dnkls/gist:1b86cbbafd311ce19bcc87ed66f2fdc5

## gistfile1.txt
1. DO does not do debian unstable. Need to upgrade from 8.2 via https://wiki.debian.org/DebianTesting
 * Digital Ocean MyAS 512 MB Memory / 20 GB Disk / NYC2 162.243.48.241 root password: <ask agropper>
 * adduser fbx / Password:
 * ssh fbx@162.243.48.241 works but won’t sudo
 * Do: https://www.privateinternetaccess.com/forum/discussion/18063/debian-8-1-0-jessie-sudo-fix-not-installed-by-default
 * ssh fbx@162.243.48.241 works

1. Changing to Debian unstable to prepare for FreedomBox
 * via Duncan: You can upgrade using instructions from https://wiki.debian.org/DebianTesting
 * in /etc/apt/ sudo nano sources.list and replace all jessie with testing
 * run apt-get update && apt-get upgrade ; accept issue N default and config Keep default
 * Reboot then check with cat /etc/debian_version - reports stretch/sid
 * Make a Digital Ocean Snapshot
   * sudo shutdown now
    * Use the DO Control Panel to create a Snapshot

1. Install FreedomBox per https://wiki.debian.org/FreedomBox/Hardware/Debian
 * sudo apt-get update
 * sudo apt-get install freedombox-setup accept default to ask on restart
 * sudo /usr/lib/freedombox/setup | tee freedombox-setup.log
 * Needed to delete the public key in /Users/adrian/.ssh/known_hosts
 * ssh as fbx - reboot

1. http://162.243.48.241 redirects to http://162.243.48.241/plinth but reports Forbidden
 * https://httpd.apache.org/docs/trunk/mod/mod_authz_host.html
 * sudo nano /etc/apache2/sites-available/plinth.conf added Require ip 146.115.179.89 and reboot
 * https://162.243.48.241/plinth works! with self-signed cert issued to the Droplet name (MyAS)

1. Plinth Setup
 * added user adrian pw:

1. Check versions:
 * python3 -V shows Python 3.4.4
 * python3 -c "import django; print(django.get_version())" shows 1.9

1. Make a Digital Ocean Snapshot
 * sudo shutdown now
 * Use the DO Control Panel to create a Snapshot

1. Get a Personal Domain
 * Get a domain: https://ap.www.namecheap.com/  myas.xyz cost $1.18
 * Make an A-Record to 162.243.179.89 and a CNAME for host www to myas.xyz

1. Install Let’s Encrypt
 * sudo apt-get update
 * sudo apt-get install letsencrypt python-letsencrypt-apache
 * Login as root from the Digital Ocean console
 * Stop apache2: sudo service apache2 stop
 * /etc/letsencrypt$ ls now shows: accounts  csr  keys  renewal
 * letsencrypt --apache
  * “No host names found…” Accept default
  * myas.xyz, www.myas.xyz
  * Accept Easy
 * Test with: https://www.ssllabs.com/ssltest/analyze.html?d=myas.xyz

1. Make a Digital Ocean Snapshot


***
**Tools**
* nano http://mintaka.sdsu.edu/reu/nano.html for editing the sources.list file
* https://www.digitalocean.com/community/tutorials/how-to-add-delete-and-grant-sudo-privileges-to-users-on-a-debian-vps
* https://wiki.debian.org/FreedomBox/Manual/Firewall
* https://wiki.debian.org/FreedomBox/Manual
* https://wiki.debian.org/FreedomBox/Manual/Developer
* https://letsencrypt.readthedocs.org/en/latest/intro.html
	1. DO does not do debian unstable. Need to upgrade from 8.2 via https://wiki.debian.org/DebianTesting
	* Digital Ocean MyAS 512 MB Memory / 20 GB Disk / NYC2 162.243.48.241 root password: <ask agropper>
	* adduser fbx / Password:
	* ssh fbx@162.243.48.241 works but won’t sudo
	* Do: https://www.privateinternetaccess.com/forum/discussion/18063/debian-8-1-0-jessie-sudo-fix-not-installed-by-default
	* ssh fbx@162.243.48.241 works

	1. Changing to Debian unstable to prepare for FreedomBox
	* via Duncan: You can upgrade using instructions from https://wiki.debian.org/DebianTesting
	* in /etc/apt/ sudo nano sources.list and replace all jessie with testing
	* run apt-get update && apt-get upgrade ; accept issue N default and config Keep default
	* Reboot then check with cat /etc/debian_version - reports stretch/sid
	* Make a Digital Ocean Snapshot
	* sudo shutdown now
	* Use the DO Control Panel to create a Snapshot

	1. Install FreedomBox per https://wiki.debian.org/FreedomBox/Hardware/Debian
	* sudo apt-get update
	* sudo apt-get install freedombox-setup accept default to ask on restart
	* sudo /usr/lib/freedombox/setup \| tee freedombox-setup.log
	* Needed to delete the public key in /Users/adrian/.ssh/known_hosts
	* ssh as fbx - reboot

	1. http://162.243.48.241 redirects to http://162.243.48.241/plinth but reports Forbidden
	* https://httpd.apache.org/docs/trunk/mod/mod_authz_host.html
	* sudo nano /etc/apache2/sites-available/plinth.conf added Require ip 146.115.179.89 and reboot
	* https://162.243.48.241/plinth works! with self-signed cert issued to the Droplet name (MyAS)

	1. Plinth Setup
	* added user adrian pw:

	1. Check versions:
	* python3 -V shows Python 3.4.4
	* python3 -c "import django; print(django.get_version())" shows 1.9

	1. Make a Digital Ocean Snapshot
	* sudo shutdown now
	* Use the DO Control Panel to create a Snapshot

	1. Get a Personal Domain
	* Get a domain: https://ap.www.namecheap.com/ myas.xyz cost $1.18
	* Make an A-Record to 162.243.179.89 and a CNAME for host www to myas.xyz

	1. Install Let’s Encrypt
	* sudo apt-get update
	* sudo apt-get install letsencrypt python-letsencrypt-apache
	* Login as root from the Digital Ocean console
	* Stop apache2: sudo service apache2 stop
	* /etc/letsencrypt$ ls now shows: accounts csr keys renewal
	* letsencrypt --apache
	* “No host names found…” Accept default
	* myas.xyz, www.myas.xyz
	* Accept Easy
	* Test with: https://www.ssllabs.com/ssltest/analyze.html?d=myas.xyz

	1. Make a Digital Ocean Snapshot


	***
	Tools
	* nano http://mintaka.sdsu.edu/reu/nano.html for editing the sources.list file
	* https://www.digitalocean.com/community/tutorials/how-to-add-delete-and-grant-sudo-privileges-to-users-on-a-debian-vps
	* https://wiki.debian.org/FreedomBox/Manual/Firewall
	* https://wiki.debian.org/FreedomBox/Manual
	* https://wiki.debian.org/FreedomBox/Manual/Developer
	* https://letsencrypt.readthedocs.org/en/latest/intro.html