <a href="https://keepassxc.org/download/">password manager</a>. Though,
you'll
have to remember at least one — password from the password manager.
</p>
<p class="bottom-p">
Be sure to enable additional account protection - the second factor (MFA, 2FA).
Without this simple step, your data will not be safe.
</p>
<p class="bottom-p">
I know it was difficult, but now your data is better protected than 95% of users.
You can be proud of yourself! I'm proud of you 🤗
</p>
</div>
<h2>
Domain purchasing
</h2>
<p class="top-header-p">
Enabled 2FA? Then let's proceed to the most interesting part!
</p>
<div class="blue-border-img">
<img src="/images/screencasts/nc-buy-domain.gif" alt="gif">
</div>
<p class="bottom-p pb-25">
<i>Domain</i> — it's a piece of Internet, which you can name like your home pet. Potential for
creativity is huge.
Your only limitations are 63 symbols length + .com .org .icu or other domain zones. Feel free to choose
among hundreds of others.
You can choose your surname as a domain, like this: jackson.live or carson.health, or it can be
something creative,
like: unicorn-land.shop
</p>
<div class="blue-border">
<p class="top-p">
Advices
</p>
<ul>
<li>Be sure to look at the annual renewal price, it can exceed the purchase price many times.</li>
<li>Normal domain price is $8-10 per year. The cheapest are Chinese .icu and .cyou - $4-6.</li>
<li>A good name is convenient, both on the phone to dictate, and on the business card to indicate.
</li>
<li>The last name in the domain is good in that you can distribute mail to all namesakes, for
example:
name.secondname@surname.com, ns@surname.com or name@surname.com</li>
<li>
During domain registration, make sure to enter your real e-mail address, otherwise your
registration can be
canceled. And if you can't extend the domain, the system won't work as intended.
</li>
<li>Did I talk about the 2FA?</li>
</ul>
</div>
<p class="top-header-p">
Connecting Domain to DNS Server
</p>
<p class="bottom-p">
After acquisition, add your domain into CloudFlare:
</p>
<div class="blue-border-img">
<img src="/images/screencasts/add-domain-to-cf.gif" alt="gif">
</div>
<p class="bottom-p">
Using <span class="color-blue">ruleit.stream</span> as example, we chose free service plan
and got nameservers: <span class="color-blue">gail.ns.cloudflare.com</span> and <span
class="color-blue">mattns.cloudflare.com</span>, which must be registered with our registrar.
In our case <span class="color-blue">NameCheap:</span>
</p>
<div class="blue-border-img">
<img src="/images/screencasts/nc-to-cf.gif" alt="gif">
</div>
<p class="bottom-p">
At the same time, we check that we include auto-renewal and protection of personal data — <span
class="color-blue">WhoisGuard</span>.
After a few minutes or, in the worst case, up to 2 days, the settings will be applied.
</p>
<h2>
🔑 Generating tokens
</h2>
<div class="blue-border">
<p class="top-p">
API tokens
</p>
<p class="bottom-p">
<i>API tokens</i> are almost the same as login and password, only for a program, not a person.
SelfPrivacy application uses them to manage services in all accounts instead of you. Convenient!
</p>
<p class="bottom-p">
Tokens should be stored in the <a href="https://keepassxc.org/download/">password manager</a>
</p>
<p class="bottom-p">
We do not need a token for the NameCheap. But we will need one for the CloudFlare
to use it for domain management.
</p>
<p class="header-p">
CloudFlare
</p>
<ul>
<li>Visit the following <a href="https://dash.cloudflare.com/">link</a>.</li>
<li>In the right corner, we click on the profile icon (a man in a circle). For the mobile version
of the site, in
the upper left corner, click the <b>Menu</b> button (three horizontal bars), in the dropdown
menu,
click on <b>My Profile</b>
</li>
<li>We have four configuration categories to choose from: <b>Communication, Authentication, API
Tokens, Session.</b> Choose <b>API Tokens.</b>
</li>
<li>The first item is the <b>Create Token</b> button. With complete self-confidence and a desire
to gain privacy, we press it.
</li>
<li>We go down to the bottom and see the <b>Create Custom Token</b> field and
the <b>Get Started</b> button on the right side. We press.</li>
<li>In the <b>Token Name</b> field, we give our token a name. You can quote and treat this as
the name of a pet:)</li>
<li>Next we have <b>Permissions</b>. In the leftmost field, select <b>Zone</b>. In the longest
field, center, select
<b>DNS</b>. In the rightmost field, select <b>Edit</b>.
</li>
<li>Next, right under this line, click <b>Add More</b>. Similar field will appear.</li>
<li>In the leftmost field of the new line, we select, similar to the last line — <b>Zone</b>. In the
center — a little different.
Here we choose the same as in the left — <b>Zone</b>. In the rightmost field, select
<b>Read</b>.
</li>
<li>Next we look at <b>Zone Resources</b>. Under this inscription there is a line with two fields.
The left must have <b>Include</b> and the right must have <b>Specific Zone</b>. Once you select
<b>Specific Zone</b>, another field appears on the right. We choose our domain in it.
</li>
<li>We flick to the bottom and press the blue <b>Continue to Summary</b> button.</li>
<li>We're checking to see if we got everything right. A similar string must be present: Domain —
<b>DNS:Edit, Zone:Read.</b>
</li>
<li>Click on <b>Create Token.</b></li>
<li>We copy the created token, and save it in a reliable place (preferably in the <a
href="https://keepassxc.org/download/">password manager</a>).</li>
</ul>
<img src="/images/screencasts/CloudFlare.gif" alt="gif">
<p class="header-p">
Hetzner
</p>
<ul>
<li>Visit the following <a href="https://console.hetzner.cloud/">link</a> and authorize in the
previously created account.</li>
<li>We go into the project we created. If there is none, then we create.</li>
<li>Point the mouse to the side panel. It should open by showing us menu items. We are interested
in the latter — <b>Security</b> (with a key icon).
</li>
<li>Next, at the top of the interface we see approximately the following list: <b>SSH Keys,
API Tokens,
Certificates, Members.</b> We need the <b>API Tokens</b>. Click on it.
</li>
<li>On the right side of the interface, we will be waiting for the <b>Generate API token</b> button.
If you use
the mobile version of the site — in the lower right corner you will see a <b>red plus</b>
button. We press.
</li>
<li>In the <b>Description</b> field, give our token a name (this can be any name that
you like, it does not essentially change).</li>
<li>Under <b>Description</b>, you can select <b>permissions</b>. Select <b>Read & Write</b>.
</li>
<li>Click <b>Generate API Token.</b></li>
<li>After that, your key will be displayed. We write it in a safe place, or even better, we save it
in the
<a href="https://keepassxc.org/download/">password manager</a>.
</li>
</ul>
<img src="/images/screencasts/Hetzner.gif" alt="gif">
<p class="header-p">
Backblaze B2
</p>
<ul>
<li>Visit the following <a href="https://secure.backblaze.com/user_overview.htm">link</a></li>
<li>On the left side of the interface, select <b>App Keys</b> in the <b>B2 Cloud Storage</b>
subcategory.
</li>
<li>Click on the blue <b>Generate New Master Application Key</b> button.</li>
<li>In the appeared pop-up window confirm the generation.</li>
<li>Save <i>keyID</i> and <i>applicationKey</i> in the safe place. For example - in the
<a href="https://keepassxc.org/download/">password manager</a> :)
</li>
</ul>
<img src="/images/screencasts/Backblaze.gif" alt="gif">
<p class="header-p">
🎉 Congratulations. Now you are ready to use private services.
</p>
</div>
</div>
</div>
Reference in a new issue Copy permalink